LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
Letters to the editor
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for June 3, 2004A look at SpamAssassin 3.0For many of us, SpamAssassin is all that stands between us and an inbox clogged to the gills with unwanted e-mail. With the much-anticipated 3.0 release just around the corner, we decided to see what anti-spam fighters would have to work with in the near future. To that end, we touched base with SpamAssassin developers Theo Van Dinter and Craig Hughes. Hughes left the project recently, but was heavily involved in the development of 3.0 and still has his finger on the pulse of SpamAssassin development.What's different from the current release, and why the version jump? Both Van Dinter and Hughes noted some important technical improvements in the 3.0 release. Hughes said that the most important feature for 3.0 is its modularity. The 3.0 release is "more modular, easier to write plugins for...easier to plug in other pieces of functionality that aren't distributed with the core package," said Hughes. He noted that prior to 3.0, it was difficult to add in custom code for functions that were not part of SpamAssassin. Both Hughes and Van Dinter also noted the replacement of SpamAssassin's "genetic algorithm" with a "perceptron learner" for score generation. Van Dinter noted that the new score generation is vastly improved, taking the average time from "[around] 14 hours to less than five minutes per scoreset (there are four)." Van Dinter also told LWN that the message/mime parser for SpamAssassin has been rewritten "essentially from scratch." Another big improvement for 3.0 is improved scalability. The new version supports installations with larger numbers of mailboxes, with preferences stored in an SQL database or LDAP server. The primary focus there, according to Hughes, was for large ISPs that wanted to use SpamAssassin without having a Unix login or home directory for every user. While there are plenty of technical improvements in SpamAssassin, Hughes also noted that there's a non-technical rationale for the bump to 3.0. SpamAssassin is in the process of becoming a top-level project of the Apache Software Foundation. This also means a licensing change for the project, which was quite a bit of work according to Hughes:
It's going to be using the Apache License instead of using Perl's
licensing, and we've gone through a tremendously long, laborious, tedious
even, process of sourcing every line of code...making sure that every
author really did have the rights to publish it.
Hughes said that the project met little resistance in switching from the former licensing scheme -- which allowed licensing under either the GPL or the Perl Artistic License -- to the Apache Software License. Hughes said that "only a handful" of developers said they wouldn't allow their code to be relicensed, as well as "two or three we couldn't contact." The end result, he said, was that nothing substantial had to be removed due to licensing issues. Because of the nature of the project, we were also curious how SpamAssassin manages to stay ahead of spammers. According to Van Dinter, it's not so much staying ahead as an "arms race" between SpamAssassin and spammers:
We filter, they mutate, we start filtering the mutation, they mutate
again. Lather, Rinse, Repeat. I'm actually not really involved in the rules
(I work on the back-end code more than anything else,) but it basically
comes down to looking at the spam that's coming in, seeing which ones
aren't caught, and figuring out how to catch them in the future. There are
also other useful data points unrelated to the messages themselves. For
instance, verifying that the sender isn't forged via SPF (Sender Policy Framework) and utilizing the
information provided by SenderBase.
Hughes told LWN that there are two things that help SpamAssassin stay ahead of spammers:
One is that you only have to stay ahead of most spammers. There may be one
percent that may be particularly good [at getting by SpamAssassin] but if
you can block 99 percent of it, it doesn't matter that much...we're not
shooting to be perfect, we're shooting to be as good as we can without
trying to squeeze out that last one percent.
The other thing is the sheer complexity of SpamAssassin. It's not just a Bayesian filter, it's not just looking up things in RBLs...it's all those things together. It's actually very, very non-trivial for a human to be able to craft a message that's a piece of spam and get through...to defeat all of the system requires a great deal of work, or a lot of luck. Another piece of good news for SpamAssassin enthusiasts, is that it shouldn't be hard to upgrade. According to Hughes, it "should be simple, as long as you're not doing anything really funky" in terms of tweaking and customizing the SpamAssassin code. He noted that the 3.0 release is designed to recognize file format changes, and to automatically upgrade user files that are in the old format. If the SpamAssassin 3.0 meta-bug dependency tree is any indication, there's not much left to do before the 3.0-final release. Hughes said that the project "looks like it's on target" to meet the June 30 release date. Users are encouraged to help test SpamAssassin prior to the final release.
BayStar leaves the buildingBack in October, 2003, the $50 million PIPE investment in the SCO Group by BayStar and the Royal Bank of Canada was seen as good news for SCO. In May, 2004, things have changed to the point that the dissolution of that investment is also seen as good news for the company. SCO, it seems, is in a different world than it was late last year.BayStar had been left holding 40,000 of the 50,000 shares of "series A-1" preferred stock created by the initial investment. BayStar had also been very public about its desire to redeem those shares and its lack of faith in SCO's management. The result was a dark cloud of potential litigation lurking over SCO; it is not surprising that SCO was looking for a way to settle the issue. As it turns out, SCO did pretty well for itself. The full stock repurchase agreement is available via the SEC. It calls for SCO to buy back those 40,000 shares of preferred stock; the cost will be $13 million in cash and just over 2.1 million shares of SCO common stock. So, in the end, SCO sold that stock for $50 million, and was able to buy it back (including the 10,000 shares redeemed by RBC) for $13 million and some paper. This is, indeed, a good deal for SCO; BayStar must have wanted out badly. There are a couple of interesting provisions in the agreement. One is that BayStar is limited in how quickly it can sell the common stock; it can't make up more than 10% of the average volume on any given day. The two companies also agree not to badmouth each other. The effect of that agreement would seem to be immediately apparent. In April, BayStar was complaining about SCO's attempts to continue to look like a software company, SCO's management, and its lack of focus on the IBM case. In the press release describing the new agreement, instead, we read:
"After productive and substantial discussions with SCO's management
team, board of directors and legal team, BayStar is extremely
satisfied with SCO's current operating and cash management plans,
new initiatives, management of the litigation, and plans for
improving its business going forward," said Larry Goldfarb,
managing general partner, BayStar Capital.
It is true that the company would appear to have muzzled Darl McBride recently. Other than that, however, there has been little change. The same management team is in charge, and it's doing the same things. If BayStar were so happy with SCO's progress, what reason could it possibly have for cashing out its investment now at a serious loss? BayStar, instead, gives every indication of running for the exit at full speed, preferably ahead of the quarterly earnings announcement (which has been delayed until June 10). One other interesting feature of the non-disparagement clause:
...the Company's obligation not to disparage or defame BayStar as
set forth above shall be limited to the actions or comments of the
Company's executive officers, directors, attorneys, advisors [sic],
consultants, representatives and The Canopy Group, Inc.
Canopy is not a party to this agreement. One might well wonder how SCO is able to commit Canopy to keeping its mouth shut. The end result of all this is that the SCO Group has freed itself from a major distraction, cleared a liability off its books (including the 8% dividends it was supposed to start paying BayStar next year), and obtained $37 million of obligation-free cash (excluding lawyer fees, of course). The company is, indeed, in a better position to concentrate on its many open court cases. It may even be able to turn Darl loose in the near future; life hasn't been the same without his strange pronouncements. [Looking forward: the next events in SCO's legal calendar include a hearing in the DaimlerChrysler case (June 9), and a ruling due anytime in the Novell case. The Novell ruling will include Novell's motion to dismiss, and, if that is denied, SCO's motion to move the case back to Utah state court.]
SCO shows more codeOn the surface, the declaration of Todd. M. Shaugnessy filed by IBM in the SCO case looks like fairly boring stuff. It consists of a long list of exhibits filed by IBM. Some of those exhibits, however, have not been seen before, and some of those warrant a look. In particular, exhibit 28 covers SCO's answers to the motions to compel discovery. SCO has now "shown the code," and we can see what the company is claiming.The first part of the declaration covers code contributed from AIX and Dynix to Linux. In the former case, SCO now contents itself with listing the JFS filesystem. From Dynix, SCO notes the read-copy-update technique and some NUMA support code. The broader claim over Linux's SMP code appears to have quietly gone away. IBM keeps asking SCO to identify the specific lines of System V code which, SCO claims, IBM contributed to Linux. SCO continues to evade that question. The company did, under duress, provide listings of parts of AIX and Dynix that, it claims, derive from Unix. The bulk of the AIX listing is the curses and terminfo libraries; no kernel files are listed there. For Dynix, some kernel files are listed (along with the source of utilities like awk), but there appears to be no intersection with the Dynix files that, SCO claims, IBM contributed to Linux. SCO says that doesn't matter:
In fact, SCO steadfastly maintains that this item is not relevant to
this litigation nor is it likely to lead to the discovery of
admissible evidence. The main issue in this case is whether IBM
has breached its contract with SCO because it contributed or
otherwise disposed of a part of AIX or Dynix/ptx to others in
contravention of the terms of the license agreement.
