LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for June 17, 2004The Grumpy Editor's guide to mail clients: introduction
Your editor will have to request some patience, however. A proper review of mail clients will take more than one column, along with a significant amount of time. Those wanting an instant review of bleeding-edge graphical mailers will have to wait a while; this column, instead, will attempt to provide an introduction to the topic by looking at the standards set by MH. MH was, at the outset, different from any other mail client out there, and it remains different. Mail clients tend to be classic examples of monolithic design; everything (one hopes) that a user might want to do with electronic mail is built in to one single, large application. The designers of MH concluded that this design did not fit well with the Unix way of doing things, which is to have a relatively large number of small programs, each of which does one thing well. As a consequence, MH is not one program, but many: the current nmh distribution contains 39 separate utilities. When dealing with MH at this level, the user is never "in" the mail system; instead, all commands are typed directly to the regular shell. The inc command brings in new mail; scan lists a folder; show, next, and prev display individual messages; repl generates a reply; rmm, refile, and others dispose of messages; and so on. There is a command (pick) which can perform complicated searches through folders. All of these commands (and many not mentioned) manipulate a global state, giving the full set the feel of a single, integrated application. MH folders, incidentally, are also unique: they are simply directories containing each message in a separate file. A number of modern mailers support MH folders, though usually not as the preferred format. The result of this organization is that it is possible to build software on top of the MH primitives with great ease. Over the years, developers have created numerous interfaces for MH, including xmh (an old graphical interface still shipped with XFree86), exmh (a Tk-based graphical client), and MH-E (an emacs-based interface favored by your editor). The scriptability of the MH primitives also makes it easy to integrate the mail client into any other task-oriented software that the user may need to run. The availability of multiple interfaces to the same mail system is nicer than one might think. A fancy, graphical interface may be useful when one is in the office and near to the mail system. When one is stuck behind a slow network connection (a GPRS link from a nearby mountain, say), the command line interface may be the only way to work through a batch of mail quickly and with minimum pain. There is great value in not being locked into a single mode of interaction with the mail system. Unfortunately, MH is showing its age in a big way. The nmh effort appears to have stalled for lack of developers; it shows no commits to its repository since 2003; the 1.0.4 release - the latest available - came out in April, 2000. A 1.1 release candidate was posted in January, but nothing has happened since then. There is support for MIME in nmh, but that support is awkward at best. The exmh front end does MIME, but there has not been an exmh release in over a year; it, too, is getting harder to find in distributions. MH works with POP, but there is no IMAP implementation in sight. In general, MH is old, unmaintained, and fading from the scene. This is a shame, because MH got some things right decades ago that modern mail client developers still seem to miss. Your editor does not want to funnel his email into a single-interface black box. He wants to be able to manipulate mail from his desktop, over a modem link, or running through mindterm on a Windows "email garden" system in a remote place. It should be possible to do anything with email - even things that the developer of the mail client might not have thought of. It must be possible to make connections between the mail client and the LWN site code. It should be possible to manipulate messages and folders with shell scripts and programs without great pain. The client should be a powerful tool for working with electronic mail, but it should be just the beginning point, rather than the final destination. Your editor is now shopping for an email client which can replace MH. This process could be a long one; understanding a mail client well enough to write about it takes a significant amount of effort. The process may also require delving into other parts of the larger email system, such as IMAP servers. Watch for a series of upcoming articles over the (northern hemisphere) summer as this journey unfolds. As a down payment, here is a quick look at the MH-E interface. Your editor has used MH-E for years; it does a nice job of combining the power of MH with an efficient keyboard interface and the usual benefits of integration with the editor itself. Your editor has long assumed that MH-E has suffered the same fate as MH; the version shipped with the current GNU emacs distribution dates from 2000. This version of MH-E has many shortcomings; it does not even deal with simple things like mail in the quoted-printable encoding correctly.
On the down side, enough commands have been changed to drive a long-time MH-E user nuts for a while, and the documentation is, um, missing. The default colors show a distinct lack of restraint or concern for human factors. It also has adopted the gnus habit of replacing smileys and such with its own built-in icons - behavior which is amusing for about two messages before you realize you'd rather just see what the other person wrote. Fortunately, this behavior is easily turned off with a configuration option. The new MH-E is apparently slated for inclusion in emacs 21.4. It is good to see that significant work is going into this mail interface; MH-E is too good to allow to slip into obscurity and decay. The fact remains, however, that MH-E is built on a foundation which has not seen any significant maintenance in years. (For more information on the history and philosophy behind MH, see the classic (if quaintly titled) paper "MH: How to process 200 messages a day and still get some real work done," available in PostScript format).
The 64-bit questionIt was probably too much to hope that all Linux vendors would take the same approach to their distributions for AMD's 64-bit x86 chips and Intel's forthcoming 64-bit x86 chips, or x86_64. While the major commercial vendors (SUSE, Red Hat and Mandrake, to name a few) are shipping mixed distributions for x86_64, the recently-announced Debian x86_64 port is a pure 64-bit distribution without 32-bit libraries.
A pure 64-bit distribution has the advantage of being simpler, and of not
having to worry about multiple versions on libraries and such.
Thus, while other distributions have relegated the 64-bit libraries to an
alternate location, such as The original plan for Debian's x86_64 port was to be similar to sparc64, where the default is 32-bit applications and libraries. However, the tide turned in February, and multiarch support was put on the back burner. As Goswin von Brederlow explains:
There was an attempt at doing a mixed port but the resistance by the
dpkg developers and the community in general was too big to get it under
way, esspecially with the sarge release looming over our heads. A full
mixed port means changing every single library package and affects
probably all packages. That's nothing one wants to do before sarge.
So instead of going full 32/64 bit mixed mode amd64 in one big step pure64 was started to get 64 bit support fully available with minimum impact to sarge. Merging is multiarch support for mixed 32/64 bit is now step 2 planed for after sarge at the earliest. This may not end up being a big problem, even for those users who need to run 32-bit x86 applications. As John Goerzen points out, it is possible to run 32-bit binaries in a chrooted environment:
The only reason I can see for even bothering to support 32-bit
applications at all is for binary-only proprietary software. And that
is not such a concern; it takes all of about 10 minutes to set up a
32-bit chroot with debootstrap to run those things in.
Some have voiced concerns about Debian being incompatible with other x86_64 distributions. Since LSB-compatibility should be the main concern, we wondered whether Debian, or any other Linux distributions, were compatible with the LSB specification for x86_64 chips. Stuart Anderson, lead developer of the LSB written specification, told LWN that none of the distributions currently meet the LSB specification, but for obvious reasons:
That's because there has not yet been an official release of the LSB for
that architecture. There is a draft, and it will get released in the
very near future, but because it hasn't been, distros have not yet had a
chance to certify.
Anderson did say that a distribution can be LSB-compliant, without running 32-bit binaries, since the specification covers only x86_64. He also said that they are working on a "multi-arch" specification, "but it's not really far enough along to say anything specific."
In general, I think a 64 bit distro should be able to support a 32 bit
runtime in parallel. It just does so as supporting two specs, and not a
single one that mandated both 32 & 64.
No doubt, it will be some time before x86_64 support is uniform across all the various Linux distributions. The hardware is not yet in wide enough use to truly force distributions to standardize, and it's entirely possible that the 32-bit problem will disappear as x86_64 hardware becomes commonplace.
