Ubuntu Dapper and the distribution business

Ubuntu's "Dapper Drake" release - more prosaically known as "6.06 LTS" - is due on June 1, and may well be available by the time you read this article. A distribution release is not a particularly rare occurrence in the Linux community, but there are a couple of things about Dapper which are just a little bit unusual and worthy of note.

The "LTS" in this release's name stands for "long term support"; this distribution comes with a promise of security updates for five years (on server systems) or three years (on desktop systems). Exactly how that distinction will be made is not entirely clear; one assumes that, for example, graphical mail clients will go unsupported in June, 2009, while mail transfer agents will continue to get updates into 2011. That is the longest credible support promise ever made for a free distribution, and it may change the commercial landscape in interesting ways.

There are many situations where the deployment of a Linux system makes a great deal of sense. In many of those, one wishes to start with reasonably current software, but to not have to worry much about upgrades for a long time thereafter. Web servers, print servers, database servers, kiosks, point of sale systems, and more all fall into this category. Once the system works, any sort of software change offers downtime and the risk of problems, but little in the way of advantages - except, of course, for security fixes. Anybody planning such a deployment must consider how the system will be supported and kept secure through its operating life. In recent years, the available choices have fallen into these categories:

• An entirely free distribution (Fedora, Debian, OpenSUSE, etc.) can be used. The price is right, and the quality of the software tends to be high. The support window for these distributions tends to be short, and, for some of them, unpredictable. Keeping a Fedora Core system secure can involve upgrades twice a year - not an appealing option for a system which is supposed to be stable and "just work."

• The "Enterprise" offerings from Red Hat and Novell come with long support promises; there are, undoubtedly, still plenty of systems running 2.4.9 kernels on RHEL 2 with uninterrupted support. These services can be expensive, however. For many customers, a support subscription is easily justified and worth every penny. But others will find that cost hard to swallow.

  Some try to get the best of both worlds through enterprise clone distributions like CentOS. By all accounts, the CentOS team has done a top-quality job with its distribution, but anybody contemplating a long-term deployment will have to be convinced of the project's long-term future and be able to overcome qualms (if any) about free-riding on the enterprise distributions.

• Security support can be managed in-house. This approach requires a significant investment of time by a skilled administrator or developer, however, and is thus far from being free.

Ubuntu's five-year guarantee provides another choice: install Dapper, and obtain updates until 2011 with no costs at all. The existence of the Ubuntu Foundation, with its $10 million nest egg, helps to make that five-year promise credible, and Ubuntu's record with security updates has been, so far, quite good. So it would not be surprising to see significant uptake on Ubuntu's promise. Whether those new Ubuntu users will come at the cost of the enterprise distributions, or whether they are mostly people getting away from the (relative) upgrade treadmill of the free distributions, remains to be seen.

That leads to the other interesting aspect of this release: the increasing friendliness between Ubuntu/Canonical and Sun Microsystems. The two have just announced that the Dapper release will include a version for Sun's new Niagara SPARC architecture, and Sun executives are issuing quotes on how important a distribution Ubuntu is. Clearly something is going on here.

Sun's troubles in recent years have been well documented; to a great extent, Sun's customers have been steadily turning into customers of the enterprise distributions. To Sun, Ubuntu may well look like an opportunity to poke holes in the revenue streams of its main competitors. Ubuntu, in turn, may see Sun's support (and the Niagara port) as a way to gain a foothold in the server market. If Sun's new servers find customers, Ubuntu will be the obvious distribution for any of those customers who wish to run Linux.

How all of this plays out will be interesting to watch. Ubuntu's past releases have certainly been popular; if Dapper holds together well enough (and the initial signs are good), it may be the best-received Ubuntu release yet. If so, Ubuntu may well change the shape of the Linux distribution landscape.

(For those who are interested in what's actually in the 6.06 LTS release, the "testing Dapper" page has a lot of information and screenshots).

Comments (21 posted)

The end of the JPEG patent - sort of

Forgent Networks is a company which would easily qualify as a patent troll for many observers. This small company picked up a data compression patent in 1997, and has been busily using that patent to shake down corporations ever since. Since this patent is said to cover the JPEG image format, there is a wide list of possible victims to choose from. Those victims have dropped more that $100 million into Forgent's bank account, and Forgent currently has litigation outstanding with some 30 companies.

The Public Patent Foundation chose this patent as one which was vulnerable to a challenge. The Foundation's work bore fruit on May 25, when the US Patent Office issued a ruling on the Forgent patent [PDF]. The resulting press release from the Public Patent Foundation was triumphant:

It is worth noting that Forgent had a different spin on the ruling:

Anybody wondering if the world is now safe for JPEG users will clearly need to look beyond the press releases and dig into the patent and the USPTO ruling directly. The short story is that, while the independent claims of U.S. Patent 4,698,672 have been invalidated, many of the more-specific dependent claims remain standing. Consider, for example, claim 1:

What the Public Patent Foundation asserted is that this claim - covering a fairly basic run-length encoding scheme - had already been claimed by another patent: #4,541,012 by Andrew Tescher. The Patent Office agreed, and ruled that claim 1 was invalid.

The story does not stop there, however. There are a number of dependent claims which make claim 1 more specific; these include:

Claim 3 (adding a sign value) was also rejected, but claims 2, 4, and 5 were upheld by the Patent Office. The same pattern persists through the remaining claims: the independent claims were rejected, but the more-specific versions were allowed. That is why Forgent proclaims that the majority of its claims had been upheld.

So, to a great extent, the Forgent patent survives, having lost only the most general of its claims. We asked Dan Ravicher of the Public Patent Foundation whether this ruling was enough to remove the threat against JPEG users; his response was:

Whether the remaining claims in the patent are applicable to the JPEG standard is a matter for the courts to determine - and, given the thirty-some outstanding cases, the courts will certainly have the opportunity to do so.

There is one interesting additional factor which, thanks to the Public Patent Foundation's work, may just come into play here. Forgent's patent was originally filed from a company called Compression Labs, Inc. It turns out that the Tescher patent, which provided the prior art used against Forgent's patent, was also developed at Compression Labs. In other words, when Compression Labs filed for the patent now being wielded by Forgent, it must have known about the existence of the prior art, since it had patented that prior art itself. But Compression Labs did not disclose that prior art to the Patent Office. Failure to disclose known prior art is a violation of the Patent Office rules. It seems likely that defendants in Forgent's litigation will find a way to let their respective courts know that the patent at issue was obtained in bad faith.

Comments (4 posted)

SQL injection vulnerabilities in PostgreSQL

A recent urgent update to PostgreSQL vividly demonstrates the problems with validating user input that are the foundation of SQL injection attacks. Widely used techniques to escape characters in user input can still allow SQL injection when coupled with multibyte character encodings. While this problem was first discovered in PostgreSQL, today's security fix announcement for MySQL indicates a similar problem there as well.

As discussed in the LWN SQL injection article, inserting strings of user input into SQL queries can be hazardous. Many applications do little or no validation of strings entered by a user before dropping them into a query; this negligence can lead to a compromise of the entire database. Better behaved programs attempt to escape various troublesome characters (typically single-quote and backslash), but because of the multibyte-encoding problem, problems can remain.

It is not just database clients that need to validate user input, the database server needs to validate as well as the first bug shows. PostgreSQL allows the "\'" (backslash + single-quote) sequence to be used to represent a single-quote character in a query as well as the two single-quote character sequence ("''") that is the SQL standard. Unfortunately, the escaping code used by database clients often ignores the character encoding and just looks for bytes with a 0x27 ("'") value and replaces them with an escaped version. The security hole comes about because illegal multibyte character sequences can be used to enable quotes to slip past the escaping process. An example provided in the technical information describes how this can be done.

In the UTF8 encoding, the byte value 0xc8 introduces a two-byte character; the second byte must be within the range 0xa0-0xff. However, PostgreSQL would accept any value for the second byte and treat both bytes as a single character. A malicious user could enter "0xc8'text", which would be converted by the well meaning client to "0xc8''text" (or "0xc8\'text"); the server would then treat the 0xc8' or 0xc8\ sequence as a single character, leaving an unescaped single-quote in the input, effectively injecting the attacker-supplied text.

The second issue stems from certain far-eastern encodings where the value 0x5c ("\") is a valid value for the second byte of a two-byte character. In the SJIS encoding for example, the two-byte sequence 0x95 0x5c is a valid character, but a client that is not encoding-aware may try to escape the 'backslash' that it sees by doubling it. Adding single-quotes into the mix provides a means for a SQL injection. "0x95 0x5c'text" could become "0x95 0x5c\''text", which effectively inserts an unescaped single-quote into the query. It is interesting to note that 0x27 ("'") is not a valid value for the second byte of a two-byte character and, if PostgreSQL had rigidly adhered to the SQL standard and only accepted "''" to escape single-quotes, this issue would not exist.

There is a straightforward fix for the first problem: do not accept illegal multibyte character sequences and refuse to process queries that contain them. Unfortunately, the second problem is more complicated and there is no single simple fix on the database server side. If database clients did their escaping in an encoding aware manner, this problem would not exist; expecting this from all clients is hopeless, however. The PostgreSQL developers chose to disallow "\'" for any encoding that allows embedded 0x5c characters. This closes the hole for all clients that use "''" to escape single-quotes but still allows for injections for clients that use "\'". This change is likely to break those clients altogether, however.

Both of these problems could have been avoided by using prepared statements with placeholders (i.e. 'SELECT * FROM tbl WHERE id=?'). Even if the libraries did not implement the quoting correctly, the SQL engine would still not allow the parameter to be treated as anything but data for that particular spot in the query, thereby avoiding the injection. Another way to avoid this kind of problem is to use stored procedures. As these bugs show, it can be very difficult to appropriately filter and/or validate user input.

