A look at the schedule reveals some clear themes for this event. Virtualization is obviously at the top of the list for many OLS attendees; the largest room was dedicated to the topic for a full day. This was perhaps the most kernel-oriented schedule yet from an already kernel-dominated event; there was hardly enough non-kernel content to fill even a single track. Those who are interested in the user space side of free software may find themselves drifting toward other events; but kernel people will find plenty of interest at OLS.
OLS is an increasingly professional event; the proportion of students and part-time hackers attending the event appears to have dropped over the years. Registration fees can be as high as C$750. A surprising number of the attendees are mostly concerned with what their customers want from Linux; these are people who are making their living in a way which at least involves Linux and free software.
As always, there was no trade show floor at OLS; nobody is trying to sell anything to the attendees. OLS is very much about technology and development communities, and little about hype.
Your editor, rather than trying to provide exhaustive coverage of the event, attended some of the more interesting sessions. The resulting articles have been posted over the last week; for convenience, they are:
There was much more than the above at OLS this year; your editor, in particular, appreciated Keith Packard's discussion of the TWIN window system (designed for very small devices), Michael Austin Halcrow's description of the eCryptfs filesystem (hopefully to be written up in the future), Rusty Russell's discussion of nfsim, and Pat Mochel's sysfs talk. The Wednesday reception featured talks by Doug Fisher of Intel (who nearly got booed off the stage when it became clear that his talk was being run from a Windows system) and Art Cannon from IBM. Art's talk, a buzzword-loaded presentation on how to talk to business people about open source, was well received but hard to follow due to the poor acoustics and high noise level in the room. If you gather several hundred people (many of whom have not seen each other over the past year) into a room and give them all the beer they want, it can be hard to get them to sit down, be quiet, and listen to somebody talk about business stuff.
Dave Jones's ending keynote, instead, got everybody's full attention. Dave, who, among other things, is the current maintainer of Red Hat's kernels, is concerned with the number of regressions and other bugs seen in recent kernels. The quality of our kernels, says Dave, is going down as a result of regressions, and driver regressions in particular.
There's a lot of reasons for the problems. They date back, perhaps, to the adoption of BitKeeper. With BK, Linus could quickly pull in a large set of patches from a subsystem maintainer without really looking at them all. So BitKeeper increased the velocity of patches through the system, with some cost as to the quality. The real problem, however, is one of testing. The only way to really find kernel bugs is to have the kernel tested by a wide variety of users. This is particularly true for driver bugs; nobody, not even the driver maintainer, can possibly have all of the hardware needed to perform even remotely comprehensive testing. It takes a large community of users to do that.
When testing does happen, we need to make it easier for users to report bugs. Requiring a user to create a BugZilla account and fill in vast amounts of information for a (possibly) tiny bug is counterproductive; many bug reporters will simply give up and go away. Bug reporting should be a simple and quick operation.
There are, in any case, quite a few challenges involved in dealing with bug reporters; this was Dave's opportunity to complain a little about the frustrations of his job. Bug reporters tend to always see their bug as the most important one (so, he says, bug reporting systems should not allow reporters to set the severity of the bug); they will continue to mess with the system while others are trying to fix the bug, making confirmation of fixes difficult; some of them file a bug and disappear, not responding to requests for important information; they will lie about the configuration of their systems (and the presence of binary-only modules in particular); and so on. The receiving end of a major distribution's bug tracking system can be a difficult place to be.
The question of the proper place to report bugs came up. Many bugs seen by end users are really bugs in the upstream package, not in a particular distribution's version of it. Those bugs should be reported to the real, upstream maintainer. Some distributions (Debian, for example) see this reporting as their responsibility; others would like bug reporters to go directly upstream. Dave, in particular, notes that quite a few kernel bugs show up only in the Red Hat BugZilla system; they never make it to the (not universally used) kernel BugZilla. How many other distributors, he wonders, have kernel bugs sitting in their bug trackers which should really be reported to the community? In the future, it would be nice if BugZilla installations could talk to each other so that bugs could be forwarded to the right place; however, each BugZilla evidently has its own schema, making that sort of communication difficult.
Dave noted that the kernel has gotten significantly more complicated over the time he has been working on it. Coming up to speed and really understanding what is happening inside the kernel is a challenging task. Kernel developers need to recognize this and take advantage of all the techniques and tools which are available to them to produce better releases.
Next year's keynote speaker will be Greg Kroah-Hartman.
The final event of OLS is the infamous Black Thorn party; it is the ideal way to unwind after an intense week of conferencing. The Black Thorn is getting a little small, however; one of the OLS organizers was asking people to put their backpacks aside so there would be room for everybody to stand. If OLS continues to grow, the final event may have to happen somewhere else.
And where might such a successor have been expected to come from? We had been told many times that the development of BitKeeper required numerous person-years of work and millions of dollars of funding. The free software community was simply not up to the task of creating a tool with that sort of capabilities - especially not in a hurry. The kernel development community, having lost a tool it relied upon heavily, appeared doomed to a long painful period of adjustment.
Two full days later, Linus announced the first release of a tool called "git." It was, he said, "_really_ nasty," but it was a starting point. On April 20, fifteen days after the withdrawal of BitKeeper, the 2.6.12-rc3 kernel prepatch, done entirely with git, was released. The git tool, in those days, was clearly suitable only for early adopters, but, even then, it was also clearly going somewhere.
Git brings with it some truly innovative concepts; it is not a clone of any other source code management system. Indeed, at its core, it is not really an SCM at all. What git offers is a content-addressable object filesystem. If you store a file in git, it does not really have a name; instead, it can be looked up using its contents (as represented by an SHA hash). A hierarchical grouping of files - a particular kernel release, for example - is represented by a separate "tree" object listing which files are part of the group and where they are to be found. Files do not have any history - they simply exist or not, and two versions of the same file are only linked by virtue of being in the same place in two different tree objects.
This way of organizing things is hard to grasp, initially, but it makes some interesting things possible. One of the harder problems in many SCM systems - handling the renaming of files - requires no special care with git. A single git repository can hold any number of branches or parallel trees without confusion. File integrity checking is built into the basic lookup mechanism, so that corruption will be detected automatically, and, if desired, kernel releases can be cryptographically signed easily. Perhaps most importantly, however: git made certain options, such as the merging of patches, very fast.
It's worth noting that git is not a clone of BitKeeper, or of any other SCM. Certainly it incorporates lessons learned from years of use of BitKeeper and other tools; it supports changesets, for example, and is designed to be used in a distributed mode. But git is something new, it brings a unique approach to the problem.
Watching the git development process snowball over the last few months has been fascinating. A large and active development community coalesced around git in short order; interestingly, relatively few of the core git developers were significant kernel contributors. In a short period of time, git has acquired most of the features expected from an SCM, its rough edges have been smoothed, it has picked up a variety of graphical interfaces, and it is widely used in the kernel development community. Git is clearly a success.
The git developers are now working toward a 1.0 release. As part of that process, Linus has now handed git over to a new maintainer: Junio Hamano. Junio has been an active git developer for some time; he will now attempt to take the project forward as its leader. He will have plenty of work ahead of him as git moves into a more stable (though still fast-moving) phase.