Time for a SCO updateIt has been a busy week in the SCO universe; time for an update.The company released its second quarter results on June 10; those who are interested can see the press release or, for far more detail, the 10-Q filing. The results were as bad as expected; actually, they were even worse. The company lost $15 million on $10 million in revenue. The SCOsource program brought in all of $11,000 over the quarter. SCO management says things will get better soon, of course. About one year ago, SCO acquired a web services company called Vultus; this acquisition, somehow, involved the transfer of some 300,000 shares of SCO stock to the Canopy Group. Quite a few questions were raised at the time; there did not seem to be any sort of legitimate business reason for SCO to make this acquisition; it seemed, instead, to be a way of shifting money over to Canopy. The questions have come back; this quarter's 10-Q filing includes a $2.4 million writeoff acknowledging that Vultus is, in fact, worthless. Also found in the 10-Q is the fact that SCO has spent $2.4 million of its scarce cash buying back its own stock. These purchases appear to have done little to prop up the company's stock price, however. The most significant news of the week was almost certainly the rulings in the Novell case. Three separate motions were decided:
The most important ruling by far was the one keeping the case in Federal court. SCO was hoping for a quick contract case where it could talk about the "intent" of the agreement that transferred the Novell license administration business to (old) SCO. State courts cannot rule on the validity of actual copyright transfers, which are a Federal issue. Judge Kimball has decided, however, that the existence (or lack thereof) of a copyright transfer is a crucial part of this case. If no copyrights were transferred to old SCO, then the current SCO Group has no basis for a "slander of title" claim. And the Judge has his doubts on whether that transfer happened:
The Amendment also contains no transfer language in the form of
'seller hereby conveys to buyer.' Given the similarly ambiguous
language in the APA with respect to the transfer of assets --
seller 'will' sell, convey, assign, and buyer 'will' purchase and
acquire -- it is questionable on the face of the documents whether
there was any intention to transfer the copyrights as of the date
the amendment was executed. Moreover, the use of the term
'required' in Amendment No. 2 without any accompanying list or
definition of which copyrights would be required for SCO to
exercise its rights in the technology is troublesome given the
number of copyrighted works involved in the transaction. There is
enough ambiguity in the language of Amendment No. 2 that, at this
point in the litigation, it is questionable whether Amendment No. 2
was meant to convey the required copyrights or whether the parties
contemplated a separate writing to actually transfer the copyrights
after the 'required' copyrights were identified.
In state court, SCO would not have had to face this particular line in inquiry. In Federal court, instead, the company will have to start by proving that it does, indeed, own the copyrights it has been claiming; furthermore, this proof will have to be made to a clearly skeptical judge. One might well think that this whole issue is irrelevant. Beyond the small bit of Unix code leaked into the kernel by SGI (and long since removed), there has been no evidence that any proprietary Unix code has found its way into Linux. Even if SCO wins its case against Novell, it loses against Linux. But the fact that its copyright ownership claims are being challenged in Federal court may yet be the factor that brings the whole enterprise crashing down. Sales of "Linux licenses" will be even harder than before, and, if the judge rules that SCO does not own the copyrights, the rest of SCO's legal offensives will simply collapse. Judge Kimball also issued some rulings in the IBM case. SCO's motion to bifurcate the case (an attempt to split IBM's patent counterclaims into a separate trial) was denied by the judge. This motion was denied without prejudice, so it could come back at some future time. SCO's motion to delay the case was partly granted, however; the actual trial, should it ever happen, will be in November, 2005. The judge has made it clear that he is not interested in any further delays after this one. In the AutoZone case, SCO has filed a memorandum opposing AutoZone's motions to put the case on hold, or, at least, to move it to Tennessee. Says SCO:
Granting a stay under the procedural posture of the cases that
AutoZone has relied upon would amount to giving AutoZone free
license to continue to infringe upon SCO's copyrights for the
foreseeable future, while preventing SCO from even obtaining
discovery concerning the breadth of such copyright infringements
and the damages such infringements may have caused.
In other words, poor SCO would not be able to go fishing through AutoZone's files looking for actual evidence. Finally, the SCO Group is, for the first time in a while, making a big show of wanting to be a software company. One announcement was for UnixWare 7.1.4, which includes a number of bleeding-edge features: support for disks larger than 128GB, pluggable authentication modules, MySQL, PostgreSQL, Apache 2.0.49, Tomcat, Perl, PHP, Samba 3.0, Sendmail, and more. It seems that free software isn't such a bad thing after all. SCO has also announced an embedded offering, "SCOoffice server," and "Legend," an upcoming version of OpenServer with support for "64-bit advanced computing." All told, it looks like the company is truly putting some effort into its (still proprietary and obsolete) Unix offerings. One might well wonder why SCO is doing that. The company had been told by BayStar that its litigation was its only worthwhile effort; why drain money from the lawyers to prop up its software offerings? One clue was to be found in the conference call that accompanied the second-quarter earnings report. While SCO claims to be staying the course (and doing great), the whole tone of the conference was subdued. Those who sat through the "Chris&Darl shows" of last year note that, now, the swagger is gone (and Chris Sontag, SCOsource manager, has been just about invisible recently). SCO's management may well have gotten past the denial and figured out that it has lost. If so, they might just be thinking about trying to run a software company once the litigation storm has run its course. That might even work as a "plan B," but only if SCO can overcome a couple of small obstacles: having any sort of company left after those it has attacked are done with it, and offering software that people actually want to buy.
Security The Metasploit FrameworkVersion v2.1 of the Metasploit Framework has been released. Metasploit looks like a script kiddie's dream tool; it is a convenient packaging of some two dozen tools for exploiting known vulnerabilities. A would-be attacker need only choose the weapon of choice from a menu, and turn it loose.In fact, it's better than that. Combined with the exploit engine is the "payload generator"; there is also an online version available. Simply pick the sort of behaviour you would like, set the relevant parameters (e.g. which port to listen to), and the corresponding code pops out the other end. Fit the payload onto your chosen exploit, and your weapon is armed and ready. Metasploit does not bring any new capabilities to the cracker's toolbox, but it does make life easy for those who are unable to craft their own exploits. It can also serve as a useful instructional and testing tool for those of us who are charged with keeping systems secure. Metasploit can quickly tell you if a target system is vulnerable to a given exploit, and it shows what a breakin looks like from the outside. The attackers have it; defenders might as well get a copy and see how it works. See the Metasploit Project page for more information.
New vulnerabilities Apache mod_proxy: denial of service
chora: remote command execution
Horde-IMP: improper input validation
kernel: denial of service
Subversion: Remote heap overflow
webmin: denial of service
Updated vulnerabilities apache2: stack-based buffer overflow in ssl_util.c
cvs: heap overflow
cvs: new vulnerabilities
ethereal: more protocol dissector issues
Filename disclosure vulnerability in fam
flim: insecure file creation
gallery: unauthenticated access
gtkhtml: malformed messages cause crash
iproute: local denial of service
racoon: failure to verify signatures
racoon: denial of service vulnerability
kdelibs: cookie disclosure
kde: URI Handler Vulnerabilities
kernel: symlink overflow in the iso9660 filessytem
kernel - root exploit in MCAST_MSFILTER
kernel-utils: setuid vulnerability
krb5: unauthorized root privileges
LHA: stack buffer overflows and directory traversal flaws
libpng: denial of service vulnerability.
libpng, libpng3: buffer overflow
libxml2 - arbitrary code execution
log2mail: format string vulnerability
logcheck: symlink vulnerability
mailman: password disclosure
mikmod: buffer overflow
mod_python: denial of service vulnerability
mozilla: multiple vulnerabilties
mpg321: format string vulnerability
MySQL: temporary file vulnerabilities
neon: buffer overflow
Nessus NASL scripting engine security issues
netpbm: insecure temporary files
openssh: timing attack leads to information disclosure
OpenSSL: denial of service vulnerabilities
postgresql buffer overflow in ODBC driver
python: buffer overflow
rsync remote file write attack
squid: buffer overflow
SquirrelMail cross site scripting vulnerabilities
sysstat: temporary file vulnerability
File overwrite vulnerability in tar and unzip
tcpdump: ISAKMP payload handling denial-of-service vulnerabilities
Multiple vendor telnetd vulnerability
tripwire format string vulnerability
utempter problems with symlink and strncpy
XChat 2.0.x SOCKS5 Vulnerability
xine-ui - insecure temporary file creation
Resources June CRYPTO-GRAM NewsletterBruce Schneier's CRYPTO-GRAM newsletter for June is out; it looks at the breaking of Iranian codes, biometric IDs, whether Microsoft should provide security updates for pirated copies of its software, the Witty worm, and more. "Witty represents a new chapter in malware. If it had used common Windows vulnerabilities to spread, it would have been the most damaging worm we have seen yet. Worm writers learn from each other, and we have to assume that other worm writers have seen the disassembled code and will reuse it in future worms. Even worse, Witty's author is still unknown and at large -- and we have to assume that he's going to do this kind of thing again."