In other words, there is not actually any SCO-owned code in IBM's contributions to Linux, but SCO claims control over those contributions anyway. Nothing particularly new there. Finally, and, perhaps, most interestingly, SCO has included a set of other files (exhibit 28-G) for which it claims ownership. The first part of this list consists of the Linux streams (LiS) patch which has never been part of the mainline kernel. Interestingly, the LiS distribution was hosted at Caldera for some time. But the company formerly known as Caldera would rather forget that now; the company claims, in its filing, the LiS has not appeared in "any Linux-related product distributed by SCO." The Free Software Foundation recently claimed that the reason SCO went after the kernel and not the FSF was the latter's copyright assignment policies. So the FSF should be interested to see that SCO claims rights over significant chunks of the glibc and binutils packages. In particular, SCO claims ownership of just about anything which touches the ELF executable file format. Many tens of thousands of lines of FSF-owned code are claimed by SCO. Some of the claims are amusing in typical SCO fashion; for example, the exhibit lists elf/interp.c from glibc, which consists of the copyright header and exactly one line of code:
const char __invoke_dynamic_linker__[] __attribute__ ((section (".interp")))
= RUNTIME_LINKER;
SCO has also added claims to the ELF code in the 2.4.21 kernel, along with the SYSV filesystem and the SYSV interprocess communication code. SCO acknowledges that it distributed all of the above code (except for LiS), but claims it was unaware that "its intellectual property" was present at the time. One might well question how, if the SCO group claims to own the ELF file format, it could be unaware that it was distributing ELF-related code. ELF is, after all, the fundamental file format used by Linux. But one should not be surprised by this sort of claim from the SCO Group. The interesting question, instead, is whether the SCO Group will attempt to pursue its claims to the ELF code. These claims could be used to launch attacks against the FSF, any Linux distributor, or even any of the BSD variants. The last thing SCO needs is yet another lawsuit, but that has not stopped this company before. As SCO's claims against the Linux kernel fall apart, its management may well be tempted to cast a wider net.
Security The CVS pserver bug - a timelineQuick response to security incidents is considered one of the strong points of the free software community. It is also seen as a vital component of a site's defenses against attacks. With that in mind, it is worth taking a look at how the recent CVS vulnerability played out:
A few quick conclusions can be drawn from this sequence of events:
The last item is somewhat troubling. Given the nature of this vulnerability and the availability of information, no serious distributor should have failed to have an update ready on the disclosure day. One can thus conclude that some distributors are more serious than others. In particular, it is worth noting that the projects which rework Red Hat distributions and updates (Whitebox, CentOS, Fedora Legacy) have failed to react to this vulnerability in a timely way. It may well be that, if you lack the structure necessary to create a distribution in the first place, you will be hard pressed to keep that distribution secure.
New vulnerabilities apache2: stack-based buffer overflow in ssl_util.c
gallery: unauthenticated access
gatos: privilege escalation
jftpgw: format string vulnerability
kerberos: buffer overflows
mailman: password disclosure
Updated vulnerabilities apache: multiple vulnerabilities
cvs: heap overflow
ethereal - multiple vulnerabilities
Filename disclosure vulnerability in fam
firebird: Locally exploitable stack overflow
flim: insecure file creation
gtkhtml: malformed messages cause crash
heimdal: missing input sanitizing
iproute: local denial of service
racoon: failure to verify signatures
racoon: denial of service vulnerability
kdelibs: cookie disclosure
kde: URI Handler Vulnerabilities
kdepim: VCF file information reader vulnerability
kernel: symlink overflow in the iso9660 filessytem
kernel - root exploit in MCAST_MSFILTER
kernel: exploitable bug in the cpufreq code
Linux kernel 2.2.10 failing function and TLB flush vulnerability
kernel-utils: setuid vulnerability
kolab: password disclosure
LHA: stack buffer overflows and directory traversal flaws
libpng: denial of service vulnerability.
libpng, libpng3: buffer overflow
libxml2 - arbitrary code execution
logcheck: symlink vulnerability
mailman denial of service
mc: multiple vulnerabilities
mikmod: buffer overflow
mod_python: denial of service vulnerability
mozilla: multiple vulnerabilties
mpg321: format string vulnerability
MySQL: temporary file vulnerabilities
neon: buffer overflow
Nessus NASL scripting engine security issues
netpbm: insecure temporary files
openssh: timing attack leads to information disclosure
OpenSSL: denial of service vulnerabilities
passwd: various problems
postfix: denial of service vulnerabilities
python: buffer overflow
rsync remote file write attack
SquirrelMail cross site scripting vulnerabilities
sysstat: temporary file vulnerability
File overwrite vulnerability in tar and unzip
tcpdump: ISAKMP payload handling denial-of-service vulnerabilities
Multiple vendor telnetd vulnerability
utempter problems with symlink and strncpy
XChat 2.0.x SOCKS5 Vulnerability
xine-lib: malicious code execution
xine-ui - insecure temporary file creation
xpcd: buffer overflow
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current 2.6 prepatch is 2.6.7-rc2, released on May 29. Most of the patches this time around are aimed at stabilization after the big changes in -rc1, but -rc2 also contains an ALSA update, a whole bunch of new __user annotations (intended to help find misuses of user-space pointers - see below), an XFS update, some IPSec fixes, and some architecture updates. See the long-format changelog for the details.Linus's BitKeeper repository contains, as of this writing, some stack usage reduction patches, more __user annotations, some architecture updates, and a few other fixes. The current prepatch from Andrew Morton is 2.6.7-rc2-mm1. Recent additions to -mm include NFS, MD, and DMI updates, the x86 performance counters patch, some read-copy-update scalability work, and the usual pile of fixes. The current 2.4 prepatch is 2.4.27-pre4, which was released by Marcelo on May 30. There are some XFS and JFS updates, a number of 2.6 networking backports (including TCP Vegas support and receiver-side RTT estimation) some driver updates, and the usual set of fixes.
Kernel development news x86 NX supportMarking regions of memory as not containing executable code is not a particularly new technique; some processors have recognized this mode for years. The processor that everybody actually uses, however (the x86 family) does not have a "no-execute" bit.At least, it didn't until very recently. AMD added a no-execute (NX) permission bit to the page table entries in its 64-bit processors; Intel has recently said it will be supporting this mode as well. So the hardware will be able to avoid executing code from certain regions of memory, making various types of buffer overflow attacks harder. At least, that will be true if the operating system supports and uses the NX mode. To that end, Ingo Molnar has posted a patch bringing NX support to the x86 architecture; his patch is based on previous work done by Intel and the x86_64 NX support by Andi Kleen. This patch allows applications to mark areas as being non-executable; such areas, typically, will include the stack and heap zones. It also applies the NX bit to the kernel itself; kernel text is marked executable, but kernel data is not. As a result, the next time a buffer overflow turns up in the kernel, it, too, will be harder to exploit. The NX bit only works when the processor is running in the PAE mode. Most x86 Linux systems currently do not run in that mode; it is normally only turned on when large amounts of memory (more than 4GB) are installed. This mode adds a third level of page tables, and makes the page table entries themselves larger, so users and distributors normally turn it off if it is not needed. Most modern x86 processors support the PAE mode, however; security considerations may lead to it being used more heavily in the future. Linus's main concern about the patch would appear to be how many old applications it might break. The reply from Arjan van de Ven is that pretty much everything "just works." The no-execute permission is not applied unless the code is specially marked in the image file, and gcc apparently does a good job of not setting that flag when it would break things. If this experience holds true, NX support could go in fairly quickly, and a longstanding x86 security weakness will be no more. For people interested in testing this patch, Arjan has merged it into the latest Fedora Core test kernels. See the patch announcement for a pointer. There is also a "quickstart" document for those who would like to test out NX in their own kernels.
The staircase schedulerAs the 2.6.0 release approached, some developers worried that the CPU scheduler would be the downfall of this particular stable series. Complaints of poor interactive performance were common, NUMA systems were not supported well, and so on. Over time, most of these problems have been addressed; massive amounts of interactivity work and the domain scheduler have smoothed over most of the problems. Complaints about the scheduler have been relatively rare in recent times.One thing that does still bother some people, however, is the complexity of the current 2.6 scheduler. The interactivity work, in particular, added a great deal of very obscure code. The scheduler goes to great lengths to try to identify interactive tasks and to boost their priority accordingly. This process involves numerous strange computations involving a number of magic constants; it is difficult to understand, much less improve. Con Kolivas, who had his hand in much of the interactivity work, has just posted a new version of his "staircase scheduler" patch. This patch aims to greatly simplify the scheduler while simultaneously improving interactive response; it deletes 498 lines of code, while adding less than 200. Much of what is deleted is the "black magic" interactivity calculations; it is all replaced with a relatively simple, rank-based scheme. The staircase scheduler implements a single, ranked array of processes for each CPU. Initially, each process goes into the array at the rank determined by its base priority; the scheduler can then locate and run the highest-priority process in the usual way. So far, not much has changed. In the current scheduler, processes which use up their time slice get moved over to a separate "expired" array; there they languish until the rest of the processes in the mix have used up their time (or blocked) as well. The staircase scheduler does away with the expired array; instead, an expired process will be put back into the staircase, but at the next lower rank. It can, thus, continue to run, but at a lower priority. When it exhausts another time slice, it moves down again. And so on. The following little table shows how long the process spends at each priority level:
When a process falls off the bottom of the staircase, an interesting thing happens: it gets moved back up to one level below its previous maximum, and it gets two time slices at that level. Thereafter, it once again works its way down the steps to the bottom. The next time, it goes up to two steps below the maximum, for three time slices. The above table, with three iterations through the staircase, would look like this:
Each descent down the staircase thus involves the same number of time slices, but, each time, more slices are spent at the top priority level for that iteration. This algorithm helps maintain the relative priorities. A process at priority n will, after falling off the staircase, find itself competing with all the processes at priority n-1, but it will get a longer slice of time relative to those other processes, which have a lower base priority. If a process sleeps for a reasonable interval, it gets pushed back up the staircase. Thus interactive tasks, which normally sleep quite a bit, should stay near the top of the staircase and be responsive, while CPU hogs spend much of their time on the lower steps. The kernel community may not be up for another big scheduler change at this point in the stable series; many people would like to see 2.6 actually stabilize and 2.7 begin. This patch appears worthy of consideration, however, for its simplification of a complex part of the kernel if nothing else.