Git is an example of how well the free software process can work. Linus has shown us, once again, that he knows how to get a successful free software project started: put out a minimal (but well thought out) core that begins to solve a problem, then let the community run with it. The result is a vibrant, living project which incorporates the best of what has been learned before while simultaneously breaking new ground. The creator of the Linux kernel appears to have launched another winner.
But, then, some things still seem to surprise even Linus:
|August 25, 1991||July 26, 2005|
|"I'm doing a (free) operating system (just a hobby, won't be big and professional like gnu) for 386(486) AT clones."||"...this thing ended up being a bit bigger and more professional than I originally even envisioned."|
Let this be a lesson to all free software developers out there: the humblest of projects can, with the right ideas and participation, become far more "big and professional" than one might ever imagine.shaking up its roadmap a little -- though not "scrapping" the 1.1 release as had been reported in some outlets. The 1.1 release was originally planned for this month, but that has been changed to a 1.5 release planned for September. Chris Hofmann, Mozilla's director of engineering, talked to us about the change in the roadmap, and what's ahead for Firefox and Thunderbird.
Hofmann said that the version number change was made for a number of reasons:
Firefox developer Asa Dotzler also wrote about the change:
Indeed, there are quite a few new features and other changes in Firefox 1.5, many of which we covered on LWN with the first Deer Park Alpha release. The 1.5 release should have improvements in pop-up blocking, tab reordering, Scalable Vector Graphics (SVG) support and ECMAScript for XML (E4X) support.
One of the improvements that Hofmann highlighted for 1.5 is Firefox's extensions system. According to Hofmann, the 1.5 release will handle versioning information of extensions and "ability for the browser to recognize extensions that might be incompatible with specific releases." Hofmann also said that this release would allow the user to turn extensions on and off, something that the Firefox 1.0 does not allow -- though some extensions, like Greasemonkey do provide that feature directly.
The 1.0 to 1.5 jump will also bring about some changes to the Firefox API, which may affect extensions that work with the current interface.
Thunderbird is also being shifted from a 1.1 release to a 1.5 release around the same time frame as Firefox. Hofmann said that the version bump for Thunderbird was, in part, because development had been moving along nicely for Thunderbird as well -- but also because the Mozilla Foundation is trying to keep version numbers for both applications in sync. He noted that Thunderbird 1.5 would have improvements in spam detection and for detecting phishing attacks, in-line spell checking and improved RSS features. Thunderbird 1.5 will also feature improvements for updates, and users should be able to do updates from Thunderbird directly.
Though the feature sets are sketchy at this point, the Mozilla Foundation's roadmap calls for a Firefox 2.0 release in early 2006 and a Firefox 3.0 by the end of 2006. One feature that Hofmann talked about for future releases is Xul Runner. According to Hofmann, Xul Runner will allow Firefox, Thunderbird and other applications "to share core components of technology." According to Hofmann, any one of the Mozilla applications would include the core features, and then users would only need to download "a thin layer" for additional applications.
Hofmann said that the first instance of Xul Runner would be available "around the time we ship Firefox 1.5," and that the next versions of Firefox and Thunderbird would be built on top of Xul Runner and "allow sharing of common code" that both applications use.
Given the amount of time 1.5 has been in development (Firefox 1.0 was released in November, 2004) it seems a bit ambitious to plan the 2.0 and 3.0 releases in 2006. However, anything is possible. Meanwhile, the Firefox 1.5 Beta is scheduled for August, and a second alpha release is available now for brave souls who can't wait for new features, or who are eager to help in testing.
SecurityGreasemonkey extension, which allows users change the behavior of web sites.
A serious vulnerability was found in Greasemonkey last week by Mark Pilgrim, author of the upcoming book "Greasemonkey Hacks," and Dive Into Greasemonkey. Pilgrim discovered that a combination of two flaws in Greasemonkey could allow user data to be transmitted to virtually any site.
We spoke to Pilgrim about the vulnerabilities, and the security of Greasemonkey in general. According to Pilgrim, Greasemonkey's first flaw would allow a web page access to the APIs to call remote pages. A page with an exploit for this vulnerability would allow the exploit to call code from other sites without the user being aware of it. This could include posting data to another site.
The second exploit allowed pages to access file URLs, which could allow a remote site to browse the content of a user's hard drive. In conjunction with the first vulnerability, "remote pages could access any file on your system... [they could] recurse through the entire hard drive and post it anywhere in the world, really. And that's bad."
These vulnerabilities are fixed in the 3.5 version of Greasemonkey, though it is a "neutered" version that lacks the Greasemonkey APIs. Pilgrim said that a beta had been released that should retain functionality and clear up the security holes that he had found.
Even though the vulnerability has been closed in the latest versions of Greasemonkey, Pilgrim said that users could still be vulnerable to malicious user scripts. "Greasemonkey is very powerful, and people need to be aware what they're installing." Indeed, there does seem to be a level of concern that the problems with Greasemonkey are in its features, not its vulnerabilities. The concept of allowing users to run scripts in the browser developed by third parties, who may not have the users' best interests in mind, opens up some scary possibilities.
Since Firefox and Greasemonkey are becoming increasingly popular with less technical users, we asked Pilgrim how those users could verify that the scripts they install were safe, and if there was any way for the Greasemonkey team to protect those users.
We also asked Chris Hofmann, director of engineering for Mozilla, about the Greasemonkey vulnerability and whether the Mozilla developers could do anything to make extensions safer for users. Hofmann also said that much of the responsibility lies with the user to verify the source and function of extensions. "Users should take caution for any extensions they download, and to authenticate the source of the extension." He also explained that the default operation of the browser was to warn users before installing any software, to prevent any extensions or scripts from being installed without the user's knowledge.
It's worth noting that Firefox is not unique in allowing extensions or add-ons like Greasemonkey. Pilgrim noted that Turnabout for Internet Explorer performed the same function for IE, by allowing users to run scripts to change the function of websites. Just as with Firefox, Turnabout users could easily run malicious scripts if they're not careful about where they acquire them.
There's really nothing unique about the Greasemonkey situation, though. Spyware and adware have propagated in large part because users have been willing to download and install software without questioning the source of the software or any possible side-effects. The best that the Greasemonkey team can do is ensure that their software is not subject to vulnerabilities like the two that Pilgrim discovered. Beyond that, the responsibility will remain with the user to verify that extensions, scripts and other software is suitable for use.
|Created:||July 26, 2005||Updated:||August 16, 2005|
|Description:||Clam AntiVirus versions < 0.86.2 is vulnerable to integer overflows when handling the TNEF, CHM and FSG file formats. By sending a specially-crafted file an attacker could execute arbitrary code with the permissions of the user running Clam AntiVirus.|
|Created:||July 21, 2005||Updated:||August 12, 2005|
|Description:||The fetchmail POP3 client has an arbitrary code execution vulnerability that may be triggered by a malicious POP server. See this advisory for more information.|
|Package(s):||apache httpd||CVE #(s):||CAN-2005-1268 CAN-2005-2088|
|Created:||July 25, 2005||Updated:||November 7, 2005|
|Description:||Watchfire reported a flaw that occurred when using the Apache server as an
HTTP proxy. A remote attacker could send an HTTP request with both a
"Transfer-Encoding: chunked" header and a "Content-Length" header. This
caused Apache to incorrectly handle and forward the body of the request in
a way that the receiving server processes it as a separate HTTP request.
This could allow the bypass of Web application firewall protection or lead
to cross-site scripting (XSS) attacks.