FTC's release on "do not spam" listHere is the U.S. Federal Trade Commission's press release on its decision not to create a national "do not spam" list at this time. "A registry of individual email addresses also suffers from severe security/privacy risks that would likely result in registered addresses receiving more spam because spammers would use such a registry as a directory of valid email addresses. It ultimately would become the National Do Spam List. Furthermore, a registry of domains would have no impact on spam and a third-party forwarding service model could have a devastating impact on the e-mail system." There will be an "email authentication summit" in the (northern hemisphere) Fall to address what the FTC sees as the real problem.
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current 2.6 kernel is 2.6.7, which was announced by Linus on June 15. Changes since the last release candidate include a fix for the latest denial of service vulnerability (see below), an NTFS update, some more CPU frequency controller work, and lots of fixes. The biggest changes since 2.6.6 include scheduling domains, a big rework of the reverse-mapping VM code, filtered waitqueues, the removal of the InterMezzo filesystem, quota and extended attribute support in reiserfs, a new API for NUMA systems, the removal of IDE tagged command queueing support, and the usual pile of fixes. See the long-format changelog for the details.Linus's BitKeeper repository contains no patches beyond 2.6.7 as of this writing. The current tree from Andrew Morton is 2.6.7-rc3-mm2. Recent additions to -mm include ext3 resizing support (see below), a O_NOATIME option to open(), and various fixes. The current 2.4 prepatch is 2.4.27-pre6, which was released on June 15. It includes the FPU denial of service fix, of course, along with some architecture updates, DVD-RW write support, and a fair number of fixes.
Kernel development news Quote of the week
This is all part of what responsible release management is about.
I was the junior whiz kid in professional release management teams
before starting Namesys. I listened to my elders and learned from
them. My standards for professional conduct in this arena are
higher than yours as a result of that. You are a bunch of young
kids who lack professional experience in release management. That
is ok, but don't get aggressive about it.
-- Hans Reiser
A nasty FPU bugThe problem was initially reported as a gcc bug. If you execute this code:
static void Handler(int ignore)
{
char fpubuf[108];
__asm__ __volatile__ ("fsave %0\n" : : "m"(fpubuf));
__asm__ __volatile__ ("frstor %0\n" : : "m"(fpubuf));
}
in a signal handler, the system (or, at least, the CPU that was running the code) will freeze up hard. Ways of locking up the system from an unprivileged user-space program are generally considered to be bad news; they also, in general, are not seen as compiler bugs. A bit of digging turned up the real problem, and the latest kernel denial of service vulnerability was found. In theory, the fsave instruction above saves the floating-point unit (FPU) status into the fpubuf array; the subsequent frstor should simply restore the same state back into the FPU. Unfortunately, the above code is incorrect; the assembly instructions should read "m"(*fpubuf) to actually store the state into the fpubuf array. The code, as written, restores from the wrong address, corrupting the state of the FPU and, in particular, setting some exception flags. FPU exceptions do not result in immediate kernel traps; instead, the trap happens when the next floating-point command is executed. As it happens, the kernel checks when a signal handler returns and, if that handler has used any floating-point instructions, the kernel performs an fwait instruction to ensure that the last operation is complete. That fwait causes the floating point exception caused by the corrupt restore to be delivered as a kernel trap. The kernel has a way of dealing with floating point traps; it saves the FPU state and queues up a floating point exception signal for the current process. It also sets the TS ("task switched") processor flag to indicate that the FPU state may be other than expected. At that point, it returns to the place where the exception occurred. Normally, as part of returning from the trap, the kernel would simply deliver the floating-point exception signal to user space and get on with life. But, in this case, the kernel is returning back to kernel space, and back to the same fwait instruction that caused the problem in the first place. That instruction sees the TS flag and generates another trap. The handler for this trap knows just what to do in response to a TS flag; it restores the saved FPU state and returns. The saved FPU state is, however, the corrupted state which was in effect before the first attempt to execute fwait. So, at this point, the loop is closed and a new floating-point trap will be generated. This will go on for a while. The fix is relatively straightforward, once the problem is understood. The kernel simply clears any pending exceptions before executing fwait, and the problem goes away. All that is left is the updating and rebooting of large numbers of vulnerable systems. (Thanks to Sergey Vlasov, whose analysis of the problem made this article much easier to write.)
Online resizing of ext3 filesystemsOne of the patches which slipped into 2.6.7-rc3-mm2 is one by Andreas Dilger and others which makes it possible to resize a running ext3 filesystem on the fly. This patch has been shipped with Fedora kernels for a little while, but has not seen a lot of wider use. That could change, of course, if the resize patch finds its way into the mainline.The resize patch is conceptually quite simple. It simply adds one or more block groups which make use of extra space which, one hopes, is sitting there idle at the end of the existing filesystem. Once the block groups are hooked into the filesystem data structures, a simple ioctl() call or remount will make the space available. Behind this apparent simplicity, of course, is a significant amount of code which makes the resize operation happen on a modern, complex filesystem in a robust manner. People wanting to try out resizing will need a few things:
This patch and its associated documentation (or lack thereof) still require some work before being ready for widespread deployment. Once they get there, however, life should get easier for system administrators who, throughout history, have routinely found out that all that "extra space" they figured into their filesystems is never enough.
