LWN.net Weekly Edition for May 18, 2006
The Novell Partner Linux Driver Process
Every so often, somebody shows up on the linux-kernel list with the same bright idea: separate the device drivers from the rest of the kernel and release them independently. Then drivers could be installed or updated without having to change the entire kernel. This idea never gets very far; among other things, it implies the creation of a stable driver API, which is just not in the plans. But the idea keeps coming back anyway.When Novell's breathless press release, describing a "device driver breakthrough" which "solves Linux device driver compatibility issues," your editor's first thought was that this old idea had returned yet again. This breakthrough process "allows customers to obtain drivers independently of Novell kernel updates," after all, and is said to make life easier for vendors. As it turns out, however, Novell has no plans for defining any sort of stable kernel API; instead, it has created a mechanism making it easier for vendors to cope with the existing, dynamic API.
Essentially, a vendor with a driver for its hardware can approach Novell, pay whatever fee is required to become a "partner," and have its driver distributed through the SUSE YaST mechanism. If the partner supplies versions of the driver which work with distributed SUSE kernels, Novell will make sure that each user gets the right version. Novell will provide API change notifications, helping vendors to keep their drivers working with current kernels. If the vendor becomes an Extra Special partner, Novell will take care of much of the driver updating work themselves.
To some, this program looks for a way for Novell to help vendors who ship proprietary drivers. And there may be some truth to that view. But the real customer base may be elsewhere. Imagine that you are a vendor selling products into a highly competitive market. When your new widget comes out, you do the right thing and contribute a driver to the mainline tree. Even if the driver is accepted on the same day (a relatively unlikely course of events), it will not appear in a released kernel for a month or two, and it will not show up in released distributions for some months (or years) after that. By the time normal users can install the driver, the device is already obsolete and being replaced by something newer, shinier, and faster. And, in any case, having the driver in new distributions is of little help to customers who are running older kernels and don't want to change that.
The Novell program will make it easy for this vendor to make drivers available for the range of currently installed SUSE systems, without forcing a kernel upgrade on their customers. If the program is done right, it could change the landscape for the better: vendors would have an easier time supporting the range of distributor kernels, and users would get current drivers, even on older systems. If done wrong, it could lead to more out-of-tree drivers, but Novell appears to have anticipated that concern. From the driver partner FAQ:
As long as vendors use this program as a backporting mechanism, it will do nothing but good for everybody involved. If they use it as a way to avoid the kernel development process or the need to release their code, the benefits will be rather less. The initial signs are good enough, however, that it is worth wishing Novell luck in this endeavor.
Java becomes more distributable
With a great deal of fanfare, Sun Microsystems used its podium at JavaOne to announce a change in the Java licensing terms intended to make it easier for distributors to ship Sun's Java implementation. To this point, the terms have been so difficult that few distributors bother; those wanting to run Java code must either install Sun's implementation themselves, or go with one of the free alternatives. Sun, perhaps seeing that said free alternatives are rapidly improving, has tried to reestablish its own dominance by way of a small licensing tweak. It is a half measure at best.Sun's new terms go under the name "Operating System Distributor License for Java," or "DLJ" for short. As always, when pondering licenses, one must go to the actual text. So, for the curious, a look at the text of the DLJ (v1.1) is warranted. The core of the DLJ is this:
So distributors can now ship the Java code as part of the operating system, assuming they meet all the conditions - and there are several of those. They include some obvious ones, such as indemnification of Sun from liability, and some that one would expect, such as the requirement that the software be distributed without modifications. Some of the other conditions are interesting, though. Consider:
So the license only applies to operating system distributors. This clause would appear to make it impossible for a third party to distribute Java packages for somebody else's distribution. So this license may not improve the lives of people who run distributions from organizations which will not distribute non-free code at all.
Next condition:
So Sun's Java remains incompatible with any free Java implementations and, presumably, a fair amount of related code. How this term might affect the combination of Sun's Java and Eclipse is an interesting question.
Finally, there is a term stating that if any compatibility issues arise
"
This license can be advantageous for distributors with mechanisms for
distributing non-free software. Some of them may now be able to ship Sun's
Java code for the first time. Thus, for example, Java has just landed in Debian's non-free
repository; Ubuntu and Gentoo seem interested as well. But the new
license will not help Fedora users, since there is no place in Fedora for
non-free code (though what Red Hat does with RHEL could be different). For
all the hints made at JavaOne regarding the eventual open-sourcing of Java,
this code remains resolutely non-free at this time. Sun's slightly more
friendly license has not changed that fundamental fact.
There are, of course, many other improvements to the code which help to
make it more robust and maintainable, but which tend not to show up on
feature lists. Your editor has been running the occasional daily build
with good results. This looks to be a release which exposes Rockbox to a
wider user base and, in general, draws more attention to the project.
Only one problem remains: it doesn't all work yet. There are a number of
codec issues, such as confusion when the user skips around too much. A
number of trouble reports with the H1xx models have been posted. Battery
life on the H3xx is still far less than with the iRiver firmware. In
general, the list
of open bugs is on the long side for a project on the verge of a stable
release.
The Rockbox developers thus find themselves in a place familiar to many
projects: trying to decide when to make a major release. Putting out a
buggy system would not endear Rockbox to many of its users, and could set
the project back severely. Meanwhile, however, the ongoing feature freeze
has brought development to a stop and is creating a fair amount of patch
pressure. The developers would very much like to get this release out of
the way and move on to working on the new, fun stuff.
Getting releases out is one of the biggest challenges faced by many free
software projects. There is a natural tension between the creation of
truly stable releases and going on to develop the Next Cool Thing. A
number of techniques have evolved as a way of resolving this conflict:
Interestingly, the Linux kernel has moved slowly toward this mode over
time with its 6-8 week process.
The Rockbox developers do not appear to welcome the idea of creating
a separate development branch. So some sort of compromise between a timely
release and a bug-free release will have to be found. There is some
sentiment for putting out 3.0 on Monday the 22nd, with known bugs if need
be. The worst of those bugs might subsequently be fixed in an update
release shortly thereafter. So, while Rockbox 3.0 will doubtless make
many users entirely happy, it may well be a true "dot-zero" release for
others.
As
the previous article in
this series pointed out, one of the key developments in the rise of
open content was the drafting of suitable licenses to codify the
freedom to use these materials in various ways. One important licensing option
is that of modifying open content to create new works. Licenses may
open up the possibility of such collaborative ventures, but on their
own are not enough. Practical tools are needed to help people to
work together on open content. For that, software code is required
alongside the legal code, and application development has played just
as important role in the rise of open content as the refining of
appropriate licenses.
The
catalytic effect of tools can be seen in the sphere of blogs, which
represent a very popular, if coarse-grained, kind of online
collaboration. Several online Web diaries were around as early as
1995, the same year that the authors of Suck's
mordant posts first stepped onto the punishing daily treadmill that
has become a hallmark of top blogs. But the term “weblog”
only appeared
in December 1997, and was shortened to “blog”
in 1999, by which time there were just 23 of them according
to one count.
The
trigger for their rapid growth was the arrival of tools such as
LiveJournal, Pita, Blogger and Groksoup in 1999 that made creating
blog posts as easy as sending an email. Once the medium began to
take off, keeping up with all the postings became a problem.
Technology provided the solution through the Really Simple
Syndication (RSS)
standard, which grew out of earlier work by Dave Winer and Netscape.
Once in place, this apparently obscure XML standard allowed blog
readers to subscribe to a blog feed – vastly easier than going
to a blog and reading posts one by one.
The
availability of this technical solution drove the readership of blogs to
even higher levels. Now the problem became not so much reading the
posts you had subscribed to, but finding blogs of interest among the
millions out there. The solution – dedicated blog search
engines like Technorati –
flowed from another of Dave Winer's technical innovations: the blog
ping. Each time someone made a post to a blog created with
Winer's software, the program pinged his site weblogs.com,
which held a record of all such postings. Blog search engines like
Technorati could therefore use the pings as a signal to refresh their
indexes for the site in question, ensuring that they were always
up-to-date. By contrast, conventional search engines tend to be days
or even weeks behind the rapid posting rhythm that distinguishes
blogs from traditional Web pages.
Blogs
are clearly collaborative – their essence is the intellectual
give-and-take between those posting, quoting and linking, and those
commenting, which together create a kind of patchwork communal
document. But to allow a more thoroughgoing and fine-grained
collaboration, where texts could be modified right down to the level
of individual words, a new kind of software had to be developed, what
came to be called the wiki.
Significantly,
it was in the world of coding that this solution emerged. Ward
Cunningham, now employed
by the Eclipse Foundation, is well-known for his work on areas like
agile development and
extreme
programming. Many of agile development's principles read as if
they were referring to open source and open content, notably in
valuing “individuals and interactions over processes and
tools,” and “customer collaboration over contracts
negotiation”.
Another
important field that Cunningham has been associated with is design
patterns, notably through his Portland
Pattern Repository. It was for the latter that Cunningham
created WikiWikiWeb
in 1995 as a way of
facilitating the exchange of ideas between programmers. The name
“wiki” comes from a Hawaiian term meaning
“quick”, and was chosen in part for its alliteration with
the word “Web”, mimicking “WorldWideWeb”.
The “quickness” refers to the ease with which Wiki pages
can be added or edited, allowing content to be worked on in a true
collaborative fashion.
This
apparently minor modification of previous Web technologies has led to
a proliferation of large-scale collaborative open content, both on
the public Web and, increasingly, on corporate intranets. Perhaps
the most famous example is Wikipedia,
which grew out of Nupedia,
an earlier online encyclopedia. Nupedia did not employ the wiki's
completely open approach for content creation, and never got beyond
producing a handful of articles, whereas Wikipedia has already passed
the one million article mark for the English language alone.
Alongside
Wikipedia there is Wikimedia
Commons, which offers non-textual open content – images,
sounds and videos. But unlike the main Wikipedia articles, these are
rarely edited or modified, even though many are released under
licenses that would permit this. Similarly, the huge holdings of
open content images on Flickr
tend to be used as they are, rather than as the basis for derived
works. As well as these consolidated collections, there is
Yotophoto, a dedicated open
content search engine for images, and similar facilities on Google,
Yahoo
and the open source Nutch
(all available from the Creative Commons search
page, included by default among the Firefox search engines),
which allow material to be found across the Web.
