LWN.net Weekly Edition for June 23, 2005
Changes at the Linux Mark Institute
Linux users and developers, as a whole, prefer to avoid legal and political hassles. As a result, contacts with the legal system tend to be initiated by the outside world. In the case of the Linux trademark, that contact happened in 1996, when one William Della Croce thought it would be fun to register the Linux trademark in the U.S. and start shaking down the few struggling companies which were trying to make a living in that space back then. The community reacted, lawyers were called in, and, eventually, the trademark was transferred to Linus Torvalds.There have been occasional trademark issues since then. In 1999, a company called Channel One Gmbh made a grab for the trademark in Germany. They lost too. In early 2000, "SeriousDomains" brought about a trademark shutdown from Linus when it tried to scalp a pile of Linux-related domain names. The notion of spending big bucks for LinuxOnSteroids.com may seem amusing, but remember that things were a little different those days. Just look at the LWN Weekly Edition covering this event - the other front page story was that a company called Linuxcare thought people might want to line up and buy its stock.
Whether the domain name or the stock would be worth more now is debatable. But that event was the first episode in which the Linux trademark had been used to shut down a business in this way. In the aftermath, Linus posted an informal trademark policy to explain how he thought the mark should be used:
At that time, Linus noted that official permission to use the trademark would involve the payment of a "nominal fee," which would go to Linux International's "trademark fund."
That is where things sat for a long time. Companies using the Linux mark were expected to obtain a license for a one-time $500 fee. More recently, however, some changes have popped up which shine a light on a shift in how the trademark is being administered.
Changes at LMI
The headquarters for Linux trademark administration is, as it has been for some years, the Linux Mark Institute (LMI). It should come as no surprise that Linux International is no longer handling the trademark. What might surprise some people, however is that LMI has been reincorporated in Oregon and its web server is now hosted by OSDL. Even more surprising might be changes made to the licensing agreement for the trademark itself. None of these changes have been announced to the community.
The following table highlights a couple of key differences between the current version of the license, and the license as it appeared last October, thanks to archive.org.
| October, 2004 | June, 2005 |
|---|---|
| LMI hereby grants to Licensee a non-exclusive sublicense to use the Linux mark and goodwill, in the form listed in the Licensee information at the end of this License form, for the purpose of marketing and distributing software that relates to the Linux operating system, whether it is an application or a version of the operating system itself. | LMI hereby grants to SUBLICENSEE, subject to the timely payment of applicable fees listed in Schedule A attached hereto and compliance with all other terms and conditions of this Agreement, a nonexclusive, non-transferable license and right to use the SUBLICENSED TRADEMARK solely (a) in the TERRITORY; (b) for the SUBLICENSEE MARKS identified on the signature page of this Agreement; and (c) on AUTHORIZED GOODS/SERVICES which are (i) produced by or for SUBLICENSEE, and (ii) distributed under SUBLICENSEE's name. |
| This License is perpetual so long as Licensee complies with the terms and conditions of this License... | If SUBLICENSEE is in material breach of one or more of its obligations under this Agreement, LMI may, upon its election and in addition to any other remedies that it may have, at any time terminate this Agreement and all the rights granted hereunder by not less than thirty (30) days written notice to SUBLICENSEE specifying any such breach, unless within the period of such notice all breaches specified therein shall have been remedied. By way of example but not of limitation, a material breach includes a failure to timely pay the sublicense fees set forth in Schedule A. |
| One Time Single Payment Royalty. This License shall become effective only upon acceptance by LMI at its official office in Monterey, California and the receipt by LMI of a one-time license fee of Five Hundred Dollars (US $500.00), which shall be non-refundable under all circumstances. | SUBLICENSEE shall pay to LMI a periodic trademark sublicense fee as specified in Schedule A appended hereto (the due date of such payment, the "Payment Due Date"). |
The new license has clearly gained a great many capital letters. It also has a new "schedule A" setting out what the license will cost. The figure varies depending on the amount of revenue the licensee gains from the Linux-related products; it can be anywhere from $500 to $5000. At the low end, there is a $200 rate for non-profit companies. At the high end, the $5000 applies to each product or service using the trademark. In all cases, however, the new fee is annual - it must be paid every year, or the right to use the trademark goes away.
What has also come out is that the Institute is actively contacting companies and telling them that they need a license. In this quest, it has started to upset some members of the community; in particular, Bruce Perens received a demand that the UserLinux project purchase a trademark license. Mr. Perens does not appear to be upset about trademark licensing in general, but the terms of the new agreement are not to his liking. In particular, he objects to the terms of the license grant, which reads:
How, asks Bruce, can these terms be made to work for a project like Debian, which has little control over how its distribution is distributed? Can Debian call its product "GNU/Linux" when said product can be distributed by others, using different names?
What is really going on
LWN spent some time trying to figure out what is going on at LMI; in the process, we took up quite a bit of Jon 'maddog' Hall's and Eric Boustani's time. Eric, a member of the LMI board, has been involved with the Linux trademark since the beginning, when he helped to set up the initial licensing scheme. What Eric tells us is that, over the last year, there has been a constant effort to solidify and improve the management of the Linux trademark, with the community's interests kept firmly in mind. While the work has been ongoing, only now are the results beginning to be visible.There were a number of problems with the previous management scheme which needed to be addressed. The number of trademark licenses issued was too small - companies simply were not buying them. The protection of the Linux trademark was spotty - it is not possible to simply create a worldwide trademark license, and the mark had not been registered in many countries. There have been abuses of the trademark (Linux-related domain names pointing to porn sites, for example) which needed to be shut down. Solidifying the Linux trademark requires bringing more resources to bear, which is being done in a couple of ways. One is the increase in licensing fees, especially for the larger companies which are making money from Linux. The other was to bring in some outside support, which has come from OSDL. So OSDL is providing hosting and some staff time to assist LMI. Eric insisted, however, that OSDL has not taken over the management of the Linux trademark, and that it has no special rights with regard to that mark.
The licensing changes are aimed at improving the situation. The old licensing fee was simply not enough to fund LMI at the level it needed to properly manage the trademark. The change in the license term is meant to address a different problem: the perpetual term of the old license gave LMI no way to terminate a license. Termination in this case is not a punitive or enforcement measure; the real problem is simply companies which go out of business or stop using a Linux-related trademark for some other reason. A renewable license allows parts of the name space to be reclaimed when they fall out of use. The one-year term also allows the license to be regularly reviewed and updated; things change quickly in the Linux community, and the legal structures need to be able to change too.
LMI was not able to talk much about the specific complaints raised by Bruce Perens. Mr. Hall has described them as "non-issues," however. He and Mr. Boustani have both said that the last thing LMI wants to do is to create difficulties for community projects. If some aspect of the licensing language does turn out to be a problem, they will find a way to change it if they can.
One thing that is worth noting is that the process by which LMI makes its decisions is opaque to the community, at best. Mr. Bourstani tells us that LMI understands this, and plans to change things. So we should see initiatives from LMI to "open things up" and give the community a larger say in how the trademark is administered. Much of the work which has happened so far has been the laying of the foundations that needed to happen first.
For the curious: the current LMI board members are: Larry Augustin, Eric Bourstani, Jon 'maddog' Hall, Linus Torvalds, and Stuart Cohen. Mr. Cohen is the CEO of OSDL; he has held a board position for a relatively short period of time.
In conclusion...
One might wonder why all of this matters. The fact is that the care of the Linux trademark is an important issue. The trademark must be held by somebody, or we run the risk of more Della Croce-style shakedown attempts. If no effort is made to protect the trademark, it may degrade into a generic term which anybody can use. This may seem like the best outcome to some, but who can doubt that it would lead to some sleazy operators distributing products called "Linux" which none of us would recognize as such?
It is to our benefit that the term "Linux" actually means something. If we want that situation to continue, then somebody must defend the trademark. So a group like the Linux Mark Institute seems like a necessary evil. LMI has not conducted itself in a manner contrary to the community's interests in the past, and it does not appear that the recent changes at LMI will be anything but good for the community. If the community is to believe that over the long term, though, LMI will have to follow through with its plans for greater openness. An organization which is truly operating in the community's interest has no reason to fear the community's participation.
A look at Xen
The Xen virtual machine monitor is starting to pop up all over the place, or at least in several Linux distributions. Fedora Core 4 comes with Xen packaged as part of the release. SUSE Professional 9.3 includes Xen, there's the Xenophilia Linux distribution that is based around Xen, and Xen is in Debian unstable as well. XenSource, a company founded by Xen project developers, has also been in the news, and is getting funding from Kleiner Perkins Caufield & Byers and Sevin Rosen Funds as well as technology contributions from Intel.This seems like a good time to take a look at Xen, see what it's capable of, and where it's going. We decided to test out Xen in Fedora Core 4, and the latest release from the Xen project in the form of a live CD to see how mature Xen is. According to the Xen Quickstart guide, Xen in FC4 is based on the Xen unstable tree, so some features will be a bit rough. Users who want to test Xen without installing FC4 can download demo CDs based on Debian from the Xen website. We also spoke with XenSource's Simon Crosby, a founder of XenSource and former professor at the University of Cambridge where Xen got its start.
Xen is a "hypervisor," or virtual machine monitor, which can execute several virtual machines on a single piece of hardware. Xen isn't unique in being able to run virtual hosts -- Linux users can run virtual machines using User-Mode Linux (UML), bochs, VMware products, SWsoft's Virtuozzo and a number of other virtualization technologies.
Xen operates a bit differently, however, than UML or VMware Workstation. Xen requires that a OS be ported to run on Xen's hypervisor, rather than attempting to emulate an x86 virtual machine completely as VMware Workstation does. The Xen approach is supposed to offer superior performance -- a performance comparision between VMware Workstation, Xen, native Linux and UML is available on the Xen website -- but it means that unmodified operating systems will not run on top of Xen. Users who want to run a virtual instance of Microsoft Windows, for example, will have to look elsewhere, at least for now. Crosby said that work is being done that will allow unmodified guest OSes to run on top of Xen, but that won't be complete until some time after 3.0 is released.
Also, Xen runs only on x86 systems with 686 processors or better, though ports to x86_64 and other processors are in progress. Crosby said that IBM is working on Power5 support, HP is working on Xen on IA64 and that he believes Sun is working on a Sparc port as well. The current Xen release will run on SMP systems, but does not include SMP support for guests. However, Crosby said that work is being done in this area, and the 3.0 roadmap calls for SMP support within guest hosts as well.
In addition to allowing a system to run multiple instances of Linux, Xen also works with NetBSD and FreeBSD, so users aren't restricted to using a Linux host for running Xen. Using the Xen live CD, we ran instances of Debian with the 2.4 and 2.6 series kernels alongside instances of FreeBSD and NetBSD.