On the alignment of IP packetsDevice drivers for network interfaces must allocate a "socket buffer" ("skb") for each incoming packet. A standard idiom in the skb allocation code is a line like this:
skb_reserve(skb, 2);
This call tells the socket buffer code to set aside the first two bytes of the data buffer. The reason why this is done can be seen by looking at the resulting layout of an IP packet in the buffer:
![[Packet header layout]](/images/ns/packet-header.png)
The network stack makes frequent use of the IP addresses stored in the packet. By padding the beginning of an ethernet-style packet by two bytes, a network driver can cause those addresses to be aligned on a four-byte boundary. On some architectures, at least, that alignment will speed access to the addresses and make the networking system faster. Or so it might seem. As Anton Blanchard recently figured out, this padding is not always helpful. A number of modern architectures (Anton works with PPC64, but Intel-style architectures qualify too) have no real problem with unaligned memory accesses, so the two-byte offset on IP packets does not necessarily help things. Unfortunately, the DMA engines in a number of systems do have trouble working with unaligned addresses. A padded packet buffer does not start on an aligned address, with the result that DMA operations to that buffer can be slower than they should be. As network adapters get faster, the DMA performance penalty becomes increasingly significant. Anton's proposal was to change the skb_reserve() calls into calls to a new skb_align() function, which could, depending on the architecture, decide whether to insert the padding or not. David Miller pointed out, however, that the magic constant "2" appears in quite a few places, and simply removing the padding could create bugs elsewhere in the driver code. The real solution is likely to be the addition of a defined constant called something like NET_IP_ALIGN; this constant would be the amount of padding needed for packet alignment on the current architecture. Yes, things probably should have been done that way from the beginning, but life is like that. In any case, once the constant is in, each individual driver can be looked over and fixed up as need be. And one small obstacle to top performance on high-end network adapters will have been removed.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Documentation
Filesystems and block I/O
Kernel building
Memory management
Networking
Architecture-specific
Security-related
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials LILO vs. GRUBUp until a few years ago there was no arguing about a Linux distribution's bootloader. With LILO (LInux LOader) as the dominant software for this purpose, many seasoned Linux system administrators had mastered the art of creating a lilo.conf file out of thin air, without having to look through any LILO documentation. Unfortunately for them, the release notes of Red Hat 7.2, released in October 2001, informed us that "we now use GRUB as the default bootloader."Back in those days, only Caldera OpenLinux was supplying GNU's GRUB (GRand Unified Bootloader) as its preferred bootloader, but this sudden push by Red Hat was about to give GRUB a major boost. Indeed, many distributions soon followed Red Hat's example and started providing GRUB as an option, although few of them displaced LILO altogether. Then in March 2003, the just-released Red Hat Linux 9 re-emphasized Red Hat's commitment to GRUB by placing LILO on a list of deprecated packages that may be removed from a future Red Hat release. Although this has yet to happen, the fact is that Red Hat (as well as Fedora) have not updated their LILO version since August 2000. Does this mean that LILO is dead? Well, not quite. Firstly, LILO has been around for so many years (I was unable to find out exactly how many, but LILO version 15 was released in October 1994), that it is firmly entrenched in many a sysadmin's arsenal of tools. Secondly, GRUB is still considered alpha software - even its most recent release, version 0.95, is only available from alpha.gnu.org, rather than from GNU's stable directory. As for the Linux distributions, most of the major ones seem to be slowly moving towards GRUB as their preferred bootloader, although this has not happened across the board. While SUSE's installation program does default to GRUB, Mandrake's still defaults to LILO. The Debian installer that came with Woody did not provide GRUB at all, but the recent Sarge beta installers now use GRUB by default. Gentoo used to demonstrate a clear preference for GRUB, but its most recent installation documentation gives equal exposure to both bootloaders. This leaves Slackware as the only major distribution that does not provide GRUB, but this is hardly surprising given its target market and its reputation for staying with well-established UNIX/Linux tools. The LILO versus GRUB argument is one of those never-ending and passionate discussions that resurface from time to time on various public forums, not too different from the notorious vi vs. emacs or KDE vs. GNOME verbal battles. Although we all know that these debates are pointless and that the choice of software is a simple matter of personal taste, few of us are able to control the urge to reply as soon as we read a derogatory comment ridiculing our preferred piece of software. So what exactly makes GRUB better than LILO? Here is a list of some of GRUB's frequently cited advantages:
Some people like to acknowledge both the operating
system and kernel when they talk about their computers, so they might
say they use 'GNU/Linux' or 'GNU/Hurd'. Other people seem to think that
the kernel is the most important part of the system, so they like to
call their GNU operating systems 'Linux systems'. I, personally,
believe that [both are] a grave injustice, because the boot loader is
the most important software of all. I used to refer to the above
systems as either 'LILO' or 'GRUB' systems. Unfortunately, nobody ever
understood what I was talking about; now I just use the word 'GNU' as a
pseudonym for GRUB. So, if you ever hear people talking about their
alleged 'GNU' systems, remember that they are actually paying homage to
the best boot loader around: GRUB!
Some distributors - and their users - may continue to disagree for some time, however.
Distribution News Debian x86_64 port readyA message has gone out stating that the Debian x86_64 port is complete (modulo a tiny number of outstanding bugs) and ready for incorporation into the unstable distribution. Congratulations are due to the porting team, which has worked a long time for this moment.
Debian Weekly NewsThe June 15 issue of the Debian Weekly News is out; topics this week include the AMD64 port, Firefox 0.9 packaging, kernel maintenance, and more.
Fedora News Updates #13Issue #13 of the Fedora News Updates is available. This issue looks at the "Wombat" release, the perfect yum.conf file, the Basilisk live CD, and more.
Fedora CoreFedora Core updates:
Gentoo Weekly NewsletterThe latest Gentoo Weekly Newsletter is out; it claims to be for May 31, but it's different from the other May 31 GWN. The main topic this week is the completion of the not-for-profit paperwork; there is also a discussion of how to get involved in the Gentoo project.
Updated mdkonline packagesMandrakelinux has issued a security update for Mdkonline. "Mdkonline as shipped in 10.0 has some issues comparing squid release versions. This package is a mandatory upgrade to get fully functional Mandrake Online services."
The first Slackware 10.0 release candidateThe current Slackware changelog entry for June 15 notes that release candidate 1 for Slackware 10.0 is out.
End of support for SUSE 8.0SUSE has sent out a notice that, as of June 30, no more updates will be produced for version 8.0 of the SUSE Linux distribution. Versions 8.1 and newer will continue to be supported.
Announcements from XandrosXandros has announced the availability of premium memberships to the Xandros Networks single-click update service and community store.Xandros and Opera Software have announced that the new Open Circulation Edition of the Xandros Desktop operating system (OS) will be the first Linux desktop distribution to offer Opera as the default browser.
New Distributions The APODIO bootable CDAPODIO is a new bootable CD audio workstation. "APODIO is a live bootable cd, containing major audio tools (under Gnu/Linux) and a whole operating system (based on Mandrake 9.2) working from boot, without the need to install or change anything on the hard disk. You can try it out very easily and if you like it you can simply install it directly on your harddisk and run it locally. And if you whish, you can make your own apodio version."
Minor distribution updates BLAG10000 ReleasedBLAG Linux and GNU 10000 has been released. This single-disk distribution (now based on Fedora Core 1) contains a number of interesting packages, especially for audio enthusiasts and system administrators. Click below for the details.
KNOPPIX 3.5 "maxi edition" at LinuxTagAs seen on knoppix.com: KNOPPIX 3.5 will be an extra-large version of the distribution, containing over 5GB of software. It will not fit on a CD; instead, this will be a DVD-based version. It will only be available at the upcoming LinuxTag conference, though one presumes it may escape onto the net afterward.
New Quantian release 0.5.9.1 availableQuantian release 0.5.9.1 is available. "Quantian is a remastering of Knoppix, the self-configuring and directly bootable cdrom that turns any pc or laptop into a full-featured Linux workstation, and clusterKnoppix, which adds support for openMosix. However, Quantian differs from (cluster)Knoppix by adding a large set of programs of interest to applied or theoretical workers in quantitative or data-driven fields." This version is now based on based on Knoppix 3.4 and features numerous changes.
Page editor: Forrest Cook Development Changes in the upcoming Python 2.4 ReleaseThe first alpha release of Python version 2.4 is scheduled for release during July, 2004, according to the Python 2.4 Release Schedule. After several alpha releases and one beta release, the plan is to have Python 2.4 ready to go around September, 2004. A Python 2.4a1 pre-announcement has been sent out:
The purpose of this notice is to give
people a heads up - if you have a bug that you want to see
fixed for 2.4, start looking at it now.
Fixes are welcome through the release cycle, although after
the first beta fixes that result in a change to behaviour
will be much less likely to be accepted.
A.M. Kuchling's What's New in Python 2.4 document details some of the changes that will occur in the language. There are a number of new Python Enhancement Proposals (PEPs) that go with this release. Here are some of the changes:
Two new built-in types, set(iterable) and frozenset(iterable) provide high speed data types for membership testing, for eliminating duplicates from sequences, and for mathematical operations like unions, intersections, differences, and symmetric differences.
PEP 229: Generator Expressions
Now, simple generators can be coded succinctly as expressions using a syntax like list comprehensions but with parentheses instead of brackets. These expressions are designed for situations where the generator is used right away by an enclosing function. Generator expressions are more compact but less versatile than full generator definitions and they tend to be more memory friendly than equivalent list comprehensions.