Comments (31 posted)

binutils: buffer overflow

Package(s):	binutils	CVE #(s):	CVE-2006-2362
Created:	May 27, 2006	Updated:	August 29, 2006
Description:	The GNU Binutils has a buffer overflow vulnerability in libbfd. Maliciously crafted Tektronix Hex Format files with improper length characters can cause a crash and possibly lead to the execution of arbitrary code.
Alerts:	Mandriva MDKSA-2006:153 binutils 2006-08-28 Ubuntu USN-292-1 binutils 2006-06-09 OpenPKG OpenPKG-SA-2006.009 binutils 2006-05-26

Comments (none posted)

cherrypy: information disclosure

Package(s):	cherrypy	CVE #(s):	CVE-2006-0847
Created:	May 31, 2006	Updated:	May 31, 2006
Description:	The CherryPy web development framework (prior to version 2.1.1) has a directory traversal vulnerability which could lead to undesired information disclosure.
Alerts:	Gentoo 200605-16 cherrypy 2006-05-30

Comments (none posted)

dovecot: information disclosure

Package(s):	dovecot	CVE #(s):	CVE-2006-2414
Created:	May 31, 2006	Updated:	June 14, 2006
Description:	The Dovecot imap server contains a directory traversal vulnerability which could be exploited by authenticated users to read files other than their mailboxes.
Alerts:	Ubuntu USN-288-4 dovecot 2006-06-13 Debian DSA-1080-1 dovecot 2006-05-29

Comments (1 posted)

ImageMagick: heap overflow vulnerability

Package(s):	ImageMagick	CVE #(s):	CVE-2006-2440
Created:	May 25, 2006	Updated:	September 5, 2006
Description:	The ImageMagick DisplayImageCommand has a heap overflow vulnerability. If an maliciously created unexpanded glob is passed to ImageMagick, a heap overflow can result.
Alerts:	Debian DSA-1168-1 imagemagick 2006-09-04 Fedora FEDORA-2006-588 ImageMagick 2006-05-24 Fedora FEDORA-2006-587 ImageMagick 2006-05-24

Comments (none posted)

kernel: netfilter memory corruption

Package(s):	kernel	CVE #(s):	CVE-2006-2444
Created:	May 25, 2006	Updated:	July 5, 2006
Description:	The 2.6.12 kernel has a remote memory corruption vulnerability that can be remotely triggered by loading the ip_nat_snmp_basic module and traffic is network-translated on port 161 or 162.
Alerts:	Mandriva MDKSA-2006:116 kernel 2006-07-05 Ubuntu USN-302-1 linux-source-2.6.10/2.6.12/2.6.15 2006-06-15 Trustix TSLSA-2006-0030 kernel 2006-05-26 Mandriva MDKSA-2006:087 kernel 2006-05-24

Comments (none posted)

kernel: information disclosure

Package(s):	kernel	CVE #(s):	CVE-2006-1343
Created:	May 31, 2006	Updated:	July 20, 2006
Description:	The 2.6 kernel netfilter code contains an information leak; this vulnerability has been fixed in the 2.6.16.19 release.
Alerts:	Red Hat RHSA-2006:0437-01 kernel 2006-07-20 Debian DSA-1097-1 kernel-source-2.4.27 2006-06-14 Fedora FEDORA-2006-698 kernel 2006-06-11 Fedora FEDORA-2006-697 kernel 2006-06-11 Trustix TSLSA-2006-0032 kernel, postgresql 2006-06-05 rPath rPSA-2006-0087-1 kernel 2006-05-31

Comments (none posted)

libtiff: buffer overflow

Package(s):	libtiff	CVE #(s):	CVE-2006-2656
Created:	May 26, 2006	Updated:	June 8, 2006
Description:	The tiffsplit command has a problem in the way that it handles fixed-size buffers, a stack overflow can result.
Alerts:	Ubuntu USN-289-1 tiff 2006-06-08 Debian DSA-1091-1 tiff 2006-06-08 Mandriva MDKSA-2006:095 libtiff 2006-06-05 Fedora FEDORA-2006-592 libtiff 2006-05-25 Fedora FEDORA-2006-591 libtiff 2006-05-25

Comments (none posted)

lynx: denial of service

Package(s):	lynx	CVE #(s):	CVE-2004-1617
Created:	May 26, 2006	Updated:	June 1, 2006
Description:	The lynx text-mode web browser has a problem understanding invalid html involving the TEXTAREA tag. An infinite loop can happen, resulting in a denial of service.
Alerts:	Debian DSA-1085-1 lynx-ssl 2006-06-01 Debian DSA-1077-1 lynx-ssl 2006-05-26 Debian DSA-1076-1 lynx 2006-05-26

Comments (1 posted)

php: multiple vulnerabilities

Package(s):	php	CVE #(s):	CVE-2006-1990 CVE-2006-1991 CVE-2006-3017
Created:	May 25, 2006	Updated:	August 18, 2006
Description:	The php wordwrap() function is vulnerable to an integer overflow. Attackers can submit long arguments to cause a heap-based buffer overflow, allowing arbitrary code execution. PHP 5.x and PHP 4.4.2 have a problem with the substr_compare() function. An attacker can use an out-of-bounds offset argument to cause a memory access violation, causing a denial of service. A bug in zend_hash_del() allowed attackers to prevent unsetting of some variables
Alerts:	Slackware SSA:2006-217-01 php 2006-08-07 Gentoo 200605-08:02 PHP 2006-05-08 Fedora-Legacy FLSA:175040 php 2006-07-27 Ubuntu USN-320-2 php 2006-07-26 Red Hat RHSA-2006:0567-01 PHP 2006-07-25 Ubuntu USN-320-1 php4, php5 2006-07-19 Red Hat RHSA-2006:0568-01 PHP 2006-07-12 Mandriva MDKSA-2006:122 php 2006-07-13 SuSE SUSE-SA:2006:034 php4 2006-06-22 SuSE SUSE-SA:2006:031 PHP4,PHP5 2006-06-14 Mandriva MDKSA-2006:091 php 2006-05-24

Comments (none posted)

shadow-utils: mailbox creation vulnerability

Package(s):	shadow-utils	CVE #(s):	CVE-2006-1174
Created:	May 25, 2006	Updated:	June 12, 2007
Description:	The useradd tool from the shadow-utils package has a potential security problem. When a new user's mailbox is created, the permissions are set to random garbage from the stack, potentially allowing the file to be read or written during the time before fchmod() is called.
Alerts:	Red Hat RHSA-2007:0431-01 shadow-utils 2007-06-11 rPath rPSA-2007-0096-1 shadow 2007-05-11 Red Hat RHSA-2007:0276-02 shadow-utils 2007-05-01 Gentoo 200606-02 shadow 2006-06-07 Mandriva MDKSA-2006:090 shadow-utils 2006-05-24

Comments (none posted)

tiff: denial of service

Package(s):	tiff	CVE #(s):	CVE-2006-2120
Created:	May 27, 2006	Updated:	May 31, 2006
Description:	The tiff image library is vulnerable to a denial of service attack. Images with specially crafted Yr/Yg/Yb values that exceed the YCR/YCG/YCB values can cause a crash of the associated application.
Alerts:	Debian DSA-1078-1 tiff 2006-05-27

Comments (none posted)

typespeed: buffer overflow

Package(s):	typespeed	CVE #(s):	CVE-2006-1515
Created:	May 31, 2006	Updated:	June 19, 2006
Description:	The typespeed game has a buffer overflow in its network data processing code which could possibly be exploited to execute arbitrary code.
Alerts:	Gentoo 200606-20 typespeed 2006-06-19 Debian DSA-1084-1 typespeed 2006-05-31

Comments (none posted)

vixie-cron: privilege escalation

Package(s):	cron	CVE #(s):	CVE-2006-2607
Created:	May 31, 2006	Updated:	June 1, 2009
Description:	The Vixie cron daemon does not check the return code from setuid(); if that call can be made to fail, a local attacker may be able to execute commands as root.
Alerts:	Ubuntu USN-778-1 cron 2009-06-01 Red Hat RHSA-2006:0539-01 vixie-cron 2006-07-12 Gentoo 200606-07 vixie-cron 2006-06-09 SuSE SUSE-SA:2006:027 cron 2006-05-31 rPath rPSA-2006-0082-1 vixie-cron 2006-05-25

Comments (1 posted)

Kernel release status

The current stable 2.6 kernel is 2.6.16.19, released on May 30. It contains a single fix for an information leak in the netfilter code.

The current 2.6 prepatch is 2.6.17-rc5, released by Linus on May 24. With luck, this will be the final prepatch before the final 2.6.17 release. It consists of a fair number of fixes; see the long-format changelog for the details.

Several dozen patches (all fixes) have found their way into the mainline after the -rc5 release.

The current -mm tree is 2.6.17-rc5-mm1. Recent changes to -mm include the generic IRQ layer, an updated version of reiser4, the lock validator (see below), the adaptive readahead patch set, a new infrastructure for maintaining kernel statistics, and a new kernel API for inotify.

Comments (none posted)

A summary of 2.6.17 API changes

The final 2.6.17 kernel release is getting close. Further internal API changes in this cycle are (one hopes) highly unlikely, so the following list should be definitive for this time around.

• Support for the SPARC "Niagara" architecture.

• EXPORT_SYMBOL_GPL_FUTURE() has been merged.

• The safe notifier patch has been merged, creating a new API for all notifier users.

• The SLAB_NO_REAP slab cache option, which ostensibly caused the slab not to be cleaned up when the system is under memory pressure, has been removed. The kmem_cache_t typedef is also being phased out in favor of struct kmem_cache.

• The "softmac" 802.11 subsystem has been merged. This code may eventually be phased out, however, in favor of the Devicescape code.

• There is a new real-time clock subsystem, providing generalized RTC support and a well-defined driver interface.

• A new utility function has been added:

       int execute_in_process_context(void (*fn)(void *data),
                                      void *data, 
  				    struct execute_work *work);
  

  This function will arrange for fn() to be called in process context (where it can sleep). Depending on when execute_in_process_context() is called, fn() could be invoked immediately or delayed by way of a work queue.

• The SMP alternatives patch has been merged.

• A rework of the relayfs API - but the sysfs interface has been left out for now.

• There is a new tracing mechanism for developers debugging block subsystem code.

• There is a new internal flag (FMODE_EXEC) used to indicate that a file has been opened for execution.

• The obsolete MODULE_PARM() macro is gone forevermore.

• A new function, flush_anon_page(), can be used in conjunction with get_user_pages() to safely perform DMA to anonymous pages in user space.

• Zero-filled memory can now be allocated from slab caches with kmem_cache_zalloc(). There is also a new slab debugging option to produce a /proc/slab_allocators file with detailed allocation information.