The
ready availability of graphical open content raises the question of
what might be done with it. Tools like GIMP
have been around for years, but so far there does not seem to be the
same kind of broad collaborative tradition for graphics as there is
for texts. An interesting first attempt can be found in Kollabor8,
and recently the film “Elephant's
Dream”, produced using the 3D graphics creation package
Blender, has
been released
under a Creative Commons license.
One
area of non-textual open content where collaboration does seem to be
thriving is that of music. This is probably for both historical and
technical reasons. Musicians have always used the work of others as
springboards for their own music, often incorporating tunes, motifs
or chord progressions directly. In addition, the well-defined
time-based nature of music (beats/bars/phrases) provides an
easily-grasped framework within which fragments/samples from various
sources can be placed either sequentially or simultaneously –
something lacking for graphical images, where spatial relationships
are not so formally defined. The abundance of high-quality open
source music creation, editing and mixing software may be another
contributory factor.
Whatever
the reason, open content music is flourishing, as the existence of a
number of music sites offering material for remixing indicates. One
recent commercial example is My
Life in the Bush of Ghosts [Flash], by David Byrne and Brian Eno, while,
on the non-commercial side, the Creative Commons site has a
flourishing audio/music
section. Past and present projects found there include the Wired
CD, which offered tracks from major artists that were made freely
available for remixing (though usually only for non-commercial
purposes), and the ccMixter site.
The latter encourages musicians to upload samples, and to take each
other's music for use as the basis of new open content works which
can then be added to the pool of raw materials for others to work on.
An alternative approach is offered by MyVirtualBand,
which enables collaboration to take place even earlier in the
creative process.
Glyn
Moody writes about open source and open content at opendotdotdot.
caused by the interaction of the Software with your Operating
System
", the distributor has 90 days to fix the problem or stop
distributing Java. It is unlikely - but not inconceivable - that such a
term could be used to pressure a distributor to change Linux system call
semantics which could be deemed to cause incompatibilities.
Waiting for Rockbox 3.0
Frequent LWN readers will be well aware that your editor has had some real
fun playing with Rockbox, a set of
GPL-licensed firmware for digital music players. So the Rockbox 3.0
release, originally scheduled for March 15, is of more than passing
interest. This release will offer a number of new features:
Open Content III: the code
Security
Diebold election insecurity systems
It would seem obvious that protecting the integrity of election results would be the paramount goal of a company that provides voting equipment, but a recent report (PDF) indicates otherwise. BlackBoxVoting.org released a report by Harri Hursti last week that documents extremely serious flaws in the design of touchscreen voting terminals from Diebold Election Systems that could lead to an unscrupulous person or organization having complete control of the software on those systems.An attacker with physical access to the voting terminal can permanently change the programming of a terminal in a way that is difficult or impossible to detect. With a PCMCIA memory card, phillips-head screwdriver, and 5 minutes of time, any portion of the software that runs on the terminal can be modified. It is not just the voting application that can be replaced; the operating system and even the bootloader can also be changed via this mechanism.
No tamper resistance or detection mechanisms are included in the terminal hardware making it impossible to tell whether it was opened to access the PCMCIA slot. There is no cryptographic or other authentication of the code that is to be loaded, just some very simple integrity checking (checksum or CRC presumably) of the binary. Evidently, Diebold decided to make field upgrades simpler at the cost of providing little to no protection against abuse.
It is well understood by security experts that preventing physical access to computers is the first step in securing them. Unfortunately, election officials and polling place workers are not typically security experts and the access to the terminals is not strictly limited. In fact, they are regularly taken to polling places (schools, churches, etc.) or to the homes of polling place supervisors several days in advance of an election. In addition, because the bootloader code can be modified, a clever attacker could install code that survived any number of software upgrades, waiting to be activated at the proper time. Diebold even conveniently provides an external switch, accessible to a voter, that could be used to trigger the dormant code.
This is not the first time that Diebold security has been found to be woefully inadequate and, once again, the company does not seem to understand the problem. A spokesman for Diebold, David Bear, had this to say:
Bear tries to deflect the criticism by claiming that it is only election officials who could make these changes, but there are actually a huge number of ways that it could happen. Simply showing up at the county clerk's office in an official looking Diebold uniform would probably be enough to get access to the machines in many areas.
Unfortunately, it is not just Diebold that misses the implications of this kind of threat; various election officials, many of whom spent a great deal of taxpayer money buying Diebold voting equipment, also downplay the threat. Several elections, including a primary last Tuesday in Pennsylvania, are going on as scheduled using the equipment, seemingly without any concern that the terminals could have been tampered with.
For the most part, this is a hardware problem: the Diebold terminals were not designed to be tamper-proof, instead they were designed to be easy to access. This is something for the various advocates of other voting technologies, including open source voting, to consider. Having the source code to the binary that is supposed to be installed is not sufficient, there needs to be some way to ensure that it is the software that is currently running. Having a way to resist tampering with the hardware and to detect attempts to tamper with the hardware are also mandatory for any voting system.
There seems to be a great deal of resistance to the idea of having a paper trail that can be verified by the voter as a backup system, at least from the voting equipment vendors, but this would seem to be the most sensible check on the proper functioning of the equipment. It still provides the instant gratification of vote counts that seem to be required, but also allows for an auditable recount should one be necessary. The lackadaisical approach to security and the resistance to an auditable paper trail might lead a cynical person to believe that those in power like things exactly as they are.
New vulnerabilities
apache: denial of service
| Package(s): | apache | CVE #(s): | |||||
| Created: | May 11, 2006 | Updated: | May 17, 2006 | ||||
| Description: | There a bug involving Apache 1.3.35 and glib concerning wildcards in Include directives. If an Include statement is issued in an already included file, Apache can be caused to crash. | ||||||
| Alerts: |
| ||||||
kernel: multiple vulnerabilities
| Package(s): | kernel | CVE #(s): | CVE-2006-2271 CVE-2006-2272 CVE-2006-2274 CVE-2006-2275 CVE-2006-1864 | ||||||||||||||||||||||||||||
| Created: | May 12, 2006 | Updated: | July 13, 2006 | ||||||||||||||||||||||||||||
| Description: | Multiple vulnerabilities in the Linux have been found.
| ||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||
phpldapadmin: cross-site scripting
| Package(s): | phpldapadmin | CVE #(s): | CVE-2006-2016 | ||||
| Created: | May 15, 2006 | Updated: | May 17, 2006 | ||||
| Description: | Several cross-site scripting vulnerabilities have been discovered in phpLDAPadmin, a web based interface for administering LDAP servers, that allows remote attackers to inject arbitrary web script or HTML. | ||||||
| Alerts: |
| ||||||
quagga: multiple vulnerabilities
| Package(s): | quagga | CVE #(s): | CVE-2006-2223 CVE-2006-2224 CVE-2006-2276 | ||||||||||||||||||||||||||||
| Created: | May 15, 2006 | Updated: | July 24, 2006 | ||||||||||||||||||||||||||||
| Description: | Paul Jakma discovered that Quagga's ripd daemon did not properly
handle authentication of RIPv1 requests. If the RIPv1 protocol had
been disabled, or authentication for RIPv2 had been enabled, ripd
still replied to RIPv1 requests, which could lead to information
disclosure. (CVE-2006-2223)
Paul Jakma also noticed that ripd accepted unauthenticated RIPv1 response packets if RIPv2 was configured to require authentication and both protocols were allowed. A remote attacker could exploit this to inject arbitrary routes. (CVE-2006-2224) Fredrik Widell discovered that Quagga did not properly handle certain invalid 'sh ip bgp' commands. By sending special commands to Quagga, a remote attacker with telnet access to the Quagga server could exploit this to trigger an endless loop in the daemon (Denial of Service). (CVE-2006-2276) | ||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||
vnc: authentication bypass
| Package(s): | vnc | CVE #(s): | |||||||||
| Created: | May 16, 2006 | Updated: | May 17, 2006 | ||||||||
| Description: | It was possible to bypass vnc authentication in version 4.1.1. | ||||||||||
| Alerts: |
| ||||||||||
webcalendar: information disclosure
| Package(s): | webcalendar | CVE #(s): | CVE-2006-2247 | ||||
| Created: | May 15, 2006 | Updated: | May 17, 2006 | ||||
| Description: | David Maciejak noticed that webcalendar, a PHP-Based multi-user calendar, returns different error messages on login attempts for an invalid password and a non-existing user, allowing remote attackers to gain information about valid usernames. | ||||||
| Alerts: |
| ||||||
Page editor: Jonathan Corbet
Kernel development
Brief items
Kernel release status
The current stable 2.6 kernel is 2.6.16.16, released on May 10. It contains yet another security fix; this one is for a denial of service problem in the filesystem locking code.
The current 2.6 prepatch is 2.6.17-rc4, released on May 11. It is
almost entirely made up of fixes; Linus says "this is the time to
hunker down for 2.6.17
". The long-format
changelog has the details.
Nearly 100 patches have been merged into the mainline git repository since -rc4 was released; they are almost all fixes.
The current -mm tree is 2.6.17-rc4-mm1. Recent changes to -mm include CacheFS, a patch making address space operations constant, the deprecation of smbfs (see below), the per-task delay accounting patches, eCryptfs, and klibc, a lightweight C library for use in initramfs code.
Kernel development news
Quotes of the week
On the future of smbfs
The venerable smbfs code allows Linux systems to mount filesystems exported via the SMB protocol. It thus can be used for accessing files exported from a Windows system. This filesystem has seen a lot of use over the years, but has, in recent times, been overtaken by the newer CIFS filesystem. At this point, CIFS receives almost all of the developer attention, and most users have (or, at least, should have) moved over.As an example of the difference in how smbfs and CIFS are maintained, consider the 2.6.16.11 stable kernel update, which contained a fix for a security problem in the CIFS code. Though CIFS has its roots in smbfs, nobody was paying enough attention to realize that smbfs might suffer from the same vulnerability. Thus, while 2.6.16.11 fixed the CIFS problem on April 24, the matching smbfs fix (which forced 2.6.16.14), did not appear until May 4, eleven days later. In the mean time, smbfs was vulnerable to a known bug, for anybody who thought to look for it.
