LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for August 26, 2004IBM brings the GPL to courtIBM's memo in support of its motion for a partial summary judgment on its copyright counterclaims is now available, via Groklaw, in plain text format. This one is truly worth a read; it is far shorter than the complex memo for IBM's other motion (the attempt to do away with the breach of contract charges), and it shows just how a GPL infringement case can be brought to court. SCO, which has made its disdain for the GPL clear over the last year and a half, is going to have an interesting time trying to dance around this one.Summary judgment motions depend on the lack of a dispute over the relevant facts, so IBM leads off with its list of the facts which, it says, are undisputed. The very first one is a statement that Linux development started with Linus; this, of course, is very much a disputed fact in many circles. The SCO Group, however, is unlikely to have a great interest in ensuring that the GNU Project gets proper credit for its work, and thus will probably not make a big deal out of this issue in court. IBM goes on to list its contributions to Linux; these include the Enterprise Volume Management System (which was never actually merged into the kernel), PowerPC64 support, the Omni print driver, JFS, PCI hotplug support, and more. Copyrights for all of these contributions have been registered. Each contribution is also listed with the exact number of lines of code; IBM is showing that it is possible to be specific about such topics. IBM points out just where SCO has distributed copies of each of the claimed contributions to Linux. The final set of "undisputed facts" has to do with the GPL and SCO's actions relative to the GPL. IBM notes that it has not authorized the copying, modification, or distribution of its code except under the terms of the GPL. SCO, meanwhile, has denied the validity of the GPL and has attempted to add restrictions to IBM's GPL-licensed code by way of its lawsuit threats and "Linux license" scheme. Several paragraphs describing SCO's activities have been redacted from the publicly-available version of the memo. It would be most interesting to know what IBM is arguing that cannot be made available to the world as a whole. With the "undisputed facts" in place, IBM moves on to the "argument" portion of its memorandum. The first step is to reiterate that IBM owns its copyrights, and that SCO has, beyond doubt, redistributed the code. The full memo includes a "side-by-side comparison" of IBM's code with the version that appeared in SCO Linux Server 4.0. This step may have been a bit more than was truly necessary, given that SCO does not dispute that it distributes Linux, but IBM is being sure that all the bases are covered. IBM still has to show that SCO's copying was copyright infringement, however. So that's where the argument goes next:
As stated, IBM has not authorized the copying, modification, or
distribution of the IBM Copyrighted Works, except pursuant to the
terms of the GPL or LGPL. SCO does not have permission or any
license to copy, modify, or distribute the IBM Copyrighted Works
for at least two independent reasons: (1) SCO has repudiated
and disclaimed the GPL (and thus also the LGPL) as a source of
legal rights, and (2) SCO has breached the GPL and LGPL and
thus lost any rights it might have had under the GPL or LGPL.
The first argument is interesting. IBM has no trouble citing statements from SCO challenging the validity of the GPL; some of them appear in SCO's own filings in the same case. But the argument that, by publicly trashing the GPL, SCO has forfeited its right to distribute GPL-licensed code does not convince everybody. The case law on the subject appears to be inconclusive; there is no real way to know how the court will treat this argument until the time comes. The second part of the argument - that SCO has flat-out breached the terms of the GPL - is more straightforward. SCO has very clearly attempted to impose additional restrictions on GPL-licensed code, and that is not an action that the GPL allows. IBM should have little trouble establishing this breach as a fact. Inquiring minds are most curious to see how SCO will respond to this argument. SCO's lawyers would appear to have these options:
The third alternative above is the only one which holds out any hope for SCO in this case. Given that the U.S. courts have, in general, not been hospitable to the idea of rolling back the rights of copyright holders, it seems unlikely that this court would take a different tack now. It is also hard to see how the court could strike sections of the GPL without creating grave difficulties for many other software licenses. So SCO is unlikely to prevail in an attempt to disable the operative terms of the GPL - in the long term. What SCO might be able to do is to create enough confusion around the issue that the judge is unable to hand down a summary judgment. In that case, IBM would have to argue its case in a full court trial next year, and SCO would get some breathing room to continue its campaign. Such an outcome seems improbable, however. The facts seem clear, and SCO appears to be very much on the wrong side of them. In your editor's untrustworthy opinion, IBM seems much more likely to prevail on this motion than on its companion motion regarding the breach of contract claims. That result would clearly paint SCO's actions as an infringement of copyright, and it would put an end to SCO's attempts to put a tax on Linux. At the same time, it would put an end to claims that the GPL has never been tested in court. That would, needless to say, be an interesting day.
Other happenings on the SCO frontThe hearing date for IBM's motion for a partial summary judgment on its tenth counterclaim (seeking a declaration that none of its Linux activities infringe upon SCO's copyrights) and SCO's attempt to dismiss that counterclaim is coming. So the memos to the court are flying in all directions.SCO has filed its reply memorandum (PDF format) in support of its motion to dismiss or stay count ten. Therein, SCO claims that IBM's counterclaim is not "compulsory," that, instead, it is unrelated to the main case and could be considered separately. SCO says that IBM's counterclaim adds "undue complication and complexity" to the case, and thus should be dismissed. SCO wants the issue to simply go away. IBM has also filed a reply memorandum (PDF); this one is in support of its motion for a partial summary judgment on the tenth counterclaim. It makes for interesting reading; IBM is putting its full strength into ripping apart SCO's claims. IBM's reasoning is, essentially:
The memo goes on for 56 pages; it is an interesting read. It has long been clear that SCO management's public statements would come back to haunt the company; IBM is now doing its best to make that happen. IBM has also been busy trying to strike the declarations SCO has been filing in support of its positions. IBM's reasoning is usually that the person making the declaration is in no position to know what he is talking about. For some amusement, see this version of John Harrop's declaration posted on Groklaw; all of the portions which IBM wishes to strike have been indicated there. If IBM is successful, little of the declaration will remain. SCO is due to report its third quarter results. That announcement will, according to this press release, happen on August 31. SCO should be able to show more SCOsource income this time around, since the money from EV1Servers.Net should finally appear in its accounting. It is hard to imagine the numbers as a whole being good, however. SCO has announced, again, that it has made peace with BayStar. It might have actually happened this time.
Grokking the Grokster DecisionThe best way to understand what a case means if, like me, you aren't a lawyer, is to ask some. In the recent decision in MGM v. Grokster et al, filed on August 19, it's easy to do so, because there were amici briefs filed by law professors on both sides of the question. There is no better way to understand what a case is about than to read such briefs. The Electric Frontier Foundation, which represented StreamCast Networks, Inc., one of the victorious defendants, has made the legal documents available.On MGM's side, 9 law professors submitted an amicus brief explaining why they felt the lower court had made a mistake in granting Grokster and StreamCast a partial summary judgment and requesting that the Ninth Circuit Court of Appeals reverse the decision. On the other side, 40 law professors submitted an opposing amicus brief, supporting the lower court's decision and urging the Ninth Circuit Court of Appeals to affirm it. Both groups tried to persuade the three-judge panel that the law was on their side. All of this goes to show you that the law is not reliable like math. You don't ever want to plot a course to Mars based on legal opinions, because you might not arrive safely at your destination. You can always find a lawyer somewhere who will argue a side, both sides, or all sides of any issue. In the Grokster case, some of the finest lawyers in the world contributed their thoughts, on both sides, making it one of the most interesting and significant cases of the year. The appeals court decision was extraordinary, in that they accepted what can best be described as arguments you can find in Larry Lessig's book, "Free Culture," argued most ably by EFF's Fred von Lohmann for StreamCast and Michael Page of Keker & Van Nest for Grokster. The oral arguments are a delight to listen to, and EFF has them available as Ogg, WMA and MP3 files. Groklaw has made an unofficial transcript of the proceedings. The court decided to draw a line in the sand and tell the Hollywood copyright forces that their push to extend and morph copyright law beyond its current borders, in effect to rewrite the Supreme Court's 1984 Sony- Betamax decision (Sony Corporation of America v. Universal City Studios, Inc., 464 U.S. 417, 104 S. Ct. 774, 78 L. Ed. 2d 574 ), so as to make it easier to go after contributory infringers, was unacceptable. Sony held that as long as a technology has substantial non-infringing uses, it can't be held liable for copyright infringement by users. The Hollywood copyright forces were trying to get the court to accept instead the new idea that if infringement levels reached a certain percentage, then manufacturers and programmers could be held liable. Remembering that this is the same appeals court that upheld Napster, it's an extraordinary development and, in my opinion, a most significant victory, particularly for programmers, who stood to lose a great deal had the case gone the other way. Why? Because the copyright forces wanted to hold distributors of software tools -- and that means programmers too, not just companies -- liable for the infringements of end users. It was nothing less than an attempt, as the ruling put it, to get the judiciary to fashion a new way to go after distributors and programmers for vicarious and contributory copyright infringement. Why? Simply because, as the law professors on MGM's side delicately put it, such a transmogrification would satisfy "the policy interests of indirect liability -- particularly for online infringement, where locating, suing, enjoining and recovering from millions of direct infringers is extremely difficult and inefficient." In short, MGM and the music industry wanted the courts to make it easy for them. Going after the actual infringers on P2P systems is hard and expensive. So, they asked the court to let them go after those making and distributing software that some might use for the infringement instead. The conceivable consequences of such an expansion of vicarious liability were set forth in oral argument by Mr. Page:
To expand the
law of vicarious liability, to attach liability to
anyone who in theory could have acted as a policeman, leaves no border
on
it at all and leaves every technology vendor, every inventor, every
merchant at
the mercy of copyright holders who want to look around and go, 'You
could have
done something about this. You're liable.'