• There are four new ways of creating mempools:

       mempool_t *mempool_create_page_pool(int min_nr, int order);
       mempool_t *mempool_create_kmalloc_pool(int min_nr, size_t size);
       mempool_t *mempool_create_kzalloc_pool(int min_nr, size_t size);
       mempool_t *mempool_create_slab_pool(int min_nr, 
                                           struct kmem_cache *cache);
  

  The first creates a pool which allocates whole pages (the number of which is determined by order), while the second and third create a pool backed by kmalloc() and kzalloc(), respectively. The fourth is a shorthand form of creating slab-backed pools.

• The prototype for hrtimer_forward() has changed:

       unsigned long hrtimer_forward(struct hrtimer *timer,
                                     ktime_t now, ktime_t interval);
  

  The new now argument is expected to be the current time. This change allows some calls to be optimized. The data field has also been removed from the hrtimer structure.

• A whole set of generic bit operations (find first set, count set bits, etc.) has been added, helping to unify this code across architectures and subsystems.

• The inode f_ops pointer - which refers to the file_operations structure for the open file - has been marked const. Quite a bit of code, which used to change that structure, has been changed to compensate. Similar changes have been made in many filesystems. "The goal is both to increase correctness (harder to accidentally write to shared datastructures) and reducing the false sharing of cachelines with things that get dirty in .data (while .rodata is nicely read only and thus cache clean)."

• local_t is now a signed type.

• Attributes in sysfs can be pollable.

• A class_device can now have attribute groups created at registration time; to take advantage of this capability, store the desired groups in the new groups field.

• The splice(), vmsplice(), and tee() system calls have been merged. Supporting those calls requires implementing two new file_operations methods. See this article for the final form of the splice_read() and splice_write() functions.

As always, look at the LWN 2.6 kernel API changes page for a list of changes over time.

Comments (none posted)

Notifiers, 2.6.17 style

While plowing through the flood of patches early in the 2.6.17 cycle, your editor missed a significant API change: the new notifier interface. Notifiers are an internal kernel mechanism allowing code to register to be told about events of interest. There are notifiers for memory hotplug events, CPU frequency policy changes, USB hotplug events, module loading and unloading, system reboots, network device changes, and more.

Back in November, 2005, this page looked at a proposed notifier API change motivated by the lack of locking on the notifier chains themselves. That proposal received a lukewarm reception. Many low-level data structures in the kernel explicitly avoid performing any locking, on the assumption that the higher layers will have to be concerned with their own locking in any case. So, it was asked, why should notifiers be any different? The answer seems to be that, unlike many other data structures, notifiers tend to be used across relatively wide parts of the kernel, making it hard to use any locking regime except one designed for the notifiers themselves. In any case, a version of the notifier patch was merged for 2.6.17-rc1.

The current form of the API defines three different types of notifiers:

• Blocking notifiers are always called from process context. The notifier code - along with the notification routines it calls - is allowed to sleep.

• Atomic notifiers can be called from atomic context, no sleeping allowed.

• Raw notifiers have no internal locking and no associated rules; they are simply the older form of the notifier API, preserved as a historical relic.

For 2.6.17, all notifier chains have been converted to the blocking or atomic types; there are no users of the raw interface in the mainline kernel. The notifier patch includes no threatening noises about removing the raw interface, but, sooner or later, somebody is likely to come along and want to clean it up. So avoiding raw notifiers is probably a good idea; this article will concentrate on the other two types.

Blocking notifiers are essentially a raw notifier with an rwsem added for mutual exclusion. Any operation on a blocking notifier may, well, block on that rwsem. These notifiers can be created in the usual two ways:

    #include <linux/notifier.h>

    BLOCKING_NOTIFIER_HEAD(my_notifier);

    struct blocking_notifier_head my_notifier;
    BLOCKING_INIT_NOTIFIER_HEAD(my_notifier);

Code which wishes to hook into a blocking notifier should first fill in a notifier_block structure:

    struct notifier_block {
	int (*notifier_call)(struct notifier_block *block, 
                             unsigned long event, 
			     void *data);
 	int priority;
	/* ... */
    };

The notifier_call field should point to the function to be called when something interesting happens; the event and data parameters will be provided by the code generating the event. Notifiers are called in order of increasing priority; the return value from the final notifier called will be passed back to the code signalling the event. Normally, the final notifier is the one with the highest priority value, but any notifier can halt further processing by returning a value with the bit indicated by NOTIFIER_STOP_MASK set. Other than that one bit (currently 0x8000), the return values are arbitrary (as far as the notification code is concerned), but the convenience values NOTIFY_OK ("so far so good"), NOTIFY_STOP ("all is well, but don't call any more notifiers") and NOTIFY_BAD ("stop calling notifiers and veto the proposed action") are available.

Once the code has a notifier_block ready, it should register it with:

    int blocking_notifier_chain_register(struct blocking_notifier_head *chain,
                                         struct notifier_block *nb);

The return value is apparently intended to allow an error status to be returned if the registration fails, but the 2.6.17 version of the code cannot fail.

A blocking notifier can be unregistered with:

    int blocking_notifier_chain_unregister(struct blocking_notifier_head *chain,
                                           struct notifier_block *nb);

This call will return -ENOENT if the given notifier was not actually registered.

Code which wishes to use a blocking notifier chain to signal an event can do so with:

    int blocking_notifier_call_chain(struct blocking_notifier_head *chain,
		                     unsigned long event, 
				     void *data);

This function will call all notifiers in chain (unless one of them stops the process partway through), returning the value from the last notifier called.

Atomic notifiers replace the rwsem with a spinlock; the API is very similar:

    ATOMIC_NOTIFIER_HEAD(my_notifier);

    struct atomic_notifier_head my_notifier;
    ATOMIC_INIT_NOTIFIER_HEAD(my_notifier);

    int atomic_notifier_chain_register(struct atomic_notifier_head *chain,
                                       struct notifier_block *nb);
    int atomic_notifier_chain_unregister(struct atomic_notifier_head *chain,
                                         struct notifier_block *nb);

    int atomic_notifier_call_chain(struct atomic_notifier_head *chain,
		                   unsigned long event, 
				   void *data);

Note that atomic notifiers use the same notifier_block structure as the blocking variety does. Nothing will ever sleep in the atomic notifier code, however, and notifier functions called from an atomic chain are not allowed to sleep either.

As noted above, all notifier chains in the kernel have been changed to one of the above types; any out-of-tree code which uses a kernel chain will have to be updated accordingly. See the explanatory text for the notifier patch for a summary of what type was assigned to each existing chain in the mainline kernel.

Comments (none posted)

The kernel lock validator

Locking is a necessary evil in operating systems; without a solid locking regime, different parts of the system will collide when trying to access the same resources, leading to data corruption and general chaos. But locking has hazards of its own; carelessly implemented locking can cause system deadlocks. As a simple example, consider two locks L₁ and L₂. Any code which requires both locks must take care to acquire the locks in the right order. If one function acquires L₁ before L₂, but another function acquires them in the opposite order, eventually the system will find itself in a situation where each function has acquired one lock and is blocked waiting for the other - a deadlock.

A race condition like the one described above may be a one-in-a-million possibility, but, with computers, it does not take too long to exercise a code path a million times. Sooner or later, a system containing this sort of bug will lock up, leaving its users wondering what is going on. To avoid this sort of situation, kernel developers try to define rules for the order in which locks should be acquired. But, in a system with many thousands of locks, defining a comprehensive set of rules is challenging at best, and enforcing them is even harder. So locking bugs creep into the kernel, lurk until some truly inconvenient time, and eventually surprise some unsuspecting user.

Over time, the kernel developers have made increasing use of automated code analysis tools as those tools become available. The latest such is the first version of the lock validator patch, posted by Ingo Molnar. This patch (a 61-part set, actually) adds a complex infrastructure to the kernel which can then be used to prove that none of the locking patterns observed in a running system could ever deadlock the kernel.

To that end, the lock validator must track real locking patterns in the kernel. There is no point, however, in tracking every individual lock - there are thousands of them, but many of them are treated in exactly the same way by the kernel. For example, every inode structure contains a spinlock, as does every file structure. Once the kernel has seen how locking is handled for one inode structure, it knows how it will be handled for every inode structure. So, somehow, the lock validator needs to be able to recognize that all spinlocks contained within (for example) the inode structure are essentially the same.

To this end, every lock in the system (including rwlocks and mutexes, now) is assigned a specific key. For locks which are declared statically (for example, files_lock, which protects the list of open files), the address of the lock is used as the key. Locks which are allocated dynamically (as most locks embedded within structures are) cannot be tracked that way, however; there may be vast numbers of addresses involved, and, in any case, all locks associated with a specific structure field should be mapped to a single key. This is done by recognizing that these locks are initialized at run time, so, for example, spin_lock_init() is redefined as:

    # define spin_lock_init(lock)			\
    do {						\
	static struct lockdep_type_key __key;		\
							\
	__spin_lock_init((lock), #lock, &__key);	\
    } while (0)

Thus, for each lock initialization, this code creates a static variable (__key) and uses its address as the key identifying the type of the lock. Since any particular type of lock tends to be initialized in a single place, this trick associates the same key with every lock of the same type.

Next, the validator code intercepts every locking operation and performs a number of tests:

• The code looks at all other locks which are already held when a new lock is taken. For all of those locks, the validator looks for a past occurrence where any of them were taken after the new lock. If any such are found, it indicates a violation of locking order rules, and an eventual deadlock.

• A stack of currently-held locks is maintained, so any lock being released should be at the top of the stack; anything else means that something strange is going on.

• Any spinlock which is acquired by a hardware interrupt handler can never be held when interrupts are enabled. Consider what happens when this rule is broken. A kernel function, running in process context, acquires a specific lock. An interrupt arrives, and the associated interrupt handler runs on the same CPU; that handler then attempts to acquire the same lock. Since the lock is unavailable, the handler will spin, waiting for the lock to become free. But the handler has preempted the only code which will ever free that lock, so it will spin forever, deadlocking that processor.

  To catch problems of this type, the validator records two bits of information for every lock it knows about: (1) whether the lock has ever been acquired in hardware interrupt context, and (2) whether the lock is ever held by code which runs with hardware interrupts enabled. If both bits are set, the lock is being used erroneously and an error is signaled.