The 2.6.17-rc4-mm1 kernel recognizes the unmaintained nature of smbfs with a patch marking it as being deprecated and slated for eventual removal. All remaining users are encouraged to move over to the CIFS implementation instead. For some users, the end has come sooner - the Fedora Core 5 kernel already does not support smbfs. Since there is an alternative in the kernel and ready to go, this migration should not be a big problem.
It is a nice scenario, but there is one little problem: the CIFS code cannot work with Windows 95 and Windows 98 systems. Without smbfs, Linux users will not be able to mount shares exported from hosts running those old versions of Windows. Some observers have commented that those versions of Windows are too old to support, but Linus isn't buying it:
The word from Andrew Morton is that Windows 9x support for CIFS is in the works, and should, with luck, by ready in time to go into 2.6.18. If things happen that way, then the 2.6.18 kernel might just include a deprecation notice for smbfs, and smbfs could be marked "broken" by the end of the year. Anybody still using smbfs should consider themselves warned.
Big serial ATA changes
Jeff Garzik has recently let it be known that he has merged a large set of patches to the serial ATA (SATA) subsystem. Says Jeff: "If all goes well, this update should improve error handling, solve several outstanding, difficult-to-solve bugs, and provide a good foundation for adding some nifty features in the future." His plans are to get the new code merged into the 2.6.18 kernel, once that cycle begins. The result could be a significantly different experience for Linux SATA users, some of whom have been fighting problems for some time.
The patches themselves have been posted to the linux-ide list. It makes for some imposing reading: they are 122 patches, divided into eleven sets. This flood of code is primarily the work of Tejun Heo, though Jens Axboe and Albert Lee have also played a significant part. In brief, what is coming is:
- A completely reworked libata error handler. This code makes up about
a third of the total set of patches, and cleans up a lot of things.
It creates a modularized error handling mechanism which allows
low-level drivers to intervene or change the response at various
points in the process. Memory needed for error handling is now
allocated ahead of time, minimizing the possibility for complications
just when things are already going wrong. There is a special circular
buffer set aside for recording errors; this information is used, for
example, within the recovery code to determine that the error rate is
too high and that transmission speed should be lowered.
The result of all this work should be a much more robust SATA subsystem which can recover from a much wider range of errors.
- A new programmed I/O loop which uses interrupts, rather than older
method of polling the controller from a kernel thread. In cases where
programmed I/O is needed, the new code should be more efficient.
- Native Command Queuing (NCQ). NCQ is the SATA version of tagged
command queuing - the ability to have several I/O requests to the
same drive outstanding at the same time. NCQ eliminates the idle time
between when one command completes and the next is issued, but the
real advantage is with the ordering of operations. The Linux block
I/O subsystem attempts to issue block I/O requests in an efficient
order, but it must use a certain amount of guessing, since there is no
way to know how the blocks are really organized on the disk. But the
drive itself knows very well where each block lives, so it is well
placed to optimize the ordering of requests. The result can be a
significant improvement in performance.
The Linux NCQ implementation can have up to 32 operations outstanding at any given time - though both the drive and the host controller can reduce that number. Your editor is not aware of any relative performance benchmarks which have been posted.
- Hotplug support is another large piece of the patch set. With these
patches in place, the SATA layer can deal with drives which come and
go - as long as the underlying hardware was designed with hotplugging
in mind. There is also a "warmplug" capability for more limited
hardware, where a system user can request the addition or removal of
drives on a running system.
- A new layer (called "ata_link") has been added to libata; ata_link handles the physical-layer connection to the drives. The main motivation for ata_link appears to make it possible to support SATA port multipliers, which expand the number of drives which can be plugged into a system. The current port multiplier code supports the "frame information structure" switching mode, whereby all connected drives can be active simultaneously. For now, it only works with the sil24 driver, but support for others will certainly come.
Most of this code has been under development and discussion for some time. The sense (among its developers) is that the bulk of it is ready to go into 2.6.18, though the hotplug, ata_link, and port multiplier code may have to wait for another cycle. Andrew Morton has expressed some concerns about merging all of this code when a rather long list of SATA-related bugs remains outstanding; Jeff responded that this code will fix many of the bugs and make tracking down many of the rest easier. So, chances are, 2.6.18 will include a much-improved SATA layer.
Book Review: User Mode Linux
There are a number of virtualization technologies available for Linux, some of which have gained a lot of headlines in the last year or two. One of the oldest and most interesting, however, maintains a lower profile. User-mode Linux (UML), first implemented by Jeff Dike, takes a unique approach to virtualization. A UML kernel runs within a process on a normal Linux host; it is, essentially, a special port of the kernel designed to run within another Linux system. As a result, a UML system looks like a series of ordinary processes on the host; it can be managed (and debugged) like any other process tree.
![[Book cover]](https://static.lwn.net/images/ns/UML-book-cover.jpg)
UML can be somewhat intimidating at first. It brings a new set of acronyms
and a whole set of complex configuration options. As with many parts of
Linux, the documentation available for UML has not always been everything
one might want. So the publication of User Mode Linux,
written by the same Jeff Dike, is a welcome event. This book is part of
the Bruce Perens Open Source Series, meaning that it will be released under
the Open Content License later this year. For now, however, the book must
be obtained the old-fashioned way. For those interested in UML, it should
be a worthwhile investment.
The book adopts a tutorial format, starting with an introduction to UML and virtualization in general. It provides a walk through of a simple UML session, then introduces virtual disks and network interfaces.
The core of the book is a series of chapters on managing UML and connecting it with the host system (and other UML instances). So there is a chapter on filesystem management, including details on how to provide restricted access to filesystems on the host. A detailed chapter on networking has been provided. UML has several possible network transports which can be used to create isolated networks for UML systems or to connect those systems to the wider world; this chapter covers them all and provides guidance on how to choose between them. Then there is a chapter on the management interface to UML.
The final set of chapters looks at configuring UML for specific tasks. Chapter 11 talks about building UML from source. In your editor's opinion, that chapter comes a little late; everything to that point has simply assumed that UML is already available on the reader's system. Some distributions have UML packages, but others do not. So some early guidance on how to build a UML system and create an initial filesystem for it to boot from would have been nice. The book finishes with some talk of the (ambitious) future plans for UML and a couple of reference sections.
There is no clear information on just which version of UML is covered - an unfortunate omission. The sample boot output in the introductory chapter shows 2.6.10 and 2.6.11-rc kernels.
Minor quibbles aside, it is hard to find much to complain about in Jeff's book. It provides a much-needed reference for an important Linux virtualization mechanism. There are a number of possible uses for UML, including kernel development, server consolidation, embedded systems development, experimenting with different distributions, or the simple joy of running a large cluster on one's laptop. Regardless of their goal, UML users will find this book to be a worthwhile addition to their shelves.
Patches and updates
Kernel trees
Core kernel code
Development tools
Device drivers
Documentation
Filesystems and block I/O
Memory management
Networking
Security-related
Miscellaneous
Page editor: Jonathan Corbet
Distributions
News and Editorials
Debian multiarch support
Multiarch is a concept that involves the ability to run binaries compiled on one architecture on machines with a different architecture. For example, an amd64 system Linux system would be able to run the same binary programs that run on an i386 Linux system. This idea has been talked about by a few Debian developers for at least a couple of years.This week Matt Taggart posted an update on the Debian-devel mailing list, with a pointer to a wiki where information and status is being tracked, and a pointer to a report (PDF) entitled Multi-Arch Implementation Strategy, prepared for HP by Canonical Ltd. What follows is a summary of the report.
The report looks at various ways to extend Debian (and derived systems) to provide multiarch support. Implementation strategies will be tested during the upcoming Ubuntu Eft development cycle and, hopefully, be deployed in the Debian etch release.
The primary problem with multiarch support is in shared libraries normally located in the /usr/lib directory. These libraries are shared by many binary programs and they may also contain architecture specific information. For example, and an AMD64 library would specify such things as address space, calling conventions, word and data sizes, and other information that would not allow a program to load on i386 system.
The currently favored solution is to move the libraries into arch-named subdirectories under /usr/lib. This would allow the binary package to link to the correct architecture specific library.
Another problem is in the architecture dependent binaries in /usr/bin and /usr/sbin. An openssl binary complied for the i386 architecture might run quite well on an amd64 system, but that amd64 system can't have the native version of openssl installed at the same time unless the system administrator put the package in /opt or /usr/local. The proposed location for all architecture-independent binaries is under /usr/share.
When creating shared libraries, developers should keep separate the architecture-dependent files from the architecture-independent files and avoid hard coding the paths to architecture-dependent files. This will avoid naming conflicts, save space, and allow the architecture-dependent files to moved or renamed as needed.
Ideally a multiarch system should not need special packages and should not waste disk space unnecessarily. Package maintainers and system administrators should not need to know more or do more to make the system work. Configuration files should be easily shared by multiple systems.
In the long term upstream developers will need to be retrained to write code that can be more easily shared. In the short term, chroots should be used when installing software from multiple architectures. Environment packages, multiple binary production and automated package rewriting could also help in the short term.
An attempt to get OpenOffice.org 2 running on a multiarch system was used as a feasibility study. While it would be highly desirable to have a multiarch OOo, it was not designed that way and numerous problems were encountered in the process. Ultimately they recommend that multiarch support be built into the package manager. While rewriting massive amounts of existing code is not really feasible, new developers would do well to keep multiarch guidelines in mind when creating new packages and libraries.