The court refused, based on the Sony-Betamax case, telling them to get Congress to fashion a more nuanced remedy than any court can give. Distinguishing the technology of Napster from that of Morpheus and Grokster (the centralized server in the former), the court noted that 10% of files shared on the systems are non-infringing, which is, in the words of Judge Noonan in the oral hearings, "a lot of files". The court accepted the argument that every new technology is met by the music and entertainment industry with cries of theft and predictions of copyright doom along with demands that courts shut down the new technology. This happened with the invention of cassette recorders, VCRs, radio, and cable, as Lessig points out in "Free Culture". But throughout history, US courts have been loathe to kill a new technology just to satisfy the old, vested interests affected by the new tech. Once again, the court has told those clamoring for a judicial remedy that they must seek a remedy in the legislature, if any is to be found. Jason Shultz, an attorney with EFF, explains the significance of the Grokster decision, particularly to programmers:
One of the biggest wins in Grokster for programmers was the explicit
rejection of two principles that the RIAA and MPAA were pushing the Court
to adopt in order to 'update' the Sony Betamax rule. If either rule had
been adopted for Peer to Peer companies, it would have applied to
programmers as well. Both rules would have been disastrous. 1) The first was that makers of technology (including programmers) should be liable for the infringements of their users based on the proportion of users who use the technology to infringe, instead of whether or not the code is merely capable of substantial non-infringing uses. The Plaintiffs argued that since over 90% of P2P users infringed copyright, that was high enough to hold the programmers and distributors liable. This would have been a very dangerous rule for any programmer, especially those who release open source code, because it is almost impossible to predict all the ways in which your users will employ your code. . . . [T]o hold . . . programmers . . . liable for the future, unpredictable and unintended uses of code would change the legal landscape of programming dramatically and make it a very dangerous road to go down. Fortunately, the Court rejected this attempt to 'update' Sony Betamax and stuck with the time-honored rule that any technology with a substantial non-infringing use cannot be held contributorily liable for infringements by end users. 2) The second major victory was an explicit rejection of the RIAA/MPAA's other proposal --- that under vicarious liability, programmers and distributors of technology should be held liable for end user infringements if they could have re-designed their products to allow less infringement, but didn't. In this case, the MPAA/RIAA argued that the P2P companies could have forced updates on users that installed filters into their programs to filter out copyrighted works, but didn't. This 'willful blindness', Hollywood argued, should make the P2P companies responsible for the infringements of their end users. Such a ruling would have been an absolute nightmare for any programmer, not only because again, it is almost impossible to predict all the ways one will use a program to infringe and then preemptively restrict them, but also because the reality is that no venture capitalist will fund a software project in such a world. If programmers and companies are liable unless they make their programs as incapable of copying as possible, very few programs will ever be written. The only pragmatic way to release a program, then, is to get MPAA/RIAA approval beforehand -- essentially handing Hollywood veto power over any new code or program released. Again, the Court rejected this approach, giving programmers protection from both financial ruin and attempts to undermine their freedom to write code as they see fit. EFF took the case for just these reasons. We saw how Hollywood wanted to change the law and all the bad precedent it would set. So we defended the P2P companies on these principles in order to protect every technology maker, including open source programmers. Under the eyes of the law, even non-commercial open source programmers are no different that P2P companies and without the legal protections in Grokster, all programmers would suffer. Thus, EFF stepped up to the plate to defend the freedom to code for everyone. They not only stepped up to the plate. They hit a home run. Of course, the losing side has the option of an appeal to the Supreme Court. And, as it happens -- actually, I'm sure it's no happenstance -- there is already an attempt to overturn Grokster's holding, by means of the Inducing Infringement of Copyrights Act of 2004 [INDUCE], currently working its way though Congress, with the backing of the RIAA/MPAA. It is sponsored by Senators Patrick Leahy and Orrin Hatch, who has said it is explicitly meant to reverse Grokster, so as to accomplish the very things that the Ninth Circuit Court of Appeals just rejected. Such a law would find companies and programmers liable if they release code that makes it easier for copyright infringement to occur, although in light of this stunning Grokster ruling, they may find it is a harder sell now, since its language, as well as Mr. Hatch's in pushing it, contradicts the Ninth Circuit Court of Appeals' decision. Yes, that Mr. Hatch, the father of one of the attorneys representing SCO, Brent Hatch. The apple doesn't fall very far from the tree. In a case like this, it makes sense to distribute the result via the available peer-to-peer networks. So, for those whose browsers are set up for such things, the EFF has published a magnet link and an ed2k link for downloading the decision. It doesn't hurt to boost the clearly non-infringing content available on P2P networks. One thing about the Hollywood copyright sharks: you can be sure they'll be circling back around.
Novell's resultsNovell announced its 3rd quarter financial results on Thursday of last week. To get some additional information on Novell's results, we spoke to Novell spokesperson Bruce Lowry about the results, and how the purchase of SUSE Linux and Ximian is working out for Novell. First on the agenda was Novell's financial results. Novell brought in $305 million in the third quarter, with a profit of $23 million, compared to $283 million in the third quarter of 2003 and a loss of $12 million during that period. Part of Novell's overall profits this quarter resulted from one-time payment of $19 million from The Canopy Group. Overall, Lowry said that the company was happy with the profit from the third quarter, but "a little disappointed with the top-line revenue number." He explained that the sales of the company's Netware products had slowed their decline in recent quarters, but resumed a 12 percent decline in sales in the third quarter. While Novell's other product lines have not been meeting expectations, SUSE Linux provided a welcome boost to Novell's bottom line this quarter. SUSE's revenues were up $2 million in the quarter, a 20 percent increase from the second quarter. A big factor in SUSE's increased revenues was a single customer that ordered 12,000 subscriptions to SUSE Enterprise. Lowry wouldn't disclose the customer's name, but said that the customer is a venture-backed company using SUSE in a "ASP sort of environment." The $12 million in revenue from SUSE products broke down into three parts, $4 million was from subscription revenue, $5 million was from SUSE retail sales, and $3 million included "tech support alliance fees and other software products from SUSE Linux." Lowry noted that the SUSE subscriptions would continue to show revenue in future quarters, as subscription revenue is distributed over the life of the subscription rather than reported entirely in one quarter. Ximian's revenue is not broken out separately by Novell, as the company mainly purchased Ximian as "a technology buy."
We basically said that the impact on earnings would be negligible...it's
almost impossible to do that now. The major products were Ximian Desktop,
which we're now combining into SUSE, hopefully later this year. The other
main sort of component was Red Carpet Enterprise... what we did was added
[that] to ZENworks.
We asked Lowry how the integration of SUSE and Ximian into Novell was going. Lowry said that the Ximian integration into Novell was "totally complete" and that the SUSE integration is "moving forward very rapidly," but noted that there was still work to be done, and that integrating a German company into Novell presented additional complications. Lowry declined to offer specifics about the upcoming SUSE release with Ximian Desktop integrated into the release, saying that Novell was being "pretty tight-lipped" about the release. However, Lowry said that SUSE will continue to support KDE and GNOME.
It seems to be an issue that people continue to be hooked on, that we're
trying to get beyond. But, we're trying to give people choice. We'll be
adding the things you'd expect Novell to add... it's obviously going to be
focused on the enterprise user.
We also asked whether the company would also be pushing Mono in its SUSE product line in order to help adoption of Mono. Lowry said that Mono is not shipped with SUSE Linux Enterprise Server 9, and said that Novell has "talked very loosely about it appearing in the desktop."
It's still very much an early stage thing, I have heard talk of pilot
deployments of Mono in corporate environments. It's still fairly
narrow...it's definitely an early stage technology.
He did say that Novell had been using Mono more for internal projects, and mentioned Novell's iFolder, which is now written with Mono. Lowry also mentioned the addition of JBoss to SUSE Linux Enterprise Server 9, and to the next major release of Novell exteNd as a replacement for Novell exteNd Application Server.
We'll be replacing the proprietary application server in the next major
release, eating our own dogfood. We're going to look at open source and
leverage open source where we can. It makes no sense to try to compete with
a proprietary product in the same place... it's a mixed world. It's hard to
envision a scenario where everything becomes open source.
It should be interesting to see how Novell continues to balance between open source and proprietary offerings. With iFolder, Ximian's Evolution Connector, and SUSE YaST, Novell has shown that it is willing to open source some of its technology when it makes sense for the company to do so -- and so long as that technology isn't a profit center for Novell. Unfortunately, Novell does seem to be backing away from support of other distributions with Ximian Desktop, with only SUSE and older versions of Red Hat Linux listed as supported. Overall, though, it seems that Novell's entry into the Linux market has been both successful and beneficial for the community and has certainly been beneficial for Novell. Though Novell's income from SUSE is currently only a small fraction of their revenue, it does seem to be Novell's best chance for growth.