• Similar tests are made for software interrupts, which present the same problems.

The interrupt tests are relatively straightforward, requiring just four bits of information for each lock (though the situation is a little more complicated for rwlocks). But the ordering tests require a bit more work. For every known lock key, the validator maintains two lists. One of them contains all locks which have ever been held when the lock of interest (call it L) is acquired; it thus contains the keys of all locks which might be acquired before L. The other list (the "after" list) holds all locks acquired while the L is held. These two lists thus encapsulate the proper ordering of how those other locks should be acquired relative to L.

Whenever L is acquired, the validator checks whether any lock on the "after" list associated with L is already held. It should not find any, since all locks on the "after" list should only be acquired after acquiring L. Should it find a lock which should not be held, an error is signaled. The validator code also takes the "after" list of L, connects it with the "before" lists of the currently-held locks, and convinces itself that there are no ordering or interrupt violations anywhere within that chain. If all the tests pass, the validator updates the various "before" and "after" lists and the kernel continues on its way.

Needless to say, all this checking imposes a certain amount of overhead; it is not something which one will want to enable on production kernels. It is not quite as bad as one might expect, however. As the kernel does its thing, the lock validator maintains its stack of currently-held locks. It also generates a 64-bit hash value from that series of locks. Whenever a particular combination of locks is validated, the associated hash value is stored in a table. The next time that lock sequence is encountered, the code can find the associated hash value in the table and know that the checks have already been performed. This hashing speeds the process considerably.

Of course, there are plenty of exceptions to the locking rules as understood by the validator. As a result, a significant portion of the validator patch set is aimed at getting rid of false error reports. For example, the validator normally complains if more than one lock with the same key is held at the same time - doing so is asking for deadlocks. There are situations, however, where this pattern is legitimate. For example, the block subsystem will often lock a block device, then lock a partition within that device. Since the partition also looks like a block device, the validator signals an error. To keep that from happening, the validator implements the notion of lock "subtypes." In this case, locks on partition devices can be marked with a different subtype, allowing their usage to be validated properly. This marking is done by using new versions of the locking functions (spin_lock_nested(), for example) which take a subtype parameter.

The lock validator was added to 2.6.17-rc5-mm1, so interested people can play with it. Waiting for another -mm release might not be a bad idea, however; there has since been a fairly long series of validator fixes posted.

The key point behind all of this is that deadlock situations can be found without having to actually make the kernel lock up. By watching the sequences in which locks are acquired, the validator can extrapolate a much larger set of possible sequences. So, even though a particular deadlock might only happen as the result of unfortunate timing caused by a specific combination of strange hardware, a rare set of configuration options, 220V power, a slightly flaky video controller, Mars transiting through Leo, an old version of gcc, an application which severely stresses the system (yum, say), and an especially bad Darl McBride hair day, the validator has a good chance of catching it. So this code should result in a whole class of bugs being eliminated from the kernel code base; that can only be a good thing.

Comments (36 posted)

Live CDs Part I: Why Do We Care?

[Editor's note: this is the first in a four-part series; the next installment will appear in the next week or two.]

A live CD is a custom Linux environment that boots and runs entirely from a CD - no hard disk required. Live CDs are used for many purposes, including showcasing desktop distributions, providing useful tools for system recovery, and providing target-specific environments such as games, multimedia, GIS and security. Linux user groups often create demo live CDs for use at trade shows, install fests and other events to show that Linux isn't just a toy for hackers.

The usefulness of a live CD can be compared to the old DOS diskette used to run diagnostics on your PC. Since the floppy drive is a soon to be an extinct beast, technological evolution would have us using CDs for the same purpose. But a CD is to a floppy what a dump truck is to a spoon, and the extra space offers live CD creators nearly limitless options for customization.

There are many live CDs ISO images available for download for end users and developers. One list available from Frozentech.com lists 309 versions. The list shows versions available for varying categories, from desktop replacements to clustering environments and home entertainment. End users need only download an ISO image, burn it to a CD and boot the CD. You'll need to verify that your computer is configured to allow booting from a CD - check your BIOS configuration to be sure. Some live CD's also have minimum hardware requirements. Check the web site for that CD for details.

You might ask yourself why you're going to care about live CDs if you have a running desktop. First, live CDs are useful for specialized environments. A laptop configured for desktop use at home can boot an astronomy based live CD at night for field observations and then during the day at school use an educational live CD. No need to change the desktop configuration for three different environments.

Many live CDs also offer the option of saving user data to USB-attached drives, leaving the hard disk (if available) untouched. This makes a live CD perfect for setting up demonstrations for trade shows, customer contacts and conferences. If your group needs a demonstration of a particular application but you don't know who will give the demonstration or what hardware they will be using, all you need do is set up the live CD to handle the situation.

Second, a live CD can be used for system administration. If you've trashed your boot partition or accidentally overwritten important parts of the filesystem you can use a rescue CD to recover the partition or reinstall the OS without losing your user data. Live CDs can also be used, when appropriate, on public systems that don't offer the environment you need. A library kiosk or Internet cafe might offer you this option, for example.

Finally, live CDs are a good way to work with embedded systems. Embedded systems often have limited memory and little or no local storage. A live CD can be used to test the embedded system or manage it. Imagine a consumer media device that needs customer controlled upgrades. They can download a live CD to their computer, burn the CD and boot it to automatically run an upgrade even if the consumer device is not network connected.

More importantly, technologies used in live CDs often have important relationships with embedded systems. Compressed filesystems, read-only devices, and the use of ramdisks are all issues that are common between the two system types. Learning about live CDs can be a stepping stone into the interesting world of consumer devices.

Creating a live CD

Since a CD can hold around 700MB of data and a typical desktop installation can require more than 10-20GB, it won't be possible to duplicate your entire operating system (much less your personal data files) on a live CD. However, with compression and kernel tricks you can get very close to that.

Creating a personal live CD from your installed desktop is possible using the Linux live Scripts or similar tools. These tools make the assumption that the CD will be used on the same or very similar hardware that you're currently running on. For most desktop environments this is a safe assumption.

Another method is to build your own distribution from source and use it to create your live CD. The best place to learn how to do that is the LinuxFromScratch project. This project provides a recipe-driven process for creating your own Linux distribution from source code inside a directory on your current system. Recipes here include options for doing cross compiled builds of your distribution so that you can use your x86 desktop to build for a different architecture device, like a consumer media box.

Live CD Reviews

While it is possible to create your own live CD, it makes sense to first take a look at a few ready made versions to get an idea of what you can get now and what you might want in your own live CD. In the coming weeks I'll review a series of related live CDs from three different classes: desktop replacements, small footprint and special purpose live CDs. The goal of these reviews is not to compare one against another but to give you some idea of the variety of live CDs that area available so you can make an informed choice when you pick an existing version or take on the challenge of creating your own.

Most of the live CDs that will be reviewed are designed to allow end users to customize them with add-on packages, often packaged in project specific formats, such as compressed filesystem images, that you don't normally use with desktop distributions. I tested each of these on an EPIA M10000 board with 256MB of memory. This is an x86 compatible machine that requires the Via video drivers for both the kernel and X Window System - something that might be a little non-standard - just to see how each CD handles it. I'm also using the Linux Cool Keyboard which looks pretty much like a typical US QWERTY keyboard.

In the reviews I'll be looking for a number of things:

• Cleanliness - How professional and uncluttered does it appear to the end user?
• Originality - What makes this live CD unique?
• On Target - How well does this CD stay true to the target audience?
• Extensibility - How easy is it to add to this live CD?

Cleanliness is just a matter of taste. I prefer clean boots without much user interaction. Once I login I want to know where to go next to make the best use of the environment. For example, if this is a Games CD, where do I find the list of games and how do I start them? If this is a desktop CD, how clean is the desktop and how easy is it to find applications?

Originality is very important in these reviews. There are literally hundreds of live CD's available on the net. Each of these needs to have something that makes people want to use it. The live CD may be original because it has been targeted at a particular audience. Perhaps the CD boots quickly and offers an easy to use graphical interface that no one else offers. If they all look like a typical Red Hat or SuSE installation, there isn't much reason to choose one over another. Why is this so important? When you have a need for a CD, knowing there are 200 versions that boot to a typical desktop will let you know you can choose any one of them instead of making your own. But if only one CD boots on your TurboNator 3000 processor, maybe you will want to make your own.

Rating the CDs "On Target" value will be subjective - my interpretation of what category this CD belongs in (based in no small part on where FrozenTech.com lists the CD) and how well it stays true to that target. If a small footprint live CD takes up most of memory, that doesn't help with the small footprint problem I may be trying to solve.

Extensibility will be very important for developers and users who need to customize the CD. Most live CDs offer some way to extend the features on the CD. In some cases this will be done at runtime only with changes saved to hard disk or a USB connected storage device. In other cases, the ISO image can be extended with additional packages. The ease of adding new packages, either at runtime or in the ISO image, will determine the value of this rating.

The Chosen Few

If you want to get an early start, here is the list of live CDs I'll be looking at. Note that I've already downloaded these, before publication, so that they didn't have time to try and update just to make me happy.

1. Desktop Replacements
   • KNOPPIX
   • The GNOME live CD (with Ubuntu)
   • Berry Linux

2. Small Footprint Systems
   • Olive
   • Puppy Linux
   • Damn Small Linux

3. Specialized Systems
   • GamesKNOPPIX
   • Ultimate Boot CD
   • KnoppMyth

Comments (7 posted)

Musix GNU+Linux 0.40 released

The 0.40 release of Musix GNU+Linux is available. Musix is a Debian-based distribution with a strong emphasis on tools for creating, editing, and listening to music.

Full Story (comments: none)

Turbolinux to Launch FUJI Desktop Linux OS

Turbolinux has announced the launch of its FUJI Desktop Linux operating system. "Designed for optimum desktop and laptop computer performance, Turbolinux's FUJI operating system platform features several tools to facilitate the migration from Windows, including OpenOffice.org, Microsoft Office compatible software, Active Directory Authentication, file sharing, and other communications tools."

Comments (none posted)

Release Candidate for Ubuntu 6.06 LTS is available

A release candidate for Ubuntu 6.06 is available for testing. "The Ubuntu team is proud to announce the Release Candidate for version 6.06 LTS of Ubuntu, Kubuntu and Edubuntu - codenamed "Dapper Drake". The Release Candidate includes installable live Desktop CDs, server images, alternate text-mode installation CDs and an upgrade wizard for users of the current stable release. We consider this release candidate complete, stable and suitable for testing by any user."