We installed the Fedora Core 4 with the default "Workstation" set of packages. Xen's packages are not installed by default so we used Yum to grab the Xen host kernel, the Xen guest kernel and support packages. Xen in FC4 still requires a great deal of manual setup. There's no point-and-click GUI interface included to allow easy creation of Xen virtual hosts, and some users might find the steps to setting up Xen to be somewhat daunting. We followed along with the Fedora+Xen Quickstart guide to install Xen and create virtual hosts, and the Xen users' manual to get started with the basic Xen utilities.
After installing the Xen0 kernel, we disabled SELinux support and restarted the host to boot into the Xen0 kernel. SELinux needs to be disabled in order to create the guest filesystems. After rebooting, we created a 2GB file to use for the filesystem and then installed the Fedora Core 4 base system using Yum. It is also possible to export block devices directly to guest domains, so users could choose to use entire partitions for Xen guest filesystems.
After creating the filesystem, and creating a configuration file for the guest system under /etc/xen, we started up the guest host. We gave the guest 128 MB of RAM on a system with 1 GB total. We then tested the system a bit by creating a network interface, installing Apache with Yum and so on. The guest and host performance seemed fine, even when we started up a second guest with the same configuration on the same machine.
Xen also includes a web-based control interface. This interface didn't work in FC4, but worked just fine with the Xen live CD. After firing up "xensv" we were able to connect to the localhost on port 8080 and perform most of the functions available via the command line using the web-based interface.
The control interface for Xen is adequate, but certainly won't be winning
any awards for ease of use. Crosby acknowledged that "
Another interesting feature in Xen is the ability to move Xen instances
from one physical machine to another. Crosby said that it's possible to
move a Xen virtual machine "
Xen 3.0 is scheduled for sometime
in the July time frame according to the Xen roadmap. Crosby said that
3.0 will fork "
We also talked to Crosby about the direction of XenSource, and whether its
future offerings would be released as open source. Crosby said that the
company planned to ship some proprietary tools for use with Xen, though Xen
would continue to be open source. He also said that XenSource is interested
in a world where the hypervisor is "ubiquitous" and provides an ecosystem
with "
While Xen is still a little rough around the edges, it's well worth a look
for users who want a free software solution for virtualization. Xen's
performance seems very good, and it looks like a good solution for Linux
testing and perhaps web hosting and so forth. Given the interest from
investors, Intel, SUSE, Red Hat and others, it seems likely that Xen will
continue to improve at a rapid pace.
you have to be
something of a guru to use it
", but noted that Xen's is very
polished in the area of stability. Indeed, we didn't run into any stability
issues with Xen while testing, and it looks like it's already suitable for
utility computing. Crosby noted that XenSource is
running its website and other services within Xen hosts.
so that the guest is only non-responsive
to the outside world for tens of miliseconds
".
in a few weeks time
", and that the Xen team was
waiting on a few features from the community before forking. When 3.0 forks
in July, Crosby said that the Xen team would be working with the community,
partners and distributions to hammer out the bugs.
a whole load of opportunities for vendors to compete in,
creating a big pie... and we aim to have a fair slice of that pie
".
Security
Attack of the killer iPods
Apparently, the latest security threat to the enterprise is Pod slurping. Gartner recommended banning portable storage devices, including iPods, last year, but Abe Usher has taken it a step farther by providing a proof-of-concept application called slurp that could run off of an iPod or other portable storage device. Usher paints a scary scenario to put the fear of iPods in all of us:
A scary scenario indeed. We put slurp to the test, to see if it is indeed
that quick and easy. Usher's slurp.exe runs off of the portable storage
device and copies documents (including *.doc, *.xml, *.xls, *.txt and
others) from the "C:\Documents and Settings\" directory onto
the portable storage device. Since we didn't have a Windows-compatible iPod
handy, we used a 512MB USB flash drive instead.
Indeed, slurp.exe works as advertised, searching the target computer (a Windows XP machine) and copying all Office documents from the target directory to the USB drive in less than a minute. (Admittedly, there were only a dozen or so, so target computers with hundreds of documents may take more time.) While testing, it also occurred to us that slurp could also provide a valuable legitimate use by allowing users to back up their Office documents to work on them at home. Note that Usher's slurp.exe is "crippled" to only allow a user that's logged in to copy documents, and maxes out at 200 files.
Usher calls for organizations to put several technology- and policy-based countermeasures in place to reduce the risk of data theft with portable devices. We agree with Usher that organizations with sensitive data should have strong physical security to prevent intruders from gaining access to systems. Usher's scenario - an unauthorized visitor snooping through the office unsupervised - shouldn't be allowed in any workplace that needs to enforce data security.
Restricting removable storage devices, however, may be much more difficult -- and ultimately futile, since they're easy to conceal and users with physical access to machines also probably have access to other means for sending sensitive information off-site: e-mail or uploading files to web-based storage, for example. Keeping unauthorized users away from systems is one thing, preventing a disgruntled employee from removing documents is another.
Usher's technical suggestions are also interesting. He suggests disabling USB connections in the system's BIOS, using encryption, keeping corporate data on protected network shares and using third-party applications like DeviceLock to lock down access to USB and other removable devices.
Administrators who wish to disable USB connections in the system bios will also need to password-protect the BIOS to prevent a user from simply re-enabling it. Use of encryption for sensitive data is certainly recommended, though training average PC users to actually utilize encryption may be more easier said than done.
Keeping data on network shares only works if there's a way to prevent the user from copying the data to the local PC or sending it off-site via the network. Third party apps like DeviceLock are only useful while a PC is running -- so a user who reboots the PC and uses a live CD of some kind is going to be able to bypass DeviceLock rather easily.
The possible abuses of portable storage devices like the iPod should be taken seriously. The ability to copy tens of gigabytes of data onto a pocket-sized device is certainly a threat to organizations with sensitive data to protect. However, it wouldn't pay to focus on portable storage devices alone. There are many, many ways that someone with physical access would be able to compromise an organization's security. Banning iPods and other storage devices, without a comprehensive security policy that covers other possible attacks, is likely to do nothing more than annoy employees.
New vulnerabilities
cacti: SQL injection and PHP file inclusion
| Package(s): | cacti | CVE #(s): | |||||||||||||||||||||
| Created: | June 22, 2005 | Updated: | July 21, 2005 | ||||||||||||||||||||
| Description: | Cacti (prior to version 0.8.6e) suffers from vulnerabilities which can lead to SQL injection and (on some systems) execution of arbitrary PHP files. | ||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||
cpio: directory traversal
| Package(s): | cpio | CVE #(s): | CAN-2005-1111 | ||||||||||||||||||||||||||||||||||||
| Created: | June 20, 2005 | Updated: | December 26, 2005 | ||||||||||||||||||||||||||||||||||||
| Description: | There is a vulnerability in cpio (2.6 and previous) that allows a malicious cpio file to extract to an arbitrary directory of the attackers choice. cpio will extract to the path specified in the cpio file, this path can be absolute. | ||||||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||||||
Java: applet privilege escalation
| Package(s): | sun-jdk sun-jre blackdown-jdk blackdown-jre | CVE #(s): | |||||||||||||
| Created: | June 20, 2005 | Updated: | June 22, 2005 | ||||||||||||
| Description: | Both Sun's (v < 1.4.2.08) and Blackdown's (v < 1.4.2.02) JDK and JRE may allow untrusted applets to elevate privileges. A remote attacker could embed a malicious Java applet in a web page and entice a victim to view it. This applet can then bypass security restrictions and execute any command or access any file with the rights of the user running the web browser. | ||||||||||||||
| Alerts: |
| ||||||||||||||
PeerCast: format string vulnerability
| Package(s): | peercast | CVE #(s): | |||||
| Created: | June 20, 2005 | Updated: | June 21, 2005 | ||||
| Description: | James Bercegay of the GulfTech Security Research Team discovered that PeerCast (v < 0.1212) insecurely implements formatted printing when receiving a request with a malformed URL. A remote attacker could exploit this vulnerability by sending a request with a specially crafted URL to a PeerCast server to execute arbitrary code. | ||||||
| Alerts: |
| ||||||
ruby: arbitrary command execution
| Package(s): | ruby | CVE #(s): | CAN-2005-1992 | ||||||||||||||||||||||||||||||||
| Created: | June 21, 2005 | Updated: | October 6, 2005 | ||||||||||||||||||||||||||||||||
| Description: | Ruby (versions < 1.8.2) is vulnerable to arbitrary command execution on XMLRPC servers. | ||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||
SpamAssassin: denial of service
| Package(s): | spamassassin | CVE #(s): | CAN-2005-1266 | ||||||||||||||||||||||||||||||||||||||||
| Created: | June 17, 2005 | Updated: | July 28, 2005 | ||||||||||||||||||||||||||||||||||||||||
| Description: | SpamAssassin 3.0.4 was released to fix a denial of service vulnerability in versions 3.0.1, 3.0.2, and 3.0.3. The vulnerability allows certain mis-formatted long message headers to cause spam checking to take a very long time. | ||||||||||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||||||||||
SquirrelMail: several XSS vulnerabilities
| Package(s): | squirrelmail | CVE #(s): | CAN-2005-1769 | ||||||||||||||||||||||||||||||||
| Created: | June 21, 2005 | Updated: | September 16, 2005 | ||||||||||||||||||||||||||||||||
| Description: | Several cross site scripting (XSS) vulnerabilities have been discovered in SquirrelMail versions 1.4.0 - 1.4.4. | ||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||
sudo: race condition
| Package(s): | sudo | CVE #(s): | CAN-2005-1993 | ||||||||||||||||||||||||||||||||||||||||||||||||
| Created: | June 21, 2005 | Updated: | February 24, 2006 | ||||||||||||||||||||||||||||||||||||||||||||||||
| Description: | Charles Morris discovered a race condition in sudo which could lead to privilege escalation. If /etc/sudoers allowed a user the execution of selected programs, and this was followed by another line containing the pseudo-command "ALL", that user could execute arbitrary commands with sudo by creating symbolic links at a certain time. | ||||||||||||||||||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||||||||||||||||||
Tor: information disclosure
| Package(s): | tor | CVE #(s): | |||||||||
| Created: | June 21, 2005 | Updated: | August 25, 2005 | ||||||||
| Description: | A bug in Tor allows attackers to view arbitrary memory contents from an exit server's process space. A remote attacker could exploit the memory disclosure to gain sensitive information and possibly even private keys. | ||||||||||
| Alerts: |
| ||||||||||
trac: file upload vulnerability
| Package(s): | trac | CVE #(s): | |||||||||
| Created: | June 22, 2005 | Updated: | July 6, 2005 | ||||||||
| Description: | Versions of trac prior to 0.8.4 suffer from an input validation error which can lead to the uploading of files to undesired locations on the host system. | ||||||||||
| Alerts: |
| ||||||||||
webapp-config: insecure temporary file handling
| Package(s): | webapp-config | CVE #(s): | |||||
| Created: | June 17, 2005 | Updated: | June 21, 2005 | ||||
| Description: | Eric Romang discovered webapp-config < 1.11 uses a predictable temporary filename while processing certain options, resulting in a race condition. | ||||||
| Alerts: |
| ||||||
Page editor: Jonathan Corbet
Kernel development
Brief items
Kernel release status
The current 2.6 kernel is 2.6.12, which was released on June 17. Quite a few fixes - but no substantial changes - were merged after the last release candidate. For those who might not remember back to last March: 2.6.12 contains, among other things, a driver for the "trusted computing" (TPM) chip found in Thinkpads (and elsewhere), SuperHyway bus support, a multilevel security implementation for SELinux, device mapper multipath support, the address space randomization patches, a restored Philips webcam driver (still lacking full functionality), full I/O barrier support for serial ATA drives, resource limits which can be used to allow unprivileged users to run tasks with realtime priority, and a huge pile of fixes. See the long-format changelog for the details back to 2.6.12-rc2. For details prior to that, see the long-format changelogs for 2.6.12-rc2 and 2.6.12-rc1.No 2.6.13 prepatches have yet been released. There are, however, a few hundred patches in Linus's git repository, including a big SCSI subsystem update (the venerable SCSI changer driver has finally been merged), version 18 of the wireless extensions (with WPA2 security support), a new SysKonnect ethernet driver, some audit subsystem improvements, some networking updates, a set of device model updates (see below), a number of virtual memory improvements, some Rock Ridge filesystem improvements, a new set of framebuffer fonts, some RAID (MD) improvements, and a number of fixes.
The current -mm tree is 2.6.12-mm1. Recent changes to -mm include a new version of the completely fair queueing (CFQ) I/O scheduler, some VFS scalability work, and lots of fixes.
Kernel development news
What to merge for 2.6.13?
Andrew Morton, looking forward to 2.6.13, has posted a list of major patches which, in his opinion, will (or will not) be merged soon. Reviewing the list, along with the subsequent discussion, gives a good sense for what the next 2.6 kernel might look like. Of course, the final product is still likely to contain a few surprises.Some of the decisions are not particularly controversial. Andrew is likely to merge the OCFS2 filesystem, some Xen precursor patches, execute in place support, software suspend support for SMP systems, some kernel timer performance improvements, various KProbes updates, the RapidIO subsystem, some scheduler tweaks, and some memory management work. Nobody has really complained about the inclusion of any of these patches (yet), so their path into the kernel might be relatively smooth.
One patch which has gotten surprising support is kexec, which was first covered here in November, 2002. The ability to quickly boot a new kernel without going through the system firmware is nice, but the real payoff for kexec comes when it is combined with kernel crash dumps. Crash dumps can be a useful diagnostic tool, especially for vendors who are trying to track down a bizarre crash which only occurs at a customer's site. So various distributors have included some sort of crash dump capability in their kernels for some time. These patches will typically write kernel memory to a disk or network device, then reboot the system.
The approaches taken to crash dumps so far share one significant problem: they all rely on the kernel to create its own dump. But this is a kernel which has just gone into panic mode; it is not in a stable state. The chances of an oopsing kernel completing a satisfactory crash dump are not all that high (Arjan van de Ven estimates that it works about 10% of the time). The real problem, however, is the risk involved in allowing an unstable kernel to continue performing I/O; there is a very real possibility that a (corrupted) crash dump could end up being written on top of something that the owner would have preferred to keep.
The kexec approach gets around this problem by rebooting the system before performing the dump. The normal, production kernel is configured to set aside a small range of memory, which it never uses. Instead, a different kernel is loaded into that memory; this kernel will be small, and configured to do little other than performing crash dumps. If the system should panic, kexec is used to immediately boot into the crash dump kernel. This kernel, which will be starting fresh and in a known state, can then write the contents of memory to some sort of permanent store before rebooting into a new production kernel. This approach is safer and more reliable; the mailing list discussion has been favorable enough that kexec/kdump appears likely to be merged.
The reiser4 filesystem has sat in the -mm tree for some time, and Andrew indicated that he might merge it this time around. Reiser4 has run into trouble into the past, mostly as a result of its "file as a directory" semantics which change how Linux works, can confuse tools, and, crucially, can lead to system deadlocks. This feature has been disabled for now, but there is still opposition to merging reiser4 into the mainline.
The main issue this time around would appear to be the plugin architecture used by reiser4. Plugins can be used to change the behavior of the filesystem in many ways, from adding compression to completely changing how the file is laid out on disk. The plugin mechanism is a key part of Hans Reiser's longer-term vision of how filesystems should work; he hopes to eventually move all kinds of functionality into the filesystem level. The kernel developers, however, do not think that this sort of mechanism should be built into a filesystem; instead, much of what plugins do belongs in the VFS layer. So they would like to see reiser4 slimmed down into a much smaller, dumber system, with the plugin capability added on top of it and made available for other filesystems as well.
Hans is resisting making this (large) change; he asks that the review process take a different tack:
Things appear to be at a standoff which could block the inclusion of reiser4 for some time.
Yet another change under consideration is configurable clock frequencies for the i386 and ia-64 architectures. The current value (1KHz) turns out not to be optimal for all users; lower clock frequencies can improve throughput on some systems at the cost of coarser timer resolution and possibly increased latencies. There have been complaints about the new default (250Hz) and the fact that the patch is going in at all when more sweeping changes to the timer system (such as the dynamic tick patch) are waiting on the wings. Your editor's guess is that the patch will be merged, but the default may be changed to keep the current HZ value.
FUSE (user-space filesystems) is being discussed again. FUSE has run into opposition due to the way it overrides the file permissions checking done at the VFS level. There does not appear to be any solution to this issue that pleases everybody, so it is hard to say where this one might go. It is possible that FUSE will be merged, but without its particular permissions behavior - a solution which would leave a number of FUSE users still needing to apply a patch to get the behavior they want.
It didn't appear on Andrew's list, but the removal of devfs has also been a discussion item. Andrew didn't entirely like the full patch set which completely removed devfs from the kernel; he wondered what would happen if enough people complained and devfs had to be restored at some point in the future. So the current approach is to simply remove the devfs configuration option, making the functionality inaccessible. Eventually, if no major problems turn up, the code can be removed for real.
A big set of driver core changes
Greg Kroah-Hartman has gotten 2.6.13 off to a good start with a massive set of driver core patches. There are a fair number of API changes that come with this patch set, so the whole thing is worth a look. In-tree code has been fixed to use the new API, but, as always, maintainers of external code are on their own.Two of the more significant changes were covered here last March. The interfaces have not changed since then, so that coverage will not be duplicated. The first of these changes is the complete rework of the "class" API. The interface known as "class_simple" turned out to be the best way to work with classes, so Greg reworked it as the class API, changing everything as he went. The interface known as class_simple is no more, but the new class API looks much like class_simple used to. The other change is the addition of the "klist" type: an extension to the kernel linked list type which includes its own, built-in reference counting and locking.
The next change is in the prototypes of the store() and show() callbacks for device attributes. These callbacks now look like:
ssize_t (*show)(struct device *dev, struct device_attribute *attr,
char *buf);
ssize_t (*store)(struct device *dev, struct device_attribute *attr,
const char *buf, size_t count);
In each case, the callbacks have picked up a pointer to the actual attribute being accessed, allowing one callback to handle multiple attributes.
There have been a number of internal changes to device model data structures which really shouldn't affect other code, but which might anyway. Various internal lists have been removed; in some cases, they have been replaced with klists. And a number of character pointers are now explicitly const pointers.
Code wanting to look through the devices bound to a driver can use a new function to iterate through the list:
int driver_for_each_device(struct device_driver *driver,
struct device *start,
void *data,
int (*fn)(struct device *, void *));
This function will call fn() for each device bound to the given driver, stopping at the end of the list or when fn() returns a non-zero value.
Inodes in sysfs now have an i_op->setattr() function, meaning that their permissions can be changed and those changes will last for as long as the system runs. Changing of sysfs permissions was never really supported in the past; it would work for a bit, but the permissions could be reverted at seemingly random times. This is not really an API change, but creators of sysfs attributes should bear in mind that the permissions on those attributes might be changed from their original values.
Dealing with disk I/O problems
Filesystem authors try hard to avoid losing data. Many of them have discovered, the hard way, that failure to return a user's bits in exactly the same condition as when they were entrusted to the filesystem can lead to serious disgruntlement down the road. There are limits to what a filesystem can do, however, when the hardware starts to fail. If a disk drive begins to go bad, or somebody yanks out a hotpluggable device, problems are simply going to happen.So what should a filesystem do in such a case? The behavior shown by most Linux filesystems (and partially enforced by the VFS layer) is to return an I/O error status (EIO) when things start to fail, then remount the filesystem in a read-only mode in an attempt to avoid any further damage. The end result is that a user-space application might see an EIO error return once - or it might not, since not all in-kernel error codes make it all the way back to user space. After that, the returned error will be EROFS (read-only filesystem), which is not entirely illuminating.
Back in the good old days, we would just look in the system log file to see what was really going on. The new crowd of Linux users would rather not have to do that, however; they expect the system to tell them, politely, that their hardware is on fire and that they are about to deeply regret not having run any backups since sometime last winter. The problem is that the POSIX API is simply not set up to return that sort of detailed error information. Breaking compatibility with POSIX is not an option, so something complicated would have to be done to return error information within the bounds of the current API. Beyond that, however, is the simple fact that the application which is currently beating its head against disk errors might not be the right one to be having a pleasant conversation with the user about those errors.
These issues have led Ted Ts'o to suggest that a different mechanism should be used. Rather than try to shove additional information through the existing API, the kernel should simply report events like disk disasters via an out-of-band mechanism. For example, errors could be reported with the user notification mechanism and fed into DBus for distribution. The user could then be informed of the trouble and given the opportunity to panic in a desktop-specific manner.
There seems to be a high level of agreement that the out-of-band notification is the right way of doing things. All that is needed is for somebody to do the hacking to actually make it happen.
Patches and updates
Kernel trees
Architecture-specific
Core kernel code
Development tools
Device drivers
Filesystems and block I/O
Janitorial
Memory management
Networking
Security-related
Benchmarks and bugs
Miscellaneous
Page editor: Jonathan Corbet
Distributions
News and Editorials
64 Studio - creative and native
Like many Linux users, I've been through the full range of operating systems and architectures over the years. A decade ago I was learning to use System 7 on the Mac and various creative applications from companies like Quark, Aldus and Adobe. Users took it for granted then that both the hardware and software were proprietary, with all that implied. But since these systems represented the gateway to the world of desktop media creation, we put up with it. The emerging field of Web design introduced people like me to Linux on the server, and with the release of applications like the Gimp, we began to use Linux on the desktop too.Today, we have free software applications covering many of the creative disciplines, including 2D and 3D graphics, audio, video and publishing for the web or print. Unfortunately - despite the well-established concept of a printing press or recording studio on every desktop - media creation, when compared with media 'consumption', remains a niche activity. It seems that even Apple, supposedly the friend of artists and creative types everywhere, has decided to target the mass market with consumer electronics products instead.
This niche status is reflected in the fact that none of the mainstream Linux distributions work particularly well 'out of the box' for media creation - but to be fair, Windows XP or OS X also require many additional packages to be installed before their users can realize the full creative potential of their chosen platform.
Specialist Linux audio distributions do exist, including AGNULA/DeMuDi and Studio to Go!, with a decent level of integration for music-making. But as far as I'm aware, all of these audio distributions are x86-only so far, and there are few specialist distributions in the other creative fields. Ratatouille, a Knoppix-based distribution designed for animation is one exception.
Why 64-bit?
Typical desktop users, writing letters, following progress on eBay or checking their email are more than adequately served by existing 32-bit processors, and for these users CPU power consumption is probably the most important issue, due to its impact on notebook battery life and system noise. But when you're working with video, 3D, multiple tracks of audio, real time processing or rendering, you need to squeeze the most possible out of your hardware. It's my view that creative users will be in the vanguard of 64-bit desktop adoption, since it's a logical next step when a couple of gigabytes of RAM are just not enough.Free software users have access to source code, so they can (in theory) build systems on any new architecture that comes along. Of course in practice, there have been few viable candidates for a successor to x86, and it has only been since the launch of the AMD Opteron, Athlon 64 and now Turion that we have been able to talk realistically about 64-bit on the desktop. The fact that Intel has embraced the 64-bit extensions to x86, together with Apple dropping Power, means that for the foreseeable future there is only one desktop architecture.
Ironically, it is the probably the fact that 32-bit Windows can run on these chips, making them commodity processors, which means that they are widely available for building the creative Linux desktop. Crucially, they are also affordable, which is a significant factor in this niche. Most creative people are either students or freelancers for at least some of the time, and so 64-bit on the desktop, Linux or otherwise, will probably only succeed if it doesn't cost significantly more than 32-bit computing.
Linux clearly has a head start on x86_64, and as LWN.net has related recently, you can choose from a number of natively compiled desktop distributions for the platform. Unfortunately for the creative user, all of these distributions are aimed at the general-purpose audience. It's impossible to be all things to all people, and what's good for the so-called consumer is rarely right for the content creator.
For example, typical distributions use Arts or ESD to share the sound card between applications, while many Linux musicians would want to use JACK - admittedly more complex, but far more powerful. Default selections of applications would be very different, and even gigantic distributions like Debian don't package all of the specialist tools needed for media creation.
A 64-bit Debian remix
64 Studio is a new native x86_64 distribution with a selected set of creative tools and as much integration between them as possible. Most of the packages come from the Pure 64 port of Debian testing, with some from Ubuntu, some from DeMuDi and some custom built. Because we're sticking very closely to Debian with the 64 Studio design, it's our intention that users will be able to install any application that we don't include directly from a Pure 64 port mirror. This includes most of the well-known applications with the exception of OpenOffice.org, which just won't build natively on x86_64 yet.Switching to native 64-bit software doesn't necessarily realize an instant and obvious improvement in performance on the same hardware, but I believe that if we create a native platform, then application developers can begin to realize the benefits of 64-bit processor optimisation and an improved memory architecture. Even in the short term, it makes more sense than building i386 binaries to run on the latest hardware.
64 Studio version 0.2.0 alpha is available for download now as an .iso image. Changes from stock Debian include X.org instead of XFree86, the Gnome desktop installed by default, and a base selection of packages including the Gimp, Inkscape, Scribus, Blender, Audacity, Ardour, Jamin and Kino. Version 0.3.0 will be out at the end of June with more packages and enhancements, and the distribution is seamlessly upgradeable with apt-get of course. We have a fully open development mailing list and a ticket system for tracking bugs on http://64studio.com/.
We'd be more than pleased to hear your test reports and suggestions for the distribution. You can help us make free software the creative desktop of choice.
The 64 Studio company
Since specialist distributions have relatively few users, they usually end up being maintained by a single person. External funding - whether from a government agency or venture capitalists - is often unreliable in the long term, and can sometimes steer the agenda of the distribution away from that of the users. I believe maintaining a niche distribution is too much work for a volunteer, so I have set up a company which is paying the lead developer, Free Ekanayaka, to create and maintain the system using the Custom Debian Distribution framework.Perhaps it's because I come from a publishing background, but I envisage the ideal Linux distribution to work in a similar way to a magazine. The maintainers are fundamentally in an editorial role, selecting the most appropriate free software from the many thousands of packages available, and putting it into a convenient monthly snapshot. Since the software is free software, it would be churlish of us to demand that people pay us to do this, but if we provide something of value then it should be worth a reasonable annual subscription. It's my view that the Mandrake Club was a step in the right direction, but that company didn't originally intend to integrate club membership with support, so you paid to be a member and then had to shell out for per-incident support on top.
Community support often meets or exceeds the quality that proprietary software vendors provide, but people tell me that it's reassuring to have some paid-for support available as an option. Sometimes our questions are just too ordinary to interest people on a mailing list or forum, or at the other end of the scale they can require patience and time-consuming research to answer. It can sometimes be difficult to get the help you need when you're up against a project deadline.
I believe that by covering one kind of desktop user really well, the 64 Studio company can provide detailed support for the people that need it at a modest cost. For the people that don't need support, or are planning large deployments where per-seat licences would be prohibitive, it's still free software - and we're not going to lock people into support contracts in order for them to access updates either. There will also be commercial support available for OEMs who want to build products using 64 Studio as a base, or to bundle the distribution with hardware as an alternative to Windows XP x64 edition. One day, we might even be able to buy a 64-bit laptop with the software we want on it!
Biographical note: Daniel James is one of the founders of LinuxUser & Developer magazine, and served as the first director of the linuxaudio.org consortium.
New Releases
OpenPKG 2.4 released
OpenPKG 2.4 is out. "Much valued by IT decision makers and beloved by Unix system administrators, OpenPKG is the world leading instrument for deployment and maintenance of Open Source Unix software when administration crosses platform boundaries." This meta-distribution has grown to 562 packages for this release; click below for the details.
New Mandriva Linux Multi Network Firewall
Mandriva has announced the second version of its comprehensive infrastructure and security system Multi Network Firewall. MNF2 provides advanced firewalling, IDS (Intrusion Detection System) and VPN (Virtual Private Network) capabilities in a single product with a simple web interface. New features include new types of VPN such as PPTP and OpenVPN, network interface bonding and bridging, traffic shaping, network mapping and peer-to-peer filtering. MNF2 ships with one year online security update service and support options.Live Linux System Knoppix 4.0 is ready (Heise)
Heise Online looks forward to the imminent Knoppix 4.0 release. "Moreover, in Version 4.0 a number of expansions have been integrated that have flowed back to Knoppix from the Knoppix-based distributions Kanotix, Quantian, Paipix and Freeduc. With, for example, the Kanotix hardware support for ISDN and DSL adapters from AVM, an improved hard disk installer, scientific software from Quantian and Paipix and learning software for children from Freeduc among them."
Astaro Introduces Version 6 of Astaro Security Linux
Astaro Corporation has announced the release of version 6 of its Astaro Security Linux Unified Threat Management software. "The new version adds improved protection for Voice over Internet Protocol (VoIP) communications, increased protection from "zero-day attacks," enhanced configuration options, and support for the Linux 2.6 Kernel."
Distribution News
Debian release team meeting minutes
The Debian release team held a meeting on June 18; some rough minutes from that meeting have been posted. After looking at the hard goals for the etch release (including X.org, gcc toolchain upgrade, amd64 integration, non-free firmware purging, etc.) and additional "would be nice" items, the group decided that an 18-month release cycle "seems sane." There's even a timeline calling for etch to come out in early December 2006.Debian GNU/Linux news
Martin Michlmayr reports on a number of orphaned packages that are likely to be dropped. "There are currently over 200 orphaned packages, many of which have been on WNPP for quite a long time and some with RC bugs. I intend to request the removal of a number of packages in three weeks unless a package has been adopted by someone by then."
James Troup reports that Debian's hosting of machines at Above.Net has come to an end. Some services will be relocated temporarily while a new provider can be found.
Release notes for FC4 erratum
Fedora Core 4 features release notes written using a new procedure and featuring many new details. Click below for links to FC4 errata and how to get involved in writing release notes for FC5.An update from Terra Soft: Apple, PowerPC, Linux
Terra Soft, provider of Yellow Dog Linux, reports on its new sources for PowerPC. "IBM, Freescale, Mercury/Momentum, Genesi, Terra Soft and others are rallying to fill the void created by Apple's departure and expand the Power Architecture marketplace. Initiatives such as Power.org will help ensure the Power family will reach its full potential."
New Distributions
Klinux
Klinux is an Italian GNU/Linux embedded distribution for industrial applications from Koan Software. It includes an integrated development environment (IDE) and debugging instruments for embedded and real time systems. Klinux is based on kernel 2.4.26 and 2.6.10. It supports all the processor families x86, ARM (StrongArm, XScale, AT91), and PPC.
Distribution Newsletters
Debian Weekly News
The Debian Weekly News for June 21, 2005 is out. This edition looks at GNOME 2.10.1 in unstable, Debian at LinuxTag, Woody to Sarge upgrades, SELinux and BSD Ports, the menu system update, Debian in embedded systems, an etch wishlist, PostgreSQL transition, and much more.Debian Weekly News
The Debian Weekly News for June 14, 2005 covers a discussion on release goals and the release team for etch, proposed changes to the release policy, C++ ABI changes, voting for DebConf 5 talks, Sarge for AMD 64, Debian and SELinux, and several other topics.Debian Weekly News
The Debian Weekly News for June 8, 2005 is out with a look at 3.1 release parties, Debian at Code Fest Japan 2005, QA goals for Etch, and other topics.Fedora Weekly News Issue 1
The first Fedora Weekly News is out. Topics include the release of Fedora Core 4, an installation guide for Fedora Core 4, Tour de Fedora Core IV, upgrading Fedora Core 3 to Fedora Core 4, Red Hat Magazine - June 2005 - Issue 8, and more.Gentoo Weekly Newsletter
The Gentoo Weekly Newsletter for the week of June 20, 2005 is out. New management for the Gentoo store, Gentoo at the German LinuxTag 2005 in Karlsruhe, Gentoo Forum admin and moderators to become official staff members, Gentoo Forums receive hardware donation, are among this week's topics.DistroWatch Weekly, Issue 105
The DistroWatch Weekly for June 20, 2005 is out. "This issue focuses on some of the interesting events of the past week, including the war of words between the Linux and BSD communities, the failure of Lycoris as a business model, and the surprising revelation that the founder of Gentoo and one of the leading Linux personalities has accepted a job offer from Microsoft. We also wonder why SUSE does not participate in this year's LinuxTag, introduce a Debian sarge variant "with a human face", and tell you how to get the latest release of Linspire for free. The featured distribution of the week is INSERT, a tiny security and rescue live CD."
Package updates
Fedora Core updates
Fedora Core 4 updates: parted-1.6.22-3.FC4, system-config-securitylevel-1.5.8.1-1, elinks-0.10.3-3.1, ruby-1.8.2-7.fc4.1, arts-1.4.1-0.fc4.1, kdelibs-3.4.1-0.fc4.1, kdebase-3.4.1-0.fc4.1, kdemultimedia-3.4.1-0.fc4.1, kdesdk-3.4.1-0.fc4.1, kdeaccessibility-3.4.1-0.fc4.1, kdeaddons-3.4.1-0.fc4.1, kdeartwork-3.4.1-0.fc4.1, kdebindings-3.4.1-0.fc4.1, kdeedu-3.4.1-0.fc4.1, kdegames-3.4.1-0.fc4.1, kdegraphics-3.4.1-0.fc4.1, kdenetwork-3.4.1-0.fc4.1, kdepim-3.4.1-0.fc4.2, kdeutils-3.4.1-0.fc4.1, kdevelop-3.2.1-0.fc4.1, kdewebdev-3.4.1-0.fc4.1, kdeadmin-3.4.1-0.fc4.1, kde-i18n-3.4.1-0.fc4.1, util-linux-2.12p-9.5, sudo-1.6.8p8-2.1, gawk-3.1.4-5.2, mc-4.6.1a-0.10.FC4, pilot-link-0.12.0-0.pre3.0.fc4.1, selinux-policy-targeted-1.23.18-12, alsa-lib-1.0.9rf-2.FC4, alsa-utils-1.0.9rf-2.FC4, system-config-soundcard-1.2.12-2, jpilot-0.99.8-0.pre9.fc4.1, ImageMagick-6.2.2.0-3.fc4.0, hwdata-0.158.1-1.Fedora Core 3 updates: checkpolicy-1.17.5-1.2 (policy compiler only), selinux-policy-targeted-1.17.30-3.9 (allow unconfined_t full execmod access), ruby-1.8.2-1.fc3.2 (backported changes from devel), util-linux-2.12a-24.3 (bug fixes).
Slackware updates
This week's Slackware updates include some java packages, an upgrade to sudo-1.6.8p9, and an upgrade to gtk+-2.6.8. See the slackware-current changelog for complete details.
Distribution reviews
My Workstation OS: Kurumin Linux (NewsForge)
Here's an article on NewsForge from a Kurumin Linux fan. "In fact, one of the highlights of this distribution is its extensive use of scripts. Kurumin comes out of the box with more than 400 small scripts -- most of them embedded in Clica-Aki, Kurumin's Control Panel -- aimed at making easier some of the usual configuration tasks such as setting up a server, installing softmodems and wireless adapters, and installing new software. These scripts are generically named Magic Icons, and they are designed to do what they have to do with just a few clicks."
Page editor: Rebecca Sobol
Development
Manage your movie collection with GCfilms
GCfilms is a film management application that is hosted on the FSF France's Gna project repository.
GCfilms features the following capabilities:
- Maintains a catalog of the user's film collection.
- Can search numerous Internet film archives to automatically acquire information about each film.
- Records film title, date, cast, a poster image, and other details.
- Can keep track of the media type, a personal rating, comments, storage location, and more.
- Manages a list of film borrowers, can send email requesting return of the film.
- Has a built-in search function for locating films in a collection.
- Exports film information to CSV, HTML, SQL, .tar.gz and XML files.
- Imports film information from GCfilms, CSV, the Ant Movie Catalog and DVD Profiler.
The installation instructions are simple and cover a number of popular Linux distributions and Windows. A test installation on Fedora Core 3 was refreshingly easy to perform. GCfilms is a cross-platform application that is written in Perl. Dependencies include Perl, Gtk2, and gtk2-perl.
Version 5.1 of GCfilms
was released
this week:
"Since last version announced on this site, there have been many improvements. These include: Completed translations, More user feedback (to try to be compliant with Gnome HIG), Performances improvements, Automatic conversion for genres, New plugins, Bug fixes and other improvements.
"
For those of you with an artistic bent, a
logo contest is underway,
submissions will be accepted until the end of August.
If you have a large collection of films that would benefit from some organization, GCfilms is the perfect application to use.
System Applications
Database Software
PostgreSQL Weekly News
The June 18, 2005 edition of the PostgreSQL Weekly News is online with the latest PostgreSQL database articles.
Interoperability
Samba 3.0.20pre1 Available for Download
Version 3.0.20pre1 of Samba is available for testing. "This is a preview release of the Samba 3.0.20 code base and is provided for testing only. This release is *not* intended for production servers. There has been a substantial amount of development since the 3.0.14a stable release (and since the 3.015pre2 release as well). We would like to ask the Samba community for help in testing these changes as we work towards the next official, production Samba 3.0 release." New features include a new asynchronous winbindd, support for Microsoft Print Migrator, a new Windows NT registry file I/O library, the SeTakeOwnershipPrivilege user right, and new net share migrate options.
Mail Software
VA Linux Publicly Releases `FlexPOP'
VA Linux has released FlexPOP, a POP mail server as open-source software. "FlexPOP is a new POP server developed by VA Linux, which has the merit of being fast and secure. FlexPOP supports the Maildir format, thus it can be used on large-scale systems which use NFS spools. Other strong points include user authentication with LDAP, POP before SMTP support, POP lock (mutual exclusion) support when accessed concurrently, timeout setting support for POP commands, delayed response support when POP authentication errors occurred and encrypted connection support."
FlexWebmail and FlexControl added to the VA FMS Roster
VA Linux Systems Japan K.K: "... introduced FlexWebmail, a high-performance Webmail server, and FlexControl, a Web interface for user/mail account control, as a part of the VA FMS (FlexMessaging Solution), a total messaging solution. VA FMS are based on Open Source Software, and achieves high reliability, high availability, high performance and high extensibility."
Gotmail 0.8.4 Released
Version 0.8.4 of Gotmail, a perl script that automatically downloads from hotmail.com, is out. "The focus of this release was to get as many patches merged and bugs closed from the sourceforge.net project tracker as possible. While last release fixed the hotmail.com page structure change, this release focused on optional features. Also, this release adds support for more than just hotmail.com and msn.com, and now allows use from other supported domains like: charter.com, compaq.net, hotmail.co.jp, hotmail.co.uk, hotmail.de, hotmail.fr, hotmail.it, messengeruser.com, passport.com, and webtv.net."
Sendmail X alpha 3 is out
The alpha 3 release of Sendmail X, a mail transfer agent, is available for testing.
Web Site Development
scgi 1.4 released
Version 1.4 of scgi has been released. "The SCGI protocol is a replacement for the Common Gateway Interface (CGI) protocol. It is a standard for applications to interface with HTTP servers. It is similar to FastCGI but is designed to be easier to implement."
Zope 3.1.0 beta 1 released!
Version 3.1.0 beta 1 of the Zope web development platform has been released, testers are needed. "Zope 3 is the next major Zope release and has been written from scratch based on the latest software design patterns and the experiences of Zope 2. It is in our opinion that Zope 3.1 is more than ready for production use, which is why we decided to drop the 'X' for experimental from the name."
Desktop Applications
Audio Applications
QjackCtl 0.2.17 released
Version 0.2.17 of QjackCtl, the Qt front end to the JACK audio server daemon, has been released. This release adds control over systemic I/O latency settings and coreaudio backend work.
Business Applications
Bear 2.0rc3 has been released (SourceForge)
Version 2.0rc3 of Bear, the ROLAP server from the BEE Project, has been announced. "We are going to release stable version of the v2.0.0 during the next week. We plan to release rc1 of v2.0.1 in the same time as well. This new version will bring several new features (e.g. improved subtotals management)."
"The BEE Project is a suite of tools supporting a Business Intelligence project implementation within middle-sized companies. The project methodology includes optimal data storage with respect to data analytical yield. The infrastructure for the ETL processes (data extraction and transformation, data warehouse loading) and the multi-layer application for analytic reporting are being developed. The solution architecture is based on the ROLAP methodology (relational on-line analytical processing) with the aim to cover projects with data volume up to 50 GB effectively, using open source technologies on the Linux/Intel platform.
"
Data Visualization
matplotlib 0.82 released
Version 0.82 of matplotlib, a Python-based data plotting utility, is out. See the what's new document for change information.
Desktop Environments
GNOME Software Announcements
The following new GNOME software has been announced this week:- Blam 1.8.1 (bug fixes)
- Blam 1.8.2 (bug fix)
- Conglomerate 0.9.1 (new features, bug fixes, and translation work)
- gcompmgr 0.21 (new application)
- GNOME Power Manager 0.0.5 (new features)
- GStreamer 0.9.1 (new development series)
- GTK+ 2.6.8 (bug fixes)
- GTK+ 2.7.0 (unstable development release)
- libgda/libgnomedb 1.2.2 (bug fixes)
- Pango 1.9.0 (Cairo support)
- Serpentine 0.6 (new features)
GARNOME Weekly Snapshot Builds (GnomeDesktop)
Paul Drain has announced a new release schedule for GARNOME, the testing version of GNOME. "After some thought, discussion and much testing of various build systems i've decided to try something new with GARNOME, in an effort to get as many interested people in a position to be able to test future GNOME releases as possible. In addition to the standard GARNOME release for each upstream release, every Thursday (GMT +10) a tarball will be created for branches of GARNOME -- that people can grab, compile, use and hopefully send bugreports, patches, criticisms, feature requests, etc to the list so that issues can be fixed *before* a release occurs."
KDE Software Announcements
The following new KDE software has been announced this week:- K3b 0.12.1 (bug fixes)
- Kalzium 3.5 Preview 1 (testing release)
- KMetronome 0.6 (new features)
- KTorrent 1.0rc2"> (testing release)
Electronics
New gEDA applications
The latest new electronic applications from the gEDA project include PCB snapshot 20050609, gnucap version 2005-06-10, Icarus Verilog snapshot 20050617, and GSpiceUI v0.7.18.
Games
Ember 0.3.1 released
The WorldForge game project has released version 0.3.1 of Ember "Ember is a fully functional 3d client for the WorldForge project. It takes advantage of the latest graphic cards to present a beautiful, fully interactive world. An easy to use GUI allows the player to interact with both the world and other players with ease. This release adds support for areas, such as fields or paths. These areas are dynamically created from entities in the world. Also added support for showing objects wielded by characters. Additionally, a lot of bugfixes and graphical tweaks went into this version."
phpDiplomacy 0.6 Released (SourceForge)
Version 0.6 of phpDiplomacy, a web-based board game, has been announced. "Diplomacy is a popular board game in which you battle to control Europe, but this isn't a game of luck; to win you must be diplomatic and strategic, forming and breaking alliances and bargains. phpDiplomacy takes the fight for Europe to the internet." Numerous enhancements have been added to the game.
Interoperability
Wine Traffic
Issue #279 of Wine Traffic is online with the latest news from the Wine project. Topics include: $$ and Development, Winecfg Goes Live, Documenting Config Options, AppDB Searching & To-Do, FFMpeg Video Wrapper (con't), MSN Messenger 6.2, Windows Icons in KDE, and VMWare Licenses.
Medical Applications
NetEpi Case Manager V0.9 (late beta) available (LinuxMedNews)
A late-beta release of version 0.9 of NetEpi Case Manager has been announced. "NetEpi Case Manager is a tool for securely collecting structured information about cases and contacts of communicable (and other) diseases of public health importance, through Web browsers and the Internet. New data collection forms can be designed and deployed quickly by epidemiologists, using a Web browser 'point-and-click' interface, without the need for knowledge of or training in any programming language."
Hui OpenVistA 3.0 Released to WorldVistA (LinuxMedNews)
LinuxMedNews covers the release of version 3.0 of Hui OpenVista, an open-source healthcare information system. "The Hui development team made several key enhancements to Hui OpenVista - most notably a more streamlined configuration process. Release 3.0 provides a preconfigured baseline system that simplifies the steps needed to convert the Freedom of Information Act (FOIA) version of VistA to OpenVista. This enables users to quickly download the baseline as a starting point for configuring the system to their specific requirements."
Multimedia
GStreamer Python 0.8.2 released
Version 0.8.2 of GStreamer Python has been announced. "This is the 0.8.2 release of the GStreamer Python bindings. It should be used with the 0.8.x series of GStreamer and GStreamer Plugins. This is the third stable 0.8.0 gst-python release, it's now considered stable and ready to be used in production. It's already being used by serveral applications."
Office Applications
Gnumeric 1.5.2 Released (GnomeDesktop)
Version 1.5.2 of the Gnumeric spreadsheet has been announced. It features Win32 improvements, Excel import improvements, Linear regression lines in scatter plots, and bug fixes.Kolab 2 Groupware released!
Stable release 2.0 of Kolab Groupware is out. Kolab is a replacement for Microsoft Exchange that can manage email, appointments, contacts and tasks. ""With our focus on native offline-capable clients, Kolab 1 had brought a new approach to the groupware world," explains Bernhard Reiter, CEO of Intevation GmbH and project coordinator. "With this second generation, users can now share their groupware folders even with users that use Outlook when they are using KDE and vice versa." Additional new features are support for servers at several locations, usability, speed improvements, support for spam-control and anti virus software."
Office Suites
KOffice 1.4 released
The KOffice Team has announced the next version of the lightweight, integrated and complete office suite. Version 1.4 includes two new components - Krita and Kexi - and support for the OpenDocument file format.
Web Browsers
Mozilla Firefox 1.0.5 Test Builds Available (MozillaZine)
Test builds of the Mozilla Firefox 1.0.5 web browser are available. "The Mozilla Foundation is preparing to release a minor security update for Mozilla Firefox, ratcheting the browser up to version 1.0.5. While the final version isn't here yet, test builds of 1.0.5 for Windows, Linux and Mac OS X are now available."
Reporter Tool Makes Reporting Broken Websites Easier (MozillaZine)
MozillaZine mentions a new feature in the Firefox browser. "Deer Park Alpha 1 and the latest Mozilla Firefox trunk builds include a tool for reporting broken websites. Known as Reporter, the tool is designed to make it easy for users to send details about sites that do not work well with Firefox. When a user encounters a problematic site, he or she can use the 'Report Broken Web Site' command in the Help menu to fill out a problem report with all the necessary details."
Independent Status Reports (MozillaZine)
The June 17, 2005 edition of the Mozilla independent status reports have been announced. "The latest set of independent status reports includes updates from MenuX, InFormEnter, InfoRSS, PasswordMaker, pageplaylist, MozCreator, Platypus, Launchy, xulfrog, Mozilla Materials, Russ Key, Leet Key, WordBlock and adaptivehomepage."
Minutes of the mozilla.org Staff Meeting (MozillaZine)
MozillaZine has announced the availability of the minutes from the May 13 mozilla.org staff meeting. "Issues discussed include the Mozilla Firefox 1.0.5 security release, Mozilla Thunderbird 1.0.5, feedback from Deer Park Alpha 1 and Thunderbird 1.1 Alpha 1, the 1.1 Alpha 2 timeframe, the server outage plan, Thunderbird accessibility and Apple."
Miscellaneous
iPodder version 2.1 released (SourceForge)
Version 1.2 of iPodder, a media aggregator which can automatically download files to a computer or portable device, is available. Here are some of the changes: "iPodder's accessibility has been extended with the addition of more than 15 languages and enhanced meta data for the visually impaired. Additionally, the foundation for one-click capabililty has been implemented, and support for feedmanagers like Podnova have been installed. This update also improves security and optimizes handling."
JMRI production version 1.6 is available (SourceForge)
Production version 1.6 of JMRI/DecoderPro has been announced. "This project provides Java interfaces and sample implementations for controlling a model railroad layout from a personal computer. JMRI is intended as a jumping-off point for hobbyists to build their own layout controls."
Languages and Tools
Caml
Caml Weekly News
The June 20, 2005 edition of the Caml Weekly News has been released, take a look for the latest new Caml language articles.
Java
PMD v3.2 released (SourceForge)
Version 3.2 of PMD is available. "PMD is a Java source code analyzer. It finds unused variables, empty catch blocks, unnecessary object creation, and so forth. PMD v3.2 includes three new rules, a flurry of bugfixes, and various internal improvements to make writing rules easier."
Python
Dr. Dobb's Python-URL! - weekly Python news and links (Jun 22)
The June 22, 2005 edition of Dr. Dobb's Python-URL! is out with another weekly roundup of Python language articles.
Miscellaneous
Open Language Tools Project code is available
The first source code from the Open Language Tools project has been released. The Open Language Tools XLIFF Translation Editor and the Open Language Tools XLIFF Filters components are available. "The aim of the tools is to make the task of translating software and documentation as easy as possible, and so allow more people to use computers than ever before. If you can't use a computer because it's interface isn't translated into your language then we want to provide tools that can help."
Page editor: Forrest Cook
Linux in the news
Recommended Reading
Mozilla Trademark Policy Finalised (MozillaZine)
MozillaZine looks at the Mozilla Trademark Policy. "Last month, the Mozilla Foundation finalised its trademark usage rules. The Mozilla Trademark Policy sets out the terms and conditions under which the Mozilla Foundation's trademarks (terms like 'Mozilla' and 'Firefox' and their associated logos) can be used by third parties. In addition to the main trademark policy, there are also several related trademark documents, including the Localization Trademark Policy (sets out the rules for translated versions of Mozilla software) and the Mozilla Community Edition Policy (covering modified versions of Mozilla Firefox or Mozilla Thunderbird), though some of these are still at the draft stage."
US Patent Reform (Groklaw)
Groklaw looks at the patent reform bill currently before the US Congress. "This bill's for you, if you are a high-tech company. I guess Microsoft is sick of being sued for patent infringement and losing. IBM would like patent reform too. And Oracle, and the BSA. Everyone knows the system is broken. But what to do about it? This is a bill to address their concerns."
Pop-up vulnerability found in major browsers (News.com)
News.com reports on a new spoofing vulnerability which affects most browsers, free and proprietary. "To take advantage of the flaw, a cybercriminal would have to direct a Web user from a malicious site to a genuine, trusted site such as an online bank, in a new browser window. The malicious site would then open a JavaScript dialog box in front of the trusted Web site, and a user might then be fooled into sending personal information back to the malicious site."
Trade Shows and Conferences
David A. Wheeler's Travelogue: FISL 6.0 in Porto Alegre, Brazil
David A. Wheeler has written a travelogue (with pictures) on his recent trip to the 6th International Free Software Conference in Porto Alegre, Brazil (FISL 6.0). "For many, OSS/FS was essentially an opportunity to regain national sovereignty or company control over their own infrastructure, instead of allowing an external company (and a foreign one at that) to maintain total control and visibility over their internal infrastructure. There also appeared to be significant concerns about transparency as a reason why OSS/FS was so strongly preferred -- one speaker said something like "Governments need to know what happens in their networks, so they need to audit their code, so it [must?] be public source.""
KDE at LinuxTag 2005 - First Day Impressions (KDE.News)
KDE.News reports from LinuxTag. "The booth was crowded as always. We were visited by politicians, entrepreneurs interested in deploying the Kiosk framework on Internet terminals, and for tomorrow a guided tour for pupils is planned so they can learn about how to effectively use their new desktop in school - which is KDE."
Companies
eBay launches developer Web site (News.com)
News.com covers eBay's new developer Web site. "At the Web site, dubbed eBay Community Codebase, developers will have access to source code for various eBay and PayPal tools and sample applications, as well as provide a way to more easily collaborate on projects with others. "We are dipping our toe, so to speak, in the pond of the open-source world," said Greg Isaacs, director of eBay's Developer Program."
Is Linux moving to HP's NonStop (Tandem) platform? (LinuxWorld)
LinuxWorld.com.au considers the possibility of Linux being ported to HP's NonStop platform. "Speaking at a recent Red Hat customer/partner event, Martin Fink, the general manager of Linux and open source business at HP, said: "Maybe one day you'll actually see Red Hat Linux running native on NonStop" He stopped short of saying the move would definitely happen. HP has not formally committed to porting Linux to the NonStop platform, which runs on RISC-based CPUs made by Silicon Graphics. However, the vendor appears interested in running Linux on NonStop servers along the same line that IBM has moved its Linux operating system to run natively and as a virtual partition on the Big Iron."
Gentoo Linux founder to 'educate' Microsoft (News.com)
News.com looks into Microsoft's hiring of Daniel Robbins. "Daniel Robbins, the founder and former chief architect of the Gentoo project, began working for Microsoft in late May, according to a posting this week on the Gentoo Web site. According to Gentoo, Robbins is "helping Microsoft to understand open source and community-based projects." Microsoft confirmed Wednesday that Robbins will have an educational role at the company."
Sun Delays Linux on Solaris Feature (GeekInformed)
GeekInformed looks into a missing feature in Sun's newly released OpenSolaris operating system. "Sun Microsystems had scheduled to release a feature in Solaris 10 - codenamed Project Janus - that would allow consumers to run Linux applications unmodified on Sun's operating system, but the feature is missing in OpenSolaris. Instead of bringing attention to the missing feature, Sun is emphasizing a related open-source project - named Xen - as an alternative."
Tiny open source window manager catches a giant's eye (NewsForge)
NewsForge looks at Matthew Allum's Matchbox Window Manager, which supports X11 on devices with small screens. "Allum became enamored with the idea of running Linux on a Compaq Ipaq in 2000 when he saw screenshots published by Compaq that showed the Ipaq happily running Linux. He bought one and installed Debian, but found that a lot of the Linux-based window managers didn't work with the small 240x320 display. Frustrated, he "bought a book on xlib," sat down, and in 2001 wrote Matchbox, a 50KB highly flexible window manager that depends only on xlib, which makes it lightweight enough to run on small devices without using too many resources."
Linux Adoption
Korea brings homegrown open source to schools (News.com)
News.com reports on South Korea's New Education Information System. "The project, called the New Education Information System, is built on a Korean-developed version of Linux that already services 190 schools in the heart of capital city Seoul. Jin Ko Hyun, president of the Korea IT Industry Promotion Agency, or KIPA, which is behind the project, said it has taken schools two years to test Buyeo, the Korean version of Linux."
Legal
The BSA Sends A Letter Re EU SW Patents (Groklaw)
Groklaw has an update on the EU software patents debate. "The Dutch government, in a report presented to the Dutch parliament recently, and now being circulated to other EU member states, says the software patent directive should be put on hold for five years, while issues get defined and sorted out better. They also think there is no way to separate patentable and unpatentable software. It's all or nothing, in their view, and they'd like all, but with tweaks to the patent system to reform it so that stupid patents don't get granted." Update: The Foundation for a Free Information Infrastructure (FFII) has draft results of the JURI vote available.
Big software houses seen winners in EU patent vote (Reuters)
Reuters reports on Monday's JURI committee vote on the European software patent directive. "But the bill's sponsor in the legislature, French socialist Michel Rocard, suffered a string of defeats as key changes were made to his text. Rocard wanted a narrow definition of what sort of inventions could be patented, insisting that only a programmable piece of hardware could be covered, such as ABS brakes on a car or an insulin pump. Data processing and other inventions that are more pure software based should be excluded... But changes won by center-right and liberal opponents pushed the bill closer to a version adopted by the EU's 25 member states, which chose a far wider scope for patenting." Since this version now differs from the Council's version, it will have to be passed by a majority in the full session in July. That seems unlikely (nobody really likes this version), so the European Council may have its way in the end.
Interviews
Joseph Cheek speaks about Mandriva's acquisition of Lycoris (DesktopLinux)
DesktopLinux interviews Lycoris founder Joseph Cheek, Mandriva's acquisition of Lycoris is discussed. "Q: Do you expect Lycoris Desktop/LX to become merged with the Mandriva distro's, or will the Lycoris Linux desktop continue on as an independent distribution, for the foreseeable future? If they will be merged, how soon would you expect that to occur? A: They will be merged. The plan is to merge Desktop/LX Personal with Mandriva Discovery 2006, available this fall. Other bits of technology may show up in other Mandriva products, such as PowerPak and PowerPak+, Cooker, and so on, and some may take longer to integrate, but we expect to have a solid upgrade path available for purchase and/or download this fall."
Interview: Axmark and Behlendorf on OSS for India (NewsForge)
NewsForge has an interview with David Axmark, co-founder of MySQL AB, and Brian Behlendorf, founder and CTO of CollabNet -- on the benefits of an open source IT economy for a country such as India. "NF: What does open source mean for India? Axmark: An opportunity to compete on equal footing with the developed nations. An opportunity to market company and personal skills without a big budget. An opportunity to be independent of the large software vendors and be in control of your own destiny."
Interviews on KPDF Usability Work (KDE.News)
KDE.News features two interviews. "During recent conversations with some of the members of the OpenUsability project, some of the usability work on one of the more exciting applications in KDE, KPDF, was brought to my attention. I managed to catch up with Florian, from OpenUsability, and Albert, one of the KPDF maintainers to talk a little about themselves and their work and about the usability review and followup in KPDF."
Resources
The Daemon, the GNU and the Penguin, Chapter 12 (Groklaw)
Groklaw presents Chapter 12 of the online book "The Daemon, the GNU and the Penguin" by Dr. Peter H. Salus. The chapter covers GNU, the GPL and Cygnus.Free Software Magazine Issue 4 is out
Free Software Magazine for May 2005 has been released. This issue looks at the next (r)evolution, Unix Power Tools 3rd edition reviewed, the risks of writing and using proprietary software, and more.Cooking with Python, Part 1 (O'ReillyNet)
O'ReillyNet presents an excerpt from Python Cookbook, Second Edition. "Unicode is easy to handle in Python, if you respect a few guidelines and learn to deal with common problems. This is not to say that an efficient implementation of Unicode is an easy task. Luckily, as with other hard problems, you don't have to care much: you can just use the efficient implementation of Unicode that Python provides."
Creating desktop profiles with Sabayon (Red Hat Magazine)
Red Hat Magazine covers the use of Sabayon to create templates for user profiles. "Suppose that you are an administrator of a large network. Part of your job involves creating user accounts for new people. Every user has different needs. Technically, you can tailor a desktop for every one of these new users. However, that would quickly get very tedious." (Found on Footnotes)
The Linux /proc Filesystem as a Programmers' Tool (Linux Journal)
Linux Journal provides examples of the use of the /proc filesystem. "Before we begin to talk about the proc filesystem as a programming facility, we need need to establish what it actually is. The proc filesystem is a pseudo-filesystem rooted at /proc that contains user-accessible objects that pertain to the runtime state of the kernel and, by extension, the executing processes that run on top of it. "Pseudo" is used because the proc filesystem exists only as a reflection of the in-memory kernel data structures it displays. This is why most files and directories within /proc are 0 bytes in size."
TUX Magazine: iPod for KDE and K3b (KDE.News)
KDE.News mentions the KDE articles in the latest edition of TUX magazine. "In this month's TUX magazine KDE's Jes Hall explains how to get your iPod working with amaroK. It also includes a comprehensive guide to KDE's CD burning application K3b. Available in HTML is a review of Kubuntu. TUX is a magazine for new GNU/Linux users and available as free PDF download."
Integrate Firefox with other tools (NewsForge)
NewsForge presents an excerpt from the book "Firefox Hacks: Tips and Tools for Next-Generation Web Browsing" by Nigel McFarlane. "If you're moving over to Firefox from Mozilla, you've surely noticed how Firefox is built to be a sleeker, faster browsing engine. It accomplishes this in part by shedding all of its counterparts from the Mozilla Suite, including an email/news client, composer, and chat client. But that doesn't mean this functionality is no longer available. With a few extensions -- or with no work at all -- you can make Firefox integrate with your email client as though it were still part of a suite. You don't have to stop there, either; at least one valuable extension gives you the power to connect Firefox with virtually any program on your system."
OpenOffice.org Writer vs. Microsoft Word (NewsForge)
NewsForge is running a detailed comparison of OpenOffice.org Writer 2.0 and Microsoft Word 2003. "That is not to say that Writer is a perfect program. Its interface is wildly inconsistent. Some features, notably cross-references, can most kindly be described as lacking. And in version 2.0, the attempt to imitate Microsoft Word hides several useful features. Yet, despite these shortcomings, OOo Writer is not only as fully developed as Microsoft Word, but often superior in terms of features and stability."
Reviews
DShield - A community approach to intrusion detection (NewsForge)
NewsForge looks at DShield. "DShield bills itself as a distributed intrusion detection system. It works by collecting statistics from firewalls all over the world. Just how many reports does DShield receive? Currently its Web site lists about 24 million records each day, with more than 840 million recorded last month."
A Festival of speech synthesis for Linux (NewsForge)
NewsForge takes a look at the Festival Speech Synthesis System. "Festival is a free, portable, extensible, language-independent, run-time speech synthesis engine for various platforms that has been under development since 1999. Primary authors of the C++ system include Alan W Black, Paul Taylor, and Richard Caley. Festival is a part of the Festvox project that aims to make the building of new synthetic voices more systematic and better documented, making it possible for anyone to build a new voice."
How to Talk About Jini, J2EE, and Web Services at a Cocktail Party (O'ReillyNet)
Kathy Sierra and Bert Bates explain Java distributed technologies on O'Reilly. "Heard about distributed technologies for Java, but not sure what they are or why they're important? Kathy Sierra and Bert Bates, authors of Head First Java, 2nd Edition, present this cocktail-party overview. Hold your own in conversation with Java geeks."
Miscellaneous
Is Linux For Losers? (Forbes)
The world is pointing to this, so we might as well too: this article is what you get when you put Daniel Lyons and Theo de Raadt together. "There's also a difference in motivation. 'Linux people do what they do because they hate Microsoft. We do what we do because we love Unix,' De Raadt says." Despite the real competition between Linux and the BSD family, there have rarely been outright hostilities between the two camps. It would be a shame if that were to change now.
Page editor: Forrest Cook
Announcements
Non-Commercial announcements
FreeMED Foundation Seeks Board Members (LinuxMedNews)
The non-profit FreeMED Software Foundation is seeking new members for its board of trustees. "The Foundation is seeking to expand its Board of Trustees and re-invogorate our development and ongoing process of leading edge innovation. We are looking particularly for physicians or Health Informatics personnel with experience and interest in electronic/computerized medical records and practice management. The term is two years. Most meetings are held by phone or net conference"
Linux and KDE Provide Rugged Desktops in Uganda, Africa (KDE.News)
KDE.News covers the installation of solar and pedal-powered Linux/KDE desktop systems in western Uganda, by Inveneo and ActionAid. Inveneo's press release includes pictures of the installation.OpenPKG Foundation e.V. established
The Open Source software project OpenPKG has announced the establishment of the OpenPKG Foundation e.V., a nonprofit organization providing the financial, material and manned support of OpenPKG.
Commercial announcements
ANTs Software announces database with support for 64-Bit Linux
ANTs software, inc. has announced version 3.2 of theANTs Data Server, a relational database management system that runs on 64 bit Opteron systems. "Supporting popular 64-bit Linux operating system implementations running on low-cost AMD Opteron platforms, ADS 3.2 sets a new price-performance benchmark, allowing very large OLTP and real-time analytical processing and reporting in main memory."
CadSoft Releases Eagle 4.15
CadSoft has released version 4.15 of Eagle, a commercial printed circuit CAD application with a freely downloadable "lite version" for hobby use. See the what's new document for the list of changes.HP Ships Over 1 Million Linux Servers
HP has announced its sale of over 1 million Linux servers. "HP today announced that it has set an industry-first milestone by shipping more than 1 million Linux servers to customers since 1998, 45 percent more than any other major hardware vendor. HP has led the worldwide Linux server market for 29 consecutive quarters. In the first quarter of 2005, HP grew 2.5 percentage points faster than the market in units on a year-over-year basis, shipped nearly 10 times as many Linux servers as Sun, led IBM by almost 8 percentage points in quarterly revenue share and outpaced Dell in both units and revenue."