A new built-in function, reversed(seq), takes a sequence and returns an iterator that returns the elements of the sequence in reverse order.
PEP 237: Unifying Long Integers and Integers is not yet finished, the title is self-explanatory.
The
Other Language Changes section mentions modifications to
these functions:
dict.update() ljust(), rjust(), center(), sort() zip() itertools.izip().
The New, Improved, and Deprecated Modules section details changes to the Python standard library. Here are some of the changes:
Finally, the cookielib library now supports client-side cookie handling. The Porting to Python 2.4 section mentions some issues that developers may want to look at when porting code to Python 2.4. Writing and testing all of that code should keep the Python developers busy for a while.
System Applications Audio Projects Planet CCRMA ChangesThe latest changes from the Planet CCRMA audio utility packaging project include the announcement for the first Fedora Core 2 version of Planet CCRMA, and new versions of Specimen, Cinepaint, OpenEXR, Gtkmm2, Ceres3, Faad2, Hyperspec, Cmt, and Pmidi.
Database Software Berkeley DB Java EditionSleepycat has announced a new, Java-oriented version of its Berkeley DB offering. "Berkeley DB Java Edition features full ACID transactions and recovery for high reliability, record-level locking for high concurrency, schema neutrality for data storage in its native format, and zero administration for low cost of ownership. Berkeley DB Java Edition offers the same storage services as the popular Berkeley DB engine, but the new product was completely redesigned in Java to take advantage of Java's portability and services such as deeply integrated threading and NIO." The usual dual licensing applies.
Glom 0.8.1 announcedVersion 0.8.1 of Glom, a database table designer GUI, is out. This release features locale handling improvements, menu restructuring, improved internationalization, and more.
knoda 0.7-test3 releasedVersion 0.7-test3 of knoda, a database-frontend for MySQL, PostgreSQL and ODBC, is out. "Knoda has a completely new GUI now, which is much more KDE like".
phpMyAdmin 2.5.7 is released (SourceForge)Version 2.5.7 of phpMyAdmin is out. "The main reason of this release is to add support for MySQL 4.1.2 in a stable version. It includes also some bug fixes. phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web."
PostgreSQL 7.4.3 Now AvailableVersion 7.4.3 of the PostgreSQL database is available. "After several fixes were backpatches to the 7_4_STABLE branch, we have now released a 7.4.3. As the list of Changes since 7.4.2 is quite small, they are included in this email".
PostgreSQL Weekly NewsThe June 15, 2004 edition of the PostgreSQL Weekly News is available. "Well the big news for the week was the release of PostgreSQL 7.4.3 today."Also, see this correction concerning the article on PostgreSQL 7.4.3.
Libraries Botan 1.3.14 is outVersion 1.3.14 of Botan, a library of cryptographic algorithms, has been released. "This is the first release candidate for 1.4.0. Please report any bugs or problems as soon as possible. The new AEP engine is available, along with many portability fixes, minor optimizations, and so on."
Mail Software Bogofilter 0.91.2 releasedVersion 0.91.2 of Bogofilter, an email spam filter, is out with bug fixes.
Milter.org newsThe milter.org site has moved to a new server and features a new look. New mail filter software includes milter-spamc/0.19, milter-gris/0.3, milter-bcc/0.1 and milter-sender/0.56.
The Evolution of Perl Email Handling (O'Reilly)Simon Cozens covers Perl email handling issues on O'Reilly. "There are many modules on the CPAN for slicing and dicing email, and we're going to take a whistlestop tour of the major ones. We'll also concentrate on an effort started by myself, Richard Clamp, Simon Wistow, and others, called the Perl Email Project, to produce simple, efficient and accurate mail handling modules."
Web Site Development ht://Dig version 3.2.0b6 releasedVersion 3.2.0b6 of ht://Dig, a web site search engine, is out. "It fixes several bugs from 3.2.0b5, and runs somewhat faster, although still much slower than 3.1.6 (no significant speed improvements are expected in the near future, although we are working on it). Calling this release a "beta" simply means that exhaustive testing, especially on non-Linux platforms, is not yet complete. However, we consider it stable enough for most production use."
Tiki 1.8.3 -Polaris- released (SourceForge)Version 1.8.3 of Tiki, a CMS/Groupware package, has been announced. The change summary says: "This release further stabilizes the Polaris 1.8.x Many bugs fixed, a few features & plugins added."
Yaws 1.48 releasedVersion 1.48 of Yaws, an Erlang-based web server and applications server, is out. "This release contains both bugfixes as well as some minor new features. There was also a fairly ugly security hole in the example code which describes file uploads found and fixed".
ZopeMag Weekly NewsThe June 10, 2004 edition of the ZopeMag Weekly News is online with more Zope and Plone articles.
Miscellaneous WASTE v1.5 beta 1 released (SourceForge)Version 1.5 beta 1 of WASTE is out. "WASTE is a software product and protocol that enables secure distributed communication for small (on the order of 10-50 nodes) trusted groups of users.""WASTE reaches a new milestone with the new v1.5 beta 1 released today. It both marks WASTE's re-entry into beta, as well as starts the new line of v1.5."
Desktop Applications Accessibility GOK 0.11.4 is here!Version 0.11.4 of GOK, the GNOME Onscreen Keyboards Suite, is out with bug fixes and new user override features.
CAD Fifteenth release of PythonCAD now availableRelease fifteen of PythonCAD is available. "This release includes several more undo/redo improvements. The addition and removal of points on a polyline can now be undone or redone, and assorted other editing operations have improved undo/redo handling as well. A variety of bug fixes have also been added in this release."
Desktop Environments GNOME Development Release 2.7.2Development Release 2.7.2 of the GNOME desktop environment is available. "We're doing something a bit different with this release - finally splitting up the Desktop, Platform and Bindings suites, and releasing them all in one hit. Enjoy!"
GNOME System schedule configurator 0.0.1 announcedInitial version 0.0.1 of the GNOME System schedule configurator is out. "System-config-schedule is a GUI for configuring a users crontab. It was made for Vixie cron whom comes with Fedora Linux, but should work with other cron servers aswell if the format of the config file is similar."
gnome-bluetooth 0.5 and libbtctl 0.4 releasedNew releases of gnome-bluetooth 0.5 and libbtctl 0.4 have been announced. "gnome-bluetooth is a suite of tools for managing Bluetooth devices and sending/receiving data under the GNOME desktop. libbtctl is a GObject-based library for the Bluetooth and OBEX operations on Linux. It comes with Python and Mono language bindings."
GNOME CPU Frequency Scaling Monitor 0.2 is outVersion 0.2 of the GNOME CPU Frequency Scaling Monitor is available. Changes include new display modes, a GTK+ 2.4 port, and more.
GDM 2.6.0.3 (stable) releasedStable version 2.6.0.3 of GDM, the GNOME Display Manager, is out. "I have uncovered the evil incarnate that hides in the deepest parts of the GDM code. Yes. The evil so horrible, we may have to go to war with some country (to be picked by a reality tv show). An evil so disgusting, so vile, that it is worse then Stalin, Saddam, Ivan the Terrible and Britney Spears combined. Yes, I am talking about the antichrist, the anti-<insert your favourite prophet name>, the cause of all that is bad (such as industrial pollution and cheese that was left on the sone just a bit too long). I am talking about blinking cursors on the login screen."
KDE 3.2.3 releasedKDE 3.2.3 is out; see the announcement for details. This is a maintenance release, concentrating on bug fixes and improvements to translations.
KDE-CVS-Digest (KDE.News)The June 11, 2004 KDE-CVS-Digest is available. Here's the content summary: "More Enriconian optimizations to Konqueror. Qt only KJSEmbed made easier. Kolourpaint adds zoom. Kitchensync adds ability to sync calendar resources. KOrganizer adds a journal editor. Digikam adds image editor plugins. KOffice continues work on OASIS file format save and load. amaroK adds streaming support using GStreamer. KDevelop adds win32 Qt templates."