Full Story (comments: 5)

Debian 'etch' release update

The Debian release team has sent out an update on the upcoming 'etch' release. The approved goals for that release now include a transition to gcc 4.1, SELinux support, IPv6 support everywhere, a new Python framework, and more. The planned release date of December 4 (2006!) is unchanged. Click below for the full text.

Full Story (comments: 8)

BSP Marathon (or: helping releasing etch in-time)

A report about upcoming Debian Etch bug squashing parties is online. "As you should all know, we had some bug squashing parties before the release of Debian 3.1 "sarge". These were quite effective, especially when they were centered around a meeting in real life. This led me to the proposal of a row of BSP this fall, helping to prepare the release of Etch. Naturally, fixing RC bugs is needed all the time. The BSPs we are planning will be focused on some sub-systems, so to help to release etch, *you* need to fix RC bugs all the time, so finish reading this mail, choose an RC bug and try to fix it!"

Full Story (comments: none)

Release-critical Bugreport for May 26, 2006

The May 26, 2006 Debian Release-critical Bugreport is online with status of the latest bug fixing efforts.

Full Story (comments: none)

Mandriva to ship OpenVZ

Mandriva has sent out a press release proclaiming its plans to include the OpenVZ virtualization mechanism in its Corporate Server 4.0 release. It seems that Mandriva is taking a different tack than a number of other distributors who have been pushing Xen instead.

Comments (none posted)

OpenSUSE build service becomes operational

The openSUSE build service is now operating, despite still being in an "alpha" stage. The build service is a web-based system for building and distributing packages for the openSUSE distribution; it is now being used for KDE, Apache, the kernel, and more.

Full Story (comments: none)

Ubuntu Dapper will have a SPARC Niagara version

Sun and Canonical have announced that the upcoming Ubuntu release ("6.06 LTS" or "Dapper Drake") will include a version for Sun's SPARC "Niagara" architecture. "Through the OpenSPARC initiative (http://www.opensparc.net), Canonical engineering and the Ubuntu community were given open access to the design of the UltraSPARC T1 processor and quickly completed the porting process. The release of the Ubuntu GNU/Linux distribution on UltraSPARC T1 processor-based systems merely ten weeks after the open source release of the chip design point validates the open hardware approach pioneered by SUN with the UltraSPARC T1 processor, and demonstrates the Ubuntu community's excitement at the benefits of Sun's SPARC processor-based CMT architecture for next-generation Web, communications and transactional services." Note that it was David Miller who "quickly completed" much of the kernel porting process.

Comments (2 posted)

Debian Weekly News

The May 29 issue of the Debian Weekly News is available. This week's topics include desktop layouts, summer of code projects, boot-time optimization, and more.

Full Story (comments: none)

Fedora Weekly News Issue 48

The May 29, 2006 edition of the Fedora Weekly News is online with the following topics: New logo guidelines Available Now, Application for Google's Summer of Code Ended, Invitation to Fedora Documentation Translation, Puplet (Yum Applet) anyone?, OLPC laptop prototype, Fedora Core 5 Review with Screenshots, My desktop OS: Fedora Core 5, Google releases Picasa for Linux, Fedora Weekly Reports 2006-05-22, Fedora Core 4 and 5 Updates, Contributing to Fedora Weekly News and Editor's Blog.

Full Story (comments: none)

Gentoo Weekly Newsletter

The May 29, 2006 edition of the Gentoo Weekly Newsletter is online with the latest Gentoo news.

Full Story (comments: none)

Edubuntu newsletter Issue 01

The first issue of the Edubuntu newsletter has been published. The table of contents includes: Edubuntu 6.06 LTS Release Candidate, Edubuntu is now available via ShipIt, Call for testing of Edubuntu CD images in preparation for release, Brand-new Edubuntu.org website, 2nd meeting of the Edubuntu Council and Edubuntu Summer of Code.

Full Story (comments: none)

Kubuntu Newsletter

The May 27, 2006 edition of the Kubuntu Newsletter is online. "In this newsletter: release candidate, Kubuntu meeting, KOffice 1.5.1, Kubuntu in Rosetta, Adept 2.0, Icecream and the Summer of Code."

Full Story (comments: none)

Call for translations for Dapper using Rosetta

A call for translations has gone out for the Ubuntu distribution. "This week, we imported the last missing translation domain for Dapper and thus, you should be able to translate any package in Dapper's main component using Rosetta. There are a few VERY IMPORTANT packages for translation, these should now show up at the top of the list when you select your language on that page."

Full Story (comments: none)

Fedora updates

Updates for Fedora Core 5: apr 1.2.2-7.3 (rebuild with new gcc), dhcdbd-1.15-1.FC5 (bug fix), eclipse-changelog 2.0.4_fc-1 (bug fixes), gcc 4.1.1-1.fc5 (bug fixes and other improvements), hplip 0.9.11-1.2 (bug fix and new documentation), ImageMagick 6.2.5.4-4.2.1.fc5.3 (bug fix), kasumi 2.0-1.fc5 (upstream release), libdv 0.104-3.fc5 (disable problem patch), libstdc++so 7-4.2.0-0.3.20060428.fc5.2 (bug fix), libtiff 3.7.4-7 (apply previous patch), libtool-1.5.22-2.3 (rebuild with new gcc), lsof 4.77-1 (bug fix), mailman 2.1.8-0.FC5.1 (security fixes), openoffice.org-2.0.2-5.12.2 (bug fix and other improvements), squid 2.5.STABLE14-1.FC5 (update to new upstream), vnc-4.1.1-39.fc5 (OpenGL enabled by default).

Updates for Fedora Core 4: mailman 2.1.8-0.FC4.1 (security fixes).

Comments (none posted)

Mandriva updates

Mandriva has announced upgraded netpbm packages that fix some converter crash issues.

Full Story (comments: none)

rPath Linux updates

rPath Linux has announced a maintenance release of Conary. Conary version 1.0.16 includes conary, conary-build, conary-repository and conary-web-common.

Full Story (comments: none)

Slackware Changelog Notice

The Slackware Changelog Notice for May 27, 2006 is online with new Slackware package releases.

Full Story (comments: none)

Trustix updates

Trustix Secure Linux has sent out a bug fix update for ckermit and stunnel.

Full Story (comments: none)

The Gentoo Development Guide

For anybody who has ever wondered what goes into the creation of a Gentoo package: the first version of the Gentoo Development Guide is now online. It contains a great deal of information on how to create ebuilds and the relevant policies.

Comments (4 posted)

My desktop OS: Debian Etch (NewsForge)

Flavio Henrique Araque Gurgel reviews Debian Etch in a NewsForge article. "Some people like to work in Linux distributions that are at the cutting edge of technology. Other prefers stability at any cost. I want both, and Debian Testing, codenamed Etch, gives me that. The Debian project's testing tree has up-to-date software along with good stability, since packages are highly tested in the Unstable branch before they move to Testing."

Comments (4 posted)

Polypaudio, a networked sound server

Polypaudio is a relatively new cross-platform networked sound server project. The first release came out in July, 2004, the software has been released under the Lesser General Public License. "Polypaudio is a networked sound server for Linux and other Unix like operating systems and Microsoft Windows. It is intended to be an improved drop-in replacement for the Enlightened Sound Daemon (ESOUND)." The main function of a sound server is to allow multiple audio applications to simultaneously share the same sound card, the networking capabilities extend this ability across machines.

Some of the main Polypaudio features include:

• An extensible plugin architecture with support for loadable modules.
• Compatibility with many popular audio applications.
• Support for multiple audio sources and sinks.
• Low-latency operation and support for latency measurement.
• A zero-copy memory architecture for processor resource efficiency.
• A command-line interface with scripting capabilities.
• A sound daemon with command line reconfiguration capabilities.
• Built-in sample conversion and resampling capabilities.
• The ability to combine multiple sound cards into one.
• The ability to synchronize multiple playback streams.

A variety of audio source and sink modules are available, connections are available for: OSS and Alsa sound drivers, JACK, esound, wav files, UNIX FIFOs, UNIX sockets, network tunnels, X11 console bells and more. Other modules are available for dealing with sound control, including automatic volume controls, LIRC infrared remote controls and multimedia keyboards.

The Polypaudio FAQ explains some of the Polypaudio dependencies and compatibilities, and has numerous examples of command-line operations.

Although GNOME/GTK is not required for Polypaudio operation, some GTK-based GUI utilities are provided, including Polypaudio Manager, Polypaudio Volume Meter and Polypaudio Volume Control.

Version 0.9.0 of Polypaudio was announced on May 26, 2006. It now fully matches or improves upon the ESOUND feature set. "This is a major step ahead since we decided to freeze the current API. From now on we will maintain API compatibility (or at least try to). To emphasize this starting with this release the shared library sonames are properly versioned. While Polypaudio 0.9.0 is not API/ABI compatible with 0.8 it is protocol compatible. Other notable changes beyond bug fixing, bug fixing and bug fixing are: a new Open Sound System /dev/dsp wrapper named padsp and a module module-volume-restore have been added."

Polypaudio version 0.9.0 adds new versions of the modules gst-polyp for use with the GStreamer multimedia framework, libao-polyp for Ogg-vorbis support, and xmms-polyp for sinking XMMS media player output.

With its support for a wide variety of popular audio utilities, actively developed code, and broad capabilities, the Polypaudio project fills an important role in Linux-based audio development.

Comments (10 posted)

JACK 0.101.1 Released

Version 0.101.1 of the JACK Audio Connection Kit is out. New features include support for the FreeBob backend and operability on Mactel platforms.

Comments (none posted)

MySQL 4.1.20 has been released

Version 4.1.20 of the MySQL dbms has been released. "This is a security fix release for the recent production release family."

Full Story (comments: none)

MySQL 5.0.22 has been released

Version 5.0.22 of the MySQL dbms has been released. "This is a security fix release for the recent production release family."