New Releases
SUSE Linux 10.1 Released
Version 10.1 of SUSE Linux has been announced. "As usual, we ship all the latest open source packages available at the time. But we want to give special mention to Xgl for 3D acceleration on the desktop (http://www.opensuse.org/xgl), NetworkManager for getting painless wifi access everywhere, the completely open source AppArmor 2.0, and the full integration of XEN 3 in YaST."
rPath Linux 1.0.2 available for x86 and x86_64
rpath Linux has released refreshed ISO images. "These images include all updates through and including updates released on 8 May 2006. If you have already installed rPath Linux 1, you should update your current system using Conary rather than reinstall using the new images."
Puppy Linux 1.09 Community Edition
Puppy Linux has released 1.09 Community Edition.EasyUbuntu "It's all new!" 3 Released!
The EasyUbuntu Team has announced the release of EasyUbuntu 3. "EasyUbuntu 3 is the culmination of 6 months of hard work which will bring a tool to the new Ubuntu user. With no prior Linux experiance, this tool will let you install commonly requested tweaks, and a selection of restricted codecs."
Aurox Live Generator
Aurox, a Fedora-based distribution created in Poland, has announced Live-Generator. "Live-Generator is an integrated pack of scripts for building custom LiveCD distributions based on Aurox Linux. Usage is very simple: user must fill-in the config file (for custom wallpaper, bootsplash, etc.) located in the main Live-Generator directory and run 'generate-live'."
Distribution News
Bits from the DPL: Partners and Debian
Anthony Towns looks at Debian's partners. "So the point of this mail is to encourage everyone to think about ways in which we can help organisations that would like to be our partners work better with us. Because that's harder than it sounds..."
Testing security archive move
The Debian testing security team has announced the integration of the secure testing to the main archive. "We invite Debian users who are currently running testing, or who would like to switch to testing, to subscribe to the secure-testing-announce mailing list, which will be used to announce security updates."
Debian etch transitions
Martin Michlmayr reports on possibility of moving to GCC 4.1 for the etch release. "In summary, there are ~140 bugs that need to be fixed in the next few weeks. If you're the maintainer of a package that does not build with GCC 4.1, please investigate this issue. If you're interested in this transition, please consider submitting bugs and doing NMUs."
Michael Koch looks at a GCJ 4.1
transition. "The Debian Java Team wants to switch the default
version gcj/gij to point to the according 4.1 version. After that is done
all GCJ 4.0 packages will be removed from unstable. Most packages should
just need a simple rebuild. Packages building a native JNI library will
need some manual action as long as gcc-4.1/g++-4.1 are not the default
compilers. The problems are JNI include files which are located in a
compiler specific directory. To make your packages build please add
-I/usr/lib/jvm/java-gcj/include to your compiler flags.
"
Bits from the 2IC
Steve McIntyre reports on his activities as a duly appointed DPL delegate, with a look at the current status of Google Summer of Code applications and projects, moving irc.debian.org away from Freenode, praise for the debian-installer team, and several other topics.Sun Java available from non-free
Official packages of Sun Java are now available from the non-free section of Debian unstable. This license, while still non-free, allows the Sun Java Runtime Environment (JRE) or Java Development Kit (JDK) to be distributed by Debian.For those who care about Debconf but couldn't make it
Ben Hutchings reports that live video feeds are available for at least parts of Debconf. The recordings will also be available in various formats later on.Fedora Core package cleanup project
Will Woods reports on the Fedora Core package cleanup project. "In the past, Core packages have not been held to the same standards as Extras. We want to fix this! We're starting by cleaning up the spec files so that Core packages can all be built using Mock. (If you aren't familiar with Mock, it's a cool RPM build tool that we use to build Fedora Extras.) This is where you come in: We need people to attempt Mock builds of Fedora Core packages, and file bugs when they find packages that don't build."
Unofficial Fedora FAQ Update: 2006-05-11
The Unofficial Fedora FAQ has gotten another update, incorporating various bits of feedback and improvements to the FAQ. "This is mostly a "polish" update, making everything shiny and bright, and revising the instructions to work the best possible."
Discontinued SUSE Linux Distribution: 9.1
SUSE Security has announced that SUSE Linux 9.1 (Personal and Professional edition) will be discontinued soon. Having provided security-relevant fixes for more than two years, vulnerabilities found in SUSE Linux 9.1 after June 15, 2006 will not be fixed.Daily language pack builds for Ubuntu
Martin Pitt notes that the Rosetta translation export has become reasonably stable.. "so today I set up the generation and building of language packs to happen fully automatic now. Every day around 1600 UTC, a complete set of fresh uploadable sources will be available, and installable debs will be built for some languages."
Distribution Newsletters
Debian Weekly News
The Debian Weekly News for May 16 is out. This week's topics include preseeding, multiarch status, moving to gcc 4.1, DebConf6, and more.Fedora Weekly News Issue 46
This week the Fedora Weekly News looks at the Fedora Core package cleanup project, the Fedora Project Board Update 2006-05-09, Dan Walsh: SELinux Tutorials, Dee-Ann LeBlanc: Mono-Based Applications in FC5, India lays down 'open' challenge, ATI: Open v. Closed Drivers, an updated FC5 Network Install, Henrys Fedora Core 5 Install Guide, and more.Gentoo Weekly Newsletter
The Gentoo Weekly Newsletter for the week of May 15, 2006 covers Portage module removal, GWN translations, Gentoo events in Italy, Austria and Norway, and several other topics.DistroWatch Weekly, Issue 151
The DistroWatch Weekly for May 15, 2006 is out. "With a successful SUSE Linux 10.1 release freshly behind us, the attention of distribution watchers can once again turn to Ubuntu, as the project's final two weeks of "Dapper" development focuses on bug fixes and polish. Has Kororaa broken the GPL by including proprietary kernel modules on their live CD? Nobody knows for sure, but even if it hasn't, the controversy means that the project's developers might stop all work on their Xgl edition. Also in this issue: a list of the least popular distributions as determined by our page hit statistics, an interesting new job for Marcelo Tosatti, and a look inside the latest issue of Linux Format. Finally, an opinion piece by Robert Storey about the latest privacy violations by major US telephone and cable corporations."
Package updates
Fedora updates
Updates for Fedora Core 5: NetworkManager (update to latest 0.6.2 stable), wpa_supplicant (bug fixes), sane-backends (add support for Canon Lide 60 scanner), nmap (update to 4.03), tzdata (upstream 2006g), beagle (update to 0.2.6), vnc (bug fixes), kdelibs (bug fixes), kdepim (bug fixes), glibc (update from CVS), selinux-policy (bump for FC5), dosfstools (bug fix), kdebase (add missing kcheckpass), cups (update to CUPS 1.2.0), hplip (update to 0.9.11), libstdc++so7 (bug fix for ppc), php-pear (update to 1.4.9)Updates for Fedora Core 4: nmap (update to 4.03), tzdata (upstream 2006g), spamassassin (bug fixes), kdepim (bug fixes)
Trustix Secure Linux
Trustix Secure Linux has updated vim to the new upstream version which adds spell checking support for about 50 languages, intelligent completion and more.
Newsletters and articles of interest
Puppy Linux founder comments on the OLPC project (DesktopLinux.com)
DesktopLinux looks at the suitability of Puppy Linux for the One Laptop Per Child project. "Because the OLPC spec calls for 128MB of system DRAM and Puppy Linux weighs in at only around 60MB of memory footprint, [Puppy founder Barry] Kauler and a number of Puppy enthusiasts believe it is the right distro for the project. "Puppy is designed for this kind of situation from the ground-up," writes Kauler. "Extremely fast, very small footprint, a full set of applications, limited writes to flash [storage memory] to extend its life indefinitely. There are no compromises -- if you have read commentary about the OLPC project from various sources, you would think that an operating system and applications squeezed into such a minimal system would be severely compromised. Not so.""
Distribution reviews
My desktop OS: Arch Linux (NewsForge)
NewsForge hears from an Arch Linux fan. "Arch Linux is a bleeding-edge distribution built from the ground up using Linux From Scratch as a base with a driving philosophy: keep it simple. However, I've come to learn that simple doesn't mean easy. The Arch Linux definition of simple means that GUI tools should not hinder the full capability of individual software packages. This philosophy engenders a minimalist approach, and Arch clearly defines itself as targeted to "competent Linux users." However, don't let this phrase scare you off. There exist plenty of well-written documents on the ArchLinux wiki and forums to help you out, as well as a wonderful community to aid and assist you if all else fails."
Gentoo 2006.0: Elbow grease required (Linux.com)
Linux.com plows through a manual Gentoo install. "Installing Gentoo using the manual method described in the Gentoo Handbook is, to put it bluntly, a royal pain. It's a good hands-on experience if you're looking to learn about the nitty-gritty of system configuration, but a lousy way to install Linux quickly, and almost certain to be intimidating for anyone who's not well-versed with Linux already."
Using PC-BSD (O'ReillyNet)
O'ReillyNet looks at PC-BSD. "While much of today's article will provide an introduction to what a novice BSD user can expect if they install PC-BSD, users already familiar with FreeBSD and the KDE desktop will still find some interesting features for dealing with ports, cvsup, and updates."
Ututo-e: 'The only free distribution' revisited (Linux.com)
Linux.com reviews Ututo-e. "A year ago, I reviewed Ututo-e, an Argentinian distribution based on Gentoo. Ututo-e is known mainly as the only GNU/Linux distribution endorsed by Richard Stallman and the Free Software Foundation (FSF). This endorsement is based on the fact that Ututo-e, in the words of Peter Brown of the FSF, "makes a commitment to follow the philosophy of the FSF as to what makes a distribution ethically free software." Last year, this endorsement seemed premature, because Ututo-e, while promising in some places, was buggy in many more. A year later, the 2006 release of Ututo-e is more polished, especially in its desktop and selection of administration tools, but its English version still falls below the standard of leading distributions such as Debian or Fedora Core."
Page editor: Rebecca Sobol
Development
A test drive of Firefox Bon Echo Alpha 2
The Bon Echo Alpha 2 release of the Firefox 2 web browser was announced this week. We looked at the alpha 1 release in March.
New features in this version, which include some of the alpha 1 additions, are:
- The default new window behavior opens a new tab, not a new window.