Planet KDE Discovered (KDE.News)KDE.News looks at the new Planet KDE site. "Planet KDE is an aggregation of public weblogs written by contributors to the K Desktop Environment. The opinions expressed in these weblogs and hence this aggregation are those of the original authors."
Electronics gEDA NewsThe latest releases from the gEDA project include new versions of the Icarus Verilog electronic simulation language compiler and PCB, the printed circuit CAD program.
Games Mapacman .02 releasedVersion .02 of Mapacman, a multi-player game in the style of Pac-Man, is available on the Pygame site.
Alpha PCGen 5.7.2 is Available (SourceForge)Alpha version 5.7.2 of the PCGen character generator for role-playing games is available. "Normally we list all the fixed items since the previous release, but it's been a while since our last release. Many of the trackers that were closed were related to the 5.6.1 release and separating out the trackers is a bit tricky if not impossible. The GMGen area (available only under the full download) has received a *lot* of attention - check it out and let us know what you think!"
GUI Packages FLU 2.11 is outVersion 2.11 of FLU, the FLTK Utility Widgets, has been announced. Changes include a new Flu_Dual_Slider widget, and improvements and bug fixes to other components.
GTK+-2.4.3 releasedVersion 2.4.3 of GTK+ has been released. "This is a bug fix release and is source and binary compatible with 2.4.0. The main reason for this quick followup release is a problem with the button size allocation logic in 2.4.2, which showed up in the Gimp. A number of other bugfixes have been included as well."
Gtk2-Perl 2.6.2 announcedStable version 2.6.2 of Gtk2-Perl, the Perl bindings to GTK+, has been announced. Changes include improved portability, better documentation, bug fixes, and more.
gob2 2.0.8 releasedVersion 2.0.8 of gob2, a GTK+ object generator, is out. Changes include better documentation, a new --output-dir switch, and bug fixes.
The Python GUI API ProjectThe PyGUI project is developing a cross-platform GUI API for Python. Version 1.3 of PyGUI was just released. "This version includes two implementations, one for MacOS X built on Carbon, and one for X11 built on Gtk. Python 2.3 or later is required. The MacOS X version should work on a standard installation of MacPython. The X11 version requires PyGtk-2.2.0 or later, plus the Gtk library itself (Gtk+-2.2 or later)"
Interoperability Wine TrafficThe June 11, 2004 edition of Wine Traffic has been published. Take a look for the latest WINdows Emulator news.
Mail Clients Mozilla Thunderbird 0.7 releasedThe Mozilla Foundation has announced the release of Thunderbird 0.7. New features include improved IMAP support, and new extension and theme managers.
Medical Applications Tkfp 56 released (SourceForge)Version 56 of Tkfp, a Family Practice management system, has been announced. Here is a project summary: "For Family Physicians, Pediatricians, Internists or Primary Care. Used in a 4 doctor group for 5 years. Network enabled. Tk GUI and web browser based interfaces. HCFA1500 claim form." The latest release adds support for connecting Tkfp clients to a Tkfp database server.
Music Applications MusE 0.7pre3 releasedVersion 0.7pre3 of MusE, a MIDI/Audio sequencer, has been released. Changes include new shortcuts, a new logo and icons, lots of bug fixes, and more.
Office Applications GENIUS 0.6.1 releasedVersion 0.6.1 of Genius, a GNOME calculator, has been released and features a long list of improvements.
Office Suites Native postgresql driver for OpenOffice.orgVersion 0.6.0 of the native postgresql driver for OpenOffice.org has been announced. "The current version 0.6.0 contains some major improvements compared to 0.5.0, but it can still be considered to be in a alpha state. About 80 % of the features a professional driver should have, are implemented now. Beside the missing features, there are some known bugs. The main purpose of this version is to collect input from the community in an early development stage."
PDA Software Evolusync 1.1 released (SourceForge)Version 1.1 of Evolusync, an application that can synchronize an Evolution address book with IR and Bluetooth-based mobile devices, is available. "New features include BlueTooth support, OBEX or GSM mobile device phonebook compatibility, and more."
Guikachu 1.5.0 releasedVersion 1.5.0 of Guikachu, the GNOME Resource editor for PalmOS projects, is out. "This is a GNOME 2 port of Guikachu 1.4, no new features are implemented yet."
Peer to Peer Gnomoradio 0.13 announcedVersion 0.13 of the Gnomoradio peer to peer music playing system is out. "Version 0.13 fixes many things involving the downloading and caching of music. A download status indicator, advanced search criteria, and other interface improvements were added."
Web Browsers Epiphany 1.2.6Version 1.2.6 of Epiphany, the GNOME browser, is out with support for Mozilla 1.7 and lots of bug fixes.
Epiphany Extensions 0.9.1Beta version 0.9.1 of the Epiphany Extensions are available. This release adds support for Mozilla 1.7.
Mozilla Firefox 0.9 releasedIt's official: Firefox 0.9 is now available. "Faster, more secure, easier to use and sporting a new look, this latest Firefox release sets a new standard for web browser innovation."There is also a Thunderbird 0.7 release candidate available for testing.
Independent Status Reports (MozillaZine)The Mozilla Independent Status Reports for June 14, 2004 are online. "The latest set of status reports includes updates from Checky, MozillaBook, Mozilla Archive Format, Enigmail, MozManual, the Mozilla-Delphi Project, wmlbrowser and Firefox Help."
Minutes of the mozilla.org Staff Meeting (MozillaZine)The June 7, 2004 mozilla.org staff meeting minutes are available. "Issues discussed include Mozilla 1.7 final, Mozilla Firefox 0.9, Mozilla Thunderbird 0.7, CVS over SSH, MPL translations and merchandise status."
Miscellaneous Alexandria 0.2.0 releasedVersion 0.2.0 of Alexandria, a book collection management application for GNOME, is out with lots of new features and bug fixes.
GNOME Network Tool 0.99.1Version 0.99.1 of the GNOME Network Tool, a GUI wrapper for ping, whois, traceroute, etc, is out. "Version 0.99.1 is feature complete, and will be released as 1.0 after some testing period."
Languages and Tools C++ C++ const Correctness (Linux Journal)Dave Berton looks at C++ const and related topics on Linux Journal. "Even thorough this article is titled "C++ const Correctness", we're not going to talk about const yet. Instead, we're going to start by talking about functions and their parameters."
Java JOFFAD 2.0 released ! (SourceForge)Version 2.0 of JOFFAD has been released. JOFFAD is a blank J2EE project for JOnAS that integrates a simple project structure, a generic Ant script, and open source tools like XDoclet or Struts
Quartz 1.4.0 released (SourceForge)Version 1.4.0 of Quartz, a J2EE Application Job Server, is out. "This is release contains feature enhancements, performance improvments, and bug fixes. There are a few backward compatibility issues that you should pay attention to, which are listed in the change-list."
Replacing reflection with code generation (IBM developerWorks)Dennis Sosnoski compares Java reflection to code generation on IBM's developerWorks. "Dennis Sosnoski wraps up his Java programming dynamics series by demonstrating how you can use runtime classworking to replace reflection code with generated code that runs at full speed ahead."
JSP Improving JSF by Dumping JSP (O'ReillyNet)Hans Bergsten looks at issues with JavaServer Faces (JSF) 1.0 on O'Reilly. "In this article, I focus on one specific area of the JSF specification that I feel is riddled with problems: namely, the use of JavaServer Pages (JSP) for creating JSF views. I also discuss alternatives to JSP that you can develop today and that I hope will make it into a future version of the specification."
Perl This Week on perl5-porters (use Perl)The June 7-13, 2004 edition of This Week on perl5-porters is available. "This week, a small summary is better than no summary at all."
This Week on Perl 6 (O'Reilly)The June 6, 2004 edition of This Week on Perl 6 is out. Take a look for the latest Perl 6 issues.
Cultured Perl: Managing Linux configuration files (IBM developerWorks)Teodor Zlatanov uses perl and CVS to manage system configuration files on IBM's developerWorks. "The average developer spends more time navigating, learning, and debugging configuration files than you'd expect. But you can save that time -- and loads of energy and frustration -- with one of the tools you probably use every day: your CVS tree. Take these tips on backing up, distributing, and making portable your peskiest Linux (and UNIX) config files."
PHP Bif 3 0.3.11 releasedVersion 0.3.11 of Bif 3 is available. "Build it Fast (BIF) is a PHP Framework. It contains several classes that help you develop complex Web applications in a short amount of time. It brings the concept of the 'widget' to Web development. It features Cascade Skins and transparent session management."
PHP Weekly Summary for June 9, 2004The PHP Weekly Summary for June 9, 2004 is out. Topics include: Error handling changes to both PHP versions, preparations for RC3.
PHP Weekly Summary for June 10, 2004The PHP Weekly Summary for June 10, 2004 is out. Topics include: 4.3.7 released, 5 RC 3 still in preparation.
PHP Weekly Summary for June 14, 2004The PHP Weekly Summary for June 14, 2004 is out. Topics include: PHP 5 RC3 released; DIO support for win32; memory leak fixed in tidy; old build systems never die.
Python Dr. Dobb's Python-URL!The June 14, 2004 edition of Dr. Dobb's Python-URL! is available with the latest Python article links.
Tcl/Tk Dr. Dobb's Tcl-URL!The June 15, 2004 edition of Dr. Dobb's Tcl-URL! is out with the latest Tcl/Tk article links.
XML Describe open source projects with XML, Part 3 (IBM developerWorks)Edd Dumbill continues his IBM developerWorks series with part three of describe open source projects with XML. "In this installment of XML Watch, Edd Dumbill continues the development of a vocabulary for describing open source software projects, presenting a schema for the new vocabulary and example project descriptions."
Improve XML transport performance, Part 2 (IBM developerWorks)Dennis M. Sosnoski has written part two of his IBM developerWorks series on improving XML transport performance. "Dennis Sosnoski presents actual size and processing overhead comparisons for text, gzip, and XBIS representations of a range of XML documents. He concludes with a look at the growing movement toward standardization of non-text representations for XML."
IDEs Java Development on Eclipse, Part 1 (O'ReillyNet)O'Reilly has published part one of a two part book excerpt series by Steve Holzner. "Steve Holzner contends that Eclipse makes it easier to create Java code from scratch. In this excerpt from Chapter 2 of his book, Eclipse, Steve shows how Eclipse makes it easy to create new methods, classes, and packages, as well as how to build and run the code."
Page editor: Forrest Cook Linux in the news Recommended Reading Linux in Government: Federal Contracts, a New Era of Competition (Linux Journal)Linux Journal covers the release of GPL code by the US government. "Earlier this year, a major open-source event came and went without much community notice and with little media attention. A Cabinet-level federal agency released a software product under the GPL, making it the first tool of its kind to be licensed by the US government free of charge to public and private sector organizations."
Microsoft Loses Munich Contract to Linux (Bloomberg)Bloomberg reports that, as expected, the city of Munich has voted to press forward with its program to convert to Linux. "The city's council voted in a closed-door meeting 50-29 in favor of a detailed plan to switch to Linux from Windows. Munich, which has spent more than a year studying how to make the move, will accept bids within a few months from Linux vendors. Companies such as International Business Machines Corp. and Novell Inc. are expected to fight for orders."
The SCO Problem SCO Keeps Sinking (Motley Fool)This Motley Fool article (via Yahoo) is a good example of the kind of press SCO is getting now. "President and CEO Darl McBride paid more lip service to 'increasing shareholder value,' but you really have to wonder about the viability of his vision when his firm's most engrossing initiative brings in less money than the guys who mow lawns in my neighborhood. By the way, McBride was paid more than $1 million last year -- most of it in cash -- to preside over this impending disaster."
AutoZone's Reply Memoranda (Groklaw)Groklaw has AutoZone's latest filing in its SCO case. It's a memo supporting its motions to stay or move the case to Tennessee; some lawyers had a great time shredding SCO's legal arguments. "If SCO was genuinely concerned about irreparable harm associated with the continued distribution and use of Linux, common sense suggests that SCO would be seeking to move the Red Hat case forward as quickly as possible -- rather than pursuing a single end user."
Companies Microsoft delivers 'the Facts' about Linux (The Register)The Register reports on a new Microsoft seminar series in the UK that is aimed at convincing customers that Linux isn't exactly free. "According to Nick McGrath, head of platform strategy at Microsoft UK, independent and funded research shows that Windows 2003 is less expensive than Red Hat or SuSE in some examples. He attacked the "myth" that Linux was free. Linux has strengths, McGrath said (without saying what they might be -spoil sport) before arguing that "Windows offers a more comprehensive environment"."
In surprise move, Red Hat CFO resigns (News.com)News.com reports that Red Hat's chief financial officer has quit. "Brooks Gray of Technology Business Research was similarly apprehensive. 'It's certainly a red flag, and the company needs to be watched closely as its results are detailed this week.'"
Red Hat's Red Flags (Motley Fool)The Motley Fool comments on the departure of Red Hat's chief financial officer. "When a company's 39-year-old CFO quits just days before quarterly earnings to pursue new opportunities, it's a clue to invest your money elsewhere. When the same company's stock is priced beyond perfection, that's proof it's time to sell."
Linux Adoption Wimbledon serves Linux volley (BBC)The BBC reports on the infrastructure behind the Wimbledon tennis tournament. "Following a pilot project in 2003, the internal computer network at the All-England Club has been converted to the open source operating system. The change means that both the public-facing website for Wimbledon and its internal intranet are now using Linux." (Thanks to Jonathan Lucas).
Interviews A Q&A with LTSP's Jim McQuillan (NewsForge)Joe Barr talks with Jim McQuillan, project leader of the Linux Terminal Server Project, on NewsForge. "McQuillan: We started LTSP to solve a problem for a customer. They wanted 35 new terminals to access an AS/400 and a SCO Unix server. We really didn't want to continue using Windows, so we decided to figure out a way to do it with Linux."
Resources Spam Filtering with Sendmail Milters and Greylisting (O'ReillyNet)Here's an O'ReillyNet article on writing spam filters using the sendmail "milter" interface. "Milter is a scalable, easy-to-use solution for MTA-level filtering. The API is quite straightforward to use and hides very few pitfalls. It's easy to start and to develop complex filtering techniques. It is indeed a great opportunity to have it in the battle against spam and viruses."
Build a WAP gateway On Linux (IBM developerWorks)Manas Ranjan Behera shows how to make a WAP gateway from a Linux machine on IBM's developerWorks. "The hottest technology for implementing mobile services is the Wireless Application Protocol (WAP). This article discusses the advantages of working with the open source gateway for WAP, which performs the protocol conversion between a Web server and a mobile phone."
Windows Compatibility for the Linux Desktop (O'Reilly)David Collier-Brown explores various windows emulation solutions on O'Reilly. "In any business switching to Linux, there's at least one person who's stuck. These people need to use files from some Windows-only program, and usually have to do so by dual booting to and from Windows. Dual booting is very slow when all you really want to do is cut and paste a few screenfuls of data. Worse, because it is so slow, there is a real temptation to remain in Windows and use programs such as Outlook and Exchange, this year's favorite virus targets."
Reviews Linux Lite: Cobind and the Simpler Life (OSNews)OSNews is running a review of Cobind 0.2, a distribution aimed at Linux newcomers. "There are many things I like about Cobind. First among them is the window manager. XFce 4 has a crispness and elegance that reminds me of the Macintosh's OS X.... XFce is clearly snappier than Gnome or KDE. It uses fewer system resources. More to the point, XFce is what you get -- there are no other choices."
Page editor: Forrest Cook Announcements Non-Commercial announcements Aonix Joins EclipseThe open-source Eclipse IDE community has announced Aonix as a new member.
OSIA Suggests Discussion Topics for Gates' Meeting with Australian Prime MinisterOSIA has suggested some discussion topics for the Australian prime minister and Bill Gates. "OSIA, Australia's Open Source industry body, notes with interest the recent announcement that Microsoft chairman Bill Gates will be having discussions with the Prime Minister. While we are happy that the Prime Minister is sending the message to the community that the ICT industry is increasingly important to the government, we have the following topics, which we hope can be raised in the discussions between the Prime Minister and Mr. Gates during their forthcoming meeting."
Commercial announcements Adobe Expands Reach of Adobe Reader and PDF on Consumer Electronics DevicesAdobe Systems Incorporated has announced the release of a consumer version of its Adobe PDF Reader for Linux-based PDA platforms. "Now, consumers will have new ways to access information in Adobe PDF without being connected to a PC."
Announcing CrossOver Office, Version 3.0.1Version 3.0.1 of CrossOver Office has been announced. "This release is entirely a bug fix release, and is primarily intended to fix a bug in our handling of Fedora Core 2. However, there are a number of other fixes as well."
Linux-based adware from ConcurrentConcurrent Computer is a member of the Linux TV alliance, and sells its own embedded Linux distribution. The company's latest announcement makes it clear, however, that "Linux inside" is not enough. Concurrent's latest ("patent pending") software enables digital video recorder systems to force viewers to view all advertisements at normal speed, even when fast-forwarding or skipping. "Concurrent's ad files technology replicates the advertisements appearing in the original content and inserts those advertisements in the on-demand trick files, making it impossible to skip the advertisements by fast-forwarding, since whether in normal or trick play, the advertisements play at the predetermined speed.... For example, rather than playing a complete ad in fast-rewind mode, the inserted content could be a shorter ad, or a still, or the ad in forward rather than reverse. The possibilities are spectacular."
IBM in BrazilHere is IBM's press release about its new Linux services in Brazil. "Casas Bahia, one of the largest non-food retailers in Brazil, has had tremendous success by taking advantage of IBM's retail Linux solution for storefront systems. It faced the challenges of bringing costs down, while increasing the functionality and scalability of its point-of-sale solution in the stores. Working with IBM to deploy Linux for its POS system, the company was able increase the flexibility, stability and security in its existing environment."
Rent a Mandrakelinux serverA company called Nexedi has announced a new service called "rentalinux." For €95/month, companies in the EU can rent a server running Mandrakelinux for their network. "Nexedi rentalinux Desktop Linux Server solution combines server hardware rental, software setup, custom configuration, support and maintenance service in a single package which makes it the easiest, least intrusive and most effective way to provide Linux Desktop applications for small to medium-sized networks."
Mandrakesoft Partners with CodehostMandrakesoft and Codehost have announced a new partnership. "Codehost's advanced Linux and Unix printing solution, BrightQ, will be distributed with Mandrakelinux 10, Mandrakesoft's newest desktop Linux release."
Novell Expands Commitment to Open Source Standards With IPsec InitiativesNovell, Inc. has announced its sponsorship of the Openswan project. "Novell today announced that it is sponsoring the Openswan project, a Linux* implementation of the IPsec (IP Security) standard that provides a common approach to securing Internet-based communications."
Red Hat "previews" first quarter resultsRed Hat is due to report its quarterly results on June 17, but has sent out a press release "previewing" some of the numbers. It seems the company sold 98,000 RHEL subscriptions over the quarter, and is reporting a net income of over $10 million.
PXA255 embedded SBC breaks sub-$100 barrierStrategic Test Corporation has announced a new Single Board Computer (SBC), here are the technical specs: "400 MHz CPU, 16 MB SDRAM, 8 MB Flash in DIMM 144 format. TRITON-ECO is priced at $99 for 1000 quantity, runs Linux".
Symbio Technologies Offers Free Symbiont Workstation Manager SoftwareSymbio Technologies has announced that it is offering The Symbiont Workstation Manager, a Linux-based thin client management tool, as a free download and as an open source project on SourceForge.
Turbolinux to manage Chinese package deliveryTurbolinux has announced an agreement with the China Ministry of Railways to build a Linux-based system to handle package delivery operations. "The package delivery system in China utilizes the postal service and rail transportation. To modernize the package delivery process, the Ministry of Railways selected Turbolinux to develop a consolidated digital infrastructure. The widely deployed Linux-based system will link package delivery facilities and the Ministry of Railway Systems computer network, and will process 95% of the total freight volume -- nearly 200 million parcels annually."
New Books Syngress Releases "Stealing the Network: How to Own a Continent"Syngress Publishing has published the book Stealing the Network: How to Own a Continent by Ryan Russell, Kevin Mitnick, and others.
Resources List of Active FOSS EMR/EHR's (LinuxMedNews)LinuxMedNews has posted a summary of open source Electronic Health Record (EHR) and Electronic Medical Record (EMR) projects. "Here's about as good a summary as you can get of currently active Free and Open Source Software EHR/EMR projects courtesy of Dan Johnson, MD. Dr. Johnson is the author of the earliest known writings on Free and Open Source Software in medicine. He continues his activity in this area."
The LDP Weekly NewsThe June 16, 2004 edition of the Linux Documentation Project Weekly News is online with the latest new Linux documentation releases.
Contests and Awards Nominations Open for 2004 Linux Medical News Achievement Award (LinuxMedNews)LinuxMedNews has announced that nominations are open for the fourth annual Linux Medical News Software Achievement Award. The entry deadline is July 15, the award will be presented at the Medinfo conference on September 7-12.
Upcoming Events CCRMA summer workshops in Banff, CanadaThe Stanford University Center for Computer Research in Music and Acoustics (CCRMA) will be holding a set of summer workshops in Banff, Canada during July and August, 2004.
LAMP area at LinuxTag 2004There will be a LAMP Area at the LinuxTag 2004 conference in Karlsruhe, Germany on June 23-26, 2004. "In over 40 presentations prominent experts and well known Apache-, MySQL and PHP-developers including Rasmus Lerdorf, Ken Coar, Brian Aker and Derick Rethans will be talking on the use of LAMP projects in medium and large businesses as well as the newest technological developments in the field, rounding off this years, rounding off this years LAMP area program."
OSDC Australia 2004 CFPA call for papers has gone out for the Open Source Developers Conference Australia 2004. The event will take place on December 1-3, 2004 in Melbourne.
European Summary on Free Software for Multimedia Streaming over InternetThe first european seminar on Free software for multimedia streaming over the internet will be held at IRCAM in Paris, France on June 23 and 24, 2004.
Events: June 17 - August 12, 2004
Mailing Lists OpenJay Development Krew [OJDK]The OpenJay Development Krew [OJDK] mailing list has been created to discuss open-source DJ (Disk Jockey) software.
Web sites GrokDoc launchesGrokDoc, another offshoot from Groklaw, has hit the net. "Our goal is to create a useful manual on basic tasks that new users will find simple and clear and easy to follow, using what we learn from our study."
Technocrat.net returnsBruce Perens has put his old news site Technocrat.net back online. Some years ago, Technocrat was a reliable source for interesting news around free software and online liberty; we welcome its return.
Software announcements This week's software announcementsHere are the software announcements, courtesy of Freshmeat.net. They are available in two formats:
Page editor: Forrest Cook
|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![[MH-E screenshot]](/images/ns/grumpy/hot-nude-geek-sm.png)