Marc Stern reported an off-by-one overflow in the mod_ssl CRL verification callback. In order to exploit this issue the Apache server would need to be configured to use a malicious certificate revocation list (CRL).
|Created:||July 22, 2005||Updated:||July 27, 2005|
|Description:||libgadu, a library implementing the Gadu messaging protocol, suffers from a set of integer overflow vulnerabilities. This vulnerability affects a number of other packages; see, for example, this KDE advisory for kdenetwork and Kopete.|
|Created:||July 21, 2005||Updated:||July 27, 2005|
|Description:||The emacs movemail POP utility has an arbitrary code execution vulnerability that can be activated by connecting to a malicious POP server.|
|Created:||July 27, 2005||Updated:||July 27, 2005|
|Description:||The phpbb2 package suffers from a cross-site scripting vulnerability.|
|Created:||July 25, 2005||Updated:||July 27, 2005|
|Description:||The Gentoo Linux Security Audit Team discovered that the sandbox utility was vulnerable to multiple TOCTOU (Time of Check, Time of Use) file creation race conditions. Local users may be able to create or overwrite arbitrary files with the permissions of the root user.|
|Created:||July 21, 2005||Updated:||October 10, 2005|
|Description:||Shorewall has a vulnerability in which a client that is accepted by MAC address filtering can bypass other rules, allowing access to all open services on the firewall.|
|Created:||July 26, 2005||Updated:||August 23, 2005|
|Description:||Georgi Guninski discovered that it was possible to construct Vim 6.3 modelines that execute arbitrary shell commands by wrapping them in glob() or expand() function calls. If an attacker tricked an user to open a file with a specially crafted modeline, he could exploit this to execute arbitrary commands with the user's privileges.|
|Created:||July 27, 2005||Updated:||July 27, 2005|
|Description:||The webcalendar utility suffers from an information disclosure vulnerability.|
|Created:||July 21, 2005||Updated:||April 11, 2006|
|Description:||zlib has a vulnerability that can cause code that executes it to crash if a corrupted file is opened.|
Page editor: Jonathan Corbet
The current -mm tree is 2.6.13-rc3-mm2. Quite a few patches have been added to -mm recently, but they are almost exclusively fixes for various problems. Andrew estimates there are over 100 patches in -mm which need to go straight into 2.6.13.
The current 2.4 prepatch is 2.4.32-pre2, released by Marcelo on July 27. It includes a small number of fixes, including one which closes a security hole.
Kernel development news
A big part of the software suspend problem is getting the system into a quiescent state before putting it on ice. To that end, processes are put into the "refrigerator," a special sort of suspended animation. When suspend time comes around, every process on the system is sent a special signal telling it that refrigeration time has come; each process, once it gets to a good stopping point, checks itself into the fridge and does not run again until after the system has been resumed.
The problem that this scheme runs into is that some processes are dependent on others. If a process which, for example, is involved with getting data written to disk is refrigerated too early in the process, it may never be possible to get the system to a state where it can be suspended. So the software suspend patches try to figure out which processes must be allowed to continue running while the system is being quiesced. It has always been a bit of a hit-and-miss business. The current suspend2 patches try to clean up that process a bit.
Many of the processes which should not be refrigerated are associated with various driver workqueues. So the mainline suspend code marks every workqueue process with the special PF_NOFREEZE flag, keeping it out of the clutches of the refrigerator. But most of those processes can be refrigerated just fine with no ill effect, and they should be. Having unneeded processes running when the system is trying to suspend itself can only serve to destabilize the entire situation.
Previous versions of the suspend2 patches changed the workqueue API so that every creator of a workqueue had to explicitly state whether it should be refrigerated or not. That approach worked, but it broke every create_workqueue() call. The current patch, instead, leaves the existing calls alone, but extends the API with a couple of new calls:
struct workqueue_struct *create_nofreeze_workqueue(const char *name); struct workqueue_struct *create_nofreeze_singlethread_workqueue(const char *name);
As an aside, one notes that kernel namespace is starting to acquire some very long function names. One might almost wish for the good old days, when only the first six characters of a function name were used.
Seriously, however, these functions show how refrigeration is now handled with workqueues. By default, worker tasks associated with workqueues will be put on ice when the system is suspended. Anybody wishing to create a workqueue which does not behave that way must call one of the new functions.
This change has been propagated down to the generic kernel threads layer, which also picked up a new function:
struct task_struct *kthread_nofreeze_create(int (fn)(void *data), void *data, const char *namefmt, ...);
This patch seems likely to be merged with, at most, minor tweaks. Nigel's second patch, however, got a somewhat less friendly reception. It creates a new process flag called PF_SYNCTHREAD. Any process which is actively trying to flush data to disk is marked with this flag; the end result is that it will be passed over by the refrigerator during the early part of the suspend process. In this way, processes which are creating dirty pages can be put on hold prior to those which are trying to clean those pages up. This patch is not popular, however; it has been criticized for being overly intrusive when simply flushing all pages to disk prior to beginning the suspend process would do the trick. So, unless things change, this patch will not go in.
In any case, these patches are just preparatory work for a larger event: the merging of a new refrigerator implementation. That code has not (recently) been posted; stay tuned.
Consider, for example, the realtime rlimits feature, which can be used to enable otherwise unprivileged users to run processes with elevated priority. Andreas Steinmetz recently noticed that this feature does not work in the 2.6.13-rc3 kernel. This would seem to be just the sort of feedback the process needs: a user, testing a feature in a -rc kernel, found a bug and provided a patch to fix it. As a result, that particular bug will not be present in 2.6.13.
The only problem is that, as confirmed by Ingo Molnar, the bug is a little older than that. In fact, the realtime resource limit feature does not work at all in the stable 2.6.12 kernel, and nobody noticed until now. This is a feature which can be tested by just about anybody, but that work clearly had not been done. Given that nobody appears to be using this feature, Ingo is not confident that the fix can go into a 2.6.12 stable release; this one will have to wait for 2.6.13.
It should be said that testing realtime resource limits is not an entirely straightforward operation; setting that limit requires changes to the PAM library, C library, and the shells as well. Very few distributions - and no major ones - are shipping those changes at this time. Even so, unprivileged realtime scheduling is a feature that a number of people had been asking for. It is a little surprising that none of those people noticed that it failed to work in a major kernel release. Getting comprehensive testing coverage for the kernel is clearly still a problem - even before drivers are taken into account.
The idea behind CKRM is to give system administrators a high degree of control over how the resources on a system are used. To that end, it puts every process into a "class," then applies rules specifying which resources are available to each class. On the classification side, CKRM includes a rule-based classification engine which can pigeonhole processes in a number of ways: its user or group IDs, the command it is running, which ports it is listening to, etc. Classification engines are pluggable, however, so a site with specific needs could write its own. It is also possible for an administrator to directly shove a process into a given class by way of a virtual filesystem interface.
The controlling side regulates how much of the system each class can use. Maximum limits can be applied, in a way similar to the resource limits built into the kernel now. There is also a mechanism for specifying a "guarantee," a minimum amount of resource which will be allocated to a class. So an administrator can set things up such that the web server will not take more than half the CPU, or that the X server will always get at least 20% if it needs it.