- Each tab now has its own close button.
- Text boxes now feature inline spell checking, errors are underlined in red.
- The browsing session is automatically restored in the event of a crash.
- The Google and Yahoo search boxes have automatic search suggestions.
- Support for the Sherlock and OpenSearch engines has been added.
- There is a new search plugin manager for configuring search engines.
- Previewing and subscribing to web feeds has been improved.
- There is a new Microsummaries feature for adding real-time information to bookmarks.
- A new Add-Ons manager is available for managing extensions and themes.
- Extension system updates improve security and extension localization.
- SVG text on a path support has been added.
![[Firefox Bon Echo a2]](https://static.lwn.net/images/ns/bonechoa2-sm.png)
Your editor decided to give Bon Echo Alpha 2 a test drive in a real-world situation, working on this week's LWN edition.
Installing the browser involved downloading, uncompressing and extracting a tar file, then running ./firefox in the resulting Firefox directory. The older version of Firefox had to be shut down before Bon Echo A2 would start.
The first impression was that the default fonts were somewhat ugly. Font selection is a personal choice, and it was easy to use the usual Edit/Preferences window to select the more pleasing Bitstream Vera Sans font.
Editing an LWN article (see the screen shot) involves using several HTML text boxes, this activated the inline spell checking feature. The red underlining is not terribly hard on the eyes, and it shows up words that are suspect. Surprisingly, Firefox is not in the spelling dictionary. Many, but not all, html tags also show up as spelling errors. A useful addition would be the underlining of html code in another color.
An odd behavior was observed when typing characters into the smaller text box that is shown in the example screen shot. Using the left arrow key to move the cursor worked as expected, but pushing the right arrow key, or the up and down arrow keys caused the window to refresh, and focus was moved to the lower and larger text box. Sometimes, but not always, clicking the mouse in one box would also cause a similar refocus. Clearly, there is still a bug in the code, one should expect that with early releases.
On the other hand, earlier versions of Firefox have had problems involving the loss of text that was yanked into the mouse buffer, that behavior seems to have been improved.
The new search engine features seem to be handy on the first try, typing a word in the search engine field at the top right side of the screen causes a pop-up window with related search topics to show up. The search engine window also has a new arrow that activates the search engine configuration tool.
Despite a few odd behaviors, Bon Echo Alpha 2 was able to handle the exercise of editing and writing LWN articles for several hours without crashing. There are a few known issues with this release, and probably a few more which will show up now that the software is available for general testing. Nonetheless, some useful new capabilities are being added to Firefox. Firefox should hold its position as the default Linux browser for some time.
System Applications
Database Software
Firebird 2.00 Release Candidate 2
Release Candidate 2 of the Firebird 2.00 DBMS is out. "Firebird 2 contains a large number of new features, including derived tables, support for Execute Block, increased table sizes, new improved index code (the 252-byte index length limit is no longer applicable), expression indices, numerous optimiser improvements, enhanced security features, support for on-line incremental backups, new international language support, along with numerous other improvements and bug fixes."
MySQL 4.0.27 has been released - Security Update
Version 4.0.27 of the MySQL DBMS has been released. "This MySQL 4.0.27 release includes the patches for recently reported security vulnerabilities in the MySQL client-server protocol."
PostgreSQL Weekly News
The May 14, 2006 edition of the PostgreSQL Weekly News is out with new PostgreSQL DBMS articles and resources.
LDAP Software
LAT 1.1.2 announced
Version 1.1.2 of LAT, the LDAP Administration Tool, is out. "This release is the 3rd of the 1.1.x development cycle which will eventually become v1.2. If you need a stable release stick with the 1.0 branch."
Security
Sussen 0.21 announced
Version 0.21 of Sussen, a vulnerability and configuration checking tool, is out. "This release fixes some bugs that prevented the applet and agent from running a scan and displaying the results."
Desktop Applications
Business Applications
OpenWFE 1.7.0 released (SourceForge)
Version 1.7.0 of OpenWFE has been announced. "OpenWFE 1.7.0 got released. OpenWFE is an open source java workflow engine / environment. It is a complete Business Process Management suite, with 4 components : an engine, a worklist, a webclient and an 'apre' (Automatic Participant Runtime Environment). This release is the product of a long and detailed effort on streamlining the engine's operations."
Calendar Software
Sunbird 0.3 Alpha 2 Released (MozillaZine)
MozillaZine mentions the release of version 0.3 Alpha 2 of Sunbird, a calendar application. The release notes give more information on this version. "This marks the second official release [of] Sunbird since the lengthy task of rewriting the backend code was undertaken. Sunbird 0.3 alpha2 marks the second milestone on the roadmap towards a final Sunbird 0.3. These release notes are intended to provide a clear picture of what users should and should not expect in this version."
Desktop Environments
GNOME Software Announcements
The following new GNOME software has been announced this week:- Alacarte 0.9.1 (new features and bug fixes)
- Anjuta DevStudio 2.0.2 (new features and bug fixes)
- bonfire-0.3.0 (new features)
- Dasher 4.1.0 (new features, code rewrite and bug fixes)
- Epiphany 2.15.2 (new features, bug fixes, documentation and translation work)
- Evince 0.5.3 (new features, bug fixes and translation work)
- gcalctool 5.8.13 (new features, bug fixes and translation work)
- gdl 0.6.1 (build fixes and translation work)
- GDM2 2.15.3 (new features and bug fixes)
- GDM2 2.15.2 (unstable release)
- GDM2 2.14.6 (new features, bug fixes and translation work)
- gedit 2.15.2 (new features, bug fixes and translation work)
- gedit-plugins 2.15.2 (new features)
- GLib 2.11.1 (unstable development release)
- gnome-build 0.1.3 (new features)
- gnome-games 2.15.2 (new features and bug fixes)
- gnome-mag 0.12.5 (bug fixes)
- GNOME Nettool 2.15.0 (new features, bug fixes and translation work)
- GNOME Power Manager 2.15.2 (new features, bug fixes and translation work)
- GnomePythonDesktop 2.15.2 (unstable release, new feature)
- gnome-speech 0.4.0 (bug fixes)
- Gnumeric 1.7.0 (new features, bug fixes and translation work)
- gok 1.0.9 (bug fixes and translation work)
- Goupil (new membership management app)
- GParted 0.2.5 (new features, bug fixes and translation work)
- GTK+ 2.9.1 (unstable development release)
- Gtk2-Perl 2.15.2 (new features and bug fixes)
- gtkmm 2.9.1 (new features, bug fixes and documentation work)
- Guikachu 1.5.9 (bug fixes and translation work)
- intltool 0.35.0 (bug fixes and LINGUAS support)
- Metacity 2.15.3 (new features, bug fixes and translation work)
- orca 0.2.4 (new features and bug fixes)
- Pango 1.13.1 (unstable development release)
- Tracker 0.0.4 (performance improvements and bug fixes)
- Zenity 2.15.2 (new features)
KDE Software Announcements
The following new KDE software has been announced this week:- digiKam 0.8.2 rc1 (new feature and bug fixes)
- macKpilot 0.2 (new features)
KDE Commit-Digest
The May 14, 2006 edition of the KDE Commit-Digest has been announced "In this week's KDE Commit-Digest: release polishing for amaroK 1.4. New sounds for KTuberling. KDE 4 changes include the proposed kdepimlibs module is created. New SVG icon engine based on QsvgEngine. New capabilities added to Solid. Applications with simple audio needs start to migrate to Phonon."
Electronics
ASCO 0.4.2 released
Version 0.4.2 of ASCO (A SPICE Circuit Optimizer) has been released. Changes include an updated multiprocessor optimization algorithm, minor cygwin compatibility corrections and more.
Financial Applications
Release of GnuCash 1.9.6 (beta) (GnomeDesktop)
GnomeDesktop.org covers the beta release of GnuCash 1.9.6, a financial management application. "The GnuCash development team proudly announces GnuCash 1.9.6 aka "Time to make a difference", the first beta release of the GnuCash Open Source Accounting Software which will eventually lead to the stable version 2.0.0. This release contains many bugfixes since the sixth unstable release."
Magot 0.1.1 released
Version 0.1.1 of Magot is available. "Magot is a cross-platform personal finance manager written in Python. A check-book like register GUI allows you to enter transactions and track bank accounts, incomes and expenses. It's based on formal accounting principles, PEAK and WxPython."
Fonts and Images
libertine open fonts project
Philipp Poll has announced the libertine open fonts project. "We produce a free font family in TTF-Format and FontForge-Source. Our latest version is LinuxLibertine 2.0.9 (which is indeed an rc for 2.1.0) We still need a lot of feedback to improve the latest bugs. Our font family contains a regular, bold, italic, bold-italic and an underlined variant. It is licensed under the GPL."
Interoperability
Wine Weekly Newsletter
The May 15, 2006 edition of Wine Weekly Newsletter is online with coverage of the Wine project. Topics include: News: Wine 0.9.13, GPhoto / TWAIN Integration, Dynamic Drive Configuration, Mail / News Gateway & Support Revamp, Testing Wine's Audio, Rendering HTML, ITypeInfo_fnInvoke, WaitCommEvent Deadlock and Linuxtag Attendance.
Medical Applications
GT.M V5.0-000D Released (LinuxMedNews)
LinuxMedNews looks at the version 5.0-000D release of GT.M. "GT.M is a GNU GPL licensed MUMPS compiler capable of compiling the Veterans Administration VistA software. In a nutshell, this release has bug fixes and enables the use of gcc optimization flags for better performance. K.S. Bhaskar announced on the hardhats list: 'GT.M V5.0-000D is available at Source Forge (http://sourceforge.net/projects/sanchez-gtm). This release provides timely fixes to several bugs, as noted in the release notes on the GT.M user documentation page".