Full Story (comments: none)

The Future of Perl in PostgreSQL (O'ReillyNet)

Andrew Dunstan discusses the use of Perl and PostgreSQL in part three of an O'Reilly series. "If your PostgreSQL database doesn't do exactly what you want, you can write server-side extensions--in Perl. Andrew Dunstan discusses some of the enhancements to PL/Perl in PostgreSQL 8.0 and 8.1, as well as some of the features he and the rest of the team plan to add."

Comments (none posted)

Samba 3.0.23rc1 Available for Download

Version 3.0.23rc1 of Samba has been announced. "This is the first release candidate of the 3.0.23 code base and is provided for testing purposes only. While close to the final stable release, this snapshot is *not* intended for production servers. Your testing and feedback is greatly appreciated."

Full Story (comments: none)

Apache SpamAssassin 3.1.2 available

Version 3.1.2 of the Apache SpamAssassin email filter has been announced. "3.1.2 includes a large number of bug fixes and documentation updates."

Full Story (comments: none)

MailStripper 1.4.0 released

Version 1.4.0 of MailStripper, an email spam filter, is out. Changes include bug fixes and other improvements.

Full Story (comments: 2)

Sussen 0.22 is available

Version 0.22 of Sussen, a vulnerabilities and configuration issue scanner, is available with new features and bug fixes.

Full Story (comments: none)

PythonCAD release 32 is available

The thirty-second development release of PythonCAD has been announced. "The thirty-second release fixes a configuration problem where the newly added autosplitting feature would not be activated properly or could disable autosplitting in a Layer. A small bug in the reworked splitting code was also fixed, as well as a few other small errors."

Full Story (comments: none)

PyX 0.9 released

Version 0.9 of PyX, the Python graphics package, has been announced. "This release features a new set of deformers for path manipulations like smoothing, shifting, etc. A new set of extensively documented examples describing various aspects of PyX in a cookbook-like fashion have been written. Type 1 font-stripping is now handled by a newly written Python module. The evaluation of functions for graph plotting is now left to Python. Thereby some obscure data manipulation could be removed from the bar style for handling of nested bar graphs. Transparency is now supported for PDF output. Many more small improvements and bug fixes top off this release."

Comments (none posted)

GNOME Software Announcements

The following new GNOME software has been announced this week:

• control-center 2.14.2 (bug fixes and translation work)
• Deskbar 2.14.2 (bug fixes and translation work)
• Eye of GNOME 2.14.2 (new features, bug fixes and translation work)
• gedit 2.14.3 (bug fixes and translation work)
• GLib 2.10.3 (bug fixes and translation work)
• gnome-games 2.14.2 (bug fixes and translation work)
• Gossip 0.11.1 (new features, bug fixes and translation work)
• GTK+ 2.8.18 (bug fixes and translation work)
• Gtk2-Perl 2.14.2 (new features and bug fixes)
• lsr 0.2.0 (new features and documentation work)
• Metacity 2.14.5 (bug fixes and translation work)
• Pango 1.12.3 (bug fixes and documentation work)
• vte 0.12.2 (bug fixes and translation work)
• Zenity 2.14.2 (bug fixes, documentation and translation work)

You can find more new GNOME software releases at gnomefiles.org.

Comments (none posted)

KDE Software Announcements

The following new KDE software has been announced this week:

• Adblock Improvement 0.0.5 (new features)
• Amarok letras.mus.br lyrics 0.1 (initial release)
• Amarok LyricWiki.org Lyrics 0.1 (initial release)
• anymeal 0.29 (new features)
• Boson 0.12 (new features and version control change)
• CrossVC 1.5.0 (new features and bug fixes)
• dc-qt 0.2.0-alpha (alpha release)
• Enchanted Search Tool Preview 1 (screen shot preview)
• Icecast amaroK script 0.4 (initial release)
• improved offline web browsing 0.2 (unspecified)
• KAlarm 1.4.2 (bug fixes and translation work)
• KBarcode 2.0.3 (new features and bug fixes)
• KBFX for Kubuntu Dapper Drake 0.4.9.2rc1 (new features, code rewrite)
• KBlogger 0.6.2 (bug fixes)
• KCad 2.0 (unspecified)
• KDbg 2.0.4 (new features, bug fixes and translation work)
• KMyMoney 0.8.4 (new features, bug fixes and translation work)
• KPowersave 0.6.1 (bug fixes, documentation and translation work)
• KatchTV 59 (new features and bug fixes)
• KWlan 0.4.3 (new features, new card support)
• LastamaroK 0.3.0 (unspecified)
• PG Calculator 2.2-4 (new features, bug fixes and documentation work)
• Piklab 0.9 (new features, bug fixes and optimization work)
• Picoxine 0.0.1 (new release)
• pyKompiz 0.1.1 (unspecified)
• QFrameCatcher 0.3.1 (unspecified)
• QtiPlot 0.8.5 (new features and bug fixes)
• Ts2Dvd 0.3g (unspecified)
• webarchiver plugin 0.2 (rewrite)

You can find more new KDE software releases at kde-apps.org.

Comments (none posted)

KDE Commit-Digest (KDE.News)

The May 28, 2006 edition of the KDE Commit-Digest has been announced. "In this week's KDE Commit-Digest: KViewShell gets support for PostScript files. Work begins on Akonadi (the new KDE PIM data storage backend) and amaroK 2.0, with further optimisations to the stable amaroK version. kttsd (the kde-accessibility text-to-speech system) is ported to Phonon. KDELibs is now fully ported to D-BUS. Aesthetic improvements to KSysGuard."

Comments (none posted)

gSpiceUI 0.8.55 released

Version 0.8.55 of gSpiceUI, a GUI front end for the GNU-Cap and Ng-Spice circuit simulation engines, is out. has been announced. "This is largely a maintenance release which fixes some problems I came across doing some design work. There are also some enhancements to existing functionality."

Comments (none posted)

Qucs 0.0.9 announced

Version 0.0.9 of Qucs, an integrated circuit simulator, is out. Release details are on the OpenCollector site: "The new release comes with a Russian translation and the GUIs language can be explicitely chosen in the application settings dialog. The digital simulation abilities have been improved by a VHDL text editor and hand-crafted VHDL files can be used as subcircuits. The number of ports of the S-parameter component is no more limited. Components can now be either deactivated as a short or an open. There are some new components such as a coaxial line, a differential voltage probe, a switch, AM- and PM-modulators and a relais. Also many bug-fixes have been incorporated."

Comments (none posted)

SQL-Ledger 2.6.12 is out

Version 2.6.12 of SQL-Ledger, a web-based accounting package, is out. See the What's New page for release notes.

Comments (none posted)

Balazar Brother 0.2 released

Version 0.2 of Balazar Brother, a 3D puzzle game, is out. "The next world, currently in development, will be... the Pompon forest! It will recall something to Balazar Arkanae 2 players. And here is your first ennemy in the forest: the striking fruit!"

Comments (none posted)

Lintouch 1.10 released

Version 1.10 of Lintouch has been released. "Lintouch is an opensource HMI software. It lets you design user interfaces for process automation. Lintouch runs on most popular hardware and software platforms, is lightweight and easily extensible." See the release announcement for more information on this version.

Comments (none posted)

Wine 0.9.14 released

Version 0.9.14 of Wine has been announced. Changes include: "Better MS/RPC compatibility, Many fixes to Direct3D shaders, Several improvements to the header control and Lots of bug fixes."

Comments (none posted)

Wine Weekly Newsletter

The May 26, 2006 edition of the Wine Weekly Newsletter has been published. Topics include: Picasa, Wine 0.9.14, LJ Article, Picasa Port to Linux, DirectDraw Patch, Patch Submission Ideas, MSI Problem and Font Issue.

Comments (none posted)

MirrorMed releases MirrorMed 1.0 RC3 (LinuxMedNews)

LinuxMedNews has an announcement for version 1.0RC3 of MirrorMed, a PHP-based open-source EHR and practice management system. "MirrorMed-1.0RC3 has several new important features. Mostly, the billing workflow has been dramatically improved."

Comments (none posted)

SciPy 0.4.9 released

Version 0.4.9 of SciPy, an open-source library of scientific tools for Python, has been announced. "This version adds support for NumPy version 0.9.8. It also has enhancements to sparse matrices, including a new linear solver module with UMFPACK support, and new support for fitting conditional maximum entropy models. This release also fixes bugs in ndimage, sparse, stats, weave, and other packages."

Comments (none posted)

Firefox Bon Echo Alpha 3 milestone released

The third Firefox "Bon Echo" alpha has been released. New stuff this time around includes "anti-phishing protection" (testing of web sites against a blacklist, essentially), search changes, and client-side session and permanent storage (fancier, larger cookies).

Full Story (comments: 9)

GCC 4.1.1 released

Version 4.1.1 of GCC, the GNU Compiler Collection, is out. See the changes document for details on this release.

Comments (2 posted)

Caml Weekly News

The May 30, 2006 edition of the Caml Weekly News is out with new Caml language articles.

Full Story (comments: none)

gURLChecker 0.10.0 released

Stable version 0.10.0 of gURLChecker has been announced. "gURLChecker is a graphical web sites checker for GNU/Linux and other POSIX OS. It can work on a whole site, a single local page or a browser bookmarks file."

Comments (none posted)

SBCL 0.9.13 released

Version 0.9.13 of Steel Bank Common Lisp has been announced. "This version provides better error reporting, and improves the performance of toplevel form compilation and object file loading."

Full Story (comments: none)

AFPL Ghostscript 8.54 announced

Version 8.54 of AFPL Ghostscript has been announced. "Major new features include: The COMPILE_INITS build define now generates a compressed read-only filesystem which is linked into the executable and accessible from the interpreter as a new %rom% iodevice. This both improves installed footprint and allows using the same mechanism for embedding Resource files and fonts as well as postscript library and configuration files. This release also supports the proprietary Luratech JBIG2 and JPEG 2000 libraries."

Comments (none posted)

Python Quick Reference Card 0.55 released

Version 0.55 of the Python Quick Reference Card has been published under a Creative Commons license. "The Python Quick Reference Card (PQRC) aims to provide a printable quick reference documentation for the Python language and some of its main standard libraries (currently for Python 2.4)."

Full Story (comments: 1)

Dr. Dobb's Python-URL!

The May 30, 2006 edition of Dr. Dobb's Python-URL! is online with a new collection of Python article links.

Full Story (comments: none)

RubyGems (Linux Journal)

Dirk Elmendorf writes about Ruby Gems in a Linux Journal article. "RubyGems is a system for managing Ruby software libraries. Ruby code packaged in this manner is called a gem. When you find Ruby software you want to use in a project, gems offer a means of downloading, installing and managing the software."

Comments (none posted)

Ruby Weekly News

The May 28, 2006 edition of the Ruby Weekly News is available with new Ruby language articles from the Ruby-talk mailing list.

Comments (none posted)

Dr. Dobb's Tcl-URL!

The May 30, 2006 edition of Dr. Dobb's Tcl-URL! is online with new Tcl/Tk articles and resources.

Full Story (comments: none)

Firefox snaps at Microsoft's heels (Telegraph)

The Telegraph looks at the Mozilla Foundation, with an emphasis on its finances. "Despite its success, however, Mozilla's fans are becoming increasingly concerned that the organisation is moving away from its altruistic roots and becoming a fully fledged money-making operation. The company makes no secret of the fact that it turns a profit. Firefox uses Google as its preferred search engine partner. When a user carries out a search via the browser's built-in search facility, about 80 per cent of the advertising revenue from any associated hits goes back to Mozilla."

Comments (5 posted)

Macro virus for Staroffice discovered (Techworld)

Techworld is reporting that a macro virus for StarOffice (and thus, presumably, OpenOffice.org) has been found by our old friends at Kaspersky Lab. "The Stardust virus is contained in a StarOffice document that uses macros and then infects a global template. If a user opens a document infected with Stardust, every StarOffice text document, with a '.sxw' extension, or document template, with a '.stw' extension, will be infected..." There is no mention of whether it can propagate through ODF files.

Comments (9 posted)

Day one at FreedomHEC (NewsForge)

Steve R. Hastings covers day one of the FreedomHEC conference on NewsForge. "This morning's activities started with a discussion to set the schedule for the day. Presentations included a lightning overview of SysFS and Udev, presented by Greg Kroah-Hartman; a session on how the kernel development community works, presented by Randy Dunlap; a question and answer session on the Linux SCSI layer with James Bottomley, the kernel maintainer of the SCSI layer; open source rocketry using Linux; and a question and answer session with Kroah-Hartman on how to get a driver added to the stock Linux kernel."

Comments (none posted)

Report from FreedomHEC (NewsForge)

NewsForge reports from the first FreedomHEC conference. "The final session of the first day was a question and answer session with Kroah-Hartman on getting drivers accepted into the Linux kernel. It was a lively session, touching on many areas of kernel development. Kroah-Hartman assured the attendees that kernel developers are interested in their drivers. 'People always say, 'Oh, they won't want my driver; we only ship a few hundred devices per year that use it.' I always tell them that we have device support in the Linux kernel for hardware with only one or two known users. Really, we'll take your driver!'"

Comments (none posted)

Telling Stories at JavaOne (O'ReillyNet)

O'Reilly covers the 2006 JavaOne conference. "JavaOne 2006 left attendees with an incomplete answer to the big question: will Sun open source Java? The answer was better than a definite maybe, but not by much. Daniel Steinberg looks back at the conference, its mixed message, and its many successes outside of the general sessions."

Comments (none posted)

First Day KDE 4 Multimedia Meeting (KDE.News)

Jos Poortvliet reports on day one of the KDE 4 Multimedia Meeting. "In the rainy Netherlands, eighteen KDE hackers have been working in the Annahoeve on Multimedia for the fourth incarnation of KDE. This report outlines the meeting topics, and the results of interesting presentations and explains how KDE developers outbid each others marshmallow records."

Comments (1 posted)

Second Day Multimedia Meeting (KDE.News)

KDE.news reports from the second day of the KDE 4 multimedia meeting. "This article will report on the progress the hackers made yesterday, including the 'why' and 'what' of redesigning and speeding up amaroK, work on the KIO slaves and Phonon."

Comments (none posted)

The Python "Need for Speed" Sprint

Sean Reifschneider has sent us coverage of the Python "Need for Speed" Sprint in Reykjavik, Iceland. "We started the week with the Python 2.5 alpha 2 release candidate being around 10% slower than 2.4.3, the previous stable release. Largely, this slowdown is due to newly added features, particularly a change in the object type of exceptions which is showing a 60% slowdown."

Full Story (comments: 11)

Google Releases Picasa for Linux (Slashdot)

Slashdot has an announcement for Google's release of Picasa for Linux. "Today I'm pleased to announce that we're making Picasa, our photo management application, available for Linux. This is a pre-beta labs release and since we're still learning on how to best make software for Linux, we're asking that you submit your bugs as you find them. Picasa for Linux uses Wine internally; this shows a bit in the interface, but it works even better than we had hoped." Picasa is not open-source software, see the End User License Agreement for details.

Comments (38 posted)

Novell sells Celerant, focuses on Linux (Linux-Watch)

Linux-Watch notes Novell's sale of its Celerant Consulting management consulting branch to Caledonia Investments. "Now that Celerant is sold, Novell will be better able to focus on its core businesses of Linux and open source; systems, security and identity management; and its renewed interest in workgroup computing. In particular, Novell is looking forward to a summer launch of the next-generation of its SUSE Linux Enterprise 10 for Novell server and desktop systems."

Comments (none posted)

Novell, NCR offer Linux on NCR POS Platforms (CIOL)

CIOL.com covers a partnership between NCR and Novell. "NCR and Novell today announced a global agreement to offer Novell Linux Point of Service on NCR RealPOS retail point-of-sale (POS) terminals. This agreement makes available a software platform and hardware combination for retailers deploying Linux-based POS solutions. NCR's future plans call for offering Novell Linux Point of Service on NCR easypoint kiosks and NCR fastlane self-checkout."

Comments (none posted)

Japan to develop and deploy open source "Secure VM"

The Japanese National Information Security Center (NISC) has announced plans to develop an open-source secure virtual machine. "Data breach (especially information leak via virus-infected P2P file-sharing programs) has been a social problem in Japan for these two years, and it seems that to solve it is one of the project's goals. They say it will not just be a research project, but will also be deployed in production environments of governmental organizations. Both Linux and Windows are planned as its guest OSes, but apparently they are assuming that Windows will continue to be used mainly, because they say that they chose to develop "Secure VM" (instead of switching to an open source desktop) "in order to improve security while keeping the existing client environment/UI as much as possible.""

Full Story (comments: 3)

U.S. PTO smashes JPEG patent (Linux-Watch)

Linux-Watch reports on the rejection of the JPEG patent. "Another attempt to tie down a standard with a patent has gone down in flames. The U.S. Patent and Trademark Office has rejected a patent that Forgent Networks was asserting against the Joint Photographic Experts Group, better known as JPEG, images standard. In the reexamination proceeding initiated late last year by the PUBPAT (Public Patent Foundation), The PTO Office Action released yesterday a finding that the prior art submitted by PUBPAT completely anticipated the broadest claims of the patent, U.S. Patent No. 4,698,672 (the '672 Patent)."

Comments (7 posted)

Could more Eolas-like open source benefactors hurt Microsoft, others? (ZDNet)

Here's a ZDNet blog entry by David Berlind on software patents and free software. "After losing to Eolas, Microsoft, was forced to remove important plug-in functionality from Internet Explorer. Firefox, on the other hand was not. Eolas has turned out to be an open source benefactor, allowing open source developers access to its intellectual property. In other words, in an extremely unusual twist of fate, a patent worked against commercial software and in favor of open source software to the point that the open source software had a distinct usability advantage over commercial alternatives."

Comments (16 posted)

Interview: Mark Shuttleworth (451 Group)

The 451 Group (an analyst operation) has done an interview with Ubuntu founder Mark Shuttleworth; the first part of that interview has been published, liberally annotated with comments from the analysts. "For example, in the consumer space, people are very protective about the desktop, but they're not at all protective of the smart phone. So consumer adoption of Linux on the smart phone is enormous - people are absolutely willing to accept the idea that they might use new tools, new pieces of software, new user interfaces and so on, as long as you don't threaten certain key applications that they're comfortable with, that they know and trust."

Comments (none posted)

Interview: Red Hat's open source scholarship challenge (NewsForge)

NewsForge interviews Venkatesh Hariharan about an open-source scholarship challenge in India. "There is no dearth of IT talent in India, but for a country that churns out thousands of IT students every year, the number of Indian contributors in the open source software (OSS) world is disproportionately low, due in part to a lack of proper mentoring. To encourage more students to go into OSS development, the Kanwal Rekhi School of Information Technology (KReSIT) at the Indian Institute of Technology Bombay partners with Red Hat for an open source scholarship challenge each year. Participants, mentored by OSS leaders, get the opportunity to work and collaborate to solve a real-world problem, and the winners get a share of the Rs. 10 lakh (about $22,000) prize."

Comments (none posted)

Create your own distribution torrents (Linux.com)

Mayank Sharma shows how to distribute an ISO image with bittorrent on Linux.com. "The BitTorrent protocol has revolutionized peer-to-peer (P2P) file sharing. It works by enabling users to download fragments of a large file from other users simultaneously, rather than waiting for one file to complete, thus speeding the download process. As a result, many popular Linux distributions have started releasing their ISOs through torrents, many of which you can find at LinuxTracker. But if your favourite distro doesn't offer a release torrent, why not make your own?"

Comments (none posted)

Runit makes a speedy replacement for init (Linux.com)

Mark Alexander Bain looks at Runit on Linux.com "runit, a Unix init scheme with service supervision written by Gerrit Pape, is a complete replacement for SysVinit. Its key benefits include improved boot speed and ease of use. In the time that it takes you to read this article, you could move from init to runit. In a recent article covering the use of cinit to implement a parallel boot process, I managed to turn a booting time of 2 minutes 54 seconds into 2 minutes 3 seconds -- a massive saving of 51 seconds. By converting the same Linux machine to runit, I was able to reduce booting time to 55 seconds."

Comments (23 posted)

Building a Self-Healing Network (O'ReillyNet)

Greg Retkowski writes about self-healing networks on O'Reilly. "Wouldn't it be nice if your network services could detect their own failures and gracefully restart? Sure, you could have cron or FAM jobs always checking them, but that's so unrefined. Instead, consider Greg Retkowski's solution: building a small Cfengine and NAGIOS combination to detect and recover from failure."