That leads to another component of CKRM: controllers. Each controller manages the allocation of one specific resource in the system. CPU usage is regulated by the CPU controller; as it happens, the CKRM patches in the -mm tree do not currently include that controller. The CPU controller extends its fingers fairly deeply into the Linux scheduler, and the developers do not feel that it is ready for inclusion quite yet. In fact, the only controllers currently in -mm handle the total number of tasks and the rate at which processes can fork. Many other controllers are in development, handling resources like main memory, disk I/O bandwidth, network bandwidth, and more.
The CKRM patches are large - over 14,000 lines in -mm. They also must place hooks into many sensitive parts of the kernel in order to be able to monitor process transitions and enforce resource limits and guarantees. Any patch which digs into parts of the core kernel in this way is going to see a fair amount of scrutiny, and CKRM is no exception. In this case, many developers see CKRM as an overly complex subsystem which is aimed at the needs of the customers of one specific vendor. Most Linux users simply do not need to have such fine-grained control over resource usage on their systems.
CKRM looks like a bit of a long-term maintenance headache as well. Every subsystem which requires distributing hooks around the kernel (think of the Linux security modules, the audit subsystem, or inotify as other subsystems of this type) is essentially overlaying a new structure on top of the base kernel. Any changes to the kernel must be done carefully so that none of the overlaid structures will break. So each one of these structures makes kernel programming a little harder; it is one more thing a developer must keep in mind when making changes. Mix in the fact that most kernel developers (and testers, for that matter) will not have CKRM configured into their kernels, and it becomes clear that a subsystem like CKRM could turn out to be relatively fragile.
Supporters of CKRM see it as a useful tool for the management of larger systems (they see applications for smaller systems as well). In particular, it can be used with virtualization systems (Xen or UML, for example) to consolidate servers onto a smaller hardware base while providing appropriate resource guarantees for the guest servers. Thus, says Gerrit Huizenga, CKRM can be thought of as part of the "eco-computing movement." CKRM imposes no overhead on the system if it is configured out, and almost no overhead if it is built in but not used. Since CKRM is useful for some users, and stays out of the way for the rest, it is worth adding to the kernel.
For now, CKRM is in -mm for people to play with; Andrew Morton has noted that it is not, yet, on a path toward inclusion in the near future. He wants to see a real debate, however, and not a simple, offhand rejection:
So far, that reason has not been provided in any definitive way. So expect to see this topic come up again as the developers try to get a real answer on whether CKRM is headed for the mainline or not.announced the availability of a git repository containing all of the kernel development history back to the beginning of the BitKeeper era. Using the new "pack" format, the entire history fits in less than 200MB of disk space - less than a single, uncompressed kernel source tree. This history does not currently tie into the current mainline, though there are ways to stitch it all together. Note that this history is obtained by way of the CVS repository; some information is lost by taking this path, but potential disputes over the use of the BitKeeper metadata are avoided.
Linus's note does not say where the repository can be found; it will be on your favorite kernel.org mirror under /pub/scm/linux/kernel/git/torvalds/old-2.6-bkcvs.git.
Patches and updates
Core kernel code
Filesystems and block I/O
Page editor: Jonathan Corbet
News and EditorialsSlackware Linux is the fact that, unlike most other major distributions, its developers have so far ignored any non-x86 platforms, including the increasingly popular AMD64 processor. The good news is that, because Slackware development is completely open and transparent, it is often just a matter of time before an itch is scratched and a new project is born. This is the case of Slamd64, a port of Slackware Linux to the AMD64 processor.
Developed by a UK-based college student named Fred Emmott, the first stable version of Slamd64 was released in June 2005 as version 10.1, following a long series of alpha releases and four release candidates. We installed it on a machine with the following specifications: AMD64 3500+ processor (2.2GHz), K8N Neo2 (Socket939) mainboard from Micro-Star International, 2 GB of DDR SDRAM, 2 x 120 GB Maxtor hard disks, Plextor PX-712A DVD/CD rewritable drive, and NVIDIA GeForce4 Ti 4600 graphics card. The monitor was a standard 19 inch LCD from Mozo International.
Before booting the installation CD, we noted a few differences between Slackware Linux and Slamd64. Firstly, Slamd64 is an unofficial port without any endorsement from the Slackware project. Unlike Slackware 10.1 and its current branch, both of which still default to the 2.4 kernel series, Slamd64 10.1 comes with kernel 126.96.36.199, inclusive of support for SATA drives. KDE, the distribution's default desktop, is present in the same version as in Slackware 10.1, but more recent KDE 3.4.1 packages are also provided on download mirrors. GNOME is not included, although contributed Freerock GNOME packages, compiled for x86_64, are available from a third-party source. And despite its name, Slamd64 will also work on Intel's EM64T chips.
The installation program differs very little from the one in standard Slackware. The curses-based, menu-driven process has not changed much in years, providing a simple, but well-tested and reliable installer. Why, then, did it suddenly collapse with a segmentation fault, right after setting up the swap partition? A quick trip to the project's online forum provided an answer - this is a known issue that occurs on certain system configurations. Our workaround was simply to skip setting up the swap partition; we added it to /etc/fstab later, once we booted into the newly installed system. Luckily, this was the only bump on the otherwise neat and smooth road.
The first boot took us to a console boot prompt. As is the case with any Slackware installation, a fair amount of manual work awaits a user who intends to set up the system as a graphical workstation - we had to make some changes to the network configuration file, set up xorg.conf and create new users. We also downloaded the most recent version of NVIDIA binary graphics driver, which installed and worked flawlessly at first try. Once done, we were able to launch KDM and login to the KDE desktop.
Compared to other major Linux distributions, Slackware is a lean system. It is slightly on the conservative side, especially when it comes to the selection of packages included with the distribution, often favoring well-established packages over newer and more progressive ones (don't expect to find GRUB or Postfix among the included packages). It goes without saying that Slamd64 is still leaner. There is no OpenOffice.org or Firefox, and besides KDE, the only other available desktop environments are Fluxbox and XFce. Since Slackware 10.1 was released some 5 months ago, most of these packages are now somewhat outdated. Of course, there is nothing wrong with running KDE 3.3.2, but since the distribution maintainers have been kind enough to provide binary packages for KDE 3.4.1, we decided to take advantage of the offer. The installation with pkgtool went without a hitch.
Next, we started looking for some other applications to install. We visited LinuxPackages.net, a web site providing the largest collection of contributed packages for Slackware Linux. To out delight, we found a section listing x86_64 packages, and although it wasn't nearly as well-populated as the i386 section, we were able to locate a few dozens of useful packages, including Audacity, Firefox, Postfix, Snort, and Subversion, just to name a few. Some of the packages already present in Slamd64 were available in newer versions - such was the case with The GIMP and K3b. Many packages were fresh - Firefox 1.0.6 for Slamd64 was released within days after its source code became available upstream. GNOME 2.10.1 was also listed. Although we discovered that the number of Slackware packages for the x86_64 architecture were nowhere near the numbers one might find in third-party repositories for Fedora, Mandriva or SUSE, there clearly is an ongoing effort to build 64-bit Slackware packages and provide them to the community.
Like other major distributions, Slamd64 ships with compatibility libraries for running 32-bit applications. We were able to install and use several 32-bit binary packages, such as OpenOffice.org 1.1.4 or Opera 8.01. According to Fred Emmott, many other 32-bit binary packages will work, although they are not officially supported. As is the case with Fedora or SUSE, the 32-bit libraries are stored in /lib, while the 64-bit ones are placed in /lib64.