Security Distribution of security fixesThe LD_DEBUG environment variable is one of those obscure, useful features found in glibc. By setting LD_DEBUG to one of a few specific values (use help to get the full list), you can get a great deal of information on just how the dynamic library loader is resolving symbols and performing relocation. This information can be most useful for tracking down certain kinds of obscure shareable library problems.LD_DEBUG can be verbose; it can also provide information about security-critical programs - especially those running setuid - which perhaps should not be made available to just anybody. The large amount of output created by LD_DEBUG can also be used as a sort of poor-man's single-stepping mechanism. If you can control when the standard output will block, you can stop a setuid program at almost any library call. This capability can be most useful if you are trying to exploit a difficult race condition, such as a temporary file vulnerability. The ability to stop a program at an arbitrary point can turn a small, difficult window into a wide-open one which can be exploited at leisure. Thus, it would make sense to disallow LD_DEBUG for setuid binaries. Unfortunately, this didn't occur to the glibc implementors, who did not add any checks for setuid operation in the LD_DEBUG code. Gentoo has recently issued an update fixing the problem; no other distributors have followed suit as of this writing. As it turns out, some distributors do not need to. OpenWall fixed this problem over three years ago; ALT Linux also patched glibc in its distribution. Somehow, however, the fixes applied by these distributors never got into wider distribution. This is not the first time that somebody has discovered a security problem for which a fix had been available for years. These incidents are, at best, a missed opportunity: known holes with available fixes remain unpatched for long periods of time. A less pleasant possibility is that crackers can look at the patches applied by security-conscious distributions (such as OpenWall) in search of holes which have not been fixed elsewhere. Security fixes are best applied universally. The obvious way to ensure widespread diffusion of security fixes is to submit them back to the package's maintainer. Such patches should almost always be accepted - or the maintainer should come up with a better way to fix the problem. If the maintainer refuses to fix the problem, there is always the time-honored technique of posting an advisory to Bugtraq. What should not be an option is keeping security fixes to ones self.
New vulnerabilities Cacti: SQL injection vulnerability
courier-imap: Remote Format String Vulnerability
icecast-server: missing escape
qt3: BMP image parser heap overflow
roundup: remote file access vulnerability
zlib: denial of service
Updated vulnerabilities acroread: UUDecode filename buffer overflow
Apache mod_proxy: denial of service
apache2: stack-based buffer overflow in ssl_util.c
aspell: bounds checking problem
Ethereal: Multiple security problems
Filename disclosure vulnerability in fam
flim: insecure file creation
Gaim: remote code execution vulnerability
glibc: Information leak with LD_DEBUG
gnome-vfs: backend script vulnerabilities
gtkhtml: malformed messages cause crash
gv: unsafe sscanf () buffer overflow vulnerability
iproute: local denial of service
racoon: failure to verify signatures
kdebase: multiple vulnerabilities
kdelibs: cookie disclosure
kernel allows unauthorized changes to the group ID
kernel information leak
kernel-utils: setuid vulnerability
libpng: multiple vulnerabilities
libxml2 - arbitrary code execution
logcheck: symlink vulnerability
mikmod: buffer overflow
mod_python: denial of service vulnerability
MoinMoin Group ACL Bypass
mozilla: multiple vulnerabilties
mpg321: format string vulnerability
MySQL: temporary file vulnerabilities
MySQL: temporary file vulnerability
neon: buffer overflow
nessus: adduser race condition vulnerability
netpbm: insecure temporary files
openssh: timing attack leads to information disclosure
OpenSSL: denial of service vulnerabilities
pavuk: buffer overflow
php: remotely exploitable memory errors
PuTTY: pre-authentication arbitrary code execution problem
python: buffer overflow
rsync: path-sanitizing bug
ruby: insecure file permissions
samba: potential buffer overruns
sox: buffer overflow
SpamAssassin: Denial of Service vulnerability
squid: buffer overflow
SquirrelMail cross site scripting vulnerabilities
Subversion: Remote heap overflow
sysstat: temporary file vulnerability
File overwrite vulnerability in tar and unzip
tcpdump: ISAKMP payload handling denial-of-service vulnerabilities
Multiple vendor telnetd vulnerability
wv: buffer overflow
XChat 2.0.x SOCKS5 Vulnerability
xine-lib: VCD MRL buffer overflow
xine-ui - insecure temporary file creation
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current 2.6 prepatch is 2.6.9-rc1, announced by Linus on August 24. Note that this patch applies against 2.6.8, not 2.6.8.1. Changes merged include a bunch of gcc-3.5 fixes, a big serial ATA update, a number of NT filesystem improvements, block I/O barrier support for several filesystems and transports, the limited ability for normal processes to lock memory, lots of CPU frequency controller patches, some read-copy-update improvements, a netfilter update, an ACPI update, the token-based thrashing control patch (see the August 4 Kernel Page), a new USB storage block driver, lots of architecture updates, and lots of fixes. The long-format changelog has the details.Linus has continued merging patches at a high rate; his BitKeeper repository contains, as of this writing, numerous network driver updates, some random number generator fixes, a fix for the audio CD writing memory leak, some VFS interface improvements, executable support in hugetlb mappings, the Whirlpool digest algorithm, some virtual memory tweaks, a number of asynchronous I/O fixes and improvements, a User-mode Linux update, the "flex mmap" user-space memory layout (covered here last June), a number of scheduler tweaks, the removal of the very last suser() call, and lots of fixes. The current patch from Andrew Morton is 2.6.8.1-mm4. Recent changes to -mm include the return of the kexec code, a change in the copy_*_user() interface (see below), Nick Piggin's CPU scheduler ("to see what happens"), and the reiser4 filesystem (see below). The current 2.4 prepatch is still 2.4.28-pre1; Marcelo has released no prepatches since August 15.
Kernel development news Quote of the week
ReiserFS V3 is the stablest Linux filesystem, and V4 is the fastest.
In regards to claims by ext2 that they are the de facto standard Linux filesystem, the most polite thing to say is that many persons disagree, and it is interesting that those persons seem to include the distros that are growing in market share. See http://www.namesys.com/benchmarks.html for why many disagree. -- From the reiser4 configuration help text
Looking at reiser4The reiser4 filesystem came one step closer to inclusion when it was added to 2.6.8.1-mm2. This filesystem was covered here in July, 2003; those interested in a lengthy writeup with lots of details and weird artwork can find it at namesys.com. In short, reiser4's claims include very high performance, high-level transactional capability, enhanced security, and a flexible plugin architecture which should make it possible to do truly different and interesting things.Actually playing with reiser4 involves getting a recent -mm kernel (or downloading it separately and applying it to another kernel). The tools for building and checking reiser4 filesystems can be found over here. There is a shareable library ("libaal") which must be built first, followed by the "reiser4progs" package. If the reiser4progs configuration process tells you that you lack the proper version of libaal, it probably means you forgot to run ldconfig between the two steps. We ran some very simple tests using the only benchmark that really matters: working with the kernel source tree. The first step was to look at the simple usage of space; reiser4 claims to be more efficient in that regard. This table indicates how much space was used (in KB) in various points in the kernel build process:
An empty ext3 filesystem has a fair amount of overhead (almost 33MB on a 2GB partition) that is not seen on reiser4; the reason is that reiser4 does not need to pre-allocate any inode tables. That saves some space; it also means that reiser4 filesystems will never run out of inodes. Reiser4 is also clearly more efficient in its file layout; an unbuilt kernel tree takes about 15% less space than on ext3. The next step was a set of highly unscientific timing tests involving various tasks: untarring a kernel, building that kernel, grepping dirty words out of the kernel source, and two find commands: one which tests on file names only, and one requiring a stat() of each file. The tests were run on some bleeding-edge hardware: an otherwise unused 4GB IDE disk on a dual Pentium-450 system. The filesystem was unmounted between tests to clear its pages out of the cache. Here's the results; two times are presented: elapsed and system.
Anybody who tries to draw any real conclusions from the above results should probably think again. That said, it would seem that reiser4's claim to being the fastest Linux filesystem remains unproven. Incidentally, here's another quote from the reiser4 configuration help text:
If using a kernel made by a distro that thinks they are our
competitor (sigh) rather than made by Linus, always check each
release to make sure they have not turned this on to make us look
slow as was done once in the past.
This text describes a debugging option; that option was not enabled for these tests. Meanwhile, the inclusion of reiser4 into -mm has, as desired, increased the number of developers looking at the code. Many of them are not entirely happy with what they see. The first problem is that reiser4 will fail horribly with 4K kernel stacks; it seems that quite a few large data structures are kept on the stack. The reiser4 hackers will be looking at reworking memory allocation to get around that particular problem. Rik van Riel was the first to stumble across the sys_reiser4() system call. The code to implement sys_reiser4() is present (and built) in -mm, but the actual call is not added to the system call table. A patch comes with the source to make that addition, however. According to the documentation:
A new system call sys_reiser4() will be implemented to support
applications that don't have to be fooled into thinking that they
are using POSIX. Through this entry point a richer set of semantics
will access the same files that are also accessible using POSIX
calls.... Reiser4() will implement all features
necessary to access ACLs as files/directories rather than as
something neither file nor directory. These include opening and
closing transactions, performing a sequence of I/Os in one system
call, and accessing files without use of file descriptors
(necessary for efficient small I/O). Reiser4 will use a syntax
suitable for evolving into Reiser5() syntax with its set theoretic
naming.