Netline Moves Headquarters to U.S., Changes Name
The open-source collaboration server Netline has announced a move of headquarters and a change of name to Openexchange Inc. "Netline Internet Service, makers of the world's leading open source collaboration server, announced today that it has transferred the intellectual property, trademarks, URL's, branding and marketing rights to Open-Xchange Server from Netline to New York-based Openexchange Inc. Under a multi-year contract, Netline will continue to provide development services for Openexchange and has been designated as an Open-Xchange reseller."
PathScale and ParTec Team to Deliver Linux Clusters
PathScale has announced that it will team with ParTec to deliver Opteron-based Linux clusters. "PathScale's new InfiniPath(TM) InfiniBand cluster interconnect is being integrated with and optimized for operation with ParTec's ParaStation4(TM), a robust and efficient cluster middleware solution that consists of high-performance communication tools and a sophisticated software management layer."
Sleepycat Ships Major Upgrade to Berkeley DB Java Edition
Sleepycat Software has announced a new Java version of its Berkeley Database. "Sleepycat Software, makers of the world's most widely deployed open source developer databases, today announced the general availability of version 2.0 of Berkeley DB Java Edition, a transactional database written in pure Java technology. Additionally, Sleepycat today announced that Berkeley DB Java Edition is now officially certified on Sun Microsystems' Solaris 10 Operating System for x64 platforms."
USBDUX makes Knoppix live CD with USB DAQ support
USBDUX has announced a Knoppix-based live CD with support for its USB data acquisition devices. "Customers who have enjoyed the unique combination of Linux and USB offered by USBDUX can now use the system from a windows machine simply by booting Linux from the CD drive."
VA Linux Publicly Releases 'FlexPOP'
VA Linux Systems Japan K.K. (VA Linux) has announced the release of 'FlexPOP', a fast and secure POP server which supports large-scale systems, and an Open Source Software solution. FlexPOP is a part of the company's VA FMS (FlexMessaging Solution), a total messaging solution for use in small-to-middle scale organizations to large scale network service providers with over one million accounts. FlexPOP source code can be obtained from FlexPOP Project hosted on SourceForge.net.Zend Collaborates with PayPal
Zend and PayPal have announced a collaborative development effort. "Zend Technologies, Inc., the PHP company, and creator of products and services supporting the development, deployment and management of PHP-based applications, today announced it collaborated with PayPal, a leading online payment company, to contribute updates to the open source PHP SOAP project, delivering a new version of PEAR::SOAP. PEAR::SOAP version 0.90 updated many previously known issues and vastly improved the module's WSDL and namespace support. By giving these improvements back to the PHP community, developers worldwide are better able to work with all Web Services from their PHP applications."
New Books
No Starch Releases "Ending Spam"
O'Reilly has published the book Ending Spam by Jonathan A. Zdziarski.SitePoint Releases "Firefox Secrets"
SitePoint has published the book Firefox Secrets by Cheah Chu Yeow."Performance Tuning for Linux Severs" published by IBM Press
IBM Press has published the book Performance Tuning for Linux Severs by Sandra K. Johnson, Gerrit Huizenga and Badari Pulavarty.Web Mapping Illustrated - O'Reilly's Latest Release
O'Reilly has published the book Web Mapping Illustrated by Tyler Mitchell.
Resources
(IN)SECURE Magazine Issue 2 is out
Issue #2 of (IN)SECURE Magazine, a PDF-format, free, digital security magazine, is available.Building the Ultimate Student Workstation
Pete Harlow has written an article on building a Linux-based student workstation. "This describes the building of a state - of - the - art Linux - based student workstation from a small barebones box, from mechanical assembly through to software installation."
Contests and Awards
Design a logo, win fame and prizes (NewsForge)
News Forge has an announcement for a logo contest, the prize is a 60GB iPod Photo MP3. "The Open Source Academy, a United Kingdom government project designed to encourage the use of open source software in the public sector, needs a logo. In the spirit of open source community, the Academy launched a logo design competition today, and you don't have to be a professional graphics designer to enter."
Nominations Open for 2005 Linux Medical News Freedom Award (LinuxMedNews)
LinuxMedNews has announced that nominations are being accepted for the 5th annual Medical News Freedom Award of $500. Nominations should be submitted by July 30. "Free and open source software isn't 'magic pixie dust' and there are real people making significant personal sacrifices as well as doing difficult work to make medicine's free software future a reality. This award is intended to honor the individul or project who has accomplished the most towards the goal of improving medical education and practice through free/open source medical software."
Upcoming Events
Black Hat Briefings Announcements
Registration is open for the summer Black Hat Briefings conference. The event will be held at Caesars Palace in Las Vegas, Nevada on July 27-28, 2005, training sessions will be held on July 23-24 and July 25-26.Debian Project at OSS Symposium, LinuxTag and DebConf
The Debian Project will have member representation at the OSS Symposium, LinuxTag and DebConf events in June and July, 2005.Events: June 23 - August 18, 2005
| Date | Event | Location |
|---|---|---|
| June 23 - 25, 2005 | LinuxTag 2005 | (Kongresszentrum)Karlsruhe, Germany |
| June 23 - 24, 2005 | Italian Perl Workshop 2005 | (University of Pisa)Pisa, Italy |
| June 23 - 24, 2005 | GCC Developer's Summit | (Ottawa Congress Centre)Ottawa, Canada |
| June 24 - 25, 2005 | Fedora Users and Developers meeting(FUDCon2) | Karlsruhe, Germany |
| June 25, 2005 | LugRadio Live 2005 | (Molyneux Stadium)Wolverhampton, UK |
| June 25, 2005 | XML Prague 2005 | Malá Strana, Prague, Czech Republic |
| June 27 - 29, 2005 | Yet Another Perl Conference(YAPC::NA 2005) | (University of Toronto)Toronto, Ontario, Canada |
| June 27 - 29, 2005 | EuroPython 2005 | Göteborg, Sweden |
| June 27 - 29, 2005 | Open Culture | (Via Festa del Perdono 7)Milan, Italy |
| June 29 - 30, 2005 | Where 2.0 Conference | (Westin St. Francis Hotel)San Francisco, CA |
| June 30 - July 3, 2005 | Linux Vacation/Eastern Europe(LVEE) | Hronda, Belarusia |
| July 1 - 6, 2005 | Linux Desktop Development and KDevelop Developers Conference 2005 | Kiev, Ukraine |
| July 5 - 9, 2005 | LSM 2005 Libre Software Meeting for Medicine | Dijon, France |
| July 6 - 9, 2005 | IV Jornades de Programari Lliure | Campus de Vilanova i la Geltrú, Spain |
| July 10 - 18, 2005 | Debconf 5 | Helsinki, Finland |
| July 11, 2005 | Evolution of Open-Source Code Bases(EVOSC05) | Genova, Italy |
| July 11 - 15, 2005 | First International Conference on Open Source Systems(OSS2005) | Genova, Italy |
| July 11 - 14, 2005 | GOTO10 workshop | (OKNO)Brussels, Belgium |
| July 11 - 15, 2005 | IEEE International Conference on Web Services(ICWS 2005) | Orlando, Florida |
| July 17 - 19, 2005 | Desktop Developer's Conference | (Ottawa Congress Centre)Ottawa, Ontario, Canada |
| July 18 - 22, 2005 | ApacheCon Europe 2005 | Stuttgart, Germany |
| July 18 - 22, 2005 | PostgreSQL Bootcamp | (Big Nerd Ranch)Atlanta, GA |
| July 20 - 23, 2005 | Ottawa Linux Symposium(OLS 2005) | Ottawa, Canada |
| July 20 - 22, 2005 | North American Plone Symposium | (The Astro Crowne Plaza)New Orleans, Louisiana |
| July 26, 2005 | 2nd European LISP and Scheme Workshop | Glasgow, Scotland |
| July 27 - 28, 2005 | Black Hat Briefings USA 2005 | Las Vegas, NV |
| July 29 - 31, 2005 | DefCon 13 | (Alexis Park)Las Vegas, Nevada |
| July 31 - August 4, 2005 | 2005 SIGGRAPH Computer Animation Festival | Los Angeles, CA |
| August 1 - 5, 2005 | O'Reilly Open Source Convention | (Oregon Convention Center)Portland, Oregon |
| August 1 - 5, 2005 | CIFS 2005 Conference and Plugfest | (Doubletree Hotel)San Jose, CA |
| August 4, 2005 | Penguicon 2005 | Israel |
| August 4 - 7, 2005 | Linux 2005 | (University of Wales)Swansea, UK |
| August 8 - 11, 2005 | LinuxWorld Conference and Expo | (Moscone Center)San Francisco, CA |
Web sites
KDE Dot News: Now Sponsored by Ark Linux and OSUOSL (KDE.News)
KDE.News has announced its sponsorship by Ark Linux and OSUOSL. "I am pleased to announce that KDE Dot News has gained new hosting sponsors. We are now hosted on the Ark Linux server through the OSU Open Source Lab network, having successfully completed the transfer little more than a week ago. As some of you may know, we have a long history of having been hosted and co-hosted with Ark Linux, so it is great to be back with our old friends."
Mozilla Quality Assurance Weblog Launched (MozillaZine)
MozillaZine has an announcement for the new Mozilla Quality weblog site. "Some members of the Mozilla quality assurance team have launched a new weblog for the QA and testing community. The Mozilla Quality weblog, hosted here at MozillaZine, is run by Mozilla Foundation employees Asa Dotzler (QA lead), Jay Patel (manages the Quality Feedback Agent infrastructure), Marcia Knous (project manager who does some QA stuff) and Tracy Walker (QA engineer)."
Miscellaneous
Jeff Merkey rides again
For some amusement: have a look at Jeff Merkey's new site: merkeylaw.com. "This site tracks the Federal Lawsuits filed in US District Court, District of Utah against Pamela Jones, Groklaw, Finchhaven, Pagan Savage, Merket.net, Slashdot, Bruce Perens, IP-Wars.net and John Does 1 - 200. This lawsuit is scheduled to be filed June 22, 2005." Incidentally, Jeff is acting as his own lawyer...
The next chapter in the Merkey saga
Jeff Merkey claims to have filed his suit against Bruce Perens, Pamela Jones, Slashdot, and 200 "John Does". It makes for wild reading. "Perens posted Internet messages on LWN.net stating to Linux and OSS members that 'Merkey works for SCO,' and that 'Merkey should be placed in a file of people to be killed'. Merkey has not or ever worked for SCO or the Canopy Group." Your editor, strangely enough, is unable to find any comments on the system calling for anybody to be killed.
Page editor: Forrest Cook