Finding kernel problems automaticallyIn past years, this page has looked at the work done by the "Stanford checker," which analyzes code in search of various types of programming errors. The checker has found a lot of problems over the years, with the result that a lot of problems have been fixed before they had a chance to bite users of production kernels.The only problem with the Stanford checker is that it is not free software; it is, in fact, completely unavailable to the world as a whole. Rather than release the code, the checker group went off and formed Coverity to commercialize the checker software (now called "SWAT" and touted, ominously, as being "patent pending"). Developers at Coverity still occasionally post reports of potential bugs found by SWAT, but, for the most part, their attention seems focused on potential revenue opportunities. It is hard to complain about this outcome. Before heading on this course, the Coverity folks uncovered vast numbers of bugs, and all Linux users benefited from that work. They also demonstrated how valuable static code testing tools can be. The community, however, was left in the position of having to actually write its own checker if it wanted one. Fortunately, this is the sort of thing the community can be good at. A while back, none other than Linus Torvalds started work on his own tool, which came to be called "sparse." There has recently been a flurry of new activity around sparse, so it seems like a good time to take a look. sparse is normally obtained by cloning the BitKeeper repository at bk://kernel.bkbits.net/torvalds/sparse. For those who don't use BK, a checked-out version is available (as a bunch of SCCS files) on kernel.org. There is a low-bandwidth sparse mailing list as well. Essentially, sparse is a parsing and analysis library for the C language. One could put a number of different backends onto it; for example, a code-generation backend would turn it into a simple compiler. For the purposes of the kernel, however, the backend of interest is the analysis code which looks for various types of errors. The analyzer checks for quite a few different types of errors. Many of these (many sorts of type mismatches, for example) are also found by the compiler, but other tests are unique to sparse. The core test done by sparse is still the check for improper use of user-space pointers. A quick look through the kernel will turn up liberal use of a type attribute called __user; for example, the read() method invoked from system calls is prototyped as:
ssize_t (*read) (struct file *, char __user *, size_t, loff_t *);
When the kernel is being compiled, __user is defined as the empty string, so gcc doesn't see it at all. When sparse is being used, instead, it marks the pointer as (1) being in a separate address space, and (2) not being legal to dereference. sparse will use those flags to catch any mixing of user- and kernel-space pointers, and any attempt to directly dereference user-space pointers. These checks have turned up a surprising number of errors. The kernel normally sets up the virtual address space in such a way that direct dereferencing of user-space pointers actually works - most of the time. Using user-space addresses in this way will fail, however, if the user page is not actually resident in memory at the time. More importantly, perhaps, this sort of direct dereferencing bypasses the normal access controls; every such error could, thus, become a security hole. Catching such mistakes automatically seems like a good idea. It does require, however, that every variable holding a user-space pointer be marked with the __user attribute. Since much of the kernel (including every device driver) deals with user-space pointers, this is not a trivial job. This job is proceeding, however; several dozen patches adding __user annotations (and fixing problems found on the way) have been merged for 2.6.7. Other checks performed include finding constants which are overly long for their target type, mistakes in embedded assembly language code, empty switch statements, assignments in conditionals, and so on. Its output is rather noisy still, but one assumes that will improve over time. If you have sparse installed, running it on the kernel is simply a matter of adding "C=1" to the make command. External modules can also be checked in this way. sparse is still clearly far behind the Stanford checker in terms of the variety of errors it can find. Unlike the checker, however, sparse is free software. The core parsing infrastructure is in place, so the addition of new checks should be relatively straightforward. All that's needed is the application of a bunch of developer time.
Diskdump: a new crash dump systemA standard feature of most commercial operating systems is a "crash dump" facility. If something goes wrong in the operating system kernel, the system saves its entire state to a file and reboots; the contents of that file can then be examined at leisure to try to figure out what went wrong. The Linux kernel, however, lacks this capability. There are a few possible reasons for this omission: the kernel never crashes (not quite true, unfortunately), kernel developers rarely want crash dumps for their own work, and there is a certain degree of unhappiness with all of the crash dump patches currently in circulation. The fact of the matter, however, is that a number of Linux vendors would like to have a good crash dump system in place so they can better support their customers.A recent patch posted by Takao Indoh may provide that capability. The new "diskdump" system has taken a simpler approach to crash dumps that, with some fixes, may just get enough core hacker support to be considered for merging into the (presumably 2.7) mainline. Diskdump works by taking absolute control of the system when a panic occurs. It shuts down all interrupts to keep the processor from getting distracted; it also freezes all other processors on SMP systems. It then checksums its own code, comparing against a value computed at initialization time; if the checksums fail to match, diskdump assumes that it has been corrupted as a result of whatever went wrong and refuses to run. The next step involves finding a place to store the crash dump. Diskdump can be set up with multiple dump partitions. For each possibility, it queries the state of the driver, then reads and verifies the entire crash dump space. The diskdump authors are (rightly) fearful of overwriting important data while the system is in an unstable state, so diskdump requires that every block of the crash dump partition be initialized with a special pattern. If any blocks fail the test, that destination will not be used. When a suitable location has been found, diskdump writes a header with the system state and panic information, followed by a memory image. At that point the system can be rebooted; once things are stable again, the "savecore" utility turns the memory image into a proper core dump and reinitializes the crash dump partition. All is then in readiness for debugging and, if need be, the next crash. Diskdump needs some significant block driver modifications to be able to do its job. The driver must export a new set of operations:
struct disk_dump_device_ops {
int (*sanity_check)(struct disk_dump_device *);
int (*quiesce)(struct disk_dump_device *);
int (*shutdown)(struct disk_dump_device *);
int (*rw_block)(struct disk_dump_partition *, int rw, unsigned long
block_nr, void *buf);
};
The sanity_check() call checks to ensure that the device in question is ready to accept a crash dump. If that function finds that, for example, the device is offline or somebody, somewhere is holding a spinlock for the device, the sanity check will fail and the dump will have to go somewhere else. A call to quiesce() follows, in case any preparation is needed. The current implementation (which only works with some SCSI devices) performs a full SCSI bus reset at this point. The actual I/O is done via rw_block, which is expected to transfer one page per call. This I/O should be done without interrupts (which are, remember, disabled when the panic happens), so the typical implementation will work by polling the device. At the end, shutdown() is called to ensure that all blocks have been flushed to the media. Perhaps the ugliest part of the patch - and the part which some developers have complained about - is the rerouting of timer and tasklet calls. Since all interrupts are disabled, the normal timer and software interrupt mechanisms will not function. Diskdump does not need those capabilities itself, but a number of disk drivers do. As a result, diskdump must, somehow, run tasklets and timers expected by the driver, but without running arbitrary code unrelated to the dump process. To this end, diskdump sets up its own private timer and tasklet lists which come into action once the system is locked down and the dump process begins. Currently, all this works by modifying the drivers to call diskdump's functions rather than the core kernel variants. So, for example, instead of setting up a timer with add_timer(), a driver implementing dumps would call this little wrapper:
static inline void diskdump_add_timer(struct timer_list *timer)
{
if (crashdump_mode())
_diskdump_add_timer(timer);
else
add_timer(timer);
}
But that function is only available if crash dumps are configured into the system, so some preprocessor macros are used to redefine add_timer() if need be. This solution is not going to make it into the mainline kernel, however. The preferred approach would appear to be integrating this functionality directly into the core timer and tasklet routines; that change will make the driver changes smaller, but at the cost of intruding into some of the core kernel code.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Documentation
Filesystems and block I/O
Memory management
Architecture-specific
Security-related