Our overall impressions of Slamd64 were positive. Although we came across a minor installation glitch, once the system was installed, we found it blazingly fast. The 32-bit OpenOffice.org Writer and Calc launched in under 3 seconds, while the native 64-bit applications felt still more responsive. Like its parent, Slamd64 is a clean, robust system which is a pleasure to work with. Users who prefer a package manager with a dependency resolution feature can easily install slapt-get, which reportedly works well on Slamd64. We didn't expect to find a large number of third-party 64-bit binary packages for Slackware on the Internet, but were pleased to see a reasonably active developer community making an effort at building some of the more important ones. And although the Slamd64 web site provides little in terms of documentation, it does have a fairly active user forum and mailing list. Frequent updates in the "current" directory are a further testament that the developers of this young project are serious about building a solid Slackware-based distribution for the x86_64 platform
New ReleasesIf you already have a Mandriva system installed you can simply perform an update with urpmi: the file trees for i586 processors or 64 bit x86_64 compatible processors are on the /devel/2006.0/ subdirectory of the mirrors. You will also find ISO images for 3 CDs, also available for both architectures. Mini ISO files contain the minimum needed to perform an installation and allow to add extra package sources from FTP mirrors during the installation." SoHoServer is a general purpose SoHo solution based on the recent release of Debian "sarge". The preinstalled and configured server software includes Apache2, PHP4, Perl, Mysql, Proftpd, Bind, DHCPd, Postfix, Dovecot, Shorewall, Squid, DansGuardian, Webmin, and Usermin." WHAX v.3.0 has been announced. "WHAX is the natural evolution of WHoppix - a live cd, standalone penetration testing toolkit. There are some major new features in WHAX which add huge functionality compared Whoppix, and may change the way we use live distributions."
Distribution Newsbeen declared a success. "More than 300 people attended this year's Debian Conference, which took place from July 9th to 17th at the University of Helsinki, Finland. The conference has been supported by more than 20 sponsors and featured a lot of talks, workshops, demonstrations, coding marathons and round table discussions on various aspects of the Debian project."
Henrique de Moraes Holschuh looks at a new Alioth project to host the planning, design work, any documentation and eventual reference implementation and deployment coordination for new initscript engines in Debian.
Pascal Hakim reports that it is now possible to subscribe and unsubscribe from individual bugs in the Bug Tracking System.
Enrico Zini provides a status report on the merging of Debtags data into the Packages file.Unofficial Fedora FAQ has been updated for Fedora Core 4. "One of the major updates in the Fedora Core 4 FAQ is an entirely new, super-simple method of configuring yum." The theme for our first bug day will be 'Pick Your Poison.' Anything in bugzilla is fair game! The goal will be to try and triage as many bugs as possible, close out duplicates as well as linking to upstream bug trackers. Additionally, we have the special honor of trying to file and close out as many Documentation Bugs as possible."
Distribution NewslettersFedora Weekly News includes articles on Red Hat Magazine - July 2005, Fedora BugZappers Triage Team, FUDCon London, 2005, Introducing Deer Park, Rev'ing up Your Backups, Thomas Guide: Remote Desktop, Current Status of Nrpms.net, Firefox 1.0.6 Released, mplayerplug-in 3.01 Released, Safe way to remove old kernels, and more. Gentoo Weekly Newsletter for the week of July 25, 2005 is out. This week's edition marks Bug #100,000 since the Gentoo Bugzilla was started in 2002, plus another look at keeping gentoo-sources-2.4, and other topics. DistroWatch Weekly for July 25, 2005 is out. "It is 'shoulder season' in the distribution land. Apart from several minor distribution releases, it was a slow week, with only the launch of the Utnubu initiative and a new beta release from Mandriva providing some excitement. Prompted by a satisfied user, we have taken a closer look at StartCom MultiMedia Edition, an interesting distribution based on Red Hat Enterprise Linux. Apart from these topics, we have all the usual columns, complemented by a quick tip for using digital cameras, mobile phones and music players under Linux."
Package updatesfreeradius-1.0.4-1.FC4.1 (new version 1.0.4), ypserv-2.13-7 (crash with ypxfr), setarch-1.8-1.FC4 (fix possible segfault), openoffice.org-1.9.117-3.1.0.fc4 (add patch to avoid missing FormWizard spam on save), pvm-3.4.5-5_FC4 (bug fixes), subversion-1.2.1-2.1 (update to 1.2.1), module-init-tools-3.1-4 (fix depmod segfault), system-config-netboot-0.1.22-1_FC4 (bug fixes), setools-2.1.1-2 (upgrade to 2.1.1-2), nfs-utils-1.0.7-10 (add patches), libsepol-1.5.10-1.1 (fix reset booleans warning message again), gnbd-kernel-188.8.131.52-20050420.133124.FC4.43, dlm-kernel-184.108.40.206-20050601.152643.FC4.10, cman-kernel-220.127.116.11-20050601.152643.FC4.9, GFS-kernel-18.104.22.168-20050601.152643.FC4.9, gnome-panel-2.10.1-10.2 (backport fix for recent-files memory leak), system-config-printer-0.6.131.3-1 (fix an unwanted interaction with SELinux), tar-1.15.1-7.FC4 (bug fixes, clean up), util-linux-2.12p-9.7 (bug fixes), gcc-4.0.1-4.fc4 (fixes, updated from CVS, rebuilt for FC4), libtool-1.5.16.multilib2-2 (needed for gcc-4.0.1 update), system-config-bind-4.0.0-20_FC4 (bug fixes), mgetty-1.1.33-3_FC4 (bug fixes), apr-0.9.6-3.1 (updated libtool script), audit-0.9.19-2.FC4 (minor fixes).
Fedora Core 3 updates: pvm-3.4.5-5_FC3 (bug fixes), mgetty-1.1.31-3_FC3 (bug fixes), system-config-netboot-0.1.22-1_FC3 (bug fixes), util-linux-2.12a-24.4 (add support for OCFS2), tar-1.14-5.FC3 (bug fixes, clean up), gcc-3.4.4-2.fc3 (updates and fixes), system-config-bind-4.0.0-20 (bug fixes), mgetty-1.1.31-4_FC3 (bug fixes).slackware-current changelog for complete details.
Distribution reviewsreviews Slackware Linux version 10.1. "Performance of the Slackware desktop itself is superb. I've not found a desktop yet that outperforms it on my systems (save for VectorLinux, which is a Slackware variant designed to perform well on older hardware). Gentoo, and consequently VidaLinux , come close but Slackware rocks them all." looks at ELX Biz Desktop. "When I installed ELX I was pleasantly surprised. All the applications functioned properly, the multimedia applications worked immediately upon installation, the interface was intuitive and easy to configure, and I could find almost no bugs. It appears to be a very mature product."
Page editor: Rebecca Sobol
DevelopmentGnu Privacy Guard (GnuPG) is an open-source encryption, key management, and decryption application that is available under the GNU General Public License (GPL). GnuPG is intended to be used for securing digital communications and data storage.
The main GnuPG features include:
A wide variety of front-end applicaions are available for GnuPG, they include GUI interfaces, mail and chat program interfaces, and scripting interfaces.