This syntax, it seems, is implemented via a yacc-generated parser, which is duly stuffed into the kernel. As Rik notes, this approach is likely to be controversial, even before people start thinking about what the new operations actually do. Reiser4 blurs the distinction between files and directories as part of Hans Reiser's general view of how filesystems should be used. For example, extended attributes, according to Hans, should not exist in their own namespace; they should just look like more files. With the right plugins, it should also be possible to do things like treat a tar archive as a directory tree and move around within it. There are, it seems, some immediate problems with this idea. As Christoph Hellwig pointed out, reiser4 allows an open with the O_DIRECTORY flag to succeed even if the target is not a directory. That defeats the use of O_DIRECTORY as a way of avoiding race conditions and security holes, and is unlikely to go over well. Al Viro noted some severe locking problems (leading to easy denial of service attacks) with the file-as-directory implementation as well. Reiser4, it seems, may have a bit of a rough road on its way into the kernel. Hans's approach to PR is unlikely to help in this regard, though it should be noted that Linus likes some of the reiser4 features. One hopes that reiser4 will get into the kernel eventually. It would surely be a mistake to believe that the optimal set of filesystem semantics has been achieved. The reiser4 project is arguably the place where the most thinking is happening about where filesystems should go in the future. If Linux is unwilling to host the results of that work (after the obvious problems are fixed), it may eventually find itself trying to catch up with some other kernel which proves to be more accepting.
API changes under considerationThere are two relatively significant API changes which are currently being tossed around for possible inclusion. Forewarned is forearmed, and all that, so here's a quick summary of what is being looked at.2.6.8.1-mm4 included a patch which changes how copy_to_user() and copy_from_user() return a failure status. These functions have, for a long time, returned the number of bytes which they failed to copy to or from user space. This interface differs from what kernel programmers normally expect, and has caused confusion and bugs many times in the past. As David Miller put it:
People who are experts and work every day on their platform get
this stuff wrong, myself included. This means we are too dumb to
debug this code, according to The Practice of Programming :-)
Rusty Russell also expressed his opinion on the copy_*_user() interface, as only Rusty can, a couple of years ago. Andrew Morton has decided that, perhaps, the time has come to fix the interface. In 2.6.8.1-mm4, the copy functions return the usual negative error code when things fail - at least, on the i386 platform. The change is overtly experimental, "It's a see-what-breaks thing." So far, reports of breakage are relatively scarce. On the other front, consider remap_page_range(). This function is prototyped as:
int remap_page_range(struct vm_area_struct *vma, unsigned long virt,
unsigned long phys, unsigned long size,
pgprot_t prot);
Its primary use is mapping memory found on I/O controllers into the virtual address space of a process. This function is accompanied by io_remap_page_range(), which is more explicitly intended for I/O areas. On almost every architecture, io_remap_page_range() is simply another name for remap_page_range(), but the SPARC architecture is different; it can make use of that architecture's I/O space to do things more efficiently. Paul Jackson recently noticed another difference: the SPARC versions of io_remap_page_range() have six arguments, while everybody else has only five. Needless to say, this is a curious discrepancy; it also makes it hard to write platform-independent code which uses io_remap_page_range(). The extra argument on the SPARC architecture is an integer "space" value; what it really is for, it turns out, is to specify the "I/O space" into which the pages are to be mapped. It is a response to a problem with the remap_page_range() interface: the physical address which is to be the target of the mapping is typed as an unsigned long. So a target address which requires more than 32 bits cannot be specified on 32-bit systems. SPARC I/O space addresses are above the 32-bit range. So the extra argument is required on the SPARC simply to provide the upper 32 bits for the physical address. Various options for smoothing out the difference were considered. In the end, the idea that seems to be winning is to change the remap_page_range() API slightly: instead of passing the target address as an address, that value should be expressed as a page frame number. That change gets rid of the 12 address bits used for the offset within the page (which are unused in remap_page_range() since that function deals in whole pages) and lets them be used for additional high-end bits, effectively extending the address range to 44 bits - which is enough. William Lee Irwin has put together a patch which implements this change for most architectures. Since the change breaks every caller of remap_page_range(), the patch touches a lot of files. Should the patch ever be merged, externally-maintained drivers will have to be fixed as well. This transition will not be helped by the fact that the compiler will not be able to detect unfixed code.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Documentation
Filesystems and block I/O
Janitorial
Memory management
Architecture-specific
Security-related
Benchmarks and bugs
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials MostlyLinux, SkatOS and Momonga LinuxThis week we will take a look at three distributions that have been around for a while, but are new to the LWN Distributions List.MostlyLinux is a software company based in Jharkhand, India. The company does mostly the same things other Linux companies do including Enterprise support, corporate training and custom distributions. They also are building a distribution called MostlyLinux. MostlyLinux 9.1 is the latest offering. The distribution is based on Fedora core 1 with lots of additional software. MostlyLinux chooses packages based on functionality, without the licensing concerns that have kept some of these packages out of Fedora. This is not a system for free software purists. MostlyLinux 9.1 contains a kernel with XFS and NTFS support; it includes multimedia applications like Mplayer, Ogle and Xine; a full suite of packages from LTSP (Linux Terminal Server Project); and more. A list of available packages can be found here. SkatOS was found earlier this week while looking for Xwoaf (X Windows on a Floppy). A current home page for Xwoaf could not be found, but there is a reference to it from the SkatOS home page. SkatOS is a bootable stand alone XSkat card playing system that fits on either one single floppy disk or one ElTorito-boot CD. It features full network client/server support so you can play Skat over LAN with your friends. SkatOS version 1.0 runs XSkat 4.0 based on BusyBox 0.60.5, uClibc 0.9.24 and TinyX 2.2.1 with kernel 2.2.26. Version 1.0 was released August 8, 2004. Momonga Linux is the successor to Kondara Linux. A Momonga (aka Pteromys momonga) is a flying squirrel found both in Europe and Asia. It's an animal known for a self-asserting behaviour, despite its small size. The Momonga Project, like the momonga, is small and not well-known, but assertive. This general purpose distribution is developed mostly by Japanese programmers, but it supports English just as well and the Momonga web site provides English content, together with English-language mailing lists. Momonga supports eight different Japanese input method servers, a selection of which is available directly from the GDM login screen. Ruby is the scripting language of choice for the project which seeks to be a distribution developed by and for its own users, compatible with next-generation standards, with comprehensive documentation. The first stable version of Momonga Linux was released earlier this month.
Distribution News Knoppix 3.6 'aKademy Edition' announced at the KDE World Summit (KDE.News)KDE.News reports on the release of Knoppix 3.6, "aKademy Edition". "Last-minute bugs were fixed, and the finished version demonstrated exclusively in an aKademy tutorial on Knoppix, indicative of the strong relationship between the Knoppix and KDE developer and user communities."
Debian GNU/LinuxThe Debian Weekly News for August 24, 2004 covers various sarge release topics, KDE package descriptions, web application maintenance, viewing the buildd queue, the Debian Open Use Logo License, closing bug reports, and more.Here's some Bits from Debian legal, a look at some of the hotter threads on the debian-legal mailing list from August 16 - 22.
Gentoo Weekly Newsletter -- Volume 3, Issue 34The Gentoo Weekly Newsletter for the week of August 23, 2004 is out. In this edition: the first Gentoo UK Meeting will be held September 4, Gentoo 2004.2 via BitTorrent, hardware upgrade for web forums, a new Operations Lead for the Release Engineering team, Christian Andreetta is the featured developer of the week, and more.
DistroWatch Weekly #63This week the DistroWatch Weekly covers Linux in Europe, the release of Momonga Linux 1, some discussion on why Gentoo seems to be declining (according to DistroWatch page hits), and more.
Fedora CoreThere is a Fedora Core 2 kernel-2.6.8-1.521 update available. Included in this new upstream kernel are several fixes on the networking front, including traffic shaping and window scaling fixes.
MandrakelinuxMandrakelinux has updated galeon and epiphany packages. These have been built against latest mozilla to fix some bugs.
Minor distribution updates Feather LinuxFeather Linux has released v0.5.7. "Changes: This release includes an upgrade feature, so that users of 0.5.6 can seamlessly update. Midnight Commander now has more features. Experimental ReiserFS support for hard drive installs is now available. aircrack, udhcpd, Dillo 0.8.0, and ndiswrapper 0.10 were included. Fixes to various scripts were made, and the user's system configuration can now be restored from an HTTP or FTP site."
ImageStream Enterprise Linux Version 4.2.0 for routersImageStream Enterprise Linux Version 4.2.0 is available for ImageStream's router customers. Click below for release notes.
LEAF Bering-uClibcLEAF (Linux Embedded Appliance Firewall) has released Bering-uClibc 2.2 with major feature enhancements. "Changes: Changes from rc1 include updates of dnsmasq and busybox. The most notable changes from the latest stable version include an update of Linux kernel (2.4.26), a rework of linuxrc, the introduction of a new leaf.cfg and a more flexible module loading scheme, an update to dash 0.5.1, and a redesign of pcmcia support. dnsmasq replaces dhcpd and dnscache."
Always Current Lineox Enterprise Linux 3.032 AvailableAlways Current Lineox Enterprise Linux 3.032 is out. Support for x86_64 has been added to this release.