Multimedia
A GStreamer developer on Phonon
The Phonon multimedia framework is, increasingly often, described as the audio and video support system for KDE 4. In what may be a sign of things to come, GStreamer developer Christian Schaller has posted a lengthy article on why he thinks Phonon is a bad idea. "So I hope that interested people in the KDE community agrees with my analysis and starts working on Qt-style bindings for GStreamer, and as a result Phonon falls by the wayside. If not, well hopefully we will be able to cooperate on some of the lower level issues in the desktop, like improved driver handling through HAL for instance as the minimum." Multimedia support is not a solved problem on Linux, so it will be interesting to see how this discussion proceeds.
Music Applications
Slag 0.1 announced
Version 0.1 of Slag is available with a bug fix. "The Slag project is a pattern-based audio sequencer that can currently be used as a simple drum box. It features real-time editing, optional JACK support with individual ports for tracks, volume settings for pads and tracks, a virtually unlimited number of tracks and patterns, the ability to link song parts together, and real-time audio file output."
Science
New Stellarium User Guide (SourceForge)
A new user guide for the Stellarium planetarium software is available. "The Stellarium User Guide has been updated for version 0.8.0 of the program. New features have been documented, the reference sections updated, and the astronomy guide extended."
Video Applications
Jahshaka 2.0 RC3 released (SourceForge)
Version 2.0 RC3 of Jahshaka has been released. "Jahshaka 2.0RC3 includes a vast array of features that should keep the visual effects hobbyist happy for quite some time! It comes with real-time 3d compositing & animation (and up to 32k matte layers), editing (in DV, SD, HD and even film), real time image processing with node based effects, opengl based paint and a text module. We also have individual modules for color correction, keying, tracking and boast a full array of media support from DivX up to 4k and more!"
Web Browsers
Annodex Firefox extensions installs on Linux
A new Annodex (open standards for annotating and indexing networked media) extension is available for Firefox on Linux. "For a while now the annodex firefox extension has not been installing under Linux. Well, I just fixed it, so we can all continue to play with Video Webs."
Languages and Tools
Caml
Caml Weekly News
The May 16, 2006 edition of the Caml Weekly News is out with new Caml language articles.
Java
GNU Classpath 0.91 released
Version 0.91 of GNU Classpath, the essential libraries for Java, is available, here is a change list summary: "RMI activation daemon and persistent naming service tools are now included. Print service discovery, single document print jobs and support for client-formatted print data through CUPS has been added. Support for custom mouse cursors, system clipboard and selection access has been implemented. A Free Swing OceanTheme and support for assistive technologies (accessibility) has been added. The VM runtime interface has been merged with the generics version to support annotations and other 1.5 language features."
PHP
PHP Weekly Summary for May 8, 2006
The PHP Weekly Summary for May 8, 2006 is out. Topics include: Filter definitions, Planning PHP 5.2.0, input_get_args(), static properties [continued], coalesce(), PHP 5.1.3 released, PHP 5.1.4 released, PHP_5_2 branch open for business and tempdir access.PHP OpenID Library 1.1.0-pre1 released
Version 1.1.0-pre1 of PHP OpenID Library is available. "This release includes more unit tests, Yadis service discovery, OpenID extension support, bug fixes, and a more generalized API for both server and consumer. Be sure to see the NEWS file and example code. This release depends on the PHP Yadis library, so be sure to install that, too."
PHP Yadis Library 1.0.0-pre1 released
Version 1.0.0-pre1 of PHP Yadis Library is out. "This library is required to use the new version of our PHP OpenID library, whose next release is forthcoming. This library implements Yadis service discovery."
Python
Dr. Dobb's Python-URL!
The May 15, 2006 edition of Dr. Dobb's Python-URL! is online with a new collection of Python article links.
Shells
libbash 0.9.10a released
Version 0.9.10a of libbash is available, it fixes a bug in the getopts library. "libbash is a tool that enables bash dynamic-like shared libraries. Actually its a tool for managing bash scripts that contain functions you may want to use in various scripts."
Tcl/Tk
Dr. Dobb's Tcl-URL!
The May 15, 2006 edition of Dr. Dobb's Tcl-URL! is online with new Tcl/Tk articles and resources.
Editors
FCKeditor 2.3 Beta released (SourceForge)
Version 2.3 Beta of FCKeditor has been announced. Here are the changes: "Extremely Fast Loading! The editor loads now more than 3 times faster than before. Many points of its core have to be touched; this is why it is a "Beta", but it is quite stable. Many new features: nested context menus, "maximize" and a few interface enhancements. Important bugs have been fixed, some of them regarding security issues. So, upgrade is highly recommended."
Version Control
Mercurial 0.9 released
Version 0.9 of Mercurial, a source control management system, is out with numerous improvements.
Page editor: Forrest Cook
Linux in the news
Recommended Reading
Bettering the Linux desktop -- Portland progress (DesktopLinux.com)
DesktopLinux.com covers the Portland Project. "Six months ago, architects from two dozen desktop-oriented Linux projects gathered in Portland, Ore. to work together on creating the best possible Linux desktop. Thus was born the Portland Project. Now, in Mainz, Germany, the expanded group is meeting again on May 8 and 9 to see how far it's come and to look at what's ahead."
FreeBSD vows to compete with desktop Linux (uk.builder.com)
uk.builder.com covers FreeBSD's desktop plans. "FreeBSD developer Scott Long told ZDNet UK on Thursday that the operating system, descended from the Unix derivative BSD, is "quickly approaching" feature parity with Linux. "Lot of work is going on to make FreeBSD more friendly on the desktop," said Long. "Within the year we expect to have, or be near, parity with Linux.""
Trade Shows and Conferences
Sun flirts with Ubuntu (ZDNet)
ZDNet reports on the joint Sun/Ubuntu event at JavaOne. "'Ubuntu is gaining a ton of momentum,' [Sun CEO Jonathan] Schwartz said in a meeting with reporters after his keynote presentation. 'It is arguably one of the most important--if not the most important--Linux distro out there.' That's a poke in the eye for Red Hat and Novell, the other two major Linux distributors."
Companies
Office ODF Support: Bad for Business!? (Linux-Watch)
Steven J. Vaughan-Nichols analyzes some corporate FUD about adding OpenDocument Format support to Microsoft Word. "You've got to love Microsoft's sloppy way of opposing Linux and open-source some days. In Microsoft's latest FUD move, as reported in Linux Pipeline, Melanie Wyne, executive director of the ISC (Initiative for Software Choice), has accused the Massachusetts Information and Technology Division of having "a biased, open source-only preference policy." Their crime? Requesting a plug-in for Microsoft's Office Suite that can save and read to the ODF (OpenDocument Format). Horrors!"
Open Source Software: Who Gives And Who Takes (InformationWeek)
InformationWeek looks at volunteers and big companies in open source software. "This spirit of volunteerism is alive and well in the world of open source software. Thousands of people donate their time and expertise to the benefit of all. But not everyone is giving as much as they're getting. Large companies, those with the greatest wherewithal to help, are surprisingly minor players in the roll-up-your-sleeves work of open source development." (Thanks to Peter N. Lundblad)
Linux System Administration: Growth in the Enterprise (Linux Journal)
Linux Journal looks at an online Linux training course offered by SpiderTools of Trout Creek, Montana. "Linux has gained market share quickly and many companies say they cannot find enough people to handle the work. So, they attempt to convert Microsoft trained engineers to work on Linux. That confirms a statement Mike Weber made to me when he said, "We see a number of young administrators who have new jobs that require a larger skill set than what they had to get the job". When administrators suddenly find themselves needing to perform tasks on a new Linux server, Mike Weber's team can provide rapid training. According to Mike, "the availability of broadband has allowed people to connect and use interactive multimedia for training now. We have students all over the world who can access our training because of broadband."
Linux Adoption
India lays down 'open' challenge (BBC)
Here's a BBC article from a columnist who thinks that Asia will come to dominate the free software community. "Free software provides a bridge between the affluence of the West and the poverty of most of the world's population, and amounts to a massive flow of intellectual capital into the developing world. And as they reshape it to meet their needs it will stop being just another US import and become a resource that can be used in brand new ways. Once the people on the receiving end make it their own they will change the world." (Thanks to John Rigg).
Out the Window (WSJ)
A Wall Street Journal reporter tried out six Linux distributions on his laptop and reported on the results. "For me, though, using the Linux systems didn't make sense. I often send documents and spreadsheets between my home PC and the one at work, which uses Microsoft Office. And the files are sometimes complex. Meanwhile, for both personal and professional computer use, I want access to all multimedia functions. While solutions may exist to almost every problem I encountered, I was willing to invest only a limited amount of time as a system administrator. Claims by some Linux publishers that anybody can easily switch to Linux from Windows seem totally oversold."
Linux at Work
Samba Helps Enable Exchange Alternative
News.samba.org mentions a new Samba-based replacement for Exchange. "PostPath has created a protocol-compatible drop-in alternative to Exchange. It provides granular backup and restore, on or offsite redundancy, 5X Exchange performance, and AJAX web access."
Legal
Enforcing the GPL (NewsForge)
NewsForge looks at GPL enforcement. "Dan Ravicher, legal director of the Software Freedom Law Center (SFLC), says that most companies violating the GPL are "not doing so because they're evil, but because they don't know. The managers and businesspeople don't know that's in there.""
New Zealand SSC Releases Revised Guidance on Open Source (Groklaw)
Groklaw reports that thoughtful and polite input can make a difference. "You'll remember in March when New Zealand's State Services Commission posted a paper providing "guidance" to departments regarding Open Source. The paper, prepared by a law firm that lists Microsoft as a client, used such controversial terms as "infectious" when discussing the GPL. A revised document is now available, which has been improved markedly."
GPL concerns halt Kororaa live CD (NewsForge)
NewsForge notes that the Kororaa Live CD project has been temporarily shut down. "The Kororaa Live CD project has been temporarily shut down by questions over the legality of its distribution. The highly popular Live CD included the Xgl features which apply 3-D eye candy to the desktop. It also included binary only versions of Nvidia and ATI drivers, and that is the bug in the ointment."
Interviews
Fedora Board chair looks ahead (NewsForge)
NewsForge talks with Fedora board chair Max Spevack. "Even more importantly, Spevack wants to encourage a closer coordination of efforts between Fedora Core, the main package repository for the project, and Fedora Extras, the community-based repository that complements Fedora Core. Although he downplays the divisions that others see between the two repositories, Spevack considers Fedora Extras a main source of fresh ideas for the project, praising what he calls 'an explosion of leadership out of Fedora Extras.' In particular, he cites the fact that the Fedora Extras package guidelines are now being used within Red Hat."
KDE and Business: AEI Interview (KDE.News)
KDE.News has an interview with Caleb Tennis, a design engineer Analytical Engineering, Inc. "How is KDE helping AEI meet its IT needs, and how long has AEI been using KDE? CT: Having a very easy to use GUI for the test cells is very important to us. Our test cell computers operate in what I call "pseudo-kiosk" mode. That is, most of the desktop features of KDE aren't used much, but they are available. Instead, all of the operation is done via a few custom written applications. The widgets that are available, and the ease of customizing new widgets, is a huge plus."
Resources
Writing PostgreSQL Functions with PL/pgSQL (O'ReillyNet)
O'ReillyNet looks at the PL/pgSQL language for PostgreSQL. "PL/pgSQL is a procedural language similar to Oracle's PL/SQL. It's much more powerful than pure SQL in that it supports variables, conditional expressions, looping constructs, exceptions, and the like. Because it natively supports all of PostgreSQL's SQL syntax, you can consider it a superset of PostgreSQL SQL. It also respects all data types and their associated functions and operators, and is completely safe for use inside of the server."
My sysadmin toolbox (NewsForge)
Here's another edition of the sysadmin toolbox. "Cryptcat comes in handy when I am working on a system that does not have SSH on it. I can open up two shells on my workstation with Screen or Konsole and begin listening with Cryptcat. Then I can log in to the remote system and run an instance of Cryptcat there, but pipe it through bash, then back out to Cryptcat. The end result is a lower-security makeshift SSH."
Reviews
Panda DesktopSecure for Linux beta launched (net-security.org)
net-security.org covers the latest release of Panda DesktopSecure for Linux. "Panda Software has launched a new beta version of Panda DesktopSecure for Linux. The Panda Software solution for protecting workstations in Linux environments includes notable improvements, for example, in the generation of reports on the detection of malicious code. Similarly, it is now compatible with more kernels in the Linux distributions supported by DesktopSecure for Linux."
Page editor: Forrest Cook
Announcements
Non-Commercial announcements
Australia's copyright "reform"
Here is a press release from Australian Attorney-General Philip Ruddock on the changes in Australia's copyright law to "make our laws fairer for consumers." Check out the FAQ at the end. "For the first time you will be able to record most television or radio program [sic] at home to enjoy at a later time. This will allow you to watch or listen to a program as it was made available to the public at the time of the original broadcast... The recording must be deleted after one use. It will not be possible to use the recording over and over again." Loading a digital music player becomes legal, but making a backup copy of a CD is not. (Seen on BoingBoing).
Creative launches patent suit against Apple
Creative has sent out a press release proclaiming its new patent lawsuit against Apple. It seems that Creative has a patent describing an interface for audio players. From the patent claims: "...the method comprising: selecting a category in the first display screen of the portable media player; displaying the subcategories belonging to the selected category in a listing presented in the second display screen; selecting a subcategory in the second display screen; displaying the items belonging to the selected subcategory in a listing presented in the third display screen; and accessing at least one track based on a selection made in one of the display screens." This would appear to cover any sort of directory-based browser that happened to work with media "tracks."
EFF: Record Labels Sue XM Radio
Here's an EFF dispatch on today's episode of the copyright wars: the RIAA's newly-filed lawsuit against XM radio, which is said to be guilty of the heinous crimes of (1) buffering radio streams in memory, and (2) allowing subscribers to record those streams. "If the RIAA succeeds this time, innovators could face liability whenever a court decides they didn't do 'enough' to prevent infringement. The value of 'enough,' of course, will not be revealed to you until after you spend millions in legal fees and risk losing your company to ruinous statutory damages."
A little off topic, but worth reading, is this EFF release on its wiretapping suit against ATT. The EFF has just beaten down ATT's attempt to close a hearing on the sealing of documents.
Fujitsu Veteran to Lead OSDL Japan
Open Source Development Labs has announced the appointment of Takashi Kunai as its new director of Japan. "Kunai brings more than 30 years of software development and business experience to his new role at OSDL where he will lead the Labs' key initiatives in the region. Specific emphasis will be given to bridging communications among vendors, the open source community and the Japanese customers. Additionally, Kunai will focus on helping to drive adoption of the Linux operating system on enterprise servers and mobile devices."
Supreme Court makes patent injunctions harder
As reported on the Right-To-Create site, the U.S. Supreme Court has just handed down a (unanimous) opinion making it harder (though not impossible) for patent owners to get injunctions shutting down use of allegedly infringing technology. "This is a big deal, as it increases your right to create. It diminishes the paper inventor's monopoly over basic ideas, and gives you more freedom to invent and market your innovations without the fear that unscrupulous individuals will be able to thwart it all by gaming the legal system."
Commercial announcements
Design and simulation switch to Linux (Electronicstalk.com)
Electronicstalk.com covers the release of new electronic design software for Linux. "Ansoft Corporation has released Nexxim v3 and Ansoft Designer v3 for the Red Hat Enterprise Linux v.3 and Sun Solaris 8 and 9 operating systems. Nexxim is the company's circuit simulation software for high-performance IC design and signal-integrity analysis. Ansoft Designer provides an integrated schematic and design management front-end for complex analogue, RF and mixed-signal applications."
Coridan to release MantaRay 2.0 Under the Mozilla Public License
Coridan Inc has announced its plans to release MantaRay 2.0, an application messaging solution, under the Mozilla Public License. "MantaRay is an innovative open-source application messaging solution designed to address the continuously changing structure of today's IT environments. MantaRay uses a unique distributed architecture that has helped create a product which is significantly faster and more efficient than traditional systems. Being lightweight, operating systems independent and highly scalable, MantaRay is ideal for heterogeneous, distributed, high-traffic environments, helping IT organizations dramatically reduce hardware and operational costs."
KDE Desktop Hosting Service (KDE.News)
KDE.News looks at a new desktop hosting service. "InQub Ltd offers personal remote KDE desktops on Kubuntu using NoMachine's NX technology for bandwidth savings and connection encryption for a small monthly charge. Each account is comes with 1 GB of home directory storage and is customisable by the respective user."
OpenClovis announces open-source telecom platform
OpenClovis, Inc. has announced the OpenClovis Software Project. "OpenClovis, Inc. (previously Clovis Solutions, Inc.) today announced it has launched a new open source project that aims to transform the telecommunications industry. The company is hosting the "OpenClovis Software Project" and has contributed to open source, under the GNU Public License (GPL), more than 500,000 lines of code developed over three years by software experts with experience from Alcatel, AT&T, Bellcore, CIENA, Cisco Systems, Lucent and Nortel."
QLogic to Support SUSE Linux Enterprise 10
QLogic has announced plans to support SUSE Linux Enterprise 10. "QLogic Corp., the leader in Fibre Channel host bus adapters (HBAs), stackable switches and blade server switches, today announced its support of the upcoming release of SUSE Linux Enterprise 10 platform from Novell and the virtualization technologies that will be included in this newest distribution of the operating system (OS)."
Sun Advances Open Source Strategy at JavaOne
Sun Microsystems, Inc. has announced the release of an open-source Service Oriented Architecture platform. "Sun planned open source contributions include the award-winning Sun Java Studio Creator, market-leading Sun Java System Portal Server, the Business Process Execution Language (BPEL) Engine from the Sun Java Composite Application Platform Suite (Java CAPS) and the NetBeans Enterprise Pack, as well as Sun's Java Message System (JMS)-based message queue and Web Services Interoperability Technology (WSIT)."
Sun Announces Additional Support and Resources for AJAX Development
Sun Microsystems, Inc. has announced new AJAX online resources. "Sun Microsystems, Inc., the creator and leading advocate of Java(TM) technology, today furthered its support for the AJAX community by launching two new comprehensive online resources for AJAX application development as well as Project jMaki, an open source JavaScript Wrapper Framework for the Java Platform."
BEA Implements Finalized EJB3.0 Java Persistence APIs
BEA Systems, Inc. has announced their Kodo 4.0 product. "BEA Systems, Inc. , a world leader in enterprise infrastructure software, is furthering its commitment to JavaEE 5 and Enterprise Java Beans 3.0 (EJB3) by announcing the general availability of Kodo 4.0 with EJB3 and a technology preview of BEA WebLogic Server. The technology preview is designed to feature a full implementation of the recently finalized EJB3 specification."
TimeSys Introduces LinuxLink Subscriptions for MIPS32 34K
TimeSys has announced the availability of LinuxLink Subscriptions for the MIPS32 34K Core Family. "LinuxLink subscriptions for the MIPS32 34K family are the most recent offerings from LinuxLink by TimeSys. Initial support for the 34K cores is based on the 2.6.15 kernel but with the recent availability of 2.6.16 support with LinuxLink 2nd Edition, an update is planned this month."
New Books
No Starch Press releases "Nagios: System and Network Monitoring"
No Starch Press has published the book Nagios: System and Network Monitoring by Wolfgang Barth.Perl Hacks - O'Reilly's Latest Release
O'Reilly has published the book Perl Hacks by chromatic with Damian Conway and Curtis "Ovid" Poe.
Resources
High Assurance and Free-Libre / Open Source Software
David A. Wheeler presents a new essay entitled High Assurance (for Security or Safety) and Free-Libre / Open Source Software (FLOSS). "This paper discusses some relationships between high assurance software (for security or safety) and free-libre / open source software (FLOSS). In particular, it shows that many tools for developing high assurance software have FLOSS licenses, by identifying FLOSS tools for software configuration management, testing, formal methods, analysis implementation, and code generation. However, while high assurance components are rare, FLOSS high assurance components are even rarer. This is in contrast with medium assurance, where there are a vast number of FLOSS tools and FLOSS components, and the security record of FLOSS components is quite impressive. The paper then examines why this is the circumstance."