Page editor: Jonathan Corbet Distributions News and Editorials If you Need a Firewall...The flexibility of Linux and other open source software is clearly demonstrated by projects that use the available software to build specialist distributions. Among them, Linux-based firewalls have attracted much attention by the developers. Many of these projects evolved into successful businesses, while others continue as community projects. As a general rule, these firewalls are capable of filtering packets, performing network address translation, and blocking unwanted traffic. Some of them go beyond these basic functions and offer more advanced features, such as secure connections using the IPSec protocol, intrusion detection, and even mail filtering and virus protection. Many of the products offer Webmin or Webmin-like web-based interface for configuring the firewall over the network. Prices of these products range from free (or free for non-commercial use) to thousands of dollars. Below is a quick tour of what is available on the market today, in alphabetical order. One interesting observation: 9 of the 11 firewall products originate in Europe.Astaro Security Linux. The German-based Astaro has been developing security and firewall solutions since January 2000. Now in version 5, Astaro Security Linux offers not only a firewall and VPN, but also virus scanning for all inbound and outbound email, spam protection, intrusion detection, and an excellent web-based interface for configuring services. The product is free for home use, but any commercial deployment requires a license fee starting at $390. ClarkConnect Firewall/VPN. The Red Hat-based ClarkConnect Broadband Gateway project has been around for several years, but a dedicated Firewall/VPN edition has only been introduced to the market in April this year. The pages detailing the product features are still under construction, but if the Canadian company's main product (which does include firewall features) is anything to go by, it is worth a closer look, especially by users familiar with Red Hat Linux or Fedora Core. Devil-Linux. Devil-Linux is a run-from-CD firewall, a community project developed by Heiko Zuerker. According to the author, the main advantage of a CD-based firewall is that the content on the CD cannot be modified by an intruder - a simple reboot will restore the firewall to its original state. Also, a CD-based firewall requires no installation, consumes less power, is immune to hard disk failures, and is simple to get up and running in a very short time. Devil-Linux does not offer any graphical configuration utilities, but a console-mode setup wizard is provided for setting up the firewall. Configuration files can be saved to a floppy disk, hard disk or a USB storage device. Devil-Linux is released under the GPL. Euronode Firewall. Euronode Firewall is a new community project, a Debian-based firewall product sponsored by a French-based GNU/Linux services company of the same name. Two firewall products are available - Euronode Simple Firewall and Euronode Advanced Firewall; the latter includes a mail server (Postfix), an antivirus program (ClamAV) and a spam control program (SpamAssassin), in addition to standard firewalling functions. Both products come with Webmin. Euronode does not include any proprietary software; it is built from packages available in standard Debian, but stripped to a minimum that's required for a functional firewall. Gibraltar Firewall. The Debian-based Gibraltar Firewall is a commercial product of Austria's eSYS Informationssysteme. In development since July 2000, it finally reached a stable state in November 2003 when Gibraltar 1.0 was released. Like Devil-Linux, Gibraltar also runs entirely from a CD, with configuration files optionally stored on hard disk, floppy disk or a USB storage device. Two editions of the product are available - the only differences between the free edition and the $999 commercial edition is a web-based configuration utility called GibADMIN and formal support. IPCop Firewall. IPCop Firewall, originally started as a fork of SmoothWall, is a community project released under the GPL. It is geared towards home and small office use. Although the development tends to be slow (there has been no new release for over a year), IPCop has received surprisingly good reviews by the media, even when compared with some of the expensive commercial firewalls on this list. IPCop provides a web-based interface to configure the firewall. One major advantage of IPCop over similar community projects is excellent documentation available in many languages. m0n0wall. The Swiss-based m0n0wall project is the odd man on this list because it is based on FreeBSD, rather than Linux. It comes with a long list of features, including a web-based configuration interface with SSH support (webGUI - a nicely designed application written in PHP, with configuration files stored in XML format), wireless support, IPSec VPN tunnels, DHCP client, DynDNS client, and configuration backup/restore, just to name a few. Version 1.0, based on FreeBSD 4.9, was released in February 2004 under the BSD license. redWall Firewall. Also from Switzerland comes redWall Firewall, a community project hosted at SourceForge and based on Red Hat Linux 9. It belongs to the category of live CDs. Besides the usual firewall and VPN features, the product comes with plenty of extras, including intrusion detection, web caching, mail relaying, spam filtering and virus scanning. All configuration is done via Webmin's graphical interface and the resulting configuration files can be stored on a floppy disk, hard disk or USB storage media, or they can be sent by email. redWall Firewall is a free product released under the GPL. Securepoint Firewall & VPN Server. Securepoint is a well-established German Linux company specializing in firewall products and solutions. Their Securepoint Firewall is based on Red Hat Linux and it includes the usual range of intrusion protection, virus scanning, content filtering and other features. The product is free for home use, but any business use requires hefty licensing fees ranging between €799 and €4,995. Sentry Firewall CD. Sentry Firewall CD is another CD-based firewall with intrusion detection, based on Slackware Linux. Its kernel is heavily patched with various security enhancements, including OpenWall, FreeS/WAN, Ebtables bridge + netfilter patch, Linux-WLAN modules, and MPPE (Microsoft Point-to-Point Encryption). In the true Slackware tradition, all configuration is done by editing text files. Sentry Firewall CD has been in development for over 3 years and is released under the GPL. SmoothWall. The UK-based SmoothWall firewall is probably the best-known firewall on the market. Although the infamous Richard Morrell, the man who founded SmoothWall Ltd., is no longer with the company, the development continues in two directions: the free SmoothWall Express released under the GPL, and the £180 SmoothWall Corporate Server available under a commercial license. Compared to most other products on this list, SmoothWall Express limits itself to be a firewall only, but it does include a graphical interface for easy setup. SmoothWall Express continues to receive good reviews in the media, especially after the release of version 2.0 in January 2004.
Distribution News Debian GNU/LinuxAn updated Debian From Scratch is available. Changes include a new amd64 kernel name and more documentation.The Debian Project will be represented at LinuxWochen and Wizards of OS conferences. LinuxWochen is over now, but look for Debian at Wizards of OS in Berlin next week. GnomeDesktop reports on the availability of GNOME 2.6 in Debian unstable.
Unofficial Fedora FAQ for Fedora Core 2The Unofficial Fedora FAQ, hosted at fedorafaq.org, has now been updated for Fedora Core 2. Click below for the announcement.
Fedora CoreThe first Fedora Core 2 based tree of Aurora SPARC Linux, build-1.91 (wombat) has been released.FC1 and FC2 updates:
Slackware LinuxThere are plenty of changes in slackware-current this week. Upgrades include vim-6.2.532, gail-1.6.5, procps-3.2.1, util-linux-2.12a, clisp-2.33.1, gnopernicus-0.9.4, libbonobo-2.6.1, LPRng-3.8.27, reiserfsprogs-3.6.17, tcsh-6.13.00, Python-2.3.4, alsa-1.0.5, joe-3.1 (with Klingon support), lftp-3.0.5 and slacktrack-1.20_1. X has been switched to X11R6.7.0 from X.Org.
Lycoris releases FontPaks powered by Bitstream TechnologyLycoris and Bitstream Inc. announced that Lycoris will offer Bitstream FontPaks on the Lycoris website. They will also be available in retail outlets and through authorized resellers.
DistroWatch WeeklyThe DistroWatch Weekly for May 31, 2004 compares Mandrakelinux, Red Hat/Fedora and SUSE and contains several other topics.
New Distributions Interview: Nirav Mehta of newly launched Utkarsh.org (NewsForge)NewsForge interviews Nirav Mehta of the Utkarsh Linux distribution. "Today marks the official launch of a new open source project. Utkarsh is an operating system based on Linux and localized in the Gujarati language, spoken by more than 5.5 million in India's Gujarat state and worldwide. Utkarsh (which means progress or rising high) version 0.1 is now in beta testing, and the team is bubbling with ideas for future growth. Recently Mayank Sharma spoke with the young Gujarati entrepreneur behind the project, Nirav Mehta."
X-EvianX-Evian is a complete Debian GNU/Linux operating system compilation that comes with 300Mb of copyleft material for the socialization of knowledge and technologies. X-Evian joins the list at version 0.4.1-beta, released June 1, 2004.
Minor distribution updates Astaro Security LinuxAstaro Security Linux has released v5.010 with minor bugfixes. "Changes: This new version included all recently released Up2Date packages, bugfixes in the installer, and new hardware support for SCSI RAID controllers (COMPAQ DL 360, Dell PowerEdge 1750, AHA-39160). The installer now displays the MAC addresses of the detected interfaces."
Aurox LinuxAurox Linux has released v9.4 with major feature enhancements. "Changes: English and Italian are now supported. There is now only one CD set, and CDs are now "apt-enabled". KDE 3.2.1 was included along with a lot of code from 3.2.2 and several new KDE applications. OpenOffice.org 1.1.1 was included. Also updated were the kernel, ALSA, and multimedia apps (mplayer, xine). Many bugs were fixed."
blueflopsblueflops has released v2.0.3 with minor feature enhancements. "Changes: Updates were made for kernel 2.6.6, links-2.1pre15, and busybox-1.00-pre10 with init.c taken from pre-8. The ethernet drivers that support probing are now in the kernel and therefore are automagicaly detected. There is support for USB keyboard and mouse (those emulated as PS/2 by the BIOS were already supported). There is also automatic mouse detection, and support for PCMCIA serial devices. A necessary feature is finally added: automatic DNS assignment for dial-up connections."
Desktop ROCK LinuxRock Linux has released Desktop ROCK Linux v2.0.1 with minor feature enhancements. "Changes: dRock 2.0.1 is based uppon the current 2.0.1 ROCK Linux release. It features the same security and maintenance updates including improved SPARC and PowerPC support, as well as the build fixes for SuSE, Red Hat, etc."
Devil-LinuxDevil-Linux has released development version 1.2 beta 1 with major feature enhancements. "Changes: Many new programs, software updates, and security features were added along with support for booting from IDE CF cards."
Trustix Secure LinuxTrustix has released bug fixes for various problems in cyrus-imapd, dhcp, openssl, and samba.
wrt54g-linuxwrt54g-linux has released v0.5 with minor feature enhancements. "Changes: This release adds two user-contributed pcakages: dropbear, a small SSH daemon, and iptraf, an IP traffic monitoring utility. Neither package is installed by default. To install either, add their files to the "distro.tar" file and modify the wrt54g.sh script to set them up on each install. Additional iptables commands have been added to the startup script to account for PPPOE. There are small cleanups."
Distribution reviews SUSE LINUX 9.1: The Complete Review (DesktopOS.com)DesktopOS.com has a five page review of SUSE LINUX 9.1. "SUSE LINUX has been around for a long time, and the developers at SUSE have always prided themselves on the user-friendliness of their distribution. SUSE LINUX 9.1 is the first version of the company's consumer product line to be released following its acquisition by Novell last year, and is described as being "more than just an alternative to Windows". SUSE has always been a general-purpose distribution with packages and tools for servers as well as desktops. Given the importance being placed by Novell on desktop Linux, how does SUSE LINUX 9.1 compare to its specifically desktop-oriented commercial rivals, Lycoris Desktop/LX, Xandros Desktop and Lindows Linspire?"
Review: Fedora Core 2 (linux.com)Linux.com reviews Fedora Core 2. "After the software was installed, real testing began well. FC2 runs noticeably faster than FC1, which in turn ran faster than its competitors from Mandrake and SuSE. There are a great many other improvements as well, such as support for CD burners without a SCSI emulation layer and better support for laptop hardware."