TopologiLinuxTopologiLinux has released 5.0Beta2 Demo with major feature enhancements. "Changes: It is now possible to run the distribution from inside Windows using coLinux."
ttylinuxttylinux has moved to a new web site and released v4.0. "Changes: This release switches to glibc-2.3.3 and updates all other packages to their latest versions."
Distribution reviews Hands-Off Fedora Installs with Kickstart (O'ReillyNet)O'ReillyNet kick starts a Fedora install. "In this article, I'll explain how to set up a basic Kickstart environment and perform an install. I tested this process extensively on Fedora Core 1 and briefly on FC2. It may work for Red Hat 9, as well."
Page editor: Rebecca Sobol Development KDE and FreeDesktop.orgFreeDesktop.org always raises a little controversy in conferences - any group trying to integrate some of the most competitive projects in the free software community is bound to do that - and this year's KDE World Summit, aKademy, was no exception. Daniel Stone, freedesktop.org's release manager, gave a well-received presentation on the project to KDE developers, covering both the future of the project, and where he sees KDE fitting in. What follows is a writeup of his presentation, and some reflections from when I caught up with Daniel and Aaron Seigo of KDE later in the summit.Daniel began his talk by sketching out freedesktop.org's main projects, describing briefly what the future holds for each of them. First on the list was X.org, whose cutting-edge developments has already been covered in some detail on LWN. Happily, Daniel managed to cover entirely different material, but gave a good impression of how X.org development is moving forward. We should see X11R6.8 released in the near future, bringing Composite and many of the eye-candy enhancements first really developed in Kdrive to our desktops. But freedesktop.org also have their sights set on X11R7, with some major architectural changes planned or in discussion. Since they forked from XFree86, the developers have been trying to modularize the codebase to make it more manageable and digestable, and by X11R7 they hope to have completed this process. They're also thinking about moving the files from /usr/X11R6 to /usr (a pet hate of Daniel's), and after some developers expressed misgivings about CVS they are now discussing which Revision Control System (RCS) to use. Character set problems should also receive some attention, with Smart Common Input Method (SCIM) and Universal Input Method (UIM) bringing proper support to non-Latin character sets like Japanese. The other major change he discussed was a migration from Xlib, which is said to be too unwieldy, as it is trying to work both for toolkits and GUI developers. A new low-level implementation of the X protocol in C, the X11 C Bindings (or XCB), provide a foundation for toolkits to build upon, allowing them to better optimize their interaction with X and allow developers to focus on the toolkit alone. The X.org project will no doubt attract plenty of attention in coming years. Of particular interest to many KDE developers was the section on DBUS and HAL. With KDE4 now on the horizon, KDE developers are able to think about major architectural changes. Starting to migrate the internal messaging system from DCOP to DBUS and adapting KDE libraries and applications to take advantage of HAL are both hot topics. Daniel described how they can make the user experience seamless if applied universally across the desktop. DBUS in particular will bring all of the benefits that KDE enjoys from DCOP to the rest of the desktop. It promises an improved system that can, for example, change the proxy settings universally from one place whether it is the KDE or GNOME Control Center or even just a shell script. When I talked to Daniel and Aaron later, it became clear what KDE will have to do to migrate to DBUS and other freedesktop.org technologies successfully. To begin with, there will be namespace issues that will mean it won't be a straight translation between DCOP and DBUS, though Qt 4 bindings should make accessing DBUS easier. Adapting to composite being available in X will also require removing the pseudo-transparency code found in several KDE applications, and integrating HAL will require entirely new code, although KDE's network/device transparency should mitigate conceptual difficulties. The key, Daniel pointed out, is that KDE can and should migrate gradually, maintaining backward compatibility. Aaron Seigo echoed this sentiment, saying that KDE has to approach the task pragmatically. KDE, he believes, must help drive DBUS and other standards, and properly address problems of how to migrate, what migrated code would look like, how much effort it would take, how compatibility could be preserved, and all the other questions typical for such a change. The issue of driving standards is particularly poignant given that freedesktop.org is due to release it's first platform, freedesktop.org 1.0, within a couple of weeks. This will provide a stable set of APIs, libraries and standards that developers and companies can use, and it will lay the foundations for freedesktop.org's future. The conservative nature of the freedesktop.org process is best illustrated by the fact that key technologies like DBUS, HAL and Cairo aren't included in the platform, omissions that caused some concern among KDE developers who would like to integrate them within the time frame when the platform will be stable (a matter of years - release 1.1 is planned for late April 2005). Daniel explained that their omission from the platform doesn't preclude their use in KDE or other desktop environments, and that the process of developing standards is more a matter of trial and error, seeing what works, encouraging projects to coordinate development, and only moving forward when everyone involved can arrive at a consensus. KDE developers were also concerned about this decision making process. Within KDE, technical decisions are made by the person who implements a working solution, and so they didn't want to feel pressured to adopt a solution that freedesktop.org prefers. When talking to Daniel privately, and in the discussion after his talk, he took care to address what he sees as a fundamental misunderstanding about freedesktop.org. The project's decision process is open to all, and the approach is that if people from all the major projects concerned cannot reach a consensus, then there is something wrong with the proposal being discussed. In other words, if developers from any project that relates to freedesktop.org is worried about a particular proposal, they should get involved and either explain why they want it stopped, or how they think it should be modified. For the moment this loose and conservative approach seems to be working. Aaron Seigo pointed to examples like the icon, .desktop files, drag and drop, thumbnail and menu structure specifications, and the recent decision to drop the systray specification, as evidence that the process has worked well so far. I put it to Daniel and Aaron that freedesktop.org may in fact need to be more assertive. The decision of which multimedia framework to adopt, for example, is one that should be done through freedesktop.org across all environments to avoid yet more fragmentation. Yet this decision requires some body to help form consensus, since the decision is not so simple as: "do we like this proposal?" Daniel agreed, and suggested that KDE, GNOME and other desktop developers need more joint meetings to discuss the more contentious and complex decisions, much like the multimedia track in aKademy; he was, however, uncertain about how this could be done. The key to freedesktop.org is active participation, a subject to which Daniel and Aaron kept returning. At present, Aaron believes the perception amongst some KDE developers that freedesktop.org is too GNOME-friendly simply comes from the fact that not enough KDE people are involved (particularly in the logistics). Daniel emphasized in his presentation that KDE is underrepresented, which is both dangerous for KDE, since it may find itself having to either accept the dictate of those that participate or to break away, and it is dangerous for freedesktop.org, which relies on the active participation of the major desktop players for credibility and progress. Aaron firmly believes that freedesktop.org can provide a politically neutral ground upon which developers can cooperatively develop a platform, one which can then compete with proprietary software produced by companies that have these same kinds of processes internally. If developers in competing projects can come together and discuss where it makes sense to integrate, then not only can problems with integration be solved, but the combined skills and knowledge of all free software desktop developers can bring major advances. It is, they claim, a project with no losers, except those that don't take part.
System Applications Database Software PostgreSQL Releases 7.2.5, 7.3.7, 7.4.5 AvailableSeveral new releases of the PostgreSQL database are available. "Due to insufficient interlocking between transaction commit and checkpointing, it was possible for transactions committed just before the most recent checkpoint to be lost, in whole or in part, following a database crash and restart." Upgrading is recommended.
PL/Java now supports both PostgreSQL 8.0 and 7.4Version 1.0.0.b4 of PL/Java, a project which provides server side Java for the PostgreSQL database, is available. "The 1.0.0.b4 release of PL/Java is out. It takes full advantage of the new exception handling and custom variables introduced in PostgreSQL 8.0".
PostgreSQL Weekly NewsThe August 24, 2004 edition of the PostgreSQL Weekly News is out with the latest PostgreSQL developments.
Interoperability Samba 3.0.6 Available for DownloadSamba 3.0.6 (Samba goes for the gold!) has been released. Click below for the announcement and changes. "This is the latest stable release of Samba. This is the version that production Samba servers should be running for all current bug-fixes. There have been several issues fixes since the 3.0.4/5 release and new features have been added as well."
Mail Software bogofilter 0.92.6 releasedVersion 0.92.6 of bogofilter, a spam mail filter, is out. "Bogofilter-0.92.6 cleans up minor issues with bogofilter's documentation and adds a "-QQ" option to display all the options that can be used in the config file."
New mail filtersMilter.org lists several new mail filters including milter-siq version 0.7, milter-limit version 0.1 and seven other milters with support for libsnert 1.39.
Networking Tools GNOME Nettool 0.99.2 releasedVersion 0.99.2 of GNOME Nettool, a network information tool, is out. "This is the first release of GNOME Nettool after being splitted from GNOME Network. Version 0.99.2 is feature complete, and will be released as 1.0 after some testing period."
Peer to Peer giFT 0.11.7 released (SourceForge)Version 0.11.7 of giFT, a cross-platform collection of software components for peer-to-peer file-sharing networks, has been released. "This release is primarily a bugfix release that contains some rather critical bugfixes which affect Windows and 64-bit platforms."
Printing Common UNIX Printing System 1.1.21rc2Version 1.1.21rc2 of CUPS, the Common UNIX Printing System has been announced. "CUPS 1.1.21 is primarily a bug fix and performance tuning release and includes fixes for the IPP, LPD, parallel, serial, and USB backends, authentication and status processing issues in the CUPS API, and various PostScript and PDF printing issues. The new release also adds support for Zebra label printers and IPP device URI options."