Plone API Tutorial in English and Spanish
A new English and Spanish Plone API Tutorial has been announced. "Following the success of ifPeople's publication based on research on Plone, the leading Open Source Content Management System, we have released another great resource for Plone developers - a tutorial on Plone API. Originally created in Spanish for the Plone/Zope training ifPeople sponsored in Argentina, ifPeople has recently translated the document into English for greater access."
Contests and Awards
Mellon Foundation announces awards for Open Source Software
The Andrew W. Mellon Foundation has announced the call for nominations for the 2006 "Mellon Awards for Technology Collaboration." "These awards, to be bestowed for the first time at an international technology conference in the Fall of 2006, will recognize not-for-profit organizations that have demonstrated exceptional leadership in the collaborative development of open-source software through the contribution of substantial, self-funded organizational resources to the open-source project for which they are nominated." The awards are worth either $25,000 or $100,000; the nomination deadline is August 15 (according to the press release) or August 4 (according to the call). The committee which will choose the winners includes Mitchell Baker, Tim Berners-Lee, Vint Cerf, John Gage, Tim O'Reilly, and John Seely Brown.
OpenOffice.org Developer Article Contests
A new monthly OpenOffice.org Developer Article Contest has been announced, S. Sevki Dincer won the contest for April.
Upcoming Events
Vancouver Python Workshop
The 2006 Vancouver Python Workshop has been announced. "The conference will begin with keynote addresses on August 4st. Further talks (and tutorials for beginners) will take place on August 5th and 6th."
13th VistA Community Conference (LinuxMedNews)
LinuxMedNews has an announcement for the 13th VistA Community Conference. ""WorldVistA is delighted to announce the 13th VistA Community Conference, to be held from Thursday, June 29th to Sunday, July 2nd, 2006 at Robert Morris University, Pittsburgh, Pennsylvania. The theme for this meeting is: Building sustainable, global, collaborative development of VistA,..."
Events: May 18 - July 13, 2006
| Date | Event | Location |
|---|---|---|
| May 18 - 22, 2006 | DebConf 6 | Oaxtepec, Mexico |
| May 18, 2006 | LinuxWorld on Tour Conference and Expo 2006(LOT2006) | Montreal Ottawa Calgary Vancouver |
| May 18 - 19, 2006 | 2006 JavaOne Conference | (Moscone Center)San Francisco, CA |
| May 26 - 27, 2006 | FreedomHEC | Seattle, WA |
| May 30 - June 3, 2006 | 2006 USENIX Annual Technical Conference | (Boston Marriott Copley Place)Boston, MA |
| June 13 - 14, 2006 | Where 2.0 Conference | (Fairmont Hotel San Jose)San Jose, CA |
| June 13 - 14, 2006 | Gartner Open Source Summit 2006 | (Palau de Congressos de Catalunya)Barcelona, Spain |
| June 14 - 16, 2006 | New York PHP Conference and Expo 2006 | (New Yorker Hotel)New York, NY |
| June 16 - 18, 2006 | Recon 2006 | (Plaza Hotel Centre-Ville)Montreal, Canada |
| June 18 - 23, 2006 | Ubuntu Developer Summit | Charles de Gaulle, Paris, France |
| June 24 - 25, 2006 | Free and Open Source Conference(FrOSCon) | (St. Augustin)Bonn, Germany |
| June 24 - 30, 2006 | 2006 GNOME Users and Developers European Conference(GUADEC) | Catalonia, Spain |
| June 24 - 25, 2006 | PHP Vikinger | Skien, Norway |
| June 27 - 29, 2006 | Corporate Channel and Computing Expo(C3) | (Jacob K. Javits Convention Center)New York, NY |
| June 28 - 30, 2006 | GCC and GNU Toolchain Developers' Summit | (Ottawa Congress Centre)Ottawa, Canada |
| June 29 - July 2, 2006 | UKUUG Linux Technical Conference | (University of Sussex)Brighton, UK |
| June 30 - July 1, 2006 | WebTech 2006 | (Kempinski Hotel Zografski)Sofia, Bulgaria |
| July 3 - 4, 2006 | 3rd European Lisp Workshop | Nantes, France |
| July 8 - 9, 2006 | PostgreSQL Anniversary Summit | Toronto, Canada |
| July 10 - 11, 2006 | Global db4o User Conference(dUC) | (Imperial College, South Kensington)London, UK |
| July 13 - 14, 2006 | Detection of Intrusions and Malware, and Vulnerability Assessment(DIMVA) | Berlin, Germany |
Web sites
New Groklaw Feature: UNIX Methods and Concepts Database (Groklaw)
Groklaw has announced a new searchable database: "I am happy to tell you that we have a new Groklaw feature, a searchable database of UNIX books, articles, whitepapers, Usenet comments, and Internet links. I guess you could call it our UNIX Methods and Concepts Database. Here it is."
Audio and Video programs
Miguel de Icaza Interview (GnomeDesktop)
GnomeDesktop mentions a new podcast interview with Miguel de Icaza. "I don't really know how to format this, since it's a podcast and not an article/story, but Chris DiBona and Leo Laporte interviewed Miguel on their podcast, FLOSS Weekly. You can check it out on the TWiT.tv website. They talk about Miguel's involvement in GNOME, Mono and Novell."
Page editor: Forrest Cook
Letters to the editor
Phonon and gstreamer (KDE developer response)
| From: | Michael Pyne <michael.pyne-AT-kdemail.net> | |
| To: | letters-AT-lwn.net | |
| Subject: | Phonon and gstreamer (KDE developer response) | |
| Date: | Fri, 12 May 2006 12:04:18 -0400 |
I saw with interest your article on the objections to Phonon by a gstreamer
developer.
I'm a KDE developer myself, and I co-develop the JuK application included with
KDE. For a couple of years JuK has supported gstreamer output, so I think I
have a fair amount of knowledge regarding the interaction of KDE and
gstreamer.
So here are my comments:
Phonon is designed to solve 2 major issues:
1. A simple API for basic multimedia tasks. i.e. playing a song, playing a
video, maybe visualization. Nothing complex, but enough to make it easy to
add basic multimedia support to applications.
2. Do all of this in a binary compatible fashion.
What does this stuff about binary compatibility mean? Well, basically that
the set of libraries that KDE distributes for programmers to develop against
must be binary compatible. That is, if you compile a KDE game against
kdelibs 4.0, and then upgrade kdelibs to 4.1, your KDE game should work with
no recompilation required.
Multimedia features should be a part of kdelibs, as they will be shared
between many different applications. So, the KDE multimedia framework must
be binary compatible as well.
Why wasn't this an issue with KDE 3? Well, that was because we adopted aRts
as the standard multimedia framework for KDE 3, and made sure it was binary
compatible as well. We could do this because we controlled aRts. Needless
to say, this didn't turn out so well. The aRts developer eventually grew
tired of maintaining aRts. None of us were really familiar enough with the
code to add new features (although we managed to get some small stuff done),
so aRts just rotted.
We weren't going to repeat that mistake for KDE 4. People have mentioned that
gstreamer is not going to be abandoned, as it has much more developer
traction than aRts ever did. But that's not the point. People don't realize
that we would have to choose a specific release branch of gstreamer should we
adopt gstreamer. In other words, we're not just stuck with gstreamer, we're
stuck with gstreamer 0.10 (binary compatibility!).
This would be fine (in theory) if gstreamer 0.10 were to be the branch that
features were developed against for the lifetime of KDE 4. But this is
impractical for the gstreamer developers. They would be tied to our release
schedule. They wouldn't be able to correct design flaws with
binary-incompatible releases like they have with 0.8 and 0.10 releases.
So, it is obvious they would continue to improve gstreamer, probably with 0.12
and 0.14 in the KDE 4 timeframe. But we would still be stuck requiring 0.10.
And then perhaps 0.12 was such a quantum leap above that we decided to add
support for it to kdelibs. Now we require two separate gstreamer versions to
be installed.
Now, gstreamer has excellent provisions for installation of different
versions. But that is not what I would call user friendly. Plus it doesn't
account for the case where users upgrade from gstreamer 0.y to 0.y+2 and
remove 0.y, and unintentionally completely break their KDE installation.
So if we just rely on gstreamer 0.10, now we're stuck with an abandoned code
base, which KDE developers are unfamiliar with. Does this sound familiar to
anyone? ;)
The gstreamer developer recommended developing a Qt/KDE layer directly on top
of gstreamer. This is impractical as well. In fact, we have done it before.
We had a very nice wrapper over gstreamer 0.6 that we used for JuK at one
point. But when 0.8 came out, enough of the gstreamer design had changed
that the gstreamer 0.6 bindings were useless, and couldn't be simply "ported"
over. This left JuK in a bad state, relying on an obsolete gstreamer, until
we finally gave up waiting for bindings, and added the bare minimum of
gstreamer 0.8 support. We also had to do the same thing during the 0.8 to
0.10 transition thanks to changes in the synchronous handling of gstreamer
events.
This isn't to blame the gstreamer developers: Both gstreamer upgrades were a
definite change for the better. But the problem is that they were still a
definite change. We won't be able to keep the Qt/KDE gstreamer bindings up
to date, not to mention binary compatible, without limiting the scope of the
API that we wrap. In fact, Phonon is about the extent of the amount of
wrapping we'd be able to do.
So basically we have to have some sort of framework to isolate most of KDE
from changes in the underlying multimedia stuff. (Applications that require
more than Phonon can provide would just have to rely on the appropriate
backend directly, but then they're not in kdelibs either). Once we've
developed a framework that can insulate against API changes across gstreamer,
it's not hard to see how to extend that to other backends.
I've railed on about this (slightly less politely) on my blog at
http://grammarian.homelinux.net/~mpyne/weblog/kde/phonon-...
I think this would be a great explanation for a front page article (sans the
blog link to my home computer ;), as I have seen a lot of misunderstanding
regarding Phonon this morning browsing across the flamewar.
Thanks for the great coverage of all things Linux:
Regards,
- Michael Pyne
Page editor: Jonathan Corbet