Comments (6 posted)

OpenSUSE 10.1 Is Versatile, but Uneven (eWeek)

eWeek reviews OpenSUSE 10.1. "In the past, we've found that SUSE distributions have lagged behind Red Hat and Debian-based distributions in the all-important area of software installation and management. OpenSUSE 10.1 has made some strides in this area, but the system's software management story remains murkier than we'd like."

Comments (1 posted)

Google Summer of Code KDE projects (KDE.News)

KDE.News has announced the KDE projects in this year's Google Summer of Code. "KDE is happy to announce the selection of 24 student applications for the Google Summer of Code 2006. This year, Google received a total of 6400 applications worldwide spread across 102 different Open Source organisations. "It looks like we've got some very interesting projects for KDE as a whole, and a good number of projects for KOffice", said Boudewijn Rempt, the maintainer for Krita, celebrating the selection of 4 KOffice student proposals."

Comments (2 posted)

Beyond the Open-Source Hype (Foreign Policy)

Here's a Foreign Policy column arguing that open source software has, perhaps, been oversold. "However, it is misleading to say that open source empowers people in ways proprietary software does not. Both open source and proprietary software allow you to change the behavior of a software program in significant ways without touching the program's source code. The truth is that software authors, whether they work for a large software firm or no one at all, want users to adapt their product to specific locations and needs. Microsoft makes a living out of making its software customizable while still closely guarding its source code." (Thanks to Sami Juvonen).

Comments (7 posted)

EFF: Huge Win for Online Journalists' Source Protection

The Electronic Frontier Foundation has announced a the results of a legal ruling that affects online journalists. "A California state appeals court ruled in favor of the Electronic Frontier Foundation's (EFF's) petition on behalf of three online journalists Friday, holding that the online journalists have the same right to protect the confidentiality of their sources as offline reporters do."

Full Story (comments: none)

OLPC hardware details posted

The One Laptop Per Child hardware information page has been updated with a great many details on just what will go into the OLPC package. The most interesting stuff is under the "what makes this system unique" heading; clearly a great deal of thought has gone into the design of this system. "Wireless mesh: Child-child sharing! OLPC Laptops are full-time wireless routers. Mesh networking reduces the need for dedicated infrastructure (e.g. access points and/or cabling), and extends greatly the areas in which machines may be connected to each other and/or to the internet."

Comments (22 posted)

The OLPC developer's program

The One Laptop Per Child effort has a big pile of prototype systems, and they are looking for developers who would like to use them to help with OLPC development. Note the limits of these prototype systems: they are bare circuit boards with a power supply and a connector for a serial console. But, if you would like to play with such a system and help make it work better, the OLPC project may send you one. Have a look at the OLPC developer's program page for information on the systems, a list of tasks that need doing, and instructions on applying for a system.

Comments (1 posted)

FUEL Database 1.0 Released

Version 1.0 of FUEL Database, an embedded DBMS for Windows CE/Mobile, Embedded Linux, and VxWorks platforms, is out. "ITTIA plans to support all industry-standard platforms. Developers will be able to develop their application in one operating system environment and, without changing a single line of database code, deploy their application into a different operating system with ease. As a result, they can develop with minimal investment, zero administration, no disruption, and, with ITTIA's reasonable licensing model, gain a competitive edge for their application."

Full Story (comments: 1)

IBM invests in Brazil Linux Tech Center

IBM has announced the investment of $2.2 million in a Brazilian Linux Technology Center. "Developers at IBM's Linux Technology Center in Brazil will work to make Linux better as part of the open source community specializing in developing Linux with cell, power and virtualization technologies. The investment will be used to complete construction of a Linux development laboratory in Hortolândia and expand a second lab in Campinas, on Brazil's Unicamp campus."

Full Story (comments: none)

TimeSys Introduces LinuxLink Subscriptions for Freescale i.MX31

TimeSys has announced the availability of LinuxLink subscriptions for the Freescale Semiconductor i.MX31 multimedia processor. "Collaboration of Nissin Systems and Freescale will enable development of networking products using the state-of-the-art technologies requiring video, audio and mobile technologies, including a network-enabled camera, security camera, IP TV phone, media player, biometrics authentication device and other business equipment. In addition, communication equipment and appliance manufacturers can efficiently develop their custom boards and application software, significantly reducing procurement cost and speeding up development cycle."

Full Story (comments: none)

Win4Lin announces major upgrade to 2000/XP desktop product

Win4Lin has released version 3 of their 2000/XP desktop product. ""Win4Lin Pro 3.0 is an important step forward in both usability and performance. We are pleased to offer the world's fastest and easiest method for installing Windows on a Linux desktop, where users can literally be running Windows XP in less than thirty minutes,” said Leo Reiter, Win4Lin CTO."

Full Story (comments: none)

Building Scalable Web Sites - O'Reilly's Latest Release

O'Reilly has published the book Building Scalable Web Sites by Cal Henderson.

Full Story (comments: none)

Java I/O, Second Edition - O'Reilly's Latest Release

O'Reilly has published the book Java I/O, Second Edition by Elliotte Rusty Harold.

Full Story (comments: none)

No Starch Press releases "Object Oriented PHP"

No Starch Press has published the book Object Oriented PHP by Peter Lavin.

Full Story (comments: none)

SafeDesk Puts Bounties on STS Open-Source Development

The SafeDesk Bounty Program has been launched. "SafeDesk is currently inviting individuals or groups from the FOSS community to participate in making STS Bounty program in an effort to further develop an even better thin-client server solution as a compliment to the LTSP and other server-based solutions. Initial projects not only support the STS project directly, but also support the Debian Live project from which SafeDesk and its engineers have already been contributors."

Full Story (comments: 6)

LPI promotes Linux Certification within North-East Asia Region

The Linux Professional Institute has announced the holding of Linux certification events and exam labs in Japan and South Korea from May 31 through June 7, 2006.

Full Story (comments: none)

Zend/PHP Conference 2006 Call for Papers

A call for papers has gone out for the 2006 Zend/PHP Conference & Expo. The event takes place from October 29 to November 2, 2006 in San Jose, California. "The conference selection committee will consider all abstracts submitted on or before June 15th, 2006. Notifications will be made by August 1st, 2006."

Comments (none posted)

OSDC Australia CFP

A call for papers has gone out for the Open Source Developers' Conference 2006. The event takes place in Melbourne, Australia on December 5-8, 2006. Proposals are due by July 12.

Full Story (comments: none)

Collaborative Technologies Conference announced

CMP Media has announced the session topics for the Collaborative Technologies Conference. The event will take place in Boston, MA on June 19-22, 2006. "During these CTC sessions, industry thought leaders and technology innovators will explore strategies, practices and tools that can help businesses cut costs, increase productivity, reduce time-to-market, align workgroups and create a more streamlined, dynamic organization."

Comments (none posted)

Events: June 1 - July 27, 2006

Date	Event	Location
June 1 - 3, 2006	2006 USENIX Annual Technical Conference	(Boston Marriott Copley Place)Boston, MA
June 13 - 14, 2006	Where 2.0 Conference	(Fairmont Hotel San Jose)San Jose, CA
June 13 - 14, 2006	Gartner Open Source Summit 2006	(Palau de Congressos de Catalunya)Barcelona, Spain
June 14 - 16, 2006	New York PHP Conference and Expo 2006	(New Yorker Hotel)New York, NY
June 16 - 18, 2006	Recon 2006	(Plaza Hotel Centre-Ville)Montreal, Canada
June 18 - 23, 2006	Ubuntu Developer Summit	Charles de Gaulle, Paris, France
June 19 - 22, 2006	Collaborative Technologies Conference	(Seaport Hotel)Boston, MA
June 22 - 23, 2006	3rd International GPLv3 Conference	Barcelona, Spain
June 24 - 25, 2006	Free and Open Source Conference(FrOSCon)	(St. Augustin)Bonn, Germany
June 24 - 30, 2006	2006 GNOME Users and Developers European Conference(GUADEC)	Catalonia, Spain
June 24 - 25, 2006	PHP Vikinger	Skien, Norway
June 27 - 29, 2006	Corporate Channel and Computing Expo(C3)	(Jacob K. Javits Convention Center)New York, NY
June 28 - 30, 2006	GCC and GNU Toolchain Developers' Summit	(Ottawa Congress Centre)Ottawa, Canada
June 29 - July 2, 2006	UKUUG Linux Technical Conference	(University of Sussex)Brighton, UK
June 30 - July 1, 2006	WebTech 2006	(Kempinski Hotel Zografski)Sofia, Bulgaria
July 3 - 4, 2006	3rd European Lisp Workshop	Nantes, France
July 3 - 5, 2006	EuroPython 2006	(CERN)Geneva, Switzerland
July 4 - 8, 2006	7th Libre Software Meeting(LSM)	(Nancy 1 University)Vandoeuvre-les-Nancy, France
July 5 - 8, 2006	V Jornades de Programari Lliure	Barcelona, Spain
July 8 - 9, 2006	PostgreSQL Anniversary Summit	Toronto, Canada
July 10 - 11, 2006	Global db4o User Conference(dUC)	(Imperial College, South Kensington)London, UK
July 13 - 14, 2006	Detection of Intrusions and Malware, and Vulnerability Assessment(DIMVA)	Berlin, Germany
July 15 - 16, 2006	Crystal Space Conference	(University of Aachen)Aachen, Germany
July 16 - 19, 2006	2nd International Symposium on Free/Open Source Software, Technologies and Content(FOSSTEC 2006)	Orlando, Florida, USA
July 19 - 22, 2006	Ottawa Linux Symposium 2006(OLS 2006)	Ottawa, Canada
July 22 - 23, 2006	LugRadio Live	(Wolverhampton University)Wolverhampton, UK
July 24 - 28, 2006	O'Reilly Open Source Convention(OSCON 2006)	Portland, Oregon

Comments (none posted)

PSF: Summer of Code projects announced

The Python Software Foundation has announced its 2006 Google Summer of Code projects. "25 projects were been accepted, tying with the Apache Software Foundation for the largest number of funded proposals. The accepted projects include 5 enhancements to the CPython interpreter or standard library, 3 PyPy projects, 3 SciPy projects, and 2 projects relating to the Soya3D library for 3-dimensional graphics."

Full Story (comments: none)