Building GnuPG from source was a simple matter of downloading and verifying the code, unpacking, then running the usual configure, make, and make install steps. Using the code was easy, a quick pass through the GnuPG Mini-Howto document showed how to create a key, and perform simple encryption and decryption of a file.
Stable version 1.4.2 of GnuPG was released this week. It features a number of changes to the ID card software, new command completion capabilities, improvements to the key cleaning function, and more. If you should need any encryption capabilities, from simple secure file trading to complicated security systems, GnuPG is there to help.
Database SoftwareFirebird 2 database is available for testing. "Read the general notes on page 2 of the Alpha 3 release notes carefully FIRST! Particularly, try out the new international language support that has been introduced in this alpha." introduces Perl's Test::MockDBI on O'Reilly. "Test::MockDBI mocks up the entire DBI API by using Test::MockObject::Extends to substitute a Test::MockObject::Extends object in place of the DBI. A feature of this approach is that if the DBI API changes (and you use that change), you will notice during testing if you haven't upgraded Test::MockDBI, as your program will complain about missing DBI API method(s)"
Web Site Developmentaroundme is available for testing. "'aroundme' is social networking and team interaction software. It has three central components: a social network, groupware, and activities and task management. It works with standard Web server configurations, and uses only about 3Mb of disk space. The amount of space each user has for image storage is configurable at installation. Features include membership and group wiki, blog, events, tasks, and polls; user multiple profiles, customisable social networking; simple publishing tools; a membership and group access control system; and an RSS feed." Midgard's 1.7 release is a major overhaul of the whole Content Management System. Besides the stable and mature Content Management features of first generation Midgard, it also ships a preview version of second generation Midgard capabilities, allowing developers to have a glimpse at the new day of Midgard2." This release addresses several bugfixes and some low security issues as well as the recently seemingly wide-spread XSS issue (only affecting Internet Explorer)." Tapestry is unlike most other frameworks in that it doesn't use code generation; instead it uses a true component object model based on JavaBeans properties and strong specifications. Tapestry applications require far less Java coding and are far more robust than equivalent applications developed with other popular frameworks." The Tapestry Support Network has also been launched. has been announced. "This Release Candidate is meant for testing purposes only, and contains a number of new features that make management of XOOPS powered websites easier and more flexible. Among the major changes are the dynamic userprofile, which is now a module for easier upgrading and enhancement, an extended Private Message system (also as a module), themable administration interface, and many many smaller enhancements, fixes and features."
Business Applicationsannounced the availability of four "enterprise" applications, all released under the GPL. They are: Tiny Project, a project management tool; Tiny Accounting, a double-entry bookkeeping system; Tiny Marketing, a marketing campaign manager, and Tiny CRM, a customer relationship management tool. The tools are written in Python, and there are Debian packages available.
Desktop Environmentshas been announced. "Fisterra 2 at the moment contains: "fisterra-base": a stable and mature GNOME framework to develop sectorial applications. "fisterra-distribution": a beta implementation yet, with POS (point of sale) functionality."
ElectronicsKicad, a printed circuit CAD application, is available. Changes include cosmetic enhancements, a new mouse function, translation and documentation improvements. XCircuit, an electronic schematic drawing package, is out. The device auto-numbering system is being reworked.
Gameshas been announced. The Changes include: "command line interface improved considerably - use .ini files for init". Also, version 1.0 of Phil's pyGame Library is available.
Interoperabilityhas been announced. Changes include early theme support in common controls, MSHTML improvements, Direct3D improvements, early LDAP support, bug fixes and more.
Mail Clientsis available. "Sylpheed-Claws is an extended version of Sylpheed, a GTK+ based, lightweight, and fast e-mail client. This is the GTK 2 version of Sylpheed-Claws. This release includes improved GPGME, IMAP, and printing support."
Music ApplicationsMMA is a accompaniment generator -- it creates midi tracks for a soloist to perform with. User supplied files contain pattern selections, chords, and MMA directives. MMA is very versatile and generates excellent tracks. It comes with an extensive user-extendable library with a variety of patterns for various popular rhythms, an extensive user manual, and many demo songs."
Office Suitescovers the release of KOffice 1.4.1. "Among various bugfixes and language improvements, the KOffice 1.4.1 release further improves support for the OASIS OpenDocument file format." looks at the KDE plugin for OpenOffice.org. "A year and a half after launching the KDE.OpenOffice.org Integration Project, the KDE plugin with the Native Widget Framework as become part of the official OpenOffice.org development packages."
Scienceis available. "This release features improved performance of LiteRenderer, Shapefile (now indexable), and PostGIS."
Web Browserslooks at the development of Epiphany, the default GNOME web browser. "Since the GNOME 2.12 feature freeze is in effect, its time to reflect on where Epiphany, GNOMEs default web browser, stands and where its going."
A followup article addresses some of the concerns raised in the first article.reports that Mozilla 1.7.10 has been released, with a security update to the Mozilla Application Suite. "There was no Mozilla 1.7.9 release: it was cancelled after it was discovered that changes in the equivalent 1.0.5 releases of Mozilla Firefox and Mozilla Thunderbird caused some problems." are available. "The test builds made available today contain a fix for the folder switching issue (bug 300749) but do not feature code to correct the problem that makes cursor keys non-functional in the message composition window (bug 301917)." covers the release plans for Firefox 1.5. "ZDNet UK is reporting that the next major release of Mozilla Firefox has been delayed and will now be known as Firefox 1.5 rather than 1.1. The upgrade is now set for a September release." has announced the publication of the minutes from the July 18, 2005 mozilla.org staff meeting. "Issues discussed include new hires, Mozilla Firefox 1.0.5 release feedback, release management in general, the Firefox 1.0.6 API fix release, Firefox 1.1 Beta 1, Mozilla Thunderbird 1.1 Alpha 2, Spread Firefox and quality assurance."
Word Processorshas been announced. "The changes from 2.3.2 to 2.3.4 (2.3.3 was never any good) include a lot of bugfixes, as we are working on stablizing the 2.3 development series towards our first stable 2.4 release. No record of the exact list of changes is available for this release."
Miscellaneousis available. "KnowledgeTree is a powerful Open Source document management system. Capabilities include advanced document version control, full text search, multiple search types, extensible metadata for documents, customizable dashboard and authoring workflow. Version 2.0.7 of KnowledgeTree continues the incremental bug fixes and behind-the-scenes improvements to the Document Management System."
Languages and Tools
Javahas been released. "JasperReports, our July 2005 Project of the Month, is a free Java reporting library. XML report templates are used to generate ready to print documents using data from customizable data sources, including JDBC. The output can be delivered to the screen, printer, or stored in PDF, HTML, XLS, CSV and XML format".
Lisphas been announced. "GNU CLISP [2.33.2] is now available for download. CLISP is a portable ANSI Common Lisp implementation, a compiled, object-oriented, dynamic, functional, interactive programming environment. New features: MOP, weak structures, case sensitive symbols, global error handlers. New modules: matlab, rawsock, zlib, i18n, pari."
PerlThis Week in Perl 6 is available with the latest Perl 6 news. presents ten Perl tips on O'Reilly. "The following ten tips come from Perl Best Practices, a new book of Perl coding and development guidelines by Damian Conway."
PHPPHP Weekly Summary for July 25, 2005 is out. Topics include: Inheriting apxs compiler flags; ext/mail?; SQLite row size; internal static properties; fread() bug; ext/standard dependencies; regression change in HEAD; preparing for 5.1.0.