Page editor: Rebecca Sobol Development Building Packages From Source With CheckInstallMost Linux distributions today use some form of package management to deal with dependencies and to make upgrades and installation of software easier for the ever-overworked systems administrators. The most popular formats for packages are Red Hat based RPM files, Debian DEB files, Slackware TGZ files and the build-from-source Ports-like method of distributions such as Gentoo, Lunar Linux, et. al. However, there exist many apps and tools which are only released as source tarballs using the ubiquitous "configure; make; make install" or binary only tarballs.If you want to use these tarballs but also manage them in the same way you do the rest of your OS you had to deal with jumping through the hoops required of the package management systems used by your distribution. That is until now, thanks to a wonderful little utility called CheckInstall. Developed and maintained by Felipe Eduardo Sánchez Díaz Durán, CheckInstall consists of a collection of shell scripts and a library. With it, you can build an .rpm or .deb or .tgz package that will install using the associated packaging tools. The easiest way to use CheckInstall is in place of the "make install" portion of a typical build process. Executing CheckInstall will run "make install" using the installwatch script. This script keeps track of the "make install", then feeds the results info to CheckInstall in order for it to build the package. These tools allow for the ability to build and manage any self-made packages as easily as any binary package you might download from the net. They give you great flexibility in how you build the package, and even how dependencies are managed. Let's see what a typical run of CheckInstall might look like: Please choose the packaging method you want to use. Slackware [S], RPM [R] or Debian [D]? R This package will be built according to these values: 1 - Summary: [ libcgi 1.0 ] 2 - Name: [ libcgi ] 3 - Version: [ 1.0 ] 4 - Release: [ 1 ] 5 - License: [ GPL ] 6 - Group: [ Applications/System ] 7 - Architecture: [ i386 ] 8 - Source location: [ libcgi-1.0 ] 9 - Alternate source location: [ ] 10 - Provides: [ ] 11 - Requires: [ ] Enter a number to change any of them or press ENTER to continue: As you can see, CheckIinstall allows you to edit all of the basic fields that describe a package, in this case an RPM package. The fields are pre-filled with reasonable data, however you can change any of the fields to new values. It's likely that you'll want to change #6 and possibly #5, #7 and #11. You also have the ability to run pre and post install scripts as well as pre and post removal scripts. There are a few things you need to do to get setup for building a package with CheckInstall. First, you'll need a file named "description-pak" which should contain the program name and version, followed by a description. You should also create a subdirectory named "doc-pak" in which you can put the text files like README, ChangeLog and the like. One very nice thing you can do with CheckInstall is tell it to run a specific program or script for the software installation. For example, you might find a very good program that is only released in binary format with a script called "setup" that's used to install it. You can build a package for it by telling CheckInstall to use the "setup" script for the install portion. An example command might look like this: $ checkinstall -R --install=yes ./setup This command line will build and install an RPM but using the setup script to do the actual installing. By default CheckInstall builds the package but doesn't install it. The "--install=yes" option causes CheckInstall to perform the package installation. You can also use the switch "--rpmu" to do an upgrade of a package that is already installed. Once a package is made using CheckInstall it is virtually impossible to tell it apart from a package built with a hand-generated spec file. There's even a nice feature for saving the spec file that checkinstall makes in order to build the packages. This generated spec file is normally deleted after the package has been built but if you pass the switch "--delspec=no", it will leave the spec file behind. With this as a starting point, you can easily ramp up your skill at hand building spec files. Lastly, whenever you install a package with CheckInstall, it will automatically make a backup tarball of the currently installed package, if one exists. You'll find a file named: "backup-<datetime>-pre-<packagename>-<version>.tgz" in the directory from which you built the package. Should anything go wrong with the newly created package, you can roll back to the previous version using a command like: "tar xzvf backup-<datetime>-pre-<packagename>-<version>.tgz -C /". As for the future direction of CheckInstall development, Felipe said this:
One interesting feature planned for the
not-so-distant future is the evolution of CheckInstall into a
tool that will do the whole software install for you: download
the source, configure, compile, install and package it. All in
one step.
If he is able to get this functionality into CheckInstall, it will become an even more required tool for systems administrators, along with yum and apt. Bottom line: CheckInstall is a fantastic tool that should be on every administrators and developers need-to-have list.
System Applications Audio Projects ALSA 1.0.5 releasedVersion 1.0.5 of the ALSA sound driver and associated utility software is out. This release adds numerous bug fixes and improved support for many sound cards. Version 1.0.5a of the ALSA driver also came out this week, it is available on the ALSA Site.
Planet CCRMA ChangesThe latest changes from the Planet CCRMA audio utility packaging project include new versions of Specimen, Rosegarden 4, and Cinelerra.
Database Software CLSQL 2.11.0 releasedVersion 2.11.0 of CLSQL, a Common Lisp interface to SQL databases, is out. "This version adds full Oracle support, and now runs on the AMD64 platform under Allegro CL."
PostgreSQL Weekly NewsThe June 1, 2004 edition of the PostgreSQL Weekly News has been published. Take a look to for development news from the PostgreSQL database project.
Libraries libgdamm 1.3.3 releasedVersion 1.3.3 of libgdamm, a set of C++ wrappers for the libgda database API, is available. "libgdamm is now usable, with actual working examples."
libgda/libgnomedb 1.1.3 releasedVersion 1.1.3 of libgda and libgnomedb, the database support libraries for GNOME, are available. "This is another development release in the road to 1.2, which will be the next stable release, and which shows a preview of the new features getting into the 1.2 final release. It is not intended for production use, but by people wanting to experiment with the new features and to help on the development."
liboggz 0.8.3 is outVersion 0.8.3 of liboggz, a C library for reading and writing Ogg encoded audio streams, is out. Changes include Theora header parsing updates, improved API documentation, and more.
Mail Software Perdition 1.15 releasedVersion 1.15 of Perdition, a POP3 and IMAP4 proxy server, is available. "I have released perdition 1.15. This includes a fix to the ldap code which resolves various errors including bogus usernames being returned when username_from_database is in effect. This change was included in 1.15beta1. The other changes are minor packaging and documentation fixes."
Networking Tools Linux InfiniBand beta release (SourceForge)SourceForge has an announcement for the first beta-level tarball release of the Linux InfiniBand Project."The InfiniBand Architecture (IBA) is an industry standard that defines a new high-speed switched fabric subsystem designed to connect processor nodes and I/O nodes to form a system area network. This new interconnect method moves away from the local transaction-based I/O model across busses to a remote message-passing model across channels. The architecture is independent of the host operating system (OS) and the processor platform."
Network Your Shell Scripts with Netpipes (O'Reilly)Robert Bernier discusses netpipes on O'Reilly. "Netpipes is a suite of utilities for shell-script writers that builds on the idea of conventional pipes to allow different processes to communicate and share data using both TCP and Unix domain-based sockets across the network! Not only does it duplicate the pipe's behavior, but it uses a novel technique called Session Control Protocol (SCP) that provides a simple mechanism for creating multiple, lightweight connections over a single TCP session connection. You can have many datastreams at the same time instead of just one."
Printing Common UNIX Printing System 1.1.21rc1Version 1.1.21rc1 of CUPS, the Common UNIX Printing System has been announced. "CUPS 1.1.21 is primarily a bug fix and performance tuning release and includes fixes for the IPP, LPD, parallel, serial, and USB backends, authentication and status processing issues in the CUPS API, and various PostScript and PDF printing issues. The new release also adds support for Zebra label printers and IPP device URI options."
Web Site Development Chrooting Apache (NewsForge)NewsForge is running an article that shows how to run the Apache web server in a protected filesystem. "The chroot daemon allows you to run a program and have it see a given directory as the root (/) directory. This effectively locks the process into its very own filesystem ("chroot jail") isolated from the real / filesystem. In this article we will look at how to install the Apache Web server in such an environment."
ht://Check 1.2.3 releasedVersion 1.2.3 of ht://Check, a site-wide html checker, is out: "I proudly announce the release of ht://Check 1.2.3, which introduces important new features regarding Web accessibility."
MediaWiki 1.2.6 released (SourceForge)Version 1.2.6 of MediaWiki has been announced. "This will likely be the last release in the 1.2.x series, as we work on finishing up 1.3.0. MediaWiki is the collaborative editing software that runs Wikipedia, the free encyclopedia, and other projects. It's designed to handle a large number of users and pages without imposing too rigid a structure or workflow."
Zope X3 3.0.0 alpha 2 releasedVersion X3 3.0.0 alpha 2 of the Zope web development platform is available. "Zope X3 is the next major Zope release and has been written from scratch based on the latest software design patterns and the experiences of Zope 2. The "X" in the name stands for "experimental", since this release does not try to provide any backward-compatibility to Zope 2."
ZopeMag Weekly NewsIssue #32 of the ZopeMag Weekly News is out with the latest Zope web development platform news. "This is Issue 32. Full of Plone tips and tricks mined from the Mailinglists."
Desktop Applications Accessibility gnopernicus 0.9.4Version 0.94 of Gnopernicus, a screen reader for the visually impaired, is out. "Gnopernicus has now an improved behaviour with gdm."
CAD PythonCAD Release FourteenRelease fourteen of PythonCAD is available. "The fourteenth release builds on the undo/redo work added in the previous release. The undo/redo abilities of the program in regards to entity addition and removal have been made more significantly more robust. Also, the ability to undo or redo entity splitting, moving, mirroring have been both added and enhanced. The ability to undo or redo entity transfers between image layers is now available. Changing the various entity properties now has more undo and redo features."
Desktop Environments Bag of Software (GnomeDesktop)GnomeDesktop.org presents another Bag of Software for the GNOME desktop. "New releases of Gnotify, Drivel, MVideo, gThumb and Gnomoradio are now available."
Bakery 2.3.4 announcedVersion 2.3.4 of Bakery, a C++ Framework for creating document-based GNOME applications, is out. Changes include gcc 3.4 build fixes, new constructors, and several new functions.
gconf-editor 2.7.0 releasedDevelopment release 2.7.0 of gconf-editor, a GNOME configuration editor, is out with bug fixes and numerous improvements.
gwget2 0.11 releasedVersion 0.11 of gwget2, a download manager for GNOME 2, is out. This release features a number of GUI changes.
Hardware Monitor applet 1.0.1 releasedVersion 1.0.1 of the Hardware Monitor applet for GNOME is out. "A lot of translations have been committed lately so I thought I would get them out to the masses. This release also fixes an annoying bug with GTK+ 2.4 where the applet shows up without anti-aliasing."
KDE-CVS-Digest (KDE.News)The May 28, 2004 edition of the KDE-CVS-Digest is online, here's the content summary: "Code folding and syntax highlighting improvements in Kate. Kdevelop has a new file template system. KGeography adds more maps and flags. Digikam improves EXIF tag editing and display. KMail adds detailed new mail notification and anti-virus tool support. Kontact adds support for SUSE Linux OpenExchange Server. Konqueror adds spring loading Folders. KMyFirewall adds rule plugins."
Some notes about Xfce 4.2A document entitled Some notes about Xfce 4.2 has been published, it details some of the development directions that Xfce 4.2 will be taking.
Electronics Gerber Viewer 0.16 releasedVersion 0.16 of Gerber Viewer (gerbv), an application for viewing electronic CAD files, is out. The main new feature is support for projects, see the release announcement for more information.
PCB 20040530 releasedRelease 20040530 of PCB, a printed circuit board drawing package, has been announced "Many improvements have been made in the program as well as additions and improvements to the footprint library."
XCircuit 3.2.21 is outVersion 3.2.21 of XCircuit, an electronic schematic drawing package, is available. Changes include bug fixes and distribution library updates.
Financial Applications MyBudget-0.5 Personal Finance Program announced (GnomeDesktop)GnomeDesktop.org has the announcement for the initial release (version 0.5) of MyBudget, a personal finance application. "The aim of the program is to make it as easy as possible for people to do their own personal budgets and keep track of their finances."
Games Cyphesis 0.3.0 availableVersion 0.3.0 of the game Cyphesis is available from the WorldForge game project. "New features in this version are support for Mercator terrain, oriented box collision detection, IPv6 support, improved security, variable sight ranges, world persistence and a complete new default world map. Performance and reliability are massively improved since the last stable release."
gnome-games 2.7.2 availableVersion 2.7.1 of gnome-games, a collection of games for the GNOME desktop, is available. "Mostly this is because I get a kick out of having the largest version number, but it is also because Jon McCann has made blackjack resizeable."
Monster Masher 1.6 releasedVersion 1.6 of the game Monster Masher is out with a new splash screen, bug fixes, and a revised Portuguese translation. Version 1.6.1 was also released this week, it features a fix for a bug that was found in version 1.6.
Release: StepMania 3.9 alpha 20 (SourceForge)Version 3.9 alpha 20 of StepMania is available. "StepMania is a music/rhythm game. The player presses different buttons in time to the music and to note patterns that scroll across the screen. Features 3D graphics, visualizations, support for gamepads/dance pads, a step recording mode, and more!"
Graphics DiaCanvas 0.13.0 releasedVersion 0.13.0 of DiaCanvas, a digram widget for GTK, is out with bug fixes and a change in the behavioral code.
GUI Packages PyQt v3.12 ReleasedVersion 3.12 of PyQt, the Python Language Bindings for Qt, is available. "Changes since the last release include support for Qt v3.3.2, and the provision of an evaluation version for Windows to be used with the evaluation version of Qt."
wxWidgets 2.5.2 has been releasedVersion 2.5.2 of the wxWidgets GUI Toolkit is available. "Amongst other improvements, sizers are working properly again in 2.5.2, and wxMac has come on leaps and bounds."
Instant Messaging Gaim 0.78 ''Worth the Wait'' released. (GnomeDesktop)Version 0.78 of Gaim, an instant messaging client, has been announced. "Version 0.78 fixes all kinds of WYSIWYG formatting bugs, MSN bugs, restores compatibility with Gtk 2.0, adds support for the SILC protocol, among many other things. Oh yeah, and preferences should be less confusing now!"
Music Applications MusE 0.7 Pre 3 releasedVersion 0.7pre3 of the MusE MIDI and audio sequencer is available with a long list of changes and bug fixes.
Rosegarden-4 0.9.8 releasedVersion 0.9.8 of Rosegarden-4, a MIDI sequencer and score editor, is out. "This release is primarily focused on bugfix, performance and usability improvements over 0.9.7, including significant optimisations to the main editing canvas, sequencer and GUI memory leak fixes, faster and better notation editing and printing, and dozens of other fixes. It also contains a handful of new features including MIDI mixer window, ottava and fingering marks in notation, and a redesigned audio segment manager."
Office Suites OpenOffice.org build 1.1.56 is outBuild 1.1.56 of OpenOffice.org has been released. "This package contains Desktop integration work for OpenOffice.org, several back-ported features & speedups, and a much simplified build wrapper, making an OO.o build / install possible for the common man. It is a staging ground for up-streaming patches to stock OO.o."
OpenOffice.org Newsletter 05/2004The May edition of the OpenOffice.org Newsletter is out, with about the OOoCon 2004 Call For Papers; the approach of OpenOffice.org 2.0; and several other topics.
PDA Software jSyncManager v3.2 alpha 01 released (SourceForge)Version 3.2 alpha 01 of jSyncManager, a cross-platform Java data synchronization solution for PalmOS based devices, has been released. "Included in this release are the jSyncManager Core Application Set, the jSyncManager API, the jSyncManager jConduits plug-ins bundle, and a special Jar Bundle version for systems running Mac OS X."
Peer to Peer Azureus 2.1.0.0 released (SourceForge)Version 2.1.0.0 of Azureus, a Java-based BitTorrent client, is out. "This long-awaited Azureus 2.1 series release brings many new features and bug fixes to the java bittorrent client, as well as major usability enhancements for plugin writers."
BTQueue 0.0.8 has been released (SourceForge)Version 0.0.8 of BTQueue, a text-based BitTorrent client, is available. "This version supports download rate limitation, access control list based on ip range, network name (taken from whois), and country, and many bugs fixed."
Web Browsers Epiphany 1.3.0 releasedVersion 1.3.0 of Epiphany, a browser for GNOME, is out. The changes are numerous, they include bug fixes, removal of unused features, interface improvements, translation updates, and improved documentation.
Epiphany Extensions 1.1.0 releasedVersion 1.1.0 of Epiphany Extensions, a collection of extensions for the Epiphany browser, are available. This release updates compatibility with the latest Epiphany versions, and includes bug fixes.
Galeon 1.3.15 is outVersion 1.3.15 of the Galeon browser is available. The release announcement says: "As promised, here's the first gtk+ 2.4 based release. We also made a bunch of other updates - the most significant of which is a serious overhaul of the downloading subsystem - most significantly meaning it doesn't crash all the time :-) In the feature restoration department, we see the return of the off-line mode and user stylesheets."
Word Processors AbiWord Weekly NewsIssue #198 of the AbiWord Weekly News has been published. It starts off with a request for help: "Attention Indic and Arabic users! We need more of you to attempt to use and report bugs on CVS Head. As we continue to improve the glyph-shaping engine, we will need to know what is working and what is not."
Miscellaneous 3dFB 0.5.5 releasedVersion 0.5.5 of 3dFB is out. "3dFB is a 3d File Manager. 2d file managers work nicely, but with 3d you can display much more information. The aim of this project is to make a viable, workable, 3d file manager that is not a hog on resources and can actually be usable."
Languages and Tools Caml Caml Weekly NewsThe June 1, 2004 edition of the Caml Weekly News is available with the latest Caml language discussion topics.
Erlang Erlang/OTP R9C-1 releasedVersion R9C-1 of Erlang/OTP has been released. "This is mainly a bugfix release and user can safely upgrade their development environment. It fixes many small bugs regarding all the aspects of the Erlang/OTP distribution."
Java JJack 0.1 is availableThe initial release of JJack, version 0.1, is available. "JJack is a framework for the Java programming language that allows creating and running portable audio processor clients for the JACK Audio Connection Kit."
Java 2D imaging for the Standard Widget Toolkit (IBM developerWorks)Yannick Saillet works with Java graphics on IBM's developerWorks. "Most Java developers agree that there's only one domain where Swing/AWT is superior to the Eclipse platform's Standard Widget Toolkit, and that's Java 2D. Until now there has been no easy way to integrate the time-saving features of Java 2D with the superior portability, functionality, and performance of SWT's user interface components, but that's all about to change. In this follow up to his popular tutorial on migrating Swing applications to SWT, Java developer and Eclipse enthusiast Yannick Saillet shows you how easy it can be to paint Java 2D images on your SWT components and Draw2D figures."
Nested Classes, Part 3 (O'ReillyNet)O'Reilly has published part three in a series by Robert Simmons, Jr. on Java nested classes. "Kn this third and final installment on nested classes, excerpted from Hardcore Java, author Robert Simmons covers static nested classes, double nested classes, and nested classes in interfaces."
SableVM 1.1.5 released (SourceForge)Version 1.15 of SableVM, a Java virtual machine implementation, has been announced "In this version, we synchronized sablevm-classpath with the latest GNU Classpath CVS (as of May 29, 2004.), we improved the support for Ant 1.6, we switched to using libtool handling to find the right library suffixes (this helps some platforms like OpenBSD and Cygwin), we fixed a corner case problem with class loading, and we made some other small bug fixes."
SSS (Small, Simple, Safe) (O'ReillyNet)Alper Coskun examines SSS on O'Reilly. "Teaching Java is complicated both by the language's syntax and the huge number of classes in its standard libraries. According to Alper Coskun, one solution might be "Small Simple Safe" (SSS), which tries to alleviate this by giving the user an opportunity to create and relate objects in a very simple GUI."
Perl This Week on perl5-porters (use Perl)The May 24-30, 2004 issue of This Week on perl5-porters is available. "This week, you'll read in this summary more about the uninitialized warning plans for 5.8.($n+1), some XS tricks, intriguing bugs, and the different types of UIDs."
This Week on Perl 6 (O'Reilly)The May 23, 2004 edition of This Week on Perl 6 has been published. "Yes. I know. This week's summary is a week late. So it's a summary of the last two weeks. So let's get straight to perl6-internals shall we?"
PHP PHP Weekly SummaryThe PHP Weekly Summary for May 25, 2004 is available. Topics include: "var_dump() change, gif support, PHP 5 release schedule, PDO design and more.."
Python Python 2.3.4 (final) ReleasedPython 2.3.4 (final) is out with more than 20 bug fixes.
Dr. Dobb's Python-URL!The May 26, 2004 edition of Dr. Dobb's Python-URL! is available with numerous Python language article links.
Charming Python: The Python Enterprise Application Kit (IBM developerWorks)David Mertz introduces PEAK on IBM's developerWorks. "PEAK is a Python framework for rapidly developing and reusing application components. While Python itself is already a very high-level language, PEAK provides even higher abstractions, largely through the clever use of metaclasses and other advanced Python techniques. In many ways, PEAK does for Python what J2EE does for the Java language. Part of the formalization in PEAK comes in the explicit specification of protocols, specifically in the separately available package, PyProtocols."
Shells PySH - The Python ShellFor those of you who just can't get enough of the Python language, PySH is a command line shell that allows you to use Python-style commands.
Scripting GNU in the 21st Century (Linux Journal)Nick Moffitt uses a bash shell script to calculate train schedules. "In order to save time, I decided to write a shell script that would fetch the train arrival information for my station and display it in a colored ASCII table on stdout. It should accept station codes for any arbitrary trip but use defaults specified in a per-user configuration file. I did not want to write the schedule analysis code, so I decided to perform a screen scrape of the BART trip planner. wget would submit the trip planner form, and the resulting Web page would be formatted with various tools."
Tcl/Tk Dr. Dobb's Tcl-URL!The June 1, 2004 edition of Dr. Dobb's Tcl-URL! is out with the latest Tcl/Tk article links.
XML Gaphor 0.4.0 AnnouncedVersion 0.4.0 of Gaphor, the GTK/GNOME UML modeling tool, is available. This release adds action diagram, interfaces, a new look and feel, and no more C code.
Miscellaneous flawfinder 1.25 releasedVersion 1.25 of flawfinder, a tool for locating security problems in C and C++ source code, is out. "Version 1.25 adds more rules for finding security flaws involving cuserid, getlogin, getpass, mkstemp, getpw, memalign, gsignal, ssignal, ulimit, and usleep. Flawfinder now has 137 rules that it checks automatically. Its documentation now has lengthy text to explain exactly how to use flawfinder with vim and emacs."
Extensible Programming for the 21st CenturyDr. Gregory V. Wilson writes about Extensible Programming. The Daily Python-URL has a summary of the article: "This article argues that next-generation programming systems will [allow programmers to add entirely new kinds of information to programs, and to control how that information is processed] by combining three specific technologies: compilers, linkers, debuggers, and other tools will be plugin frameworks, rather than monolithic applications; programmers will be able to extend the syntax of programming languages; and programs will be stored as XML documents, so that programmers can represent and process data and meta-data uniformly."
Elements of Service-Oriented Analysis and Design (IBM developerWorks)Olaf Zimmermann, Pal Krogdahl and Clive Gee discuss Service-Oriented Architecture and Design on IBM's developerWorks. "Experience from first Service-Oriented Architecture (SOA) implementation projects suggest that existing development processes and notations such as Object-Oriented Analysis and Design (OOAD), Enterprise Architecture (EA) frameworks, and Business Process Modeling (BPM) only cover part of what is required to support the architectural patterns currently emerging under the SOA umbrella; hence, there is a need for an enhanced interdisciplinary service modeling approach."
Page editor: Forrest Cook Linux in the news Recommended Reading SuperCharging Innovation - Why The State Should Release Its Software As Open Source (Groklaw)Groklaw has posted a paper by Australian attorney Brendan Scott on the benefits of governments releasing their code under open-source licenses. "He points out that when governments do not release their software as open source, it's the taxpayers who lose value. And a desire to commercialize software is not a reason not to release as open source, he says, because there is the option of dual licensing or using a services model".
ESR does SamizdatFor those of you who haven't had enough of this sort of thing, Eric Raymond has posted his critique of the Alexis de Tocqueville Institute's attack on Linux. "I began reading the excerpts skeptical of the widespread conspiracy theory that this book is a paid hatchet job commissioned by Microsoft. Now I find this theory much more credible. I can't imagine how anyone would want their names on a disgrace like this unless they were getting paid extremely well for undergoing the humiliation."
Man AdTI Hired to Compare Minix/Linux Found No Copied Code (Groklaw)Groklaw looks at some email correspondence by Andrew Tanenbaum on whether early versions of Linux had any Minix code within. "Apparently, Ken was expecting me to find gobs of copied source code. He spent most of the conversation trying to convince me that I must have made a mistake, since it was clearly impossible for one person to write an OS and 'code theft' had to have occured. So, I guess what I want to say is, pay no attention to this man. . ."
Companies HP expands open-source support (News.com)News.com covers some open source news from HP. "The computing giant will certify and support MySQL, the leading open-source database program, and JBoss, a popular Java-based application server, on HP's industry standard servers."
Macromedia adds SOAP to Linux Flash Player (News.com)Macromedia has added SOAP capabilities to the Linux Flash Player, according to this article on news.com. "The company said the latest Flash Player, released Thursday, offers increased performance and security. Simple Object Access Protocol (SOAP), a Web services protocol that allows independent applications to exchange messages in real time, helps companies integrate their applications and improve overall efficiency."
Sun warms to open source for Solaris (News.com)News.com covers Jonathan Schwartz's talk in Shanghai, where he said Sun would "open source" Solaris. "A problem that Schwartz wants to avoid is having Solaris splintered into different distributions like Linux, which he said creates application incompatibilities. Going the way of Linux-type licensing, he suggested, creates open source but not open standards."
Symantec may go with Linux (MercuryNews.com)Symantec is considering a corporate switch to Linux, according to the San Jose Mercury News. "Somewhere, Bill Gates is frowning. Symantec Chief Executive John Thompson said today his company may use Linux software to run its desktop computers instead of Microsoft's Windows. Bloomberg News says Cupertino's Symantec, the largest maker of consumer anti-virus software, is considering whether to switch some or all employees to Linux, a free operating system developed by programmers around the world, Thompson said at a conference in New York."
Linux Adoption Novell Australia leads global Linux migration (ComputerWorld)ComputerWorld Australia covers Linux adoption at Novell Australia. "The migration, which will see staff across the globe using SuSE Linux systems running OpenOffice, is partly motivated by broader commercial concerns. Novell completed its $US210 million acquisition of SuSE in January this year, and the company wants to use itself as a showcase for both SuSE and Ximian, which it also purchased last year."
Oracle to be Linux shop by end of year (silicon.com)Silicon.com reports that Oracle plans to switch its in-house programming staff to Linux by the end of 2004. "In October, the company finished the Linux transition for the 5,000 programmers of its Oracle Applications software. Now the transformation has begun for those who work on the database product, said Wim Coekaerts, director of Linux engineering, in an interview at the CeBit trade show in New York."
IBM's Linux Push (IT-Director)IT-Director takes a look at IBM's role in Linux adoption. "According to Adam Jollins, who is part of IBM's Linux Marketing Strategy team, the adoption of Linux is happening most quickly in Banking, Government and Retail, followed by sectors that use scientific or engineering applications (automotive, pharmaceuticals, life sciences, education etc.) This is unusual in some respects as the Banking industry is normally and early adopter of technology whereas Government is normally a late adopter, but these two sectors appear to be driving Linux adoption along with Retail."
Interviews Interview: Daniel Glazman, Nvu Developer (MozillaNews)MozillaNews has an interview with Daniel Glazman, author of the Nvu HTML editor. "I'd like Nvu to become the companion standalone editor to Firefox and Thunderbird. The third and last element missing from the Mozilla Application Suite. I want it to become a good wysiwyg editor that we won't be afraid to compare to the big players on the market. I want Nvu to be a disruptive innovation* in the HTML editors' market, reaching success from the low-end market share, the one that the big players don't want to or can't address. And don't forget Nvu is cross-platform..."
Paul Graham on Hacking (O'ReillyNet)O'ReillyNet interviews Paul Graham, hacker, painter, essayist and author of Hackers & Painters. "ORN: When you first face a new project, how do you approach it? PG: I try to build big programs out of small ones. So, when I approach a new project, I look for the subset of the problem that I can solve with the smallest program. Then I start adding things."
Ben Goodger from the Mozilla Foundation (Neowin.net)Neowin.net interviews Firefox developer Ben Goodger. "Over the last couple of months, Neowin has tracked the development of perhaps one of the most promising open source projects for a long time : Mozilla Firefox, or Firefox. We've managed to have a talk to Ben Goodger, chief developer of Firefox, about whats new in the upcoming release, and much much more."
Red Hat CEO Szulik on business, SCO, and other topics (IT Manager's Journal)IT Manager's Journal interviews Red Hat CEO Matt Szulik. "The challenge is to be a good steward for the open source community. Most people understand Red Hat is there to make money. That said, the company contributes around 21 percent of its R&D back into the public domain to do public license. To contribute the kind of public functionality that Red Hat puts back into the public domain, the Fedora, which cannibalized $9 million of revenue stream that they had to make up -- Red Hat walks the walk and talks the talk."
Resources Arch for CVS Users (Linux Journal)The Linux Journal provides a whirlwind introduction to arch for people already familiar with version control. "Arch is, at its heart, a distributed system. There is no special server process, and each developer's machine can serve as an arch repository. The result is that advanced use of arch can require more work on the client side."
Documenting Projects with Apache Forrest (O'ReillyNet)Kyle Downey looks at the use of Apache Forrest for working with software documentation. "Apache Forrest helps you develop the documentation to accompany your application, automatically providing a number of neat features such as menus, links, cross-references, and breadcrumb navigation. Kyle Downey provides an introduction."
New Linux Audio MusingsDave Phillips has updated his Linux audio musings column this month. Also, an updated version of the New Additions list of Linux audio applications is available. "As you can tell from this month's New Additions the Linux audio software base continues to grow and improve. I'm always heartened by the list of updated software, it indicates the dedication many authors have towards their work, and of course we users get to enjoy the fruits of an ever-improving software collection. There's a lot of neat stuff in the new listings for this month, so I suggest you stop reading this column and start checking out that software..."
The Python Enterprise Application Kit (developerWorks)IBM developerWorks introduces PEAK, the Python Enterprise Application Kit. "PEAK is a Python framework for rapidly developing and reusing application components. While Python itself is already a very high-level language, PEAK provides even higher abstractions, largely through the clever use of metaclasses and other advanced Python techniques. In many ways, PEAK does for Python what J2EE does for the Java language. Part of the formalization in PEAK comes in the explicit specification of protocols, specifically in the separately available package, PyProtocols."
Building a Linux Media PC (O'Reilly)John Littler explains how to turn a Linux box into an entertainment system on O'Reilly. "In this article I'm going to look at a particular sort of setup of a Linux home theatre PC one where the primary consideration is space. Suppose you have a small studio apartment, or a bedroom or study where you want to work on your computer, watch movies and TV, and play music and maybe games as well."
Reviews Linux gets 802.11g Intel Centrino driver (ZDNet)ZDNet UK looks at a pre-beta version of Intel's Linux-based 802.11g driver for its Centrino platform. ""The pre-beta drivers are intended to provide the Linux open-source developer community an opportunity to evaluate the drivers in their own environment, and provide Intel with feedback," said [an Intel] spokesman." (Thanks to James Pearson-Kirk)
The Little Engine That Could (PBS)Robert X. Cringely proclaims the virtues of Linux as found in the Linksys WRT54G router. "...the WRT54G with Sveasoft firmware is all you need to become your cul de sac's wireless ISP. Going further, if a bunch of your friends in town had similarly configured WRT54Gs, they could seamlessly work together and put out of business your local telephone company. That's what I mean by a disruptive technology."
ipfilter on GNU/Linux: Is It Finally Here? (Linux Journal)Linux Journal takes a look at the latest release of ipfilter. "For the better part of a decade, users of FreeBSD, OpenBSD, NetBSD, Solaris and IRIX have used Darren Reed's ipfilter software to firewall networks and protect individual systems from network-based attacks. Now, with the release of ipfilter 4.1.1, GNU/Linux is moving into the fold as a supported platform."
Project in the spotlight: JaMBW (Bioinformatics.org)Bioinformatics.org takes a look at JaMBW, a Java-based Molecular Biologist's Workbench. "The software and documentation are made available to molecular biologists to give free access to the most common bioinformatic operations, according to the project pages. ``The peculiar aspect of JaMBW, however, is to take advantage of the foremost developments in computer science in order to deliver information in a way simple to use. The latter includes, therefore, point-and-click, drag-and-drop, plug-and-play.''"
Subversion: The new-generation CVS (DevChannel)OSDN DevChannel looks at Subversion. "Subversion is tightly integrated with the Apache Web server, which allows it to provide a robust back end for repositories in areas such as authentication, path-based authorization, and browsing, although support is provided by an external module. This configuration is very Apache-specific, so we will not address any details here. As an alternative, Subversion offers a lightweight solution named svnserve which uses a proprietary protocol running over TCP. For our simple needs svnserve will do."
Miscellaneous EFF Starts Patent-Busting Project (Groklaw)Groklaw reports on the EFF's Patent-Busting Project. ""We are concerned about the growing number of illegitimate software and Internet patents," said Glenn Parker, trustee of The Parker Family Foundation. "By investing in EFF, we know that we will be helping to protect the rights of individuals, nonprofits and others that have legitimate noncommercial uses of software and Internet technology.""
Play Donkey Kong, go to jail? (NewsForge)NewsForge questions the legality of LiveCD distributions for playing arcade games. "The software for most of these arcade games is not free. If you do not have a legal license for a game you are playing under MAME, you are infringing on someone's copyright."
Page editor: Forrest Cook Announcements Non-Commercial announcements An open letter from Alan CoxAlan Cox has sent out an open letter encouraging Europeans (and UK citizens in particular) to vote in the upcoming European Parliament elections, and to keep software patents in mind while doing so. "The turnout in the UK is expected to be 18%. That favours anyone who can mobilize and get out and vote. It's a one off opportunity to kick the pro-patent lobby somewhere that hurts."
AGNULA project needs editorsThe AGNULA audio distribution project sent out an announcement asking for newsletter editors.
AGNULA needs a webmasterThe AGNULA project is in need of a volunteer webmaster.
Apache Software Foundation Announces Apache Geronimo as an Official ProjectApache Software Foundation has announced that Apache Geronimo has been approved as an official project of the ASF. The objective of the Apache Geronimo project is to produce an open source, certified implementation of the Java 2 Platform, Enterprise Edition (J2EE) specification licensed under the Apache License and offered to the public at no charge.
Creation of YAPC::Europe Foundation announced (use Perl)Use Perl has an announcement for the new YAPC::Europe foundation. "The new committee will be part of YAPC, which is part of YAS, also known as TPF."
Commercial announcements Arabella Announces Linux USB Host and Device Support for the PowerQUICC(TM) ProcessorArabella Software has announced Linux USB support for the PowerQUICC processor. "Arabella Software, a leading supplier of "Customized Linux Solutions" for embedded applications, today announced that its Arabella Linux for the PowerQUICC(TM) integrated communication processors has been extended to include fully integrated support for USB Host and Device functionality."
Euroland initiates research coverage of MandrakesoftMandrakesoft has announced the availability of a report from Euroland entitled "Mandrakesoft: the rising star of the Linux Market". Click below for more information.
Intel to open source EFI firmware codeIntel has announced that it will be releasing its "foundation code" implementing the extensible firmware interface (EFI) specification. This release raises the prospect of having a system with a completely free BIOS. CollabNet will be handling the actual release, which is due "later this year."
Lineox Announces Migration Instructions from Red Hat Linux 9Lineox is offering a solution for migration off of Red Hat Linux version 9. "Lineox Enterprise Linux 3.0 is an enterprise level Linux distribution with almost 5 years of planned support life. In the past Lineox has provided updated program packages with feature enhancements, bug and security fixes for free. The update service will be fee based starting fall 2004."
Macromedia Flash Player 7 for Linux Now AvailableMacromedia has announced the immediate availability of Macromedia Flash Player 7 for Linux.
Pingtel Forms Technical Advisory BoardPingtel Corporation has announced the formation of the Pingtel Technical Advisory Board to assist in the development of open source IP telephony.
The Sendmail messaging integrity pilot programSendmail, Inc. has announced the launch of the "Sendmail messaging integrity pilot program," a public testbed for various sender authentication schemes. Included at the beginning is a free implementation of Yahoo's "DomainKeys" system. "'Sender-based email authentication is set to change the way email is used. Instead of focusing on filtering out unwanted mail, organizations will need to think about filtering in the mail they want,' said Eric Allman, CTO at Sendmail."
Sun Announces Java WSDP 1.4Sun Microsystems has announced the release of version 1.4 of its Java Web Services Developer Pack (WSDP).
New Books NoSCOpyright - SCO contro LinuxA group known as the "NMI Club" has written an entire book (in Italian) on the SCO Group and its attacks. This book, called NoSCOpyright - SCO contro Linux, is available in bookstores; it has also been released online under a copyleftish Creative Commons license. Click below for the full announcement (again, in Italian).
Upcoming Events OMG Information Day: London, June 10, 2004An OMG Information Day will take place in London. "LogOn and the Object Management Group are announcing an OMG Information Day, taking place at the New Connaught Rooms in London, on June 10, 2004."
Wizards of OS 3Wizards of OS 3 conference will be held at the Berlin Congress Center on June 10-12, 2004.
Debian Project at Wizards of OSLook for representatives of the Debian Project at the Wizards of OS conference in Berlin, Germany on June 10-12, 2004.
Tim Ney's GUADEC Blotter (GnomeDesktop)GnomeDesktop.org mentions the availability of online coverage from the GNOME Users and Developers European Conference on June 28-30. "TIm Ney, the GNOME foundation director wrote in to let us know that he will be blogging various news items relating to GUADEC at his new blog."
European Revolution ConferenceThe Autumn European Revolution Conference will be held on November 14-16, 2004 in Malta.
YAPC::Australia::2004 Call for Papers (use Perl)A Call for Papers has gone out for the Open Source Developers Conference and YAPC::Australia::2004, according to this notice on Use Perl.
Events: June 3 - July 29, 2004
Web sites KDE Users Database (KDE.News)KDE.News has an announcement for a new KDE Users Database site. "A few days ago, we've opened a new section on our Polish K Desktop Environment website called "KDE Users Database". This is not only for Polish users, it's international. After some time it'll be good rate of KDE users number all over the world. Every registered user can save generated certificates and put them on his desktop or website."
Software announcements This week's software announcementsHere are the software announcements, courtesy of Freshmeat.net. They are available in two formats:
Page editor: Forrest Cook Letters to the editor qmail
Greetings,
Re: Movable type and "almost free" software
Sam Johnston writes:
LINUX Security - Buffer Overflows
BE May Editorial -- How Many Nines Is That, Again?
I hate to have to ruin your day, after you put all that work into it
Page editor: Jonathan Corbet
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||