Web Site Development Gallery 1.4.4-pl1 now available (SourceForge)Version 1.4.4-pl1 of Gallery, a web-based photo gallery system, is out. "Gallery v1.4.4-pl1 is an update to Gallery 1.4.4 to resolve several issues found after the release. Most of these issues are fairly minor, and the one security issue fixed in this release requires a fairly unusual Gallery configuration and a bit of effort to exploit"
mnoGoSearch 3.2.20 releasedVersion 3.2.20 of mnoGoSearch, a web site search engine, is out. Changes include improved support for multiple search databases, URL parser improvements, bug fixes, and more. See the change history for details.
ZopeMag Weekly NewsThe August 14-24 edition of the ZopeMag Weekly News is online with a new collection of Zope and Plone articles.
Miscellaneous GNOME System Tools 0.91.0 has been releasedVersion 0.91.0 of the GNOME System Tools, a set of configuration utilities, is out with lots of improvements.
Desktop Applications Audio Applications WaveSurfer 1.7.1 releasedVersion 1.7.1 of WaveSurfer, an audio file editor, is available. Changes include new command line options, bug fixes, and more.
Desktop Environments GARNOME 2.6.2.1 announcedVersion 2.6.2.1 of GARNOME is available. "This release incorporates the GNOME 2.6.2 Desktop & Developer Platform, as well as plenty of new bugfixes and third-party package updates that have been made since the initial release."
GDM 2.6.0.4 releasedStable version 2.6.0.4 of GDM, the GNOME Display Manager, is out. Most of the changes involve bug fixes and translation improvements.
Gnome OSD 0.4.0 AnnouncedVersion 0.4.0 of Gnome OSD, the On Screen Display notification system, is out with a few new preference choices.
KDE 3.3 releasedThe KDE Project has announced the release of KDE 3.3. The list of enhancements is quite large; see the announcement for an overview or the changelog for a rather more detailed picture.
KDE-CVS-DigestThe August 20, 2004 edition of the KDE-CVS-Digest is online, here's the content summary: "KDM implements session switching and improves shutdown. KDEPIM adds configuration wizard for Novell Groupwise client. And many bugfixes in KST and Korganizer. Krita now has a gradient tool."
Desktop Publishing Scribus Team Releases First 1.2 Release Candidate (KDE.News)The first release candidate of Scribus 1.2, a desktop publishing system, has been announced. Changes include a new story editor, new plugins, PDF exporter improvements, an EPS/PS importer, SVG importer/exporter improvements, a print previewer, a table creator, support for right to left languages, bug fixes, and more.
Electronics gEDA: SPICE GUIMike Waters has announced a new GUI front-end project for Spice. "For some time I've been looking for a circuit simulator I could use under Linux. After coming across gEDA I found that there was no GUI for the circuit simulator and decided to start writing one myself. Please find attached the results of my efforts so far. This is alpha code and so is highly likely to contain bugs. It has been developed over the last 12 month and is getting to the point where it has some usable functionality."
XCircuit 3.2.23 releasedVersion 3.2.23 of XCircuit, an electronic schematic drawing package, has been released. The changes document says: "Rather important fix from back in revision 19, in which routine "pointtonet" is supposed to merge crossing wires if they cross on top of a subcell port. This is the method used to connect crossing wires with the "dot" symbol, so it is rather important."
Financial Applications BIE 6.0.4 Stable Released (SourceForge)Stable version 6.0.3 of BIE, the Business Integration Engine, has been announced. "BIE 6.0.3 adds bug fixes for Map Builder macros and stability."
SQL-Ledger Version 2.4.2Version 2.4.2 of SQL-Ledger, a web-based accounting application, is available. Changes include price list functionality, reconciliation screen changes, bug fixes, and more.
Games GLightOff 0.1.0 announcedInitial version 0.1.0 of GLightOff is available. "GLightOff is a gtk+ version of lightoff, a simple (but not so easy to solve!) puzzle game where the goal is flip to black all the tiles on the 5x5 board."
Graphics Gmsh 1.55 releasedVersion 1.55 of Gmsh, a 3D mesh generator for FLTK, has been announced. Here are the changes: "added background mesh support for Triangle; meshes can now be displayed using "smoothed" normals (like post-processing views); added GUI for clipping planes; new interactive clipping/cutting plane definition; reorganized the Options GUI; enhanced 3D iso computation; enhanced lighting; many small bug fixes."
GUI Packages GFC-Core 2.3.1 AnnouncedDevelopment release 2.3.1 of GFC-Core, the GTK+ Foundation Classes, is out. Changes include a new signal system, dynamic creation of GFC objects, a C++ wrapper for GModule, improved examples and documentation, and more. Version 2.3.2 of the companion GFC-UI package was also announced.
GLib 2.5.2 releasedUnstable version 2.5.2 of GLib, the low-level core library for GTK+ and GNOME, is available. "This is the third development release loading up to GLib-2.6. This release contains a number of bug and portability fixes and some new API."
PythonCard 0.8 AnnouncedVersion 0.8 of PythonCard, a GUI construction kit for building cross-platform applications, is out. "Release 0.8 includes over 50 sample applications and tools to help users build applications in Python, including codeEditor, findfiles, and resourceEditor (layout editor)."
Interoperability Wine TrafficThe August 20, 2004 edition of Wine Traffic is online with the latest Wine project developments.
Music Applications dssi-vst 0.1 announcedVersion 0.1 of dssi-vst is out. "dssi-vst is a DSSI wrapper plugin for VST plugins. It enables any compliant DSSI host to use VST instruments and effects. It requires Wine, liblo-0.9, dssi.h, and the Steinberg VST SDK headers to build."
liblo 0.9 releasedVersion 0.9 of liblo, an implementation of the Open Sound Control protocol, is out. Changes include a nonblocking mesage dispatcher, Unix and TCP domain FIFO support, bug fixes, and more.
TAP-plugins 0.7.0 announcedVersion 0.7.0 of TAP-plugins (Tom's Audio Processing plugins) is out. New plugins include a Chorus/Flanger, a Sigmoid Booster, and a TubeWarmth filter. Bug fixes are also included.
News Readers Liferea 0.5.3b announcedVersion 0.5.3b of Liferea, a multi-protocol news aggregator, has been released with bug fixes and translation improvements.
PDA Software Guikachu 1.4.2 is availableVersion 1.4.2 of Guikachu, the GNOME Resource editor for PalmOS projects, is available with bug fixes.
Web Browsers Mozilla 1.8a3 Released (MozillaZine)Version 1.8a3 of Mozilla has been announced. "Mozilla 1.8 Alpha 3 release includes a large amount of backend work, including site-specific CSS rules, transparent windows on Windows and GTK2, and undetected document."
Epiphany 1.3.7 releasedVersion 1.3.7 of Epiphany has been announced. "Epiphany 1.3.7 is a beta release in the unstable series leading up to GNOME 2.8." Changes include bug fixes and translation work.
Miscellaneous GENIUS 0.7.1 releasedVersion 0.7.1 of Genius, a calculator program with plotting capabilities, is out. "The coolness factor of this release then is that you can export to PNG. In any case this release is a bunch of fixes and some minor changes. For one we now have short documentation strings for all built-in functions. Secondly the continuity and numerical derivative functions now actually work instead of going into an infinite loop."
Gwget 0.14 is outVersion 0.14 of Gwget, the download manager for Gnome 2, is available. Changes include a new speed limit option, show recursive options, bug fixes, and new translations.
Nautilus Sendto 0.1 announcedVersion 0.1 of Nautilus Sendto has been launched. "This application provide integration between nautilus, evolution, and gaim."
Languages and Tools Assembly Language libdisassemble 1.0 releasedVersion 1.0 of libdisassemble has been released under the LGPL. "Libdisassembly is simply a python library for disassembling x86 opcodes. It has been made for Immunity's PDB Project (a vulnerability development focused debugger), and is partially based on mammon's libdisasm opcode list (http://www.eccentrix.com/members/mammon/). There is still a lot of work to do with the Metadata, but the library tries to return as much information it can get off of an opcode."
Caml Caml Weekly NewsThe August 17-24, 2004 edition of the Caml Weekly News is online with the week's new Caml language articles.
Lisp GCL 2.6.5 releasedVersion 2.6.5 of GCL (GNU Common Lisp) has been released. "This version, the latest in the `stable' series, features changes to gmp, support for gprof, performance enhancements and bug fixes."
Python Dr. Dobb's Python-URL!The August 23, 2004 edition of Dr. Dobb's Python-URL! is available with links to numerous Python language articles and resources.
python-dev SummaryThe August 1-15, 2004 edition of the python-dev Summary is available with coverage of the python-dev mailing list traffic.
Scheme Schemer's Gazette 2Issue #2 of the Schemer's Gazette is online with a new collection of Scheme language article links.
Tcl/Tk Dr. Dobb's Tcl-URL!The August 18, 2004 edition of Dr. Dobb's Tcl-URL! is out with the week's Tcl/Tk article and resource links.
Dr. Dobb's Tcl-URL!The August 23, 2004 edition of Dr. Dobb's Tcl-URL! is available. Take a look for the latest Tcl/Tk articles.
XML XML in localisation: A practical analysis (IBM developerWorks)Rodolfo M. Raya explores the topic of XML Localization on IBM's developerWorks. "Learn how XML standards help facilitate translation processes that involve many participants in different locations. This article focuses on the most common XML formats used in the localisation industry to show you how important XML is becoming in multilingual document exchange."
Serializing Java Objects with XStream (O'Reilly)Michael Fitzgerald writes about XStream on O'Reilly. "Joe Walnes's XStream is a unique open-source Java library for serializing objects into XML and deserializing that XML into objects. Unlike other APIs, such as David Megginson's XMLWriter or Elliotte Rusty Harold's XOM, which use specific classes and methods to produce XML, XStream relies on Java idioms such as object names to produce element names and strings within classes to produce element content. It also produces a kind of reflection of objects in XML."
Build Tools Improve collaborative build times with ccache (IBM developerWorks)Martin C. Brown introduces ccache on IBM's developerWorks. "Collaboratively building a C/C++ project using cc or gcc to share source files and other components works fine with CVS, but the time required to build the application when it has been merged with everybody else's changes can be significant. Even if you're not developing a project as part of a group, recompiling an application can take a lot of time. The ccache tool improves the build performance by caching the incorporation of header files into source files and therefore speeds the build time by reducing the time required to add in header files with each compilation stage."
IDEs Develop Your Own Plugins for Eclipse, Part 1 (O'ReillyNet)O'Reilly is running part one in a series on writing Eclipse plugins. "Eclipse is a nice IDE, of course, but it's arguably the best platform for hosting your own applications. Using Eclipse facilities spares you from re-coding, for the 100th time, a framework for dealing with online help, generating wizards, or saving a file to disk. Eclipse ships with many helpful features, such as a Lucene-ready engine for searching your help documentation. Like any object-oriented developer, you don't want to reinvent the wheel."
Miscellaneous Gaphor 0.5.0 announcedVersion 0.5.0 of Gaphor, a Python-based UML (Unified Modeling Language) modeling environment, is out. Changes include support for Stereotypes and UseCases, plugins, drag-and-drop package reordering, and interface support.
Build code with lex and yacc, Part 2 (IBM developerWorks)Peter Seebach continues his IBM developerWorks series on lex and yacc with part two "The second article of this two-part series explores more advanced lex/yacc development and introduces basic troubleshooting techniques. See e-mail headers parsed before your very eyes! Marvel at cryptic error messages! See a computer actually compute something!"
Page editor: Forrest Cook Linux in the news Recommended Reading Some Advice & a New Book by Larry Rosen, and an Open Source, Open Standards Conference (Groklaw)Groklaw reports on a new book by Larry Rosen. "Rosen's Preamble says that the book is by a lawyer, but it's not for lawyers -- no citations or academic analyses suitable for a law journal. It's written, he says, for his friends in the free and open source community, who might be confused about which license to use for their software (there is an entire chapter on that), and also for those in business wondering how they and their company might be affected by various software licenses."
Will 'controlled open source' software take over election work? (NewsForge)NewsForge interviews Open Vote Foundation founder Scott Ritchie."NewsForge: If you could put together the open source code and system, do you think the political and institutional barriers would ever allow an open source election in the U.S.?" "Ritchie: Absolutely. Because decisions for which voting systems to be purchased are carried out at the local level, there isn't much room for the iron-triangle present in other government projects. The incumbent voting machine vendors, big as they are, don't have much influence over local governments fed up with them."
Trade Shows and Conferences Novell to host a 'Linux Day' for India (CIOL)CIOL reports on the upcoming "Novell Linux Day" conferences for business decision makers, business and IT managers, customers and partners at Mumbai, Bangalore and Delhi on August 31, September 2 and September 3, respectively.
Report from the KDE World Summit (NewsForge)NewsForge reports from aKademy. "Worries were raised about how KDE should balance the interests of sponsors with the autonomy of the KDE membership. Some felt that members would feel under pressure if in the presence of their boss in a meeting, and so would lose the ability to speak freely. Others raised the problem of KDE members being unhappy with particular companies seeking to become sponsors; on this point, the membership voted that the e.V. board must put new sponsors to the membership before accepting their money."
Report from the KDE World Summit: Day two (NewsForge)NewsForge covers day two of the KDE World Summit. "The second day of aKademy, KDE's World Summit 2004, opened the two-day developers' conference, involving a series of presentations and discussions both on ground-breaking topics like KJSEmbed and other subjects important to KDE. When not attending the two parallel tracks of presentations, KDE developers took the opportunity to socialise and hack in the comfortable surroundings of Ludwidgsburg's Filmakademie."
Report from the KDE World Summit: Day three (NewsForge)NewsForge continues its series of reports from aKademy. "Parallel to the multimedia presentations were a series on integration. Most controversial of these was the opening presentation on the Linux Registry. Avi Alkalay opened by emphasising that developers should forget the name's association with the Windows registry, and went on to talk about what he describes as a 'bazaar' of 'selfish configuration files' spread across the system. His proposed solution is a single hierarchical configuration infrastructure using a key-pair system, integrated with the current configuration systems in such a way as to make it familiar to experienced users and usable for newbies."
Open-source developers focus on accessibility (News.com)News.com reports on accessibility discussions at aKademy. "During the forum, KDE developer Harald Fernengel presented a demonstration of the KDE developer tool, Qt, showing how it could be used with open-source Linux desktop GNOME's GOK, an on-screen keyboard for people who have problems using ordinary keyboards. He also demonstrated KDE working with the text-to-speech screen reader Gnopernicus."
The SCO Problem IBM's Steamroller Just Keeps on Rolling (Groklaw)Groklaw presents IBM's latest filings (mostly a set of attempts to strike SCO's testimony) with clear pleasure. "What does it all mean? That IBM wishes to strike all the so-called facts in dispute that SCO has attempted to offer. That SCO will be shown no mercy. If they fail to dot an i, IBM will call them on it, with a motion and oral argument requested, all of which costs money to respond to and deal with. It also means that IBM believes that SCO is manufacturing bogus issues, in an attempt to create some fact dispute sufficient to survive IBM's summary judgment on its 10th counterclaim, and they intend to call them on it. It also means that the tide has turned, and IBM is on the offensive now."
An Interview with Gregory Blepp (Groklaw)Groklaw talks with Gregory Blepp about his relationship with SCO and 'millions of lines' of code purported to be in his possession. "I have interviewed Mr. Blepp, and he is telling me a different story, and much more. According to Mr. Blepp, he never was staff. He was a consultant for SCO from day one, and he still is, but he's spending much less time on SCO matters now. He has his own business. They announced his "appointment" as VP the way they did for legal reasons. Also, he says SCOSource, to his knowledge, has no full-time employees."
Companies Actuate pushes open-source data reporting (News.com)Software maker Actuate has proposed a project to create an open source business intelligence and reporting tool using Eclipse. "If accepted as an Eclipse project, the initiative will result in open-source software to design and generate business reports from Java application servers. A vote at Eclipse on whether to accept the proposal, called the Business Intelligence and Reporting Tools (BIRT) project, is slated for one month from now."
Linux Adoption European banks embrace the Linux system (Globe and Mail)The Globe and Mail looks at adoption of Linux by European banks. "And HSBC's decision is not all about dollars. 'Although we're not convinced that Linux is cheaper in terms of total cost of ownership, it does offer us more control and flexibility than Windows, due to its open architecture, for example in terms of security,' Mr. Lashua said."
Linux may power South Korean schools (News.com)News.com looks at a proposal to put Linux into South Korean schools. "The project, which would rank as one of the largest Linux installations in the country, aims to link all primary and secondary schools and relevant government departments through a common system known as the National Education Information System."
Is Linux too good to be true? (Independent)The Independent has published one of those "installation nightmare" stories that used to be so common. The bottom line on these stories has changed, though: "Will I give up Windows altogether? Probably. The more I use Linux, the better I like it despite the challenges. It hasn't crashed; it's immune to Windows viruses; it won't fall victim to spyware, worms or hackers; and it feels (and looks) refreshingly different. But best of all, Linux promises greater choice at less cost. Just give it time to climb more of the Windows mountain."
Linux at Work How a new Linux system bolstered a major art museum's presentation (NewsForge)NewsForge covers the use of SUSE linux and IBM hardware for a San Francisco museum's online image archive. "Horio is already noticing a marked increase in performance from the server running Linux. Instead of weekly reboots like they continue to experience with the Windows server, "it's been stable. We just turn it on and it runs." Horio says the image database will be the largest of its kind online, and the only one running on Linux. Searchable by date, country or region of origin, artistic medium, or keywords, each page will display several objects with thumbnails and a short synopsis, and users can click through to a larger image with more information."
Interviews Interview with id Software's Timothee Besset (LinuxGames)LinuxGames talks with Timothee Besset about Doom3 and other games for Linux. "What's the status of the DOOM 3 dedicated server and the client?I think there's a very good chance we can get the dedicated server out with the next patch, because it's been running very smoothly in the DOOM 3 tournaments. We still need to polish it a bit, but it will get released pretty soon. I know that the server admins are waiting, and Linux gamers don't really care about it, but we have to follow our priorities."
PHP creator: Rasmus Lerdof (Builder AU)Here's an interview with PHP creator Rasmus Lerdof on Builder AU. "You said during your Introduction to PHP talk at Linux.conf.au that you hated programming. What do you prefer doing? I like solving problems, I like building something that solves a real problem and actually helps people or affects people. To do that you normally have to program unfortunately so I end up doing that. I mean I don't hate the industry of programming, I just hate the actual sitting down and doing the programming, it's very boring and very tedious. The end result is cool and that is what I like doing. I enjoy just normal technical geeky things. Other than that there's my new baby."
Developer Spotlight: Martin Pool (Builder AU)Builder AU talks with Martin Pool, a Canberra-based software engineer working on open source software for HP. "Why did you decide to develop open source software?MP: Many years ago I downloaded a copy of GNU emacs and GNU cc (onto 3.5in floppies!) and I was just amazed that people were writing and giving away all this great software. So part of it was reciprocity: the GNU compiler people have given me so much, so I'm happy to be able to give them something useful in distcc."
Resources Open-Source Backups Using Amanda (Linux Journal)Phil Moses has written a HOWTO article on the Amanda backup software. "Data probably is the most important element in computing, but in too many cases I see data backups overlooked or approached in such a carefree manner that I shiver. To this end, this article discusses the University of Maryland's Amanda (advanced Maryland automatic disk archiver) backup software, a relatively easy-to-use disk archiver built upon native dump and/or GNU tar tools. I often feel Amanda does not get the respect it deserves in a Linux/UNIX cross-platform environment. I confidently can say, however, that Amanda is a reliable platform for many Linux and UNIX users who are comfortable with a command-line interface."
Kernel debugging with Kprobes (IBM developerWorks)IBM developerWorks shows how to use Kprobes to debug the Linux kernel. "The benefits of using Kprobes are many. printk's can be inserted without rebuilding and rebooting the kernel. Processor registers can be logged and even modified for debugging -- without disruption to the system. Similarly, Linux kernel data structures can also be logged and even modified non-disruptively as well. You can even debug race conditions on SMP systems with Kprobes -- and save yourself the trouble of all that rebuilding and rebooting. You'll find kernel debugging is faster and easier than ever."
The Top Ten Subversion Tips for CVS Users (O'ReillyNet)O'Reilly has some tips for people moving from CVS to Subversion. "I've seen people spend hours in meetings working out the directory structure and file placement of a project they are preparing to create in their CVS repository--and anyone who's ever tried to move a directory or a file in CVS knows why: CVS doesn't allow you to move anything around in the repository!* With Subversion, you can move files and directories with wild abandon:"
Building a Diskless 2.6 Firewall (Linux Journal)Here's a Linux Journal article on building diskless firewall systems. "Because we're going to build a Linux system completely from scratch, we need a fair amount of software. The usual Linux tools aren't built for embedded systems, they're loaded with features we don't need. This is where BusyBox, the Swiss Army knife of embedded Linux, comes into play. We can exchange most of our needed tools with BusyBox, for instance a shell, ifconfig, ip tools and so on."
Reviews Technical Writing Using OpenOffice.org Writer (O'ReillyNet)O'ReillyNet looks at OpenOffice.org features which are of interest to technical writers. "One major advantage of Writer over Word is that Writer supports conditional content. Word doesn't, although you can use various workarounds to achieve a similar result. Thus Writer has incorporated one of FrameMaker's major attractions for technical writers, although Writer's implementation is more limited than FrameMaker's."
CyberGuard ships most powerful SnapGear Linux security appliance yet (LinuxDevices)LinuxDevices.com takes a look at CyberGuard's Snap Gear Linux powered security appliances. "The SG710 is based on an Intel IXP425 security processor, a chip that SnapGear Linux first supported in August of last year. The IXP425 has built-in encryption engines, which the SG710 makes use of in achieving "multi-megabit" throughputs, according to CyberGuard."
Linux keyboard debuts next month (Desktop Linux)Desktop Linux takes a look at a keyboard made for Linux systems. "German Electronics firm Cherry is partnering with SuSE Linux on a Linux-compatible keyboard. The company is customizing a keyboard from their CyMotion line that will feature hot keys and other advanced technologies."
Page editor: Forrest Cook Announcements Non-Commercial announcements ATI Linux Driver PetitionAn online petition is being held for the purpose of persuading ATI to provide better Linux driver support for their graphics cards.
Commercial announcements Astaro and eIQnetworks to Provide Centralized Security Reporting Tool for Astaro Security LinuxAstaro has announced that it has entered into an OEM licensing agreement with eIQnetworks, Inc., which puts eIQnetworks FirewallAnalyzer into Astaro Security Linux.
Eagle PCB Layout Editor 4.13 releasedVersion 4.13 of Eagle, a commercial printed circuit board CAD package with a no-charge evaluation version, is out. Some of the changes include support for Mac OS X, better zooming, and more.
gumstix Launched Bluetooth enabled Linux Boards & Computersgumstix, inc. has announced its next generation of gumstix boards and computers, providing optional BluetoothT connectivity. They come with open source software including Linux kernel 2.6.7.
Novell's third quarter resultsNovell has announced its third quarter results. The company claims $23 million in income, but $19 million of that is a result of a legal judgment against our old friends the Canopy Group. "Also in the third fiscal quarter 2004, Novell recognized revenue of $12 million associated with its SUSE LINUX business. Sales of subscriptions to SUSE LINUX Enterprise Server reached 19,000 units in the quarter, with 12,000 of the units sold to one customer."
Red Hat Appoints Kate Johnson as Global Services HeadRed Hat, Inc. has announced the appointment of Kate Johnson as Vice President of Services. "Johnson possesses over 13 years of client service experience, from sales through delivery. Her experience ranges across several industries, mainly focusing on helping organizations manage through significant change and transformation. Johnson will be responsible for delivering Red Hat's training, support and consulting services globally."
GUPTA Opens Team Developer 2005 Beta ProgramGupta Technologies, LLC has announced a month-long beta program for its Team Developer RAD tool. "Team Developer 2005 introduces support for the Linux operating system. For the first time, it will be possible to use a Rapid Application Development approach for Linux and Windows Desktop business applications. Team Developer doubles productivity by enabling developers to create one line of code to support both OS's simultaneously. This powerful feature will help to expand Linux Desktop adoption as more solutions can be deployed faster than ever."
New Books "SpamAssassin" Released by O'ReillyO'Reilly has published the book SpamAssassin by Alan Schwartz.
Resources Guide to Updating Extensions for Firefox PR/Thunderbird 0.8 Available (MozillaZine)MozillaZine has announced the availability of a new guide for working with Firefox PR/Thunderbird extensions. "If your extension or theme still works and has no compatibility problems with the nightly builds, please look at the guide for updating to 1.0PR (this also applies to Thunderbird 0.8) for information about how to get update.mozilla.org to contain the newer compatibility information. If your extension or theme is incompatible, the guide also has information on how to provide a newer XPI or JAR file. Finally, people not hosted by update.mozilla.org but who use the custom RDF update system should also check out the guide as it provides links that explain changes to the RDF format since 0.9."
OSDL Bolsters Linux Kernel TestingThe Open Source Development Labs has announced the release of version 3.0 of its Scalable Test Platform (STP) testing services for the Linux kernel. "The latest release of STP, version 3.0, broadens the range of features to help developers simulate real-world data center environments on the Linux kernel and the impact of different workloads on the most widely-used open source databases, including MySQL, PostgreSQL and SAPDb."
The LDP Weekly NewsThe Linux Documentation Project Weekly News for August 25, 2004 is out with the latest new documentation releases.
GRASS News - The newsletter of the GRASS ProjectThe first edition of the GRASS newsletter has been published. Take a look for the latest news from the GRASS (Geographic Resources Analysis Support System) GIS project. "The GRASS newsletter aims at covering the gap between scientific publications and manuals on one hand and the mailing list on the other hand. Articles shall not be as scientific/professional as in scientific journals and reach beyond the usual question-answer structure of a mailing list." Thanks to Bernhard Reiter.
Event Reports Live streams from aKademyFor those of you who couldn't make it to the big KDE gathering: there is a set of live audio and video feeds available from aKademy. Click below for the details.
Upcoming Events The 11th Annual Tcl/Tk ConferenceThe Eleventh Annual Tcl/Tk Conference will take place in New Orleans, LA on October 11-15, 2004.
Large Installation System Administration Conference 2004The Large Installation System Administration Conference (LISA) will be held in Atlanta, Georgia on November 1419, 2004.
Events: August 26 - October 21, 2004
Mailing Lists Mailing list for Python grant proposalsA new mailing list has been created for the purpose of discussing Python language grant proposals.
Software announcements This week's software announcementsHere are the software announcements, courtesy of Freshmeat.net. They are available in two formats:
Miscellaneous Linuxcafé is open in Basel SwitzerlandSwitzerland's first Linuxcafé has opened in Basel. "The Linuxcafé in Basel combines the agreeable atmosphere of an internet café with the opportunity to profit from the know-how of IT experts with years of experience. Here the internet café not only sets new standards with respect to quality and products offered, but also offers competent advice on all hardware and software questions arising in connection with the free Linux operating system, which is an absolute first in the Swiss computer landscape."
Page editor: Forrest Cook
|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||