IDEsis available. "This is a major bugfix release for wxPython 2.6 and Mac OS X. The new features are configurable shortcuts and a realtime updating sidebar."
Page editor: Forrest Cook
Linux in the news
Recommended Readingshows how one person modified a Fedora Core 4 system to make it boot faster. "As Linux has advanced it has increasingly become slower to boot. I have tested on my machine 4 Linux distributions: Linspire, Fedora 3 & 4, Suse 9.2 & 9.3, and Debian. And on average between all these distributions Linux needs around a minute to 1 and half minutes to go from boot loader to graphical login screen. So I decided to look into reducing the time it takes to boot my current setup, which is Fedora 4. In doing so I was able to reduce the boot time of my Fedora 4 installation to less than 25 seconds (just above 24 seconds on average). Below I have documented what I did, and what you can use to potentially reduce your boot up time for Linux." an O'ReillyNet article calling for more usability in Linux audio applications. "Don't get me wrong, there are certainly efforts going in to this area and applications such as Ardour, Wired and Rosegarden, but these tools face a number of uphill battles in winning me over. The interesting point is that the challenge is not focused so much on features but on usability and integration." an update on the Debian Core Consortium, which is set to be formally announced at LinuxWorld. "Debian's technology is highly regarded, and it is already widely used for tasks such as web hosting, but its diffuse nature has made it difficult for software and hardware vendors to put support plans into place. The DCC aims to give Debian a more predictable release cycle, and to give software and hardware vendors a single point of contact."
Trade Shows and Conferencescovers the first day of the 2005 Ottawa Linux Symposium on O'Reilly. "One advantage of the close examination that a conference like this one gives to its subject matter is that you see the unsavory underside. Marcel Holtmann zipped expertly through a comprehensive assessment of the state of Bluetooth on Linux (the BlueZ project) and how far each protocol had come. Martin J. Bligh reported the frustrations of making memory management robust on Linux. Even though millions of sites are comfortably and reliably running Linux, the basic operating system task of memory management has a way to go."
The SCO Problemdoes some digging into SCO's recent addition to the New Russell Microcap Index. ""If you're a busy person and don't want to play around with your investments, Russell offers opportunities to get the type of solid investment program that some of the world's largest, most sophisticated investors use. We bring together some of the world's best money managers to meet our clients' needs. We do this through industry-leading money manager research used by corporate investors like AT&T, Boeing, United Airlines, and organizations like the Bill & Melinda Gates Foundation." Well, well. What do you know? Look who just showed up. Mr. Gates. Purely coincidentally, I'm sure."
Companiesexamines IBM's involvement in the Harmony project, an effort to make an open-source version of the Java Platform, Standard Edition. "In the past week, IBM has dedicated an employee to working with the proposed open-source project, which is being done at the Apache Software Foundation, said Rod Smith, vice president of advanced technology at IBM. At this point, IBM's participation is limited to thoughts on design, but the company likely will contribute code to the project, Smith said. "I think you'll see some code down the road. I'm sure you will. But right now, it's getting involved in some of the ideas and design they're trying to put together," he said." examines a recent patent application by Microsoft. "Microsoft has filed for a patent on the smiley face. No. Really. Literally, they have applied for this: "A method, comprising: selecting pixels to be used as an emoticon; assigning a character sequence to the pixels; and transmitting the character sequence to a destination to allow for reconstruction of the pixels at the destination.""
Linux Adoptiondiscusses a reluctance in moving to Linux and open-source code by the health care industry. "Health-care organizations are not planning to replace their Unix or Microsoft operating systems with Linux, said Massimiliano Claps, senior research analyst at IDC Canada, adding if that's going to happen, it's going to happen first with Unix. Despite the much-touted advances open source is making in various government IT projects around the globe, it's not even on the radar when it comes to electronic health records, said panelists at the recent e-Health 2005 Conference." (Found on LinuxMedNews.)
Interviewsan interview with John Markoff. "John Markoff is the author of What the Dormouse Said. In this interview, John expands on the idea he presents in his book that the counterculture shaped the evolution of the computer industry. He touches on all the players here: visionaries like Doug Engelbart and his team at SRI, John McCarthy and the people at Stanford Artificial Intelligence Laboratory), activist Fred Moore, and roleplayers like Stewart Brand and Ken Kesey." interviews Colin Percival, a FreeBSD security officer. "To the second question: you should listen to me because I have written a 12-page academic paper presenting and discussing a serious security vulnerability, and nobody has been able to refute my results. I believe that my work stands on its own; it doesn't need my name attached to give it credibility." has announced a new People Behind KDE interview with Thiago Macieira. "Thiago is a Brazilian who spends his time reading the kde-bugs-dist mailing list. Somehow he also finds time to look after the networking code in kdelibs and his dog Kayla. He also tells us why he has two clocks and includes a Unix story in Old English."
Resourcescontinues with a series of articles on migrating from x86 to PowerPC. "In this episode of the ongoing Kuro Box project, learn how to add a USB camera to the machine. This article includes example Linux code to initialize and read from a USB camera through Video4Linux. Also find a brief introduction to edge detection techniques in captured images." introduces Business Process Modeling in an O'Reilly article. "Business Process Modeling (BPM) is a set of technologies and standards for the design, execution, administration, and monitoring of business processes. In this article, Mike Havey, author of Essential Business Process Modeling, briefly describes the state of BPM today and the BPM standards, then builds an ideal BPM architecture using the example of a retailer process." builds a wireless ISP (WISP). "Setting up a wireless Internet Service provider (WISP) for your office or neighborhood doesn't have to be a taxing or expensive ordeal. If you build your network from easy-to-buy equipment and use Linux, you can use the power of shell scripts to make network management easy. This article gives you the tips and scripts you need." takes a look at running desktop Linux on a laptop. "I spent the better part of two days trying a variety of distributions. Before people start writing comments about how much better their distributions run than the one I chose, let me say I played no favorites. I wanted performance and I got it with Ubuntu. Contrary to what some of you might believe, it's not my favorite Linux distro. It simply performed the best in this case." an article on writing portable patches. "One of the things I usually take care of as a Gentoo packages maintainer is sending patches to upstream developers. If a patch is applied upstream, we can remove it from future versions of a package so we have less work to do to maintain the package. Unfortunately, it seems that other distributions and packagers don't always do the same. This is true not only for Linux distributions such as Debian, Fedora Core, and SUSE, but also for maintainers of packages in places like FreeBSD's Ports, DarwinPorts or Fink. Here are some tips for developers on making things easier for yourself and everyone who has to touch your code." an O'ReillyNet tutorial on how to set up replication with MySQL. "Typically, replication is a system configuration whereby the MySQL server, known in this context as a master server, houses the data and handles client requests, while another MySQL server (a slave server) contains a complete copy of the data and duplicates all SQL statements in which data is changed on the master server right after it happens. There are several uses for replication (e.g., load balancing), but the concern of this article has to do with using replication for data backups."
Reviewsprovides a preview of KDE 3.5. "Stability of this prebeta version is very good. I rarely encountered crashes or freezes. Speed is also about the same as with current stable version 3.4.1. The default font sizes have been reduced to 10 points, which makes a little bit more room on the screen." (Found on KDE.News) takes a look at Scribus, on Linux Magazine. "For the most part, Scribus should have all of the features most users need to create complex documents for publication. It's more than suitable for home users who might want to create nice-looking documents (expect this year's Christmas newsletters to look extra-nice), and should be able to handle a great deal of professional DTP work as well. It's apparently quite good at creating PDF forms for small businesses as well."
