LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for July 1, 2004The Grumpy Editor's guide to graphical mail clients
Your editor, remember, is looking for a mail client which enables the processing of vast amounts of mail in a flexible manner. An LWN editor can spend hours each day dealing with email from various sources; actually getting an LWN Weekly Edition out every week very much depends on the use of an efficient, reliable client. In particular, your editor is looking for:
For this article, your editor spent a significant amount of time working with Balsa, Evolution, KMail, Sylpheed, and Thunderbird. These programs all have a great deal in common; they would appear to have all been built from the same basic template. A tall pane on the left contains the folder hierarchy, usually split between local folders and those found on some remote server. The top right pane gives a folder view, while the bulk of the space, in the bottom right, contains the text of a message itself. Separate windows are used for composition of new messages. Each client has its own keyboard shortcuts (we will get to that later), but the mouse-oriented interaction is quite similar between all of them. A user familiar with one of these clients could make use of another with little trouble. Could it really be that the optimal model for graphical email clients has already been found, and that no further experimentation is called for at this point? Or could it be that all of these clients are imitating a popular proprietary email offering? All of the clients have most of the expected features: built-in address books; support for multiple accounts; disconnected operation; secure POP, IMAP, and SMTP access; threading of folders; hierarchical folders; filtering of messages based on various criteria; etc. Most of the common features will not be discussed here.
Balsa![[Balsa]](/images/ns/grumpy/balsa-sm.png)
Balsa is a longstanding GNOME
client. In recent years it has been somewhat upstaged by Evolution, but
development on Balsa continues. The 2.1.3 development release came out in
May, 2004, but your editor was unable to make it work on his system; this
review, thus, looks at the stable 2.0.17 release.
Balsa lacks the polish of some of the other mail clients we'll look at here, but it has many of the same capabilities. It can deal with remote mailboxes via POP or IMAP, and local mailboxes in mbox, maildir, and MH format. It can only use SMTP for outgoing mail; there is no option for passing a message to a local command. Balsa has one failing which it shares with a few other clients: it makes the user wait while it talks with the remote SMTP server. It would be nice if this conversation could happen in the background; there is little joy in staring at a "connecting to server" dialog for an indefinite period of time. Yes, one can always set up a local MTA to handle this task, but that should not be necessary. Balsa can render HTML mail reasonably well, though it cannot create such mail (the lack of this feature does not strike your editor as a problem). Its display of multipart MIME messages is somewhat awkward; it can only show one part at a time, forcing the user to bounce between tabs to see the whole message. There is a reasonable set of keyboard shortcuts which, happily, do not require extensive use of modifier keys. There is no provision for changing the shortcuts, however. Balsa's interface can be somewhat annoying; it can, at times (such as when getting a large message from a remote server), become unresponsive to the user, who is left wondering what is really going on. The address book interface looks powerful, but it would be nicer if it started with a default, local book and didn't require the user to dig through the preferences dialog before allowing addresses to be saved. Balsa has a basic set of filter operations, though less advanced than most other mail clients. One unique filter operation, however, allows matching messages to be automatically sent to the printer. The potential for paper waste and embarrassment is impressive. All told, Balsa is a reasonably capable mail client. One gets the impression, however, that its time in the limelight has passed. Most of the other clients reviewed here are more capable and smoother to operate.
Evolution![[Evolution]](/images/ns/grumpy/evolution-sm.png)
Evolution has the
broadest focus of any of the clients reviewed; it merges
the email functionality with contact management, task list, and calendaring
functions. Your editor, who is looking for an email client rather than a
calendar manager (he addressed
that problem a few months back), did not look at these other
capabilities in any great detail. One can certainly imagine uses where an
integrated calendar manager would be useful, but, if one is seeking a
focused mail client, calendars and such can be a distraction.
Version 1.5.9.2 (a pre-1.6 development release) was looked at for this review. Evolution can handle a wider range of email account types than any of the other clients reviewed. Along with the usual forms (IMAP, POP, local mailbox), Evolution can work with Novell GroupWise accounts and folders in maildir or MH format. An attempt to set up an MH directory, however, crashed Evolution and rendered it incapable of launching; such is life when one plays with development releases. Use of Evolution to read netnews groups is also supported. Outgoing mail can be sent via SMTP to a server, or passed to a local application. Evolution has a nice feature where it can query the remote mail server to determine what sorts of authentication and encryption features it supports. Some basic spam filtering is built into Evolution; users can mark messages as being "junk" and, once the internal filter is properly trained, apply filters to clear the spam out of the way. The filtering appears to be based on SpamAssassin. The documentation mentions an option to have Evolution pass mail to spamd for evaluation, but that option does not yet actually exist in the configuration dialogs. Evolution provides a set of keyboard shortcuts which allows some actions to be performed without the mouse. There is no evident way of configuring shortcuts, however; if you don't like the defaults, there's little to be done. Evolution provides full support for HTML mail. Incoming HTML is rendered by default. It can compose mail in HTML format, and a full set of operations is provided enabling the composition of truly gaudy messages. Happily, Evolution defaults to sending plain text mail only; users must explicitly say they want to create HTML messages. There are some nice features for finding messages within folders. A search bar in the main menu can quickly narrow the view to messages meeting the search criteria. The "vFolder" mechanism is a more advanced feature which enables the creation of custom views which can include messages from multiple folders which meet the search criteria.
KMail![[KMail]](/images/ns/grumpy/kmail-sm.png)
KMail is the KDE mail
client, part of the "kdepim" package. In many ways, KMail is the most
configurable and flexible of the graphical email clients out there.
KMail can handle incoming mail via POP, IMAP, and local mailboxes in mbox or maildir format. Outgoing mail is transferred via SMTP or handed to a local program. KMail's account setup is, however, a little more confusing than that found in the other mailers. Mail identities, mail sources, and "transports" (ways of sending mail) are all configured separately; they can then be mixed and matched in arbitrary ways. Those who are so inclined can select a different outgoing transport for each message. The system is flexible, but not necessarily straightforward to set up at the outset. Like Evolution, KMail can query remote mail servers to determine their encryption and authentication capabilities. This is such an obviously good feature that one wonders why all mail clients do not work that way. KMail has extensive configuration options. Uniquely among the clients reviewed (but standard for KDE applications), KMail provides an easy mechanism for configuring keyboard shortcuts. The defaults also make some sense: "R" for reply, for example. Given that regular, unmodified keystrokes have no intrinsic meaning in the context of a mail client window, why make users lean on the control key to get anything done? One should be able to simply hit "N" to see the next message, and KMail's designers understand that. The usual filtering operations are available. KMail does not, however, have any sort of internal spam filtering built into it (though some of the available, undocumented options, like "mark as spam," suggest that this capability is coming). Filters can, among other things, change the default identity or outgoing transport which applies to a given message, or rewrite header fields. Like Evolution, KMail supports virtual folders created by searching; there is no search bar in the main window, however. KMail can render HTML mail quite nicely, but it refuses to do so until the user explicitly requests HMTL rendering for a specific message. It also will not load external images until you get past a configuration screen with dire warnings on it. KMail does not appear to be able to create HTML messages.
As a whole, KMail has a pleasant, responsive interface. It is visually
pleasing, and makes relatively good use of the screen space. More than
some other clients, it provides feedback on what it is doing at any given
time, and does not make the user wait unnecessarily. On the other
hand, it has an obnoxious habit of popping up "tool tips" with the message
In summary: KMail is a capable client; its developers have clearly given some thought to how to make life easier for their users. It is arguably one of the best mail clients available.
Sylpheed![[Sylpheed]](/images/ns/grumpy/sylpheed-sm.png)
Sylpheed is a GTK+ mail client
which advertises itself as fast and lightweight. Like Balsa, Sylpheed
feels a little rough in the modern world. This client, however, has some
capabilities that the others lack.
At the top of the list of those capabilities might be "actions." Sylpheed includes a mechanism for running external programs on messages; the output of that program can, optionally, replace the original message. Actions can be created with a dialog box (canned actions can also be obtained from the net and added directly to the configuration file); thereafter they show up under the "Tools/Actions" menu. It would be nice if an action could be bound to a keystroke, but... ...Sylpheed does not allow the configuration of keyboard shortcuts. Shortcuts do exist for most operations, but they all require the use of the control key. The font selection available in Sylpheed is also somewhat restrictive; it cannot use the nice anti-aliased fonts the way some of the other mail clients can. If you spend a lot of time staring at a mail client every day, this makes a difference. Sylpheed tends to hang up at times; when an action is being run, for example. It also makes the user wait for SMTP conversations to complete when sending a message. This client cannot render HTML mail; it wings it by stripping out the markup and simply displaying the remaining text. This technique works surprisingly well; if you don't get much HTML mail, you may never even notice the lack of proper support. Sylpheed can work with POP and IMAP mailboxes, or with local mailboxes in the mbox format. It creates local mailboxes using the MH format; it can also be configured to use the MH inc command to incorporate new mail. It has no support for mailboxes in maildir format. The Sylpheed address book is minimal but functional; there is no LDAP support, however. For those who find Sylpheed inadequate, but who like the basic platform, the Sylpheed-Claws project may be worth a look. Sylpheed-Claws is an ongoing effort to add vast numbers of features to Sylpheed. Some of these include a plugin mechanism, spell checking (a feature available on most other mail clients), the ability to assign actions to icons on the toolbar, a search bar for narrowing folder views, themes, message scoring, HTML viewing (using an external viewer), better GPG support, LDAP support, and more. The biggest problem with Sylpheed-claws, however, is that it is very much a development release; you editor was able to make it crash in several different ways. Crashing is not a desirable feature in a vital work tool. Sylpheed is a powerful client which is clearly aimed at serious users. In your editor's not entirely humble opinion, what it could best use at this point is (1) a bit more attention to polish, human factors, and visual appeal, and (2) a concerted effort to move the best, most stable features from Sylpheed-Claws into the mainline client. With some work in that direction, Sylpheed could be a powerful contender for the title as the best graphical client for advanced users.
Thunderbird![[Thunderbird]](/images/ns/grumpy/thunderbird-sm.png)
Thunderbird is
the standalone mail client from the Mozilla project; its most recent
release is version 0.7.1. Thunderbird is a slick product; it is visually
appealing and, for the most part, easy to use.
Unlike other mail clients, Thunderbird has no provision for local maildrops at all; it can only obtain mail via POP or IMAP. It does maintain local folders, however; they are buried deeply under the user's .thunderbird directory, and appear to be in mbox format. Thunderbird can be used to read netnews from NNTP servers. On the outgoing side, Thunderbird expects to talk to an SMTP server, and it makes you wait while the conversation takes place. Thunderbird handles HTML mail without trouble; one would expect a Mozilla project to get that part down reasonably well. The client will, by default, execute Javascript contained within HTML mail; your editor is hard put to come up with a reason why one would ever want to leave that option enabled. Thunderbird also sends mail in HTML format and, discouragingly, comes configured to send HTML by default. Thunderbird is a highly configurable client. The actual configuration can be a bit confusing, however; quite a few options (such as sending HTML mail) are part of the account configuration. A user will look for such options under the "options" menu in vain. Thunderbird also has a powerful extension mechanism, with numerous extensions available on the net. The default keyboard shortcuts are heavily reliant on the control key, and there is no provision for changing them. The "keyconfig" extension mitigates that problem somewhat, though it is not trivial to use and cannot create shortcuts for all that many operations. Thunderbird has some strange behavioral glitches. Clicking on a URL in a message, for example, causes Thunderbird to copy the web page to a local file and run a browser on that file; this strange behavior breaks all the images and links, among other things. If, instead, the user drags the URL to a browser window, the right thing happens. Thunderbird is also reluctant to use folders on the remote IMAP server that it didn't create itself; folders created by a different mail client tend to be completely inaccessible. On the other hand, Thunderbird's composition window is relatively nice and easy to use. The interaction with the address book is easy and transparent, and Thunderbird makes it easy to set various types of headers ("Bcc:", "Reply-To:") without having to dig through menus. Thunderbird has its own bayesian spam filter built in. Messages which look like spam are prominently marked as such; the user then has the option of correcting things. The toolbar icon toggles between "Junk" and "Not junk," depending on the current marking of the message; the user thus has to actually look at it to see what it will do at any given time. This sort of modal interface is an encouragement to the user to make mistakes. The keyboard shortcuts for marking and unmarking spam, at least, are distinct. There is a search bar in the main window for quickly narrowing folders. There are no virtual folders for holding search results, however. Thunderbird is an impressive client; for version 0.7 it is in very good shape. Your editor would like to see some attention paid to the needs of users who want to do nonstandard things, such as adding custom operations to the toolbars. Given that most of the details and polish are already in place, a bit of careful feature work could turn Thunderbird into a truly powerful and useful program.
Other important pointsA grumpy editor who posts to lists like linux-kernel lives in fear of two things: (1) sending text in very long lines, and (2) sending patches which have been word-wrapped by the mail client. Committing either faux pas can cause a budding kernel hacker to contemplate a switch to Visual Basic programming. Your editor attempted to get each mailer to send an unmolested patch while performing word wrapping on the accompanying text. Note that some people really want to see patches inline, rather than as attachments, which complicates the situation - any of the mail clients reviewed here can send an attachment without trouble.Only Sylpheed passed this test in a clear way. If the "wrap on input" option is selected, typed text will be wrapped, but an inserted file will be left alone. KMail sort of works, in that word wrap can be disabled for specific messages. If you use the "external editor" option (which works in a bit of a confusing way; you must type a keystroke in the text area of the composition window to get your editor), whatever the editor produces will not be messed with. Balsa wraps everything, as does Evolution. Thunderbird, interestingly, has no option for inserting a file into an outgoing message; you must cut-and-paste it in (and deal with wrapping problems), or send it as an attachment. Another important feature, as far as your editor is concerned, is the ability to feed a message to an external program. After all, it just might be possible that users may think of things to do with their mail which, inexplicably, just didn't occur to the implementers of the mail client. Such operations might include feeding a message to sa-learn to better train SpamAssassin's filter, or, in your editor's case, inserting a software announcement into the LWN site. Support for external programs is poor in most of the clients reviewed. Some of them can invoke an external program while filtering messages (thus, for example, allowing SpamAssassin to be used to clean out junk), but only Sylpheed has a separate mechanism for running programs on specific messages. Even then, only Sylpheed-Claws brings that mechanism to the toolbar, and there is still no way to assign an action to a keystroke. Thunderbird has an "external application" extension, but it is really just an application launcher; it can't be used to process messages. There should be no reason why the right kind of extension couldn't be written; it's just that, as far as your editor can tell, nobody has done it yet. In general, extensibility is an important feature for a complex application. The original developers will never think of everything, and really should not even try. If the application provides an easy way for others to add capabilities, the result will often be a rich ecosystem of features far beyond the imagination of the application's designers. Among the clients reviewed above, only Thunderbird provides support for first-class extensions - though Sylpheed-Claws is getting there. In the long term, the email client which best supports extensions may well be the one which gathers the largest, happiest user base.
ConclusionsA few other free graphical clients exist, but didn't make it into this review:
So, with all these options, which would your editor choose? The answer, for the moment, is "none of the above." Your editor is not yet sold on the advantages of a graphical client for this sort of work; these clients do have a number of nice features, but an email client must, above all else, enable quick and efficient processing of mail. Anybody who has tried to exchange email with your editor knows that he can easily get far behind; if the email client adds friction to the process, that problem will get worse. Some of the clients reviewed look like they could eventually be a part of a workable email system. With luck, future development will take at least one of them in a direction where it is, on the one hand, polished, feature-rich, and usable, while being, on the other hand, easy to integrate into a wider way of doing things. Meanwhile, your editor will proceed to look at some of the current non-graphical offerings (this includes emacs-based clients, which are becoming increasingly graphical in their own right). Stay tuned.
The Global File System goes full circleIn 2003, Red Hat announced that it was acquiring Sistina, and that it would work to release Sistina's current technologies as open source in 2004. Red Hat made good on that promise on June 24 by re-releasing the Global File System under the GPL. The Global File System (GFS) has a fairly long and interesting history. According to the OpenGFS website, the GFS project started at the University of Minnesota and was sponsored from 1995-2000 by the University. Then Matthew O'Keefe, a professor at the university, founded Sistina around GFS. Sistina stopped making new versions of GFS available under the GPL in 2001. It's important to note that it's inaccurate to say (as many have) that GFS has been "re-released" under the GPL -- the original code that was available under the GPL remained available under the GPL. Sistina simply quit putting out new releases under the GPL, but users still had the option of using and working with releases prior to Sistina's license change, as did the OpenGFS project. The release put out by Red Hat last week actually consists of more than just GFS the file system; it totals nine components in all. In addition to GFS itself, Red Hat has released the clustering extensions to the Logical Volume Manager 2 (LVM2). Also, Red Hat has released clustering infrastructure tools and cluster block devices that work with GFS; The Cluster Configuration System (CCS), Cluster Manager (CMAN), Distributed Lock Manager (DLM), GFS Unified Lock Manager (GULM), the Fence I/O fencing system, the Global Network Block Device (GNBD) and the Cluster Snapshot Block Device (CSBD). Linux has no shortage of filesystems to choose from, but GFS is quite a bit different from Ext3, ReiserFS and other popular file systems being used with Linux today. The GFS release probably isn't that interesting for users with a single Linux workstation or for small installations of Linux systems that don't require a great deal of filesystem sharing or redundancy. For Linux shops that have deployed or plan to deploy Linux in a clustering capacity or using a Storage Area Network (SAN) to share filesystems among servers, instead, GFS is a very interesting technology. GFS allows Linux servers to share a single file system on a block device via fiber channel, iSCSI, NDB or other technology, and allows those servers to simultaneously read from that file system and coordinates writes to the filesystem to avoid data being overwritten. Changes to the filesystem made by one server are immediately available to other servers. GFS is different from the Network File System (NFS) in that it removes the requirement for clients to access storage devices through an NFS server. It removes some of the overhead from working with data, making GFS more robust. One can use the two technologies in conjunction with one another, using GFS to give a set of servers access to a filesystem stored on a set of fiber channel drives (for example) and then exporting the filesystem to clients via NFS. GFS is highly scalable, which means that hundreds of systems can share a filesystem on a SAN. In addition, as one might expect, file system and volume resizes can be performed while the system is running -- which means that enterprise systems don't need to be brought down for filesystem maintenance when a deployment starts to require more space. The file servers themselves can be clustered to provide high availability, redundancy and increased performance. Just what the doctor ordered for a database cluster, enterprise file servers, large e-mail installations and many other applications. For those interested in trying out GFS, source RPMs are available for Red Hat Enterprise Linux 3, CVS snapshots are available, and enterprising Fedora user Lennert Buytenhek has already whipped up FC2 RPMs of GFS and the necessary tools. Packages are no doubt being prepared for other popular Linux distributions as well. Instructions on using GFS can be found here. Of course, RHEL users still have the option of buying GFS for a mere $2200. The GFS team is now working to put GFS into the mainline Linux kernel. It shouldn't be terribly difficult for a project this useful to find a healthy community of users to apply whatever elbow grease is necessary to make that happen.
A look at Slackware 10.0The long-awaited Slackware 10 release has hit the streets, so to speak. Though Patrick Volkerding's Slackware wasn't the very first Linux distribution (it was originally based on the SLS distribution) it has outlived all of its predecessors. First released on July 16, 1993, Slackware has come a long way since its floppy-based origins -- though in some ways, it has also remained very much the same.The Slackware installer, for example, has changed very little over the years. Though the lack of a graphical installer may intimidate new users, the text-based menu installer still serves well and is quite simple to use if one will only take the time to read the text. This writer installed Slackware 10, using the "install everything" option, on a Toshiba Satellite 1415-S105 notebook in about twenty minutes. That includes disk partitioning, network setup and reboot. Slackware's installer may lack bells and whistles, but it serves just fine on almost any hardware. Slackware also continues to use the BSD-style init scripts, though slightly streamlined in this release, as opposed to the SYSV style init scripts that are used by most other Linux distributions. Whether this is an annoyance or feature largely depends on the personal preference of the user. The latest Slackware release is based on the stock 2.4.26 Linux kernel, with an optional 2.6.7 kernel for users who wish to run the 2.6 series. Apparently, the 2.6 kernel series hasn't quite yet lived up to Volkerding's standards for a default kernel. Nor has Slackware jumped to the Apache 2.0.x series yet; it still ships with Apache 1.3.31. Slackware also still includes lprng and LILO, which have been replaced by CUPS and GRUB in most distributions -- though Slackware also now includes CUPS alongside lprng. Slackware still includes a wide array of window managers and desktop environments, and tends to stay on or close to the cutting edge there. KDE 3.2.3 is included, as is GNOME 2.6.1, XFce 4.0.5, Blackbox, Fluxbox, and many others. While most popular distributions tend to brand the window managers and desktop environments -- Red Hat's "Bluecurve" and Mandrake's "Galaxy" themes come to mind -- Slackware ships them more or less as-is. In fact, all packages shipped with Slackware "follows the setup and installation instructions from its author(s) as closely as possible." This writer tends to prefer the "generic" version of packages, so Slackware is his favored choice in this area. Though not part of the default install, there are a few new package tools for Slackware 10. There's now a "slackpkg" tool to help with upgrading an older release of Slackware, and "slacktrack" to help building Slackware packages. Users who wish to try these new tools will find them in /extras, on the third Slackware disk. Speaking of disks, it's also worth noting that Slackware is still fairly lightweight in terms of disks required for installation. Only the first disk is necessary for a basic install with KDE, while the second disk will be necessary for users wishing to use GNOME. Users who wish to use the ZipSlack distribution will need to grab disk four. Users interested in trying Slackware before it's available in stores or to subscribers can find ISOs through BitTorrent or through one of the unofficial mirrors. The only complaint this writer has about Slackware 10 is the lack of a simple sound configuration utility. Configuring sound on the Toshiba laptop with Slackware was a bit more challenging than with other distributions, which usually find and enable the sound card without any user intervention. Other than that, however, installing and configuring Slackware was a pleasure. In all, Slackware is a solid distribution that's easy to set up and run. For users who are already running Slackware-based systems, the upgrade is well worth it. Users who have never tried Slackware might find that it's well worth the time to test out.
Security The netfilter packet of deathAdam Osuchowski and Tomasz Dubinski have sent out an advisory regarding a new vulnerability in the 2.6 netfilter subsystem. Netfilter, being the Linux firewalling code, inspects network packets and makes decisions on which ones to pass on. Use of netfilter is supposed to increase security, so it is always discouraging when the opposite happens. Fortunately, the number of sites vulnerable to this particular bug should be fairly small.TCP packets can contain an "options" field within the header. This field allows TCP implementations to change how the protocol works; options can be used to turn on features like selective acknowledgments, change how checksumming is done, and so on. Each option has a simple format:
Multiple options can be packed into the field; an option number of zero terminates the list. If netfilter is asked to filter packets based on the contents of the TCP options field, it goes into a loop stepping through each option present in a packet. Unfortunately, it treats the length byte as a signed quantity; the result is that, with an option number greater than 128, netfilter's index into the options field can be pushed backward, and the code can end up in an infinite loop. That tends to slow packet delivery somewhat. The fix is straightforward: declare the options array as unsigned. The good news is that, in all likelihood, very few firewalls filter on the TCP options field, and, of those, most have probably not yet been upgraded to 2.6. The bad news is that there are almost certainly many other bugs in the kernel (and elsewhere) caused by confusion between signed and unsigned types. These vulnerabilities can be hard to find without detailed, tedious auditing. And some of them, certainly, will have a larger impact than this one.
The U.S. Constitution locked upAs seen in Lawrence Lessig's weblog: Amazon.com is offering an electronic version of the U.S. Constitution aimed at Microsoft's reader. It's all nicely equipped with the usual digital rights management stuff; according to Amazon, permission to print the Constitution has been denied.The irony of the situation is self-evident. We at LWN would certainly never want to INDUCE anybody to commit a crime, but... if somebody were to get around the DRM and dump a copy of this electronic book onto their printer, it would be a clear violation of the DMCA. For somebody looking for a day in court, it would be harder to find a more desirable case to defend than being charged with printing the U.S. Constitution. Explaining the problems of U.S. copyright law to otherwise uninterested parties has always been a challenge; given enough products like this one, that task is likely to get easier.
New vulnerabilities Apache: denial of service
FreeS/WAN, Openswan, strongSwan: Vulnerabilities in certificate handling
giFT-FastTrack: remote denial of service attack
gzip: temporary file execution problem
kernel: netfilter denial of service
pavuk: buffer overflow
Updated vulnerabilities Apache mod_proxy: denial of service
apache2: stack-based buffer overflow in ssl_util.c
aspell: bounds checking problem
dhcp: buffer overflows
Filename disclosure vulnerability in fam
flim: insecure file creation
gtkhtml: malformed messages cause crash
Horde-IMP: improper input validation
iproute: local denial of service
racoon: failure to verify signatures
racoon: denial of service vulnerability
kdelibs: cookie disclosure
kernel: symlink overflow in the iso9660 filessytem
kernel: denial of service
kernel-utils: setuid vulnerability
krb5: unauthorized root privileges
libpng, libpng3: buffer overflow
libxml2 - arbitrary code execution
logcheck: symlink vulnerability
mailman: password disclosure
mikmod: buffer overflow
mod_python: denial of service vulnerability
mozilla: multiple vulnerabilties
mpg321: format string vulnerability
MySQL: temporary file vulnerabilities
neon: buffer overflow
Nessus NASL scripting engine security issues
netpbm: insecure temporary files
openssh: timing attack leads to information disclosure
OpenSSL: denial of service vulnerabilities
postgresql buffer overflow in ODBC driver
python: buffer overflow
racoon: improper certificate validation
rsync remote file write attack
squid: buffer overflow
SquirrelMail cross site scripting vulnerabilities
Subversion: Remote heap overflow
sysstat: temporary file vulnerability
File overwrite vulnerability in tar and unzip
tcpdump: ISAKMP payload handling denial-of-service vulnerabilities
Multiple vendor telnetd vulnerability
tripwire format string vulnerability
webmin: denial of service
XChat 2.0.x SOCKS5 Vulnerability
xine-ui - insecure temporary file creation
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current 2.6 kernel is still 2.6.7; the first 2.6.8 prepatch has not yet been released.Patches continue to accumulate in Linus's BitKeeper tree, however; they include the new dma_get_required_mask() API (covered here last week), support for 64-bit Super-H hardware (forward ported from 2.4), x86 no-execute support, asynchronous I/O support for USB gadgets, a reworked symbolic link lookup implementation (see below), a new "CPU mask" implementation, some read-copy-update performance improvements, support for new Apple PowerBooks, more sparse annotations, some netfilter improvements, some kbuild work, a new wait_event_interruptible_exclusive() macro, support for the O_NOATIME flag in the open() call, sysfs knobs for tuning the CFQ I/O scheduler, mirroring and snapshot targets for the device mapper, the removal of the PC9800 subarchitecture, reiserfs data=journal support, preemptible kernel support for the PPC64 architecture, and many fixes and updates. The current prepatch from Andrew Morton is 2.6.7-mm4. Recent additions to -mm include a rearrangement of the x86 user-space memory layout (see below), some preparatory work for software suspend on SMP systems, PCMCIA sysfs support, and lots of fixes. The current 2.4 prepatch is 2.4.27-rc2, which was released by Marcelo on June 26. A relatively large number of patches (for a release candidate) went in; they include a USB gadget driver update, a number of backported fixes for potential security problems, an XFS update, a netfilter update, and various fixes.
Kernel development news Reorganizing the address space![[memory layout diagram]](/images/ns/kernel/mmap1.png)
The traditional organization of the virtual address space (as seen from
user space, on x86 systems) is as shown in the diagram to the right. The
very bottom part of the address space is unused; it is there to catch NULL
pointers and such. Starting at 0x8000000 is the program text - the
read-only, executable code. The text is followed by the heap region, being
the memory obtainable via the brk() system call. Typically
functions like malloc() obtain their memory from this area;
non-automatic program data is also stored there.
The heap differs from the first two regions in that it grows in response to program needs. A program like cat will not make a lot of demands on the heap (one hopes), while running a yum update can grow the heap in a truly disturbing way. The heap can expand up to 1GB (0x40000000), at which point it runs into the mmap area; this is where shared libraries and other regions created by the mmap() system call live. The mmap area, too, grows upward to accommodate new mappings. Meanwhile, the kernel owns the last 1GB of address space, up at 0xc0000000. The kernel is inaccessible to user space, but it occupies that portion of the address space regardless. Immediately below the kernel is the stack region, where things like automatic variables live. The stack grows downward. On a really bad day, the stack and the mmap area can run into each other, at which point things start to fail. This organization has worked for some time, but it does have a couple of disadvantages. It fragments the address space, such that neither the heap nor the mmap area can make use of the entire space. If one program makes heavy use of the heap, it could run out of memory, even though a large chunk of space is available between the mmap area and the stack. Normally, not even yum can occupy that much heap, but there are other applications out there which are up to that challenge.
As an added bonus, this organization reduces the amount of kernel memory required to hold each process's page tables, since the fragment at 0x40000000 is no longer present. There are a couple of disadvantages to this approach. One is that the stack area is rather more confined than it used to be. The actual size of the stack area is determined by the process's stack size resource limit, with a sizable cushion added, so problems should be rare. The other problem is that, apparently, a very small number of applications get confused by the new layout. Any application which is sensitive to how virtual memory is laid out is buggy to begin with; according to Arjan van de Ven, the most common case is applications which store pointers in integer variables and then do the wrong thing when they see a "negative" value.
The fact is that most users will never notice the change; for a
demonstration, consider that Fedora kernels have been shipping with this
patch for some time. Even a vanilla Fedora Core 1 system has it; a
command like "cat /proc/self/maps" will show the new layout at
work. The patch is currently part of the -mm kernel, and will probably
find its way into the mainline before too long.
DMA issues, part 2Last week's Kernel Page looked at various DMA-related issues. One of those was the ability to make use of memory located on I/O controllers for DMA operations. That work has taken a step forward with this proposal from James Bottomley, which adds a new function to the DMA API:
int dma_declare_coherent_memory(struct device *dev,
dma_addr_t bus_addr,
dma_addr_t device_addr,
size_t size, int flags);
This function tells the DMA code about a chunk of memory available on the device represented by dev. The memory is size bytes long; it is located at bus_addr from the bus's point of view, and device_addr from the device's perspective. The flags argument describes how the memory is to be used: whether it should be mapped into the kernel's address space, whether children of the device can use it, and whether it should be the only memory used by the device(s) for DMA. The actual patch implementing this API is still in the works. As of this writing, there have been no real comments on it. Meanwhile, a different DMA issue has been raised by the folks at nVidia, who are trying to make their hardware work better on Intel's em64t (AMD64 clone) architecture. It is, it turns out, difficult to reliably use DMA on devices which cannot handle 64-bit addresses. Memory on (non-NUMA) Linux systems has traditionally been divided into three zones. ZONE_DMA is the bottom 16MB; it is the only memory which is accessible to ancient ISA peripherals and, perhaps, a few old PCI cards which are simply a repackaging of ISA chipsets. ZONE_NORMAL is all of the memory, outside of ZONE_DMA, which is directly accessible to the kernel. On a typical 32-bit Linux system, ZONE_NORMAL extends up to just under the first 1GB of physical memory. Finally, ZONE_HIGHMEM is the "high memory" zone - the area which is not directly accessible to the kernel. This layout works reasonably well for DMA allocations on 32-bit systems. Truly limited peripherals use memory taken from ZONE_DMA; most of the rest work with ZONE_NORMAL memory. In the 64-bit world, however, things are a little different. There is no need for high memory on such systems, so ZONE_HIGHMEM simply does not exist, and ZONE_NORMAL contains everything above ZONE_DMA. Having (almost) all of main memory contained within ZONE_NORMAL simplifies a lot of things. Kernel memory allocations specify (implicitly or explicitly) the zone from which the memory is to be obtained. On 32-bit systems, the DMA code can simply specify a zone which matches the capabilities of the device and get the memory it needs. On 64-bit systems, however, the memory zones no longer align with the limitations of particular devices. So there is no way for the DMA layer to request memory fitting its needs. The only exception is ZONE_DMA, which is far more restrictive than necessary. On some architectures - notably AMD's x86_64 - an I/O memory management unit (IOMMU) is provided. This unit remaps addresses between the peripheral bus and main memory; it can make any region of physical memory appear to exist in an area accessible by the device. Systems equipped with an IOMMU thus have no problems allocating DMA memory - any memory will do. Unfortunately, when Intel created its variant of the x86_64 architecture, it decided to leave the IOMMU out. So devices running on "Intel inside" systems work directly with physical memory addresses, and, as a result, the more limited devices out there cannot access all of physical memory. And, as we have seen, the kernel has trouble allocating memory which meets their special needs. One solution to this problem could be the creation of a new zone, ZONE_BIGDMA, say, which would represent memory reachable with 32-bit addresses. Nobody much likes this approach, however; it involves making core memory management changes to deal with the shortcomings of a few processors. Balancing memory use between zones is a perennial memory management headache, and adding more zones can only make things worse. There is one other problem as well: some devices have strange DMA limitations (a maximum of 29 bits, for example); creating a zone which would work for all of them would not be easy. The Itanium architecture took a different approach, known as the "software I/O translation buffer" or "swiotlb." The swiotlb code simply allocates a large chunk of low memory early in the bootstrap process; this memory is then handed out in response to DMA allocation requests. In many cases, use of swiotlb memory involves the creation of "bounce buffers," where data is copied between the driver's buffer and the device-accessible swiotlb space. Memory used for the swiotlb is removed from the normal Linux memory management mechanism and is, thus, inaccessible for any use other than DMA buffers. For these reasons, the swiotlb is seen as, at best, inelegant. It is also, however, a solution which happens to work. The swiotlb can also accommodate devices with strange DMA masks by searching until it finds memory which fits. So the solution to the problem experienced by nVidia (and others) is likely to be a simple expansion of the swiotlb space. Carving a 128MB array out of main memory for full-time use as DMA buffers may seem like a shocking waste, but, if you have enough memory that you're having trouble with addresses requiring more than 32 bits, the cost of a larger swiotlb will be hard to notice.
Supporting deeper symbolic linksLinux has long limited filename lookups to a maximum of five chained symbolic links. The limit is a useful way of dealing with symbolic link loops, but that is not why it exists. Following symbolic links is an inherently recursive task; once a link has been resolved, the new destination can be another link, which starts the whole process from the beginning. In general, recursion is frowned on in the kernel; the tight limit on kernel stack space argues against allowing any sort of significant call depth at all. The five-link limit was set because, if the limit were higher, the kernel would risk overrunning the kernel stack when following long chains.Users do occasionally run into the five-link limit, and, of course, they complain. The limit imposed by Linus is lower than that found on a number of other Unix-like systems. So there has long been some motivation to raise that limit somewhat. Alexander Viro has finally done something about it. His approach was to change the behavior of the filesystem follow_link() method slightly. This method has traditionally been charged with finding the target of a symbolic link, then calling back into the virtual filesystem code (via vfs_follow_link()) to cause the next stage of resolution to happen. In the new scheme of things, the follow_link() method is still free to do the whole job, so unmodified filesystems still work. But the preferred technique is for the filesystem code to simply store the file name for the link target in a place where the VFS code can find it and return. The VFS can then make the vfs_follow_link() call itself. This seems like a small change, but it has an important effect. The filesystem's follow_link() method's stack frame is now gone, since it has returned back to the core VFS code. And the core code can use an in-lined version of vfs_follow_link(), rather than calling it (with its own stack frame) from the outside. As a result, two fewer stack frames are required for every step in the resolution of the symbolic link. Al figures that this change will enable raising the maximum link depth to eight, or even higher (though there is probably little reason to go beyond eight). That change has not yet happened - all of the filesystems will need to be updated and the patch proven stable first. But the initial set of patches has found its way into Linus's BitKeeper tree, so the process is coming near to its conclusion.
Patches and updates Kernel trees
Build system
Core kernel code
Development tools
Device drivers
Filesystems and block I/O
Networking
Architecture-specific
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials A Short History of Linux DistributionsThere have been many articles and books written about Linux; where it came from, how it got where it is today, the whole "Who's Who" list... A good Google search or some time spent on sites such as The Linux Documentation Project and Linux Journal will tell you more than you could ever wish to know. But there is little information on the history and evolution of Linux distributions. As of this writing, there are 303 Linux distributions according to DistroWatch [editor's note: currently 353 "active" distributions are listed on LWN's Distribution List]. It would seem that everyone and his dog has a distribution available. This hasn't always been the case.Back in late 1991, when Linux first hit the 'Net, there were no distributions per se. The closest thing was HJ Lu's Boot/Root floppies. They were 5.25" diskettes that could be used to get a Linux system running. You booted from the boot disk and then, when prompted, inserted the root disk. After a while you got a command prompt. Back in those days if you wanted to boot from your hard drive you had to use a hex editor on the master boot record of your disk. Something that was definitely not for the faint of heart. I remember when Erik Ratcliffe wrote the first instructions (this was long before HOWTO files) on how to do just that. It wasn't until later that anything you could call a real distribution appeared. The first such thing was from the Manchester Computing Centre. Known as MCC Interim Linux, it was a collection of diskettes that, once installed on your system, let you have a basic UNIX environment. It was console only, no X. Shortly after that there was a release out of Texas A&M University called TAMU 1.0A. This was the first one that let you run X, though the method they used to configure it occasionally allowed the magic smoke to escape from your monitor. Both of these were developed for their universities' in-house use. They were also released to the world for anyone to use. The first commercial, in the sense that it was developed for public consumption rather than in-house use only, Linux distribution was Yggdrasil. This also had the distinction of being the first "Live" Linux CD. You could boot from a diskette and run everything off the CD. This was back in days of 1x and 2x CD-ROM drive speeds so it wasn't exactly setting the world on fire. You could start X then literally go get a cup of coffee before it finished coming up. Yggdrasil had some nice features dealing with configuration, though, especially for the time. On the heels of that came the first widely recognized and used Linux distribution, SLS Linux. It was put together by Soft Landing Systems, hence the name, and came in a handful of files that you would unzip and copy to floppy disks. This was Linux's first big breakthrough. SLS dominated the market until the developers made a decision to change the executable format (if you remember the a.out to ELF conversion you'll remember this). This was not well received by the user base. Just around the time this happened Patrick Volkerding had taken SLS and adapted, modified, tweaked and cleaned it up making it a different thing all together. He called it Slackware. With the unpopular direction SLS had taken, Slackware quickly replaced it and became the dominant distribution used by nearly everyone. In fact it's still in use today. Now, all of this took place in the span of about 3 years. In those days the speed with which changes happened was unbelievable. By the time '94/'95 came around you started seeing more distributions popping up. Familiar names like Red Hat, Debian, Caldera, TurboLinux, and SuSE were becoming popular. There were also a few other distributions that came and went between '91 and '95. However, they had little impact on the overall direction that Linux distributions would take. If you search the 'Net you can still find references to these early distributions, and possibly even some archives of the releases themselves. If you have some free time you should look at these old releases. Not only will you be able to see how far Linux has come, you'll also see what life was like in the early days of Linux distributions.
Distribution News Slackware 10.0 releasedSlackware 10.0 is out; see the announcement for details. Downloads are available via the mirrors or with BitTorrent.
Red Hat, Novell to ship Helix PlayerRealNetworks has been cranking out the press releases at GUADEC. This one announces a deal with Red Hat; that company's upcoming desktop distribution will feature Helix Player and a "no-cost upgrade" option for RealPlayer 10. There is also an arrangement with Novell; which will simply ship RealPlayer directly.
SmoothWall Express 2.0 is a successHere's a press release from SmoothWall Ltd. on the success of SmoothWall Express, the company's standalone firewall product.
Debian GNU/LinuxThe Debian Weekly News for June 29 is out. Topics this week include the general resolution which would allow the release of Sarge with non-free data (voting ends July 2), various installer topics, and Debian at LinuxTag.To vote in the general resolution (if it's not too late) go to the voting page. Robert Millan announced the release of the GNU/kFreeBSD LiveCD rescue system. You can use it to try GNU/kFreeBSD without the hassle of installing, and for now it is also the recommended install method. DebianPlanet reports that the Hilux installer for Woody is now available.
Gentoo Weekly NewsletterThe June 28 issue of the Gentoo Weekly Newsletter is out. The main topic this week is Gentoo at LinuxTag. "There are offers simply impossible to turn down. When Gentoo developer Lars Weiler (Pylon) was approached to try an installation on the finest machine displayed at the Hewlett-Packard booth during the German LinuxTag, the HP staff really didn't have to ask him twice."
Improved fedora.us UPDATE submission policyThe core fedora.us developers have announced the first concrete step of an ongoing work to improve the flow and documentation of the fedora.us package submission process. The updated process (click below for details) is effective immediately.
Fedora updatesUpdates for Fedora Core 2:
There are new cscope packages for FC1 and FC2.
MandrakelinuxMandrakelinux has an updated initscripts package that corrects various bugs.
Trustix Secure LinuxTrustix fixes bugs in kerberos5 for TSL 2.1 and Enterprise Server 2.This advisory covers minor bug fixes in libpng, mod_php4, openssl, rsync, slocate and swup for TSL 1.5, 2.0, 2.1 and Enterprise Server 2. Trustix has several bug fixes available for apache, libpng and python. (TSL 2.0, 2.1 and Enterprise Server 2)
New Distributions German Government Linux Desktop (DebianPlanet)DebianPlanet covers the released of the Linux Government Desktop at LinuxTag 2004. The Linux Government Desktop is produced by the German Federal Office for Information Security and the company credativ as a Live CD as well as an Install CD Edition. It is composed entirely of free software, based on Debian stable "woody" and contains KDE 3.2.2, Mozilla and a special themed version of OpenOffice 1.1.1 which integrates seamlessly with KDE.
Hiweed GNU/LinuxHiweed GNU/Linux is a Chinese Linux distribution, based on Debian GNU/Linux. Its features include preconfigured Chinese applications, such as Chinese input method, Chinese-English and English-Chinese dictionaries, and Chinese true-type fonts. Hiweed joins the list at version 0.3RC1 released June 29, 2004.
NitixNitix is a product of Net Integration Technologies Inc., a server OS with autonomic computing features -- self-management, self-healing, self-configuring and self-optimizing capabilities. (Thanks to Leandro Guimarães Faria Corcete Dutra)
Minor distribution updates Astaro Security LinuxAstaro Security Linux has released v5.012 with minor bugfixes. "Changes: This Up2Date improves the Up2Date backend and fixes a bug which prevents the operation of the "Pause" button in livelog on MS Internet Explorer."
BG-Rescue LinuxBG-Rescue Linux has released v0.3.2 with minor feature enhancements. "Changes: The kernel was updated to 2.4.26 and NTFS was updated to 2.1.6b. nForce Ethernet support was added. Parts of reiserfsprogfs were replaced by the smaller progsreiserfs. The new busybox applets udhcpc and telnetd were added. progsreiserfs 0.3.0.5 was added. tar was downgraded to the version from busybox 0.60.5, which is more reliable. cloop was updated to 2.01, e2fsprogs to 1.35, lilo to 22.5.9, mdadm to 1.6.0, ms-sys to 2.0.0, ntfsprogs to 1.9.2, reiserfsck to 3.6.17, and syslinux to 2.08."
blueflopsblueflops has released v2.0.4 with minor feature enhancements. "Changes: The kernel was upgraded to 2.6.7. Only English and Romanian translations are currently available. The mouse configuration has been separated from that of the video card. NumLock status is now a setup option. A new Finnish keymap (fi-latin1) was added. A "links_text" script was added to run "links" in text mode. Various scripts were changed in minor ways, and some small fixes were made. A better logo was created."
Buffalo LinuxBuffalo Linux has released v1.3.1 with major feature enhancements. "Changes: This major release makes Buffalo fully compatible with Slackware 10.0. Additional enhancements include: desktop improvements, a new Buffalo GUI "admin", an improved CD upgrade option, kernel 2.6.7, OpenOffice 1.1.2, GIMP 2.0.2, GNOME 2.6.1, GCC 3.3.4, Mozilla 1.7, a total of 59 package upgrades, and new builds of MySQL, Scribus, GAIM, and others. With this release, the rate of new Buffalo releases is expected to slow down. Future version releases will track new kernel versions or major package updates."
INSERTINSERT (INside SEcurity Rescue Toolkit) has released v1.2.13 with major feature enhancements. "Changes: This is a major new release. The kernel was updated to version 2.4.26. INSERT is now based on KNOPPIX 3.4. The result is even better hardware support and detection. The bug with the file system on the image not being readable from Windows is fixed. Also other minor issues have been addressed. Various feature requests have been dealt with. Support for virus scanning is improved with clamav being updated to the latest version. Most of the other packages come in newer versions now."
Linux LiveCD RouterLinux LiveCD has released v1.9.6 with minor bugfixes. "Changes: Minor default config bugs were fixed. The documentation was updated."
Always Current Lineox Enterprise LinuxLineox, Inc. has released Always Current Lineox Enterprise Linux version 3.023, the 23th version of Always Current Lineox Enterprise Linux since February 23, 2004. A new version of Always Current Lineox Enterprise Linux is always released when Red Hat, Inc. releases bug or security fix packages for Red Hat Enterprise Linux 3.0, but occasionally also when new features are added to Always Current Lineox Enterprise Linux. Click below for more.
MulimidixMulimidix has released the build tree of Mulimidix 0.7. You can use this LFS based source-compilation to build your own Mulimidix, optimized for your processor.
NSA Security Enhanced LinuxNSA Security Enhanced Linux has released v2004062816 with minor feature enhancements. "Changes: The current prototype and the experimental NFS code are now based on Linux kernel 2.6.7. Fine-grained netlink classes and permissions have been added. Many enhancements and bugfixes for policy as well as userland tools including slat and setools have been incorporated."
OverclockixOverclockix has released the third revision for v3.4. "6/22/04- New 3.4 release is finished. Mostly minor bugfixes in this release. Also worthy of news- I've been assisting the develpoer of Barnix/DebXPde with iso hosting. Barnix is a custom Knoppix which uses XPde as the default desktop environment. It should look and feel very much like Windows XP. I hope in the future to incorporate XPde as an option in Overclockix, but will probably not set it as the default desktop."
Puppy LinuxPuppy Linux has released sources for puppy-0.9.0. See the June 28th entry at Puppy News for more information.
New Quantian release 0.5.9.2 availableQuantian 0.5.9.2 is the second release based on Knoppix 3.4 with many changes from both new and updated packages. This Quantian release is based on Knoppix 3.4 and the clusterKnoppix release from May 10 with kernel 2.4.26 with the 'testing status' openMosix patch as well as a non-openMosix kernel 2.6.6. Click below for more information.
Rock LinuxRock Linux has released v2.0.2 with major security fixes. "Changes: This is a maintenance release and includes a number of security fixes and minor version updates pulled from the development tree. It includes linux-2.4.26+fpu-state-fix, linux-2.6.7, kde-3.2.2, qt-3.3.2, apache-2.0.49, samba-3.0.4, and wine-20040615. New packages include firefox, thunderbird, e2fsimage, device-mapper, and lvm2. usability improvements were made for ROCK Net and the CD-Installer. This release now features full boot-CD support for IBM RS/6000 and Ultra SPARC and iBook-G4 support."
tinysofatinysofa has released tinysofa enterprise server 2.0-pre1 (Persistence), technology preview of the next version.
wrt54g-linuxwrt54g-linux has released v0.51 to add documentation. "Changes: This release adds a FAQ to address most common installation problems."
Distribution reviews Aurox 9.3 reviewSKN Informatyki SGH reviews Aurox Linux 9.3, a Polish distribution based on Fedora Core 1. "A large portion of this review either directly or implicitly compares Aurox with Fedora Core 1. This is inevitable, as Aurox is directly derived from Fedora and most of the packages, including the kernel, are the same. What Aurox does is that it seamlessly fits into the area where Fedora lacks mostly, that is multimedia support. That means if you are considering Fedora or it is already your distro of choice, then you definitely should give Aurox a try."
Page editor: Rebecca Sobol Development The Free Software Directory's Documentation VacuumOne of the numerous duties your development page editor must do each week is to scan a list of web sites for announcements of new and updated open-source software packages. Several criterion are used to select software announcements for inclusion in the weekly edition. The most important points include usefulness of the software to a wide range of people, the existence of documentation describing the project, and availability of documentation describing the changes in the just-released version.Over the years, many projects have been added to this list, and many others have been removed, due to either project stagnation, or ineffective project documentation. The list itself is a bit too ragged for publication here. One site that gets visited one or more times each week is the FSF/UNESCO Free Software Directory. It contains a list of the most recently changed open-source applications, as well as categorized listings of over 3,000 packages. It's a great place to find just about any kind of software you may need, and get a real feel for the wealth of open-source applications that are available. Unfortunately, a common problem has been observed with the majority of the new releases listed on the site: discovering what the changes are in the latest versions. We'll look at the latest release of etherboot as an example. We're not picking on this particular project in any way, it's just one of many cases. Starting with the FSF/UNESCO Free Software Directory, we see an interesting package listed in the Ten most recently updated entries section:
etherboot - [The GNU General Public License, Version 2] - 2004-06-28 Makes boot ROMS
Cool, there's a new version this week. Clicking on the link to the etherboot announcement, we see, among other things,
Version 5.3.8 (devel) released on 2004-06-28.
So far, so good. But here's where things begin to get dicey. The announcement page links to the source code (stable version only), various mailing lists, documentation, and the project web page. But we want to get development version that we saw in the previous announcement. Moving to the project web page, we get a typical project presentation with the usual links. Let's see if there's anything about the new release under News. Nope, just a link to the project's SourceForge page. Finally, we're getting somewhere. Using the age-old axiom, Use the Source, Luke, we download version 5.3.8. Interestingly, the download date for this release has mysteriously changed to June 12, 2004. Downloading takes us through the usual series of intermediate steps to select a local server, before beginning the operation. Now, we have a local copy of the source file. An invocation of tar yields the source tree. Change into the source tree, and FINALLY, there are some release notes:
As of Etherboot 5.3.8:
There is no longer a default target for make. You must specify an
argument to make. Help text is now provided to indicate possible make
targets.
binutils-2.14 is no longer needed in order to compile images. The
symbolsrec feature is not used, so older binutils (ld) should work.
That took an awful lot of clicking through web sites across the net, the need for a lot of disk space, some bandwidth, the knowledge of dealing with bunzip2 and tar, and a fair amount of patience. There really ought to be a simpler way to get this kind of information out. Often, your griping (but not necessarily grumpy) editor simply moves on to the next project in search of more accessible documentation, and the cool new software doesn't get the attention that it deserves. Finally, a frequent problem with software announcements is the lack of any kind of date associated with a new version announcement. Free software writers would be well advised to add a few trivial bits of information to their releases, and make sure the information is easy to find. Doing so would probably do wonders for expanding the user base.
System Applications Database Software Using CachedRowSet to Transfer JDBC Query Results Between Classes (O'ReillyNet)Sean Eidemiller works with the Java Database Connectivity (JDBC) API on O'Reilly. "JDBC developers have always needed to keep a database connection open while pulling query results. But with the CachedRowSet in J2SE 1.5, it's now possible to disconnect and then get results. Sean Eidmiller shows the advantages of this approach."
pgpool 2.0 is availableVersion 2.0 of pgpool, an open-source connection pool and replication server for PostgreSQL, is out. "2.0 now supports native V3 protocol which should make pgpool faster if used with PostgreSQL 7.4 or later. Also, pgpool 2.0 supports the load balancing between master/secondary PostgreSQL backends to gain better performace for SELECT statement."
PostgreSQL Weekly NewsThe June 29, 2004 edition of the PostgreSQL Weekly News has been published. "Probably the largest patch this week was rounding out of object ownership changing capabilities. You can now change owners on aggregates, conversions, functions, operators, operator classes, schemas, types, and tablespaces."
Why Write PostgreSQL Extension Functions?Joe Conway explains PostgreSQL extension on O'Reilly. "Have you ever wanted (or needed) to process your data in a way that your database cannot handle natively? You're not alone. One of my favorite capabilities of PostgreSQL is its extensibility. You can extend PostgreSQL's native functionality using one of the five procedural languages shipped with PostgreSQL or one of several independently available procedural language handlers."
Mail Software Bogofilter 0.92.0 releasedStable version 0.92.0 of Bogofilter, an email spam filter, is out. "There have been a few documentation update and a minor bug fix since the previous release."
Web Site Development OutSide Photos 0.70 released (SourceForge)Version 0.70 of OutSide Photos, a PHP-based web photo management system, has been released. Changes include selectable themes, a comment system, automatic user creation, semi-automatic setup, and bug fixes.
PHPoto 0.5.0-pre-3 released (SourceForge)Version 0.5.0-pre-3 of PHPoto, a PHP/MySQL photo gallery package, is available. "Added a new feature: thumbnail regeneration! This will allow administrators to normalize the size of thumbnails in an album if they choose to change the album's max thumbnail size. Thumbnails will be regenerated to fit in the new size. This version also include MANY user interface enhancements from all previous versions."
MediaWiki 1.3.0beta4 released (SourceForge)Version 1.3.0beta4 of the MediaWiki collaborative editing software, has been announced. Changes include: "Some compatibility fixes for PHP 4.1.2 and 4.2.x; installer checks for missing MySQL support; and many various things fixed. Anyone running a public server on 1.3.0beta is strongly recommended to upgrade to this release, as a potential JavaScript injection attack in earlier betas has been fixed."
ZopeMag Weekly NewsIssue 35 of the ZopeMag Weekly News is available with the latest Zope/Plone news.
Miscellaneous GNOME System Tools 0.34.0 is outVersion 0.34.0 of the GNOME System Tools, a set of cross-platform configuration utilities, is out. Changes include the use of GTK+ 2.4 widgets, improved message strings, support for Mandrake 10 and SUSE 9, bug fixes, and more.
Desktop Applications Audio Applications WaveSurfer 1.6.5 releasedVersion 1.6.5 of WaveSurfer, an audio file editor, is out. The primary change is a move to version 2.2.7 of the Snack Sound Toolkit.
Desktop Environments The GNOME 2.6.2 Desktop and Developer PlatformVersion 2.6.2 of the GNOME Desktop and Developer Platform is out. "This point release from the stable branch of the GNOME Desktop and Developer Platform contains a lot of bugfixes and improvements over the previously released 2.6.1 version. Our maintainers, bugfixers, translators and general contributors have been hard at work for the last couple of months bringing more polish, stability and performance to your favourite desktop environment."
GNOME Terminal 2.7.3 announcedVersion 2.7.3 of GNOME Terminal, a terminal emulator, is out with bug fixes, better translations, and more.
libxklavier 1.03 announcedVersion 1.03 of libxklavier, a GNOME keyboard library, is out. "This is bugfix release, addressing several big and small issues detected by people using the Keyboard Indicator applet in gnome-applets. This release is absolutely API/ABI compatible with the previous one."
KDE-CVS-Digest (KDE.News)The June 25, 2004 edition of the KDE-CVS-Digest is online. Here's the content summary: "Python bindings for QT and KDE are now in Kdebindings. amaroK now has Javascript scripting. Kutils adds incremental find. Kwin adds window specific settings GUI."
Quickies: SuperKaramba Theme Archive, Unified Desktop, Skype, RULE Mini KDE (KDE.News)The latest KDE Quickies Posting mentions the SuperKaramba Theme Archive, Unifying the desktop, the first beta release of Skype, and the RULE Mini KDE page.
Games fewnn 0.1 announcedVersion 0.1 of fewnn is out. "fewnn [Frontend with No Name] is frontend for the Multi-Arcade Machine Emulator. It's written for the GNOME platform using C#/Gtk#."
WorldForge Weekly NewsThe June 26, 2004 edition of the WorldForge Weekly News is available. This issue covers the WorldForge presence at the LinuxTag conference in Karlsruhe, Germany.
Conquer medieval kingdoms with CodeRuler (IBM developerWorks)Sing Li explores CodeRuler on IBM's developerWorks. "Guard your castle! Claim your land! Command your knights to joust valiantly and defeat their foes. Capture the enemy's position and seize its land while dodging its menacing knights. If writing mudane Java code is giving you the blues lately, maybe it's time to turn your medieval fantasies into reality. You can rule your own kingdom while refining your Java programming skills and mastering the Eclipse development environment all at the same time. It's all in a hard day's work for a supreme CodeRuler."
GUI Packages Gazpacho 0.1.0 releasedInitial version 0.1.0 of Gazpacho, a GUI builder for the GTK+ library, has been announced. "This program allows you to create the Graphical User Interface (GUI) of your GTK+ program in a visual way. Yes, it is a Glade-3 clone. It is compatible with libglade and it's on its early stages of development."
Gtk2-Perl 2.7.3 is outVersion 2.7.3 of Gtk2-Perl, the Perl bindings for GTK+ 2.x, is available. Changes include C89 compatibility fixes, new fallback and explicit handlers, and more.
Instant Messaging Laffer 0.3.2.2 released (SourceForge)Version 0.3.2.2 of Laffer, a Web-based instant messenger client, has been released. "In this version the code of YIM and MSN protocol classes is improved and there is support for using different interface languages, message and client charset convertions."
Music Applications horgand 1.07 releasedVersion 1.07 of horgand, an organ synthesizer, is out with lots of bug fixes and improvements.
MusE 0.7pre4 is now readyVersion 0.7 pre 4 of MusE, a MIDI/Audio sequencer, has been announced. This release adds a number of features and fixes some bugs as well.
swh-plugins 0.4.4Version 0.4.4 of swh-plugins, a real-time audio effect utility, is out with a new limiter and bug fixes.
Office Suites ooo-build-1.1.60 announcedBuild 1.1.60 of OpenOffice.org has been announced. "This package contains Desktop integration work for OpenOffice.org, several back-ported features & speedups, and a much simplified build wrapper, making an OO.o build / install possible for the common man."
Web Browsers Firefox, Thunderbird Minor Upgrades Released (MozillaZine)MozillaZine covers the latest releases of the Firefox browser and Thunderbird email client. "Mozilla.org today released upgrades to both Firefox 0.9 (0.9.1) and Thunderbird 0.7 (0.7.1) to fix some minor bugs present in both releases. Both releases correct some flaws in the Extension System that some users may have been experiencing, as well as a new icon set for the navigation toolbar on Windows and Linux in Firefox 0.9.1."
Minutes of the mozilla.org Staff Meeting (MozillaZine)The minutes are available for the June 14, 2004 Mozilla.org staff meeting. "Issues discussed include Mozilla 1.7 final, Mozilla Firefox 0.9, Mozilla Thunderbird 0.7, Rafael Ebron and mirrors."
Miscellaneous GNOME Phone Manager 0.4 is outGNOME Phone Manager version 0.4 is available. "Phone Manager allows you to send and receive text (SMS) messages from the desktop, connecting to your mobile phone via Bluetooth, serial or IrDA. This release incorporates interface enhancements."
gnubiff 1.4.0 announcedVersion 1.4.0 of gnubiff, a mail notification program, is available with bug fixes, a security fix, support for PNG animation, GNOME panel integration, and more.
intltool 0.31 is availableVersion 0.31 of intltool is out. "The intltool package is a set of tools for translating the contents of data files using the gettext translation framework. This release contains many bug fixes, so as always we suggest everyone to upgrade."
KRename 3.0.0 stable released (SourceForge)Stable version 3.0.0 of KRename, a batch file-renamer for KDE3, is out. Changes include support for the KDE KIO-Slave technology, full command line control, useabillity improvements, and more.
Languages and Tools C Gcc newsA new web site called Gcc News has hit the virtual street, it features weekly status updates on the Gnu Compiler Collection project. This week's topics include the status of gcc 3.4.1, merging Apple's Objective C++ frontend, the removal of the expect and the dejagnu directories, measuring optimization, and more. Thanks to Ranjit Mathew.
C# Mono 1.0 releasedNovell has announced the release of Mono 1.0; a .NET platform for Linux. There is also a new web site at mono-project.com with a focus on how to use the Mono framework.
Java EMMA 2.0.4127 released (SourceForge)Release 2.0.4127 of EMMA is available. "EMMA is a fast Java code coverage tool based on bytecode instrumentation. It differs from the existing tools by enabling coverage profiling on large scale enterprise software projects with simultaneous emphasis on fast individual development. Release 2.0.4127 fixes a bug in the implementation of feature request 971176 and significantly improves classloading in EMMA's shutdown hook responsible for coverage data dumping."
Java theory and practice: Kill bugs dead (IBM developerWorks)Brian Goetz writes about FindBugs on IBM's developerWorks. "This month, columnist Brian Goetz builds on Chris Grandstaff's earlier Introduction to FindBugs and shows you how this static analysis tool can help you analyze your code for compliance with design principles that have been discussed in past issues of this column."
Lisp SBCL 0.8.12 releasedVersion 0.8.12 of Steel Bank Common Lisp has been released. "This version includes a new sampling profiler, a customizable editor invocation function, better performance for the SB-POSIX implementation, and more."
Perl Profiling Perl (O'Reilly)Simon Cozens shows how to profile Perl in an O'Reilly article. "Everyone wants their Perl code to run faster. Unfortunately, without understanding why the code is taking so long to start with, it's impossible to know where to start optimizing it. This is where "profiling" comes in; it lets us know what our programs are doing. We'll look at why and how to profile programs, and then what to do with the profiling information once we've got it."
This Week on perl5-porters (use Perl)The June 21-27, 2004 edition of This Week on perl5-porters is online. "Summer is here, and it's vacation time for the Perl 5 porters. Well, except for the valorous maint pumpking, who just released a snapshot of perl 5.8.5-to-be."
This Week on Perl 6 (O'Reilly)The June 24, 2004 edition of This Week on Perl 6 is online with the latest Perl 6 issues.
PHP PHP HL7 API (LinuxMedNews)LinuxMedNews mentions the creation of a new Perl HL7 toolkit API for the Care2x project. "The API has been announced on the PEAR site, and the call for votes has been initiated, so as to accept this package in the official PHP PEAR list. It would be rather nice if those PHP lovers would audit the package, and vote."
PostScript flpsed 0.1 is outVersion 0.1 of flsped is out. "flpsed is a WYSIWYG pseudo PostScript editor. "Pseudo", because you can't remove or modify existing elements of a document. But flpsed lets you add arbitrary text lines to existing PostScript documents."
Python SIP v4.0 ReleasedVersion 4.0 of SIP is available and features improved documentation. "SIP is a tool for generating Python modules that wrap C or C++ libraries. It is similar to SWIG. Its main use to date has been to generate PyQt and PyKDE."
Dr. Dobb's Python-URL!The June 29, 2004 edition of Dr. Dobb's Python-URL! is out with the latest Python language article links.
Tcl/Tk Dr. Dobb's Tcl-URL!The June 28, 2004 edition of Dr. Dobb's Tcl-URL! is available with the latest news and articles from the Tcl/Tk community.
XML UML, XMI, and code generation, Part 3 (IBM developerWorks)Benoît Marchal continues his series on UML modeling and XML in the third part of an IBM developerWorks series. "Benoît further refines the conversion stylesheet with the introduction of stereotypes and tags. These are extension mechanisms for UML that are used to store implementation information in the model."
Practical XML data design and manipulation for voting systems (IBM developerWorks)David Mertz applies XML to voting machine software on IBM's developerWorks. "In this installment, David discusses his practical experiences developing interrelated XML data formats for the EVM2003 Free Software project to develop voting machines that produce voter-verifiable paper ballots. Some design principles of format subsetting emerge."
Creating XML with Genx (O'Reilly)Michael Fitzgerald introduces Genx on O'Reilly. "Genx is an easy-to-use C library for generating well-formed XML output. In addition to being well-formed, Genx writes all output in canoncial form. It was created by Tim Bray with help from members of the xml-dev mail list."
Editors gedit 2.6.2 releasedVersion 2.6.2 of gedit the GNOME text editor, is out. "A new release from the stable branch is out, featuring translation updates and minor fixes."
Page editor: Forrest Cook Linux in the news Recommended Reading Senate bill bans P2P networks (News.com)According to this News.com article, Senator Hatch's "INDUCE" act has been renamed the "Inducing Infringements of Copyrights Act," but has not otherwise been changed. "Foes of the IICA, including civil liberties groups and file-swapping network operators, are alarmed that the measure enjoys strong support from prominent politicians of both major parties. Its supporters include Patrick Leahy, D-Vt.; Senate Majority Leader Bill Frist, R-Tenn.; Minority Leader Tom Daschle, D-S.D.; Lindsey Graham, R-S.C.; and Barbara Boxer, D-Calif."
EFF Publishes Patent Hit List (Wired)Wired covers the EFF's top ten list of patents to challenge. Number one: "Acacia Technologies' digital media transmission patent, which the company defines as covering 'the transmission and receipt of digital content via the Internet, cable, satellite and other means.' The EFF is worried that Acacia, which has already sued several large communications companies, is unfairly targeting small audio- and video-streaming websites."
Looking for Indemnification While Linux Sales Double (O'ReillyNet)Tom Adelstein examines issues related to Linux use in the enterprise while copyright infringement claims exist, on O'ReillyNet. "Realists consider Linux adoption remarkable. The word on the street and in the foxholes of the IT community has created a swell of adoption from small businesses to the entire Fortune 500. The marketing of Linux by HP, IBM, Sun, Dell, Oracle, and Novell demonstrates the commitment of industry to Linux. With all the agreement in the market, most observers do not give SCO much of a chance of winning its cases."
The Open Source Paradigm Shift (O'Reilly)Tim O'Reilly examines the paradigm-shift characteristics of open-source code. "My premise is that free and open source developers are in much the same position today that IBM was in 1981 when it changed the rules of the computer industry, but failed to understand the consequences of the change, allowing others to reap the benefits. Most existing proprietary software vendors are no better off, playing by the old rules while the new rules are reshaping the industry around them."
Trade Shows and Conferences Preview on kNX Client and FreeNX Server for LinuxTag Visitors (KDE.News)KDE.News reports that a team of KDE and Knoppix hackers are showing two programs at LinuxTag. The FreeNX Server and kNX Client are not officially released yet, but several presentations have shown a well working preview of the KDE version for the speed boosting NX Terminal Server technology, developed by NoMachine.com.
The SCO Problem SCO's Memo in Opposition to DC's Motion to Dismiss (Groklaw)Groklaw has SCO's memo trying to keep the DaimlerChrysler suit alive, along with extensive commentary. "And why do they do this elaborate verbal dance with all the mock horror at DC's dillydallying? Because on a motion to dismiss, if there is even one fact in dispute, you can't grant the motion. We just saw that in the Novell hearing, and here SCO stands on its head to present facts 'in dispute' and to present issues that they claim are not clear in the contract. The underlying common sense truth is that there is no damage and nothing to sue about in any rational universe. But if they get a stickler judge with no common sense, they might just prevent the motion to dismiss from being granted."
Companies Singapore to be 'port of call' for Linux (ZDNet)Oracle and Red Hat are working together to build a Linux applications centre in Singapore, according to this article on ZDNet. "The two firms today announced they will invest $11.6m in a new Linux applications centre on the island-state to ramp up Linux certification among independent software vendors (ISVs) in the ASEAN region. The move is expected to expand the range of third-party software available on the Linux operating system, widely-viewed as a pre-requisite for it to gain greater commercial uptake."See this press release for more information on the project.
Linux Adoption Iraqis get a taste for Linux (BBC)The BBC looks at efforts to promote Linux use in Iraq. "Inside the country, the Iraqi Linux User Group is thinking big. Their ambitious goal is to see every server in the country running Linux a year from now. Getting there, they face numerous obstacles."
Linux in Government: Open Source Innovation within the DoD (Linux Journal)Linux Journal looks at open source adoption by the US Department of Defense. "The Program Management Office (PMO) for DMLSS [Defense Medical Logistics Standard Support] is located in Falls Church, Virginia. Continuing development and support facilities exist at Ft. Detrick, Maryland, at the Joint Medical Logistics Functional Development Center. At Ft. Detrick, programmers support open-source components in applications that require cryptography. They open-source components include Stunnel, Apache, ModSSL and OpenSSL."
Legal Cisco the target of wireless lawsuit (News.com)News.com reports that WI-LAN is suing Cisco in Canada for alleged infringement of patents associated with the wireless networking standards. "'Without our OFDM patents, there would be no 802.11a/g,' [WI-LAN VP Ken Wetherell] said. 'We didn't enforce these patents sooner, because we didn't want to slow down development in the market. But now that the technologies are firmly established, we feel we must protect our intellectual property.'" This looks like the SCO school of IP enforcement.
Interviews Munich opens gates to Linux (vnunet)Vnunet.com talks with Wilhelm Hoegner, Munich's City IT chief, about the city's switch to open-source software. "The key aspect was the ability to control the release policy ourselves; in other words to free ourselves from reliance on the product cycles of a small number of software companies. Another important point, of course, was licence costs, and security also plays an important part. We are switching directly from Windows NT to Linux, since NT, which is non-secure, was followed by a number of systems from the same manufacturer, which were also open to attack."
GPL Freedom Has Limits (Groklaw)Groklaw is carrying an English translation of this German-language interview with Harald Welte of the Netfilter team. The topic of interest is Netfilter's ongoing efforts to ensure that its GPL licensing is respected. "The idea is to publicly make known some high-profile cases in order to put the opposition, those thinking of violating the GPL, on notice that we are serious and that we mean what we say and will enforce the license in court if you violate its terms. The idea is that then it will prevent having to handle lots of little cases, once the word is out."
The Pragmatic Programmers Interview (O'ReillyNet)O'ReillyNet interviews Andy Hunt and Dave Thomas, the authors of The Pragmatic Programmers. "Andy Hunt and Dave Thomas are The Pragmatic Programmers, two experienced and intelligent software developers with impressive experience, including the authoring of the popular The Pragmatic Programmer and the well-regarded Programming Ruby. Recently, they launched their own small publishing company to produce books on agile and pragmatic software development. Andy and Dave recently agreed to an interview with the O'Reilly Network."
Resources Preventing Denial of Service Attacks (O'ReillyNet)O'ReillyNet looks into DoS prevention on FreeBSD systems. "The first step to protecting yourself from an attack is to understand the nature of different types of attacks. As we said earlier, resource-consumption attacks target your system in places that can cause bottlenecks. The most popular targets are network bandwidth, system memory, network stack memory, disk I/O, operating system limitations such as a limit on the number of open file handles, and the CPU. These bottlenecks can be on your systems or in your network hardware."
The Natural Language Toolkit (developerWorks)IBM developerWorks covers a Python library for applying academic linguistic techniques to collections of textual data. "For this first article, I will present some relatively fleshed out examples from the lower-level capabilities, but simply describe abstractly most of the higher level capabilities. If I have the opportunity to return to NLTK in a later installment, I will give more detailed descriptions of parsing and graphing; for now, let us take the first steps past text processing, narrowly construed."
Reviews A Look Back and a Look Forwards at KDE 3.3 (KDE.News)KDE.News introduces this preview of KDE 3.3. "KDM looks better. No, it's not because it's gotten an GDM like makeover. Nor is it because MDM (from KDE-Look.org) has been adopted as the new DM. It's simply because we now have usable user icons now. Yup, you heard correct boys and girls. I said user icons. Courtesy of some kind soul who saw the need and had the talent KDM users now have a variety of faces to choose from in $KDEDIR/share/apps/kdm/pics/users. As an added bonus there's also a simple way to choose those user icons, but we'll get to that when we chat about kcontrol."
Book Review: Postfix: The Definitive Guide (Linux Journal)Linux Journal reviews the book Postfix: The Definitive Guide. "Postfix: The Definitive Guide digs a little deeper into the hows and whys. I like that; I've never been much good at turning the crank on rote procedures. By explaining how Postfix's features reflect its architecture and how they relate to real world needs, debugging configurations and extending Postfix with third-party virus scanners and spam filter is a lot easier."
gLabels: Ready for prime time (NewsForge)NewsForge reviews gLabels v1.93.3. "gLabels is a feature-packed label-printing application that's easy to use. It comes with an online manual that is current as of version 1.93.2. The manual is well laid out and seems to be nearly complete. For a beta (or developer version, if you prefer), gLabels is in great shape. I'm recommending it for usage today to friends and strangers alike. There are bugs to be squashed, I'm sure, but only a few, and I'm looking forward to the 2.0 release in the near future. Kudos to Jim Evins and the rest of the development crew for a job well done."
Miscellaneous Carrier Grade Linux moving to carriers and beyond (NewsForge)NewsForge looks at the adoption of Carrier Grade Linux in the telecom industry. "Carrier Grade Linux (CGL) -- an open source software framework being developed by the Open Source Development Labs to support high-availability, fast-to-market solutions for major telecommunications and other companies -- is taking considerable time to penetrate the slow-moving carrier market, but it is also gaining ground in vertical segments such as financial services, according to analysts attending this week's SuperComm telecom conference in Chicago."
Page editor: Forrest Cook Announcements Non-Commercial announcements CELF specification and reference implementation availableThe CE Linux Forum has announced the availability of the first CELF specification, being a document describing how Linux should best work on consumer electronics devices. The specification is concerned with issues like reducing boot time, power management, real-time response, and so on. The specification is downloadable in PDF format; there is also a reference implementation available.
Firefox Team Looking for Artists (MozillaZine)The Firefox team needs help from artists. "Blake Ross writes: "The Firefox team is looking for talented artists to help expand our grassroots button campaign. We are looking to translate the buttons into other languages and create a handful of new buttons to widen our selection."
OSAF announces open source Chandler subproject - PyLuceneThe OSAF has announced the PyLucene project. "PyLucene is a Python wrapper around the Lucene indexing and search engine. It was developed by Andi Vajda at OSAF for use in Chandler. PyLucene is a way of letting Python use Lucene to do full text indexing."
Open source solid state holter (LinuxMedNews)LinuxMedNews points to a development project that is working on an open-source ambulatory ECG monitor.
Volunteer psqlODBC Developer RequiredThe psqlODBC project needs volunteer help. "The psqlODBC project is currently in need of a new developer to lead the development of the driver. Unfortunately the previously developers now have other commitments, leaving the project with only one developer (me!) with little time for anything other than applying patches and producing release packages."
WHATWG Looking for Comments on First Draft of Web Forms 2 (MozillaZine)Comments are being accepted on the Web Forms 2.0 draft specification. "The WHATWG is looking for comments on the first stable draft of the Web Forms 2.0 specification. The Web Forms 2.0 specification addresses requests made for new features to be added to the Forms features in HTML4."
Commercial announcements Arkeia Unveils First Professional Hot Backup and Restore Solution for LDAP ServersArkeia Corporation has announced a new LDAP server backup solution. "Arkeia Corporation today announced the release of a plug-in for hot backup of Lightweight Directory Access Protocol (LDAP) servers, the first provider to offer a professional online backup and restore solution for LDAP servers. It enables Arkeia backup solutions customers to protect server data without interrupting LDAP services."
Breakthrough HP Technology Yields up to 100 Times More Bandwidth for Linux ClustersHP has announced a new technology that improves cluster bandwidth by up to 100 times. "The new product, HP StorageWorks Scalable File Share (HP SFS), is a self-contained file server that enables bandwidth to be shared by distributing files in parallel across clusters of industry-standard server and storage components."
Mississippi deploys Linux-based 'homeland security' systemIBM has sent out a press release describing the new "security system" being deployed by the state of Mississippi; it runs on SUSE Linux. "When complete, this project will provide mobile units with real-time access to all available public safety information including mug shots, arrest warrants, criminal intelligence, hazardous materials data and medical emergency protocols enhancing their ability to prevent and respond to incidents that pose a danger to the public." Surely such a system would never be used for any other purpose, right?
JBossCache integrated with Berkeley DB Java EditionAt the JavaOne conference, JBoss and Sleepycat announced a developer version of JBossCache integrated with the new Berkeley DB Java Edition.
MySQL AB Launches UK and Ireland Sales OfficeMySQL AB has announced the opening of a new sales office in Dublin, Ireland.
NEC announces database benchmark resultsNEC Solutions has announced a new set of TPC database benchmark results: the company was able to achieve 683,575 transactions per minute on one of its Itanium-based servers. The system was running Oracle and SUSE Linux Enterprise Server; it is a 32-processor box with 512GB of memory. All that scalability work would appear to have accomplished something.
Quadrics Continues to Drive Linux Cluster PerformanceQuadrics has posted a press release claiming the high ground in Linux cluster performance. "Two years after Quadrics helped build the fastest Linux cluster of the day, called MCR (www.llnl.gov/linux/mcr/), Quadrics and Lawrence Livermore National Laboratory (LLNL) have done it again. This time the system, called Thunder, is not only the fastest Linux cluster in the world, but also the fastest computer system in the US and the #2 system in the world (see www.top500.org), surpassing the previous #2 system (ASCI-Q), also based on Quadrics QsNet."
Sun Contributes to Open Source CommunitySun Microsystems, Inc. has announced Project Looking Glass and Java 3D technology will be made available to the open source community. Sun also announced additional open source desktop efforts in collaboration with the Java developer community: the JDesktop Network Components (JDNC) and JDesktop Integration Components (JDIC).
New Books No Starch Press releases "The Official Blender 2.3 Guide"No Starch Press has published the book The Official Blender 2.3 Guide by Ton Roosendaal and Stefano Selleri.
"Better, Faster, Lighter Java" Released by O'ReillyO'Reilly has published the book Better, Faster, Lighter Java by Bruce A. Tate and Justin Gehtland.
"XML Publishing with AxKit" Released by O'ReillyO'Reilly has published the book XML Publishing with AxKit by Kip Hampton.
Rapid Application Development With Mozilla to be Translated into Russian (MozillaZine)MozillaZine reports on an effort to translate the book Rapid Application Development With Mozilla into Russian.
Syngress Releases "Richard Thieme's Islands in the Clickstream"Syngress Publishing has published the book Richard Thieme's Islands in the Clickstream: Reflections on Life in a Virtual World by Richard Thieme.
Resources A Linux Quick Reference to Useful Commands (O'ReillyNet)O'Reilly has announced the availability of a downloadable PDF version of Linux Quick Reference to Useful Commands by Daniel J. Barrett.
The LDP Weekly NewsThe June 30, 2004 edition of the Linux Documentation Project Weekly News is available with the latest new documentation releases.
LPI-News May and June 2004News from the Linux Professional Institute includes a look at new courseware for LPI Level 2 certification exams, re-writes of the exams and other topics.
Updated VST/VSTi Tutorial AvailableDave Phillips has released and updated version of his tutorial on using VST/VSTi audio plugins under Linux.
Contests and Awards ERP5 Open Source ERP Project beats SAP and Navision in Professional Magazine AwardCoramy, a European company in the apparel industry and first user of the open source ERP5 Enterprise Resource Planning Solution, was awarded best ERP implementation project in the special edition of Décision Informatique.
Event Reports Announcements from JavaOneJavaOne, Sun's annual Java conference, is in full swing in San Francisco. "Open Source" seems to be the buzz word of the day in these press releases:
Upcoming Events Libre Software Meeting 2004The 2004 Libre Software Meeting will be held in Bordeaux, France on July 6-10, 2004. Presentations on Lisp will included in the high-level languages track. "The Lisp hackers who will attend the upcoming LSM 2004 are organizing short informal presentations and other activities besides formal presentations."
Embedded Systems Conference, BostonThe next Embedded Systems Conference will be held in Boston, Mass on September 13-16, 2004 at the Hynes Convention Center.
YAPC::EU Call for Venue 2005 (use Perl)Use Perl has a Call for Venue for the YAPC Europe 2005 conference. "European YAPC's and National Workshops now have a foundation. The main goal of the newly formed YAPC Europe Foundation is to provide assistance on request to any European crew setting up a conference (be it a YAPC::Europe or a national workshop)."
Events: July 1 - August 26, 2004
Software announcements This week's software announcementsHere are the software announcements, courtesy of Freshmeat.net. They are available in two formats:
Page editor: Forrest Cook
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![[Kmail icons]](/images/ns/grumpy/kmail-reply.png){kind=small}
subject when the pointer moves over the subject in the folder view pane;
this behavior creates a great deal of distracting flashing while not really
giving the user any useful information. Some of the toolbar icons are less than
instructive; try to guess what the three shown on the left mean. (They
are "get new mail", "reply", and "forward").
![[Mahogany]](/images/ns/grumpy/mahogany-sm.png)
![[revised memory layout]](/images/ns/kernel/mmap2.png)
As a way of making life safer for the true memory hogs out there, Ingo
Molnar has posted