Miscellaneouswrites about a recent trip to Taiwan in a Blog posting. Many interesting culinary delights were sampled. "I took the opportunity presented by the visit to arrange speeches at a few other universities, and meet with hardware companies to ask them to cooperate with free software. We visited the campus of ASUS (which always made me think of Spanish "Jesús" without the J). There one person deigned to meet us, and his attitude was that the free software community was beneath their notice. On discovering this, I told him I was sorry to waste his time, and left. However, the people at VIA, Realtek, RALink and MSI showed an interest in cooperating. Some even offered to provide advance specs for free BIOS support." (Thanks to Keith Howanitz.) reports that the LinuxFund credit card program is getting back in business. "LinuxFund's new head, David Mandel, told NewsForge in an interview the funding -- $500 per month for a year to Debian, Freenode, and Wikipedia -- will be given to the projects quarterly and is part of an effort to get LinuxFund back on track. Mandel said that with help from LinuxFund's founder, Benjamin Cox, he was confident the project, and more importantly its payments to FOSS developers, would resume and possibly even grow." This ZDNet column tries to draw attention to the set of core ideas which characterize all Unix-derived systems. "People who categorize the Unix market as splintered or fractured are generally trying to compare it unfavorably to Microsoft's Windows. That's simply wrong: Windows is a brand, Unix a set of ideas. The Windows brand has been consistently handled, but there's essentially no continuity of ideas between the 3.0, 95, NT, and Longhorn Windows generations. The Unix hardware makers, in contrast, have tried hard to differentiate their products through branding when, in reality, all of their products have been part of the same family. Oddly enough, therefore, both beliefs: that Microsoft has been consistent and that Unix hasn't, are consequences of marketing fictions."
Page editor: Forrest Cook
Non-Commercial announcementsEU public licence. Interested parties are invited to join the online discussions on the EUPL at the eGovernment Observatory's forum.
Commercial announcementsannounced the availability of "Intrepid M", a standalone box intended to help with the management of networks of Linux systems. "Through an intuitive interface, a Linux systems administrator with as little as two years of experience can use the Intrepid M to quickly deploy, rollback and migrate RPM-based Linux servers (whether running RedHat, SuSE, or Fedora distributions) from a central location -- all without the need to install the operating system or applications directly on computers." has announced the receipt of a Coverity Quality Certification for the PostgreSQL-based RDBMS database. "EnterpriseDB Corporation, an enterprise-class database company, announced today that its PostgreSQL-based RDBMS was analyzed by Coverity Prevent, the worlds most advanced static software analysis tool, and found to contain only 20 defects in more than 775,000 lines of code. This is the lowest defect density (one defect per nearly 39,000 lines of code) reported by Coverity for an open source relational database." announced that it will hold a demonstration of the Open-Xchange Server at the LinuxWorld Expo in San Francisco, CA on August 9-11, 2005. "Open-Xchange enables easy migration and integration to an open source environment -- allowing IT administrators to create and implement killer-apps without changing existing infrastructure components, i.e. databases, directory services, message transfer agents, e-mail servers or web-servers." To date over 1,000 companies have signed up to qualify for a free copy of the Xandros replacement for Windows business desktops. This clear sign of enterprises being ready for Linux, surpassed even Xandros expectations. Challenge participants download a free trial of the new Version 3 of the Xandros Business Desktop Operating System (OS), which provides seamless compatibility with the latest Windows servers, including domain authentication support, logon scripts, and group policy profiles. Participants who fill in a detailed questionnaire to help Xandros identify future enterprise needs will be rewarded with a fully licensed boxed copy of the Xandros Business Desktop OS."
New Booksavailable online (Creative Commons noncommercial license), or can be purchased. (Seen on BoingBoing).
Upcoming EventsFAVE is a new event for people who are interested in free and open source creative software on Linux and other computer platforms." In a four-day workshop hosted by V2_, sound artists Frank Barknecht and Aymeric Mansoux will introduce the basics of Audio Signal Processing (ASP) in the fields of real-time music production. This workshop specifically targets people who want to develop their work in the digital sound field or those people curious about the processes involved behind the audio software they already use." the first will be held in Orlando, FL on September 12-16, 2005 and the second will be held in Barcelona, Spain on November 7-10, 2005. OSI is going to be holding a public meeting at O'Reilly's OSCON the first week of August. It's to be held on Thursday evening at 7:30PM in room D135 of the conference hotel." call for papers has gone out for the 2005 Open Source Developer's Conference. The event takes place in Melbourne, Australia on December 5-7, 2005. Proposals are due by August 19. announced the Pacific Northwest Venture Capital Symposium. The event will take place in Bellevue, Washington on September 12-13, 2005.
|July 28, 2005||Black Hat Briefings USA 2005||Las Vegas, NV|
|July 29 - 31, 2005||DefCon 13||(Alexis Park)Las Vegas, Nevada|
|July 31 - August 4, 2005||2005 SIGGRAPH Computer Animation Festival||Los Angeles, CA|
|July 31 - August 5, 2005||USENIX Security Symposium||Baltimore, MD|
|August 1 - 5, 2005||O'Reilly Open Source Convention||(Oregon Convention Center)Portland, Oregon|
|August 1 - 5, 2005||CIFS 2005 Conference and Plugfest||(Doubletree Hotel)San Jose, CA|
|August 4, 2005||Penguincon 2005||Israel|
|August 4 - 7, 2005||Linux 2005||(University of Wales)Swansea, UK|
|August 8 - 11, 2005||LinuxWorld Conference and Expo||(Moscone Center)San Francisco, CA|
|August 20, 2005||Free Audio and Video Event(FAVE)||(Trinity Community and Arts Centre)Bristol, UK|
|August 27 - September 4, 2005||aKademy 2005||(University of Málaga)Málaga Spain|
|August 31 - September 2, 2005||YAPC::EU::2005||(University of Minho)Braga, Portugal|
|September 1 - 2, 2005||Symposium on Security for Asia Network(SyScAN'05)||(The Dusit Thani Hotel)Bangkok, Thailand|
|September 1, 2005||GOTO10 ASP digital sound workshop||Rotterdam, the Netherlands|
|September 1 - 4, 2005||GOTO10 ASP digital sound workshop||Rotterdam, the Netherlands|
|September 5 - 9, 2005||International Computer Music Conference(ICMC 2005)||Barcelona, Spain|
|September 14 - 16, 2005||php|works||(Holiday Inn Yorkdale)Toronto, Canada|
|September 16 - 18, 2005||ToorCon 7||(San Diego Convention Center)San Diego, CA|
|September 19 - 21, 2005||Plone Conference 2005||(Semper Depot, Lehargasse)Vienna, Austria|
|September 20 - 23, 2005||New Security Paradigms Workshop(NSPW)||(UCLA Conference Center)Lake Arrowhead, California|
Web siteshas announced two new Project and Developer Blogs. "This will be the permanent home of project lists, status updates and what is happening with a given project or feature. The site's success will really depend on developer interaction and whether or not the community finds the status information helpful."
Page editor: Forrest Cook
Copyright © 2005, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds