Speaker David Airlie started with a review of the current state of free graphics drivers. Intel chipsets are relatively well supported, thanks to an enlightened position being taken by that company. ATI is a "former leading light" in the free software world, but is no longer cooperating. Even so, the free R200 driver is feature-complete and, at this point, faster than the binary-only fglrx driver. The reverse-engineered R300/R400 driver is getting closer to being ready; there is no hope for the R500 chipset at this point. Nvidia has a 2D driver in X.org which is "written in hex" and a well-supported, binary 3D driver. Said driver "still sucks," of course.
David took the time to point out that, once you load a 1MB binary blob into your kernel, you are no longer running a free operating system. There is no way to know what that code is doing, no way to fix it, and no way to support systems which have that code loaded. Support going into the future tends to be problematic; the vendors drop support for old cards sooner than many users would like, and are not always quick to add support for the newer chipsets.
Why do vendors refuse to support the free software community? David noted, with amusement, that both ATI and Nvidia withdrew support at about the same time that they got Xbox contracts. Let's hope, he says, that Intel never works an Xbox deal. More seriously, there is the usual talk of patent problems, third-party software which cannot be freed, and so on. These problems tend to evaporate when enough money is applied to the situation, however.
So what do things look like in the future? For Intel chipsets, says David, the future is "mostly excellent." Intel is friendly, and driver support tends to be available about the same time that new chipsets are released. For now, this is a group which seems to get it.
On the ATI front, the R300 reverse engineering effort continues. Support for the 9800 series cards has been stabilized - an effort which, at one point, required almost six months of a developer's time to find a single bit in one register which was causing the card to lock up. The R500 series is harder - though it does not differ all that greatly from previous offerings. David actually has a 2D driver which he wrote, and which he has submitted to ATI for permission to distribute. ATI has sat on the driver for some months with no response. Until such a time as ATI gives permission, David (due to NDA constraints) is unable to release his code.
On the Nvidia side, the best hope is the Nouveau project, which has set out to create a reverse-engineered 3D Nvidia driver. There about five or six people currently working on the project, which also looks to add some nice 2D features (EXA acceleration, dual head support). The Nouveau developers have no code to show at this point, being heavily involved in the reverse engineering work. Progress is being made, but this is a large project, bigger than the ATI R300 effort. For those who are interested in contributing to the community, Nouveau looks like a project which could use some more help.
Linux needs free drivers for graphics adapters. The challenges involved in freeing this part of our systems are daunting - there is a great deal of work yet to be done. The overall tone of the talk was optimistic, however. Developers are on the task, progress is being made, and the goal is, slowly, getting closer. The kittens will have their revenge in the end.
The news that the European Commission is to fine Microsoft - €280.5 million has naturally provoked plenty of headlines, both in the technical and non-technical press. But big as that number might seem, it is in truth a gnat-bite as far as the Microsoft behemoth is concerned: last year its net income was $12 billion, and it holds cash and short-term investments worth over $39 billion. Against this background, the EU's fine is a little more than an accountancy rounding error.
What is interesting about the whole affair is that the sticking point seems to be an apparently minor requirement to provide technical information that would allow third parties to interoperate better with networks running Microsoft Windows. But as a press release from the Free Software Foundation Europe rightly points out, this obstinacy is not over some general principle, whatever Microsoft might claim, but is actually highly specific, and has one aim above all: to thwart Samba's rise in the enterprise.
Thus Microsoft's brinkmanship with the European Commission is driven almost entirely by its need to react to free software. It turns out that this is by no means the only sphere where Microsoft has ceased to be master of its own destiny, and finds itself constantly responding to open source initiatives, and playing catch-up with free software projects.
A good example is to be found in the world of high-performance computing (HPC). GNU/Linux was first used for computing clusters back in 1994, when the Beowulf project began. Since then, free software has established itself as the pre-eminent HPC solution. In June 2006, the TOP500 listing of the most powerful supercomputers in the world showed that well over 70% of them ran some variant of GNU/Linux; precisely two systems out of 500 used some form of Windows. The same month, Microsoft finally launched its official HPC solution, the Windows Computer Cluster Server 2003 fully 12 years after the first free software solution was made available for this sector.
While the crushing lead that free software has over Windows in the HPC area is little known outside specialist circles, most people in computing are familiar with the fact that the Apache Web server has maintained a commanding lead over Microsoft's Internet Information Server (IIS) for the past few years.
Microsoft, too, is obviously acutely aware of this, and recently has been making sustained efforts to reduce the embarrassingly large lead Apache holds, and with some success. For example, the Netcraft survey for June 2006 showed that Microsoft IIS gained 4.5 million Web servers, while Apache lost 429,000, giving Microsoft a whopping 4.25% gain for the month, and cutting the gap between them to 31.5%, a drop of 16.7% in just three months. Closer examination reveals exactly why this is happening. As Netcraft's analysis explains:
This is unlikely to be coincidence. After a year of steady market share, the graph for IIS has been rising sharply since March 2006, which suggests a concerted effort by Microsoft to court hosting companies in order to swing them away from Apache on GNU/Linux towards IIS running on Windows. Once again, then, this shows Microsoft being forced to react to free software's successes. Despite these efforts, the market still seems to be moving away from Microsoft: the Netcraft survey for July 2006 shows a gain of 1.8% for Apache, mostly made of up incremental gains at a dozen hosting companies.
Perhaps the best-known example of Microsoft being compelled to revise its strategy thanks to free software is in the world of Web browsers. Development work on Microsoft's browser had effectively came to a halt after the release of Internet Explorer 6 in August 2001. Microsoft's refusal to provide any significant updates to IE 6, despite its mounting security problems, was one of the prime reasons why the Firefox project was started. Firefox's steady rise in popularity, and the corresponding drop in Internet Explorer's market share, eventually compelled Bill Gates to announce a reversal of Microsoft's previous decision not to produce a standalone browser before Vista appeared.
With betas available of both IE 7 and Firefox 2.0, the emerging consensus seems to be that Microsoft has largely caught up with the free software world as far as browser technology is concerned, but the price that it has paid for its lengthy refusal to satisfy the needs of users is a serious loss of market share. Latest figures from OneStat.com show that Firefox holds some 15.8% of the browser market in the US, and a massive 39% in Germany.
Even though the appearance of IE 7 is likely to staunch the flow of users away from IE to Firefox, the latter has established itself as a serious rival, one that Microsoft will need to track continually to prevent more of its users defecting. In itself, this is not a huge problem for Microsoft. The appearance of Firefox has essentially made Microsoft more responsive to users, and more amenable to following open standards. It does not, though, imply any loss of revenues.
The situation for office suites is quite different. Microsoft Office is one of the main cash cows for the whole company: any loss of market share here will have serious financial repercussions. This makes Microsoft's decision to sponsor a project to create tools to build "a technical bridge" between the Microsoft Office Open XML Formats and the OpenDocument Format all the more surprising, since potentially it could lead to a costly leak of Office users to other office suites supporting ODF.
It shows once more the world's leading software company being forced to backtrack in response to developments in the open source world. Microsoft's position initially was that no one was using ODF, and so there was no point supporting it. But the announcements by Massachusetts and, particularly, the Belgian and Danish governments in favor of ODF - with administrations in France, Germany and elsewhere considering the move - meant that Microsoft was forced to cede to the growing pressure for some kind of ODF support in Office. The fact that Google has joined the ODF Alliance - whose members now number 260 - and will be supporting the ODF standard with its online word processor Writely means that Microsoft's scope for independent action is even more circumscribed.
Taken on their own, each of these instances of Microsoft emulating or accommodating free software might seem fairly minor. Put together, they represent a consistent pattern of loss of control that is unprecedented in the company's recent history. From being on the fringes, ignored or at best derided by traditional software companies, open source has gradually moved to the centre, to the point where today it is free software - and not Microsoft - that is setting the agenda for computing at practically every level.
Glyn Moody writes about open source at opendotdotdot.
A second local privilege escalation bug has been found recently in the 2.6 kernel series. The first, covered by LWN last week, configured processes to dump core in directories not normally writable by the user. The most recent vulnerability exploits the setuid permissions bit on files in the /proc filesystem and a kernel race. In both cases, the result is root privileges for interested local users.
The first indication of the vulnerability came as a working exploit posted to the full-disclosure mailing list. The exploit uses an mmap() of a large file on the disk to slow the system down enough to exploit a race condition in the /proc filesystem handling. Permissions for the /proc/self/environ file can be set with the setuid bit 'on' and prctl() can be used to set the owner of that file to root. Tacking an a.out executable onto the environ file allows a local user to get a root shell.
The fix is fairly obvious: setuid and setgid bits do not make any sense for /proc filesystem entries and removing that 'feature' fixes the problem. The stable 2.6 kernels were patched the same day as the exploit was released and a tweak to the original fix was released the next day.
A fairly simple workaround is to mount (or remount) /proc with the nosuid flag. That flag will prevent the setuid/setgid bits from having any affect for files on that filesystem. It should be noted that this workaround was the right thing to do for /proc all along; nothing good can come from allowing those bits to be used. Distributions should take a look at tightening these kinds of restrictions and help their users avoid these kinds of problems whenever possible.
Systems that have sufficiently restricted SELinux configurations were not affected by this vulnerability. For example, the targeted policy in enforcing mode that is the default for Red Hat Enterprise Linux 4 will not allow setting those bits on /proc files. In addition, kernels that did not have a.out support enabled would not be affected by this exploit, but there may be other ways to exploit the bug without using an a.out binary. Even so, this vulnerability is a good example of why it makes sense to disable unused functionality, even if it doesn't have any immediate security implications. Most currently-running Linux systems have probably never seen an a.out binary; they certainly do not need that format enabled in their kernels.
It is fairly common for local privilege escalation issues to be given insufficient attention by system administrators because their systems either have no login user accounts or trust the people who do have them. Unfortunately, there is often a significant risk even to those kinds of systems. All that it takes is an exploit in a web program or other network service that allows a malicious user to get a shell. That shell will be running with the permissions of the user that runs the exploited service ('apache' for example), but a privilege escalation can allow that limited shell access to become a full takeover of the box. Any network accessible system should be considered vulnerable to this kind of problem and be patched accordingly.
|Created:||July 17, 2006||Updated:||November 14, 2007|
|Description:||The ftdi_sio driver (usb/serial/ftdi_sio.c) in Linux kernel 2.6.x up to 2.6.17, and possibly later versions, allows local users to cause a denial of service (memory consumption) by writing more data to the serial port than the driver can handle, which causes the data to be queued.|
|Created:||July 17, 2006||Updated:||July 21, 2006|
|Description:||It was discovered that a race condition in the process filesystem can lead to privilege escalation.|
|Created:||July 19, 2006||Updated:||December 15, 2008|
|Description:||In pngrutil.c, the function png_decompress_chunk() allocates insufficient space for an error message, potentially overwriting stack data, leading to a buffer overflow.|
|Created:||July 13, 2006||Updated:||August 2, 2006|
|Description:||The libtunepimp tag parser has multiple buffer overflow vulnerabilities. If a user can be tricked into opening specially crafted tagged multimedia files, arbitrary code can be executed with the user's privileges.|
|Created:||July 13, 2006||Updated:||November 6, 2006|
|Description:||libwmf, a library that is used for processing Windows MetaFile vector graphics files, has an integer overflow vulnerability.|
|Created:||July 17, 2006||Updated:||July 19, 2006|
|Description:||Russ Allbery discovered that rssh, a restricted shell, performs insufficient checking of incoming commands, which might lead to a bypass of access restrictions.|
|Created:||July 18, 2006||Updated:||July 19, 2006|
|Description:||vixie-cron has a directory permission issue, the cron spool directories had the wrong permissions and have been changed to 0700. The security implications of the previous permissions are unspecified.|
|Created:||July 19, 2006||Updated:||August 7, 2006|
|Description:||Webmin before 1.290 and Usermin before 1.220 calls the simplify_path function before decoding HTML, which allows remote attackers to read arbitrary files.|
|Package(s):||wireshark||CVE #(s):||CVE-2006-3627 CVE-2006-3628 CVE-2006-3629 CVE-2006-3630 CVE-2006-3631 CVE-2006-3632|
|Created:||July 19, 2006||Updated:||August 16, 2006|
|Description:||Wireshark (formerly Ethereal) reports numerous vulnerabilities in versions 0.8.16 up to and including 0.99.0.|
|Created:||July 13, 2006||Updated:||August 9, 2006|
|Description:||Zope version 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 has a privilege escalation vulnerability related to its failure to deactivate the raw command. Remote users with privileges to edit zope pages with RestructuredText can cause arbitrary files to become exposed.|
Page editor: Rebecca Sobol
Brief itemsreleased on July 15. This release fixes some problems caused by 126.96.36.199, which, in turn, fixed a local root vulnerability in the /proc filesystem code. 188.8.131.52 and 184.108.40.206 were also released with the same fixes.
The current 2.6 prepatch is 2.6.18-rc2, released by Linus on July 15. It contains a large number of fixes and the per-task delay accounting patch set. See the long-format changelog for the details. Once -rc2 came out, the merging of patches into the mainline came to a halt for the Kernel Summit and the Ottawa Linux Symposium.
The current -mm tree is 2.6.18-rc1-mm1. Recent changes to -mm include Atmel architecture support and a lot of fixes.
Kernel development news
|The group photo is available in medium and high resolution.|
The 2006 Linux Kernel Summit was scheduled for its traditional time: the two days prior to the opening of the Ottawa Linux Symposium. Also following tradition, LWN editor Jonathan Corbet, a member of the Summit program committee, was there and taking notes.
Discussions held during the first day of the Kernel Summit include:
In summary: in your editor's opinion, this was one of the more successful kernel summits. The discussions were energetic and interesting, the topics covered were relevant, and some real decisions were made. While there are always improvements which can be made, it seems that the kernel process is functioning well and the developers are, for the most part, working well together. Things are going relatively smoothly, so the summit did as well.noted the introduction of a new project led by Matt Mackall to help trim the fat from a bulging Linux kernel: the TinyLinux project. In a paper presented the 2004 Ottawa Linux Symposium Mackall explained that much code had been added over the years to the kernel to improve performance for certain classes of hardware but that, over time, this code had become less helpful with newer hardware and in some cases even caused performance degradation.
The solution was to provide a mechanism to remove features from the kernel that were unnecessary for certain classes of hardware, making the kernel smaller and more suited to certain environments. This includes embedded devices like those in the consumer electronics market but also older systems (like 386-based hardware and handhelds) which typically have tighter resource restrictions (less memory, smaller caches, reduced storage, and so forth). To this end, Mackall created the TinyLinux project which provides a set of patches (or one giant patch) aimed at making various features in the kernel optional as a way of reducing the size of the kernel.
Mackall's project based on his original paper is called TinyLinux, and is also known as the -tiny tree. It consists of a number of small patches allowing users to disable various features that otherwise might not be configurable. This includes items like switching from the SLAB allocator to a more space-efficient version called SLOB, configurable IDE and serial PCI hardware support, optional support for asynchronous I/O, sysfs and vm86, and minimizing VT support. There are also patches for debugging with netconsole, kgdb and kgdb-over-ethernet.
TinyLinux comes as a set of patches. Users are free to pick and choose which patches they want to apply to the kernel source. Alternatively they can use a monolithic patch that applies all of the TinyLinux features to the source. Once the patches are applied, TinyLinux features can be enabled under the "General Setup->Configure standard kernel features" menu that is displayed with "make menuconfig".
The goal of the project has always been to build a modern kernel that will run in as little as 2MB of RAM. That includes console, disk and network support. Guidelines set by Mackall for the project include:
Once the selected patches have been applied the configurable options will be found under the General Setup page in the kernel config menu (re: make menuconfig). At the bottom of this page is an option labeled "Configure standard kernel features (for small systems)". This option, which is the CONFIG_EMBEDDED option in the kernel config file, must be set in order to reach the next level menu where the TinyLinux options live.
There are 80 patches in the 2.6.14 release for TinyLinux which add a much smaller set of configurable kernel options. Some of the more interesting options include the following (listed with the menuconfig label followed by the kernel config file option in parenthesis):
Enabled accounting of kmalloc/kfree allocations (CONFIG_KMALLOC_ACCOUNTING)
This patch adds accounting features for kmalloc/kfree calls. While not meaningful in itself for reducing kernel image sizes or runtime memory allocation, this patch can be useful in helping to track down memory leaks and abusers of dynamically allocated memory. The patch adds a /proc/kmalloc entry that can be read to find kmalloc/kfree usage statistics. See the LWN announcement of this patch from 2005 for more details.
BUG() support (CONFIG_BUG)
This patch isn't in the 2.6.14 patch set. It was originally delivered in early 2005 and has since been rolled into the kernel mainline. The config option removes all the kernel BUG and WARN messages. It is said to trim about 35k off the typical kernel as well as make the system slightly faster.
Enable ELF core dumps (CONFIG_ELF_CORE)
This patch allows removing of the code that handles ELF core dumps. Small systems don't tend to need ELF core dumps because there probably isn't any way for the consumer to view the dump, nor do you usually want the consumer to see it. The config option, if not set, strips a large chunk of lines from the fs/binfmt_elf.c file.
Enable inline measurement (CONFIG_MEASURE_INLINES)
When enabled produces data during a kernel compile that can be saved to a file and processed by the count-inlines script to show the number of code instantiations. This option counts instantiations by marking the inline functions as deprecated. If you set this, be prepared for a very verbose build output.
Number of swap files log2 (0 => 1, 5 => 32) (CONFIG_MAX_SWAPFILES_SHIFT)
This sets the maximum number of swap files that can be configured. The value is log2 so 0 means 1 swap file and the maximum, 5, means 32 swapfiles. The old default is 5, and that's the same setting if this option is not changed.
Use full SLAB allocator (CONFIG_SLAB)
If this is not set, then -tiny replaces the advanced SLAB allocator and it's associated kmalloc support with a simpler system called SLOB. From the original post for SLOB from Matt:
SLOB is a traditional K&R/UNIX allocator with a SLAB emulation layer, similar to the original Linux kmalloc allocator that SLAB replaced. It's significantly smaller code and is more memory efficient. But like all similar allocators, it scales poorly and suffers from fragmentation more than SLAB, so it's only appropriate for small systems.
Use mempool allocator (CONFIG_MEMPOOL)
Mempools were an early part of the 2.5 tree that were introduced as part of the (then) new block I/O layer. The goal was to provide a solution to prevent deadlocks for memory requests that had to succeed but could not sleep. For some small system configurations preallocating pools of memory could be considered both unnecessary and a waste of limited resources. However, the introduction of this option raised some interesting concerns over whether mempools really reduced deadlock to zero to begin with and that removing mempools completely might ensure that deadlocks were guaranteed to occur. In any case, use of this option can help with small memory systems but be aware that even Matt has said that "deadlock odds are significantly higher with some usage scenarios."
TinyLinux was last updated for the 2.6.14 kernel. To find out if these patches really worked to reduce the image size and let the kernel run in as little as 2MB of memory, I experimented with the -tiny patches with this kernel. First, I compiled the kernel for my Via EPIA-M kernel and a stripped down Busybox initramfs that simply booted into a shell prompt.
I then applied the TinyLinux monolithic patch. The kernel built from this is based on the the configuration options specified on the CE Linux Forum page about using TinyLinux. This page is not quite in sync with the latest TinyLinux so I had to modify their suggestions slightly.
The compiled kernels are compressed to boot on the test board. The compressed files show roughly 410KB are saved in the TinyLinux image:
mjhammel(tty3)$ l linux-2.6.14* -rw-r--r-- 1 root root 1550312 Jun 25 23:09 linux-2.6.14-via -rw-r--r-- 1 root root 1139708 Jun 26 22:08 linux-2.6.14-tinylinux
To find out if TinyLinux really helped, we can first check to see if the text, data and bss sizes in the images changed significantly. The size-delta script (from the CE Linux Forum) program can read the uncompressed Linux kernel images and compare how much of an impact TinyLinux is having:
$ size-delta vmlinux.via vmlinux.tinylinux vmlinux.via => vmlinux.tinylinux text: 2695282 2050286 -644996 -23% data: 440124 229107 -211017 -47% bss: 178912 129976 -48936 -27% total: 3314318 2409369 -904949 -27%
As you can see, the final configuration produces up to 27% reduction in size compared to the original Via configuration.
But the things that the TinyLinux patches really affect can only be seen when you check runtime memory usage. The best way to see how the kernel looks at boot time is to check dmesg for the memory usage line. I booted the Via kernel (sans TinyLinux patches) first and checked it's usage:
% dmesg | grep Memory Memory: 4028k/8192k available (2179k kernel code, 3756k reserved, 727k data, 160k init, 0k highmem)
Then I tried the TinyLinux kernel. There is a minor problem with using dmesg here. In the config for this kernel, as suggested by the CE Forum configurations, I disabled the printk()'s using a TinyLinux option, but dmesg needs those printk()'s. Turning printk()'s back on increases the memory usage for the kernel. It's a tradeoff that is required to make it easy to see the changes in memory usage at runtime.
The TinyLinux kernel produced this line at boot time:
% dmesg | grep Memory Memory: 4028k/8192k available (1794k kernel code, 3072k reserved, 484k data, 136k init, 0k highmem)
The "reserved" number is the amount of memory the kernel has taken out of circulation before anything starts running - it includes the "kernel code" amount and various other things. Both kernels were booted with mem=8M. The TinyLinux kernel saved about 400k in kernel code and close to 700k in reserved memory.
To see if I could use other options (not listed in the CE Forum suggestions) to get the kernel smaller, I tried the following:
Disabled these: - Enable panic reporting code - Enable various size reductions for networking - Enable ethtool support - Enable device multicast support - Enable inline measurement Enabled these: - Optimize for size
The results were even better:
% dmesg | grep Memory Memory: 5016k/8192k available (1526k kernel code, 2768k reserved, 464k data, 126k init, 0k highmem)
This produced a savings of nearly 1M. And I haven't even tried to strip the kernel of unnecessary drivers yet.
If you want to get more into it, have a look at /proc/slabinfo. It contains the system slab caches and how much memory is committed to each. This is low-level grungy information, but part of what -tiny does is to try to reduce the size of many of the slabs. The "slab" line in /proc/meminfo gives a total of the memory consumed by slabs. For the last kernel I built, meminfo showed a Slab value of 796kB. On the original kernel this value was 872kB.
The latest TinyLinux patch set works with the 2.6.14 kernel. Many features from Linux-tiny have already been integrated into the 2.6 mainline kernel and Mackall is in the process of trying to clean up what's left for final merging.
Mackall stated at a CELF presentation that TinyLinux wasn't helping much anymore. Additionally, he wasn't getting a lot of feedback or contributions to the project, making his efforts to create new TinyLinux releases for new kernel releases all the harder. According to Mackall, the problem might have been his quick, early success with the project:
Mackall is in the process of rolling most of the patches into the mainline.
What else can you do to reduce kernel size? The CE Linux Forum Open Test Lab offers resources for working with system size. Some suggestions include the use of SquashFS and CramFS for using extremely compact ramdisk based root filesystems. This is a subject I'll take up in my next article on Embedded Linux.
One area not discussed in the use of smaller network stacks, such as the uIP stack. Such solutions are not for the novice systems integrator, however, and go way beyond simple patching and recompiling of the kernel. So, caveat developer.
In the next installment of this series I'm moving past the kernel and up to the root filesystem. The root filesystem is necessary not only to boot but to get access to the applications you're inevitably going to run on your small system. Keeping the root filesystem small involves a mixture of special build tools and utilities along with clever kernel modules. I'll be looking at BusyBox, compressed filesystems like SquashFS and the special UnionFS filesystem.
Patches and updates
Filesystems and block I/O
Virtualization and containers
Page editor: Forrest Cook
News and Editorialsdiscovered that gluck.debian.org had been compromised. Several Debian services, hosted on gluck, were unavailable while that machine was taken offline for examination and reinstall. Other debian.org machines were also locked down until the vulnerability could be found and fixed.
This issue exists in Linux kernels from 2.6.13 and up to 220.127.116.11, or in 2.6.16 up to 18.104.22.168. Debian Sarge uses Linux kernel 2.6.8 and is not affected.
New Releasesannounced the release of SUSE Linux Enterprise 10. "We're extremely proud and excited to provide the latest and most innovative Linux desktop and server technology to our customers, said Jeff Jaffe, executive vice president and chief technology officer for Novell. We also look forward to showing the world the capabilities of SUSE Linux Enterprise 10 in August at LinuxWorld, as we address the pressing needs of today's IT executives by being first to deliver fully supported Linux innovations such as Xen virtualization, exceptional performance and scalability, application-level security, and improved desktop usability." (Thanks to Stephan Binner.) has been announced, along with a name change. "We'll rename SUSE Linux into openSUSE. With current naming we experienced confusion internally and externally between the project openSUSE and the distribution created there. And especially with the new naming of our Linux business products (SUSE Linux Enterprise 10) the differentiation between our business products and community/consumer product is not intuitive. Therefor the upcoming community/consumer version will be named openSUSE 10.2. We'll implement first name changes with Alpha 3 starting directly after Alpha 2 and will have a fully renamed distribution with Beta 1 in Nov." The new images incorporate installation changes, new kernels, and all package updates released as of July 12. If you have already installed rPath Linux 1, you should update your current system using Conary rather than reinstall using the new images. In this update, additional image types are now available for use with VMWare, QEMU, and other emulation technologies. A "live" or "demo" CD image is included as well." Dzongkha Localization Project has released a complete localized version of Debian GNU/Linux 3.1. From the press release (click below): "The Bhutan Department of Information Technology chose Debian for its high versatility and reliability as well as the guarantee to always remain 100% Free Software. DzongkhaLinux developers have already contributed back their translations and development (fonts, input methods...) to both Debian and end-user applications, such as GNOME, OpenOffice.org and the Mozilla." DHORUBA is a complete rebuild and modular rewrite of the whole system, enhanced for full usability and open for developers to join maintenance. Recent versions of audio and video tools provide a fully featured multimedia studio out of the box, ready for being employed at home, in classrooms and in media centers." looks at the first beta of Freespire Linux. There are two editions of Freespire, one that includes proprietary codecs, drivers and applications "for an enhanced, "out-of-the-box" user experience" and the Freespire OSS Edition which contains only open source software. i just finished uploading the 3rd release candidate of what has been decided to be ROCK 3. If no more show-stopper bugs are found, i'd tag in subversion and release this as -final as soon as th agrees, then the feature-freeze can be lifted and all the cool new stuff applied."
Distribution NewsThe PTS will be used to relay informations from derivative distributions. Therefore, a new keyword "derivatives" has been implemented. By default, a PTS subscriber won't receive the messages associated to this keyword unless he has already manually activated the "cvs" keyword (i.e. the set of users having the "derivatives" keyword has been initialized as the set of users having the "cvs" keyword because those people can read patches and are most probably interested in them)." This new program provides a forum for communication between the women of Fedora, and it will eventually offer additional support to the women that help make Fedora what it is." Also the fedora-women-list mailing list is now available, as is the #fedora-women IRC channel on freenode. OSCON (July 24-28) is invited to visit the Fedora Project in the .org pavilion. The Fedora Project will also be running a Birds of a Feather session. Tao Linux project is shutting down. Tao Linux users are encouraged to switch to CentOS. reports that the Upstream Version Freeze is on schedule. "This means that we will no longer automatically import unchanged source packages from Debian, and that syncs or uploads of new upstream code require freeze exceptions. The usual exceptions apply where our release cycle is coordinated with upstream (e.g. GNOME, and projects developed within Ubuntu)."
The Knot 1 Freeze is the first milestone freeze of the Edgy Eft cycle. "Once Knot-1 is released, the freeze will be lifted again and we will be in UpstreamVersionFreeze doing regular feature development."popcon.ubuntu.com. the wiki.
Distribution NewslettersFedora Weekly News looks at FC6 test2 freeze slipping by a week, Packaging Committee Information, How was NECC 2006?, SELinux blocks local privilege escalation vulnerability, Linux Magazine: AppArmor vs SELinux, New Linux Hardware Compatibility List Launches, and several other topics. Gentoo Weekly Newsletter for July 17, 2006 covers VDR project seeking help, developer of the week - Jason Wever, conference information, and much more. DistroWatch Weekly for July 17, 2006 is out. "As you may recall, Ladislav is on vacation in Fiji. When he asked if I'd like to write DistroWatch Weekly in his absence, I admit I was a bit intimidated. So, be gentle with me kind readers, it's my first time. In the news section the big news this week was Novell's decision to rename SUSE Linux to openSUSE, a Debian server was hacked, and PCLOS is still logo shopping. Released this week was BLAG Linux and GNU 50000, PC-BSD 1.2, and SUSE Linux 10.2 Alpha 2. This week we are presenting an in-depth interview with our own "keeper of the record." Oh, and as Ladislav always says, "Happy reading!""
Package updatesqt (bug fixes), mc (bug fixes), kdelibs (bug fixes), anthy (new upstream release), kasumi (bug fix), flex (bug fixes), selinux-policy (not specified), util-linux (bug fixes), createrpo (fiddle revision to build for FC5), quota (big fix), indent (add buildrequires makeinfo), sed (sync with devel branch), flex (bug fixes)system-config-kickstart (bug fix), perl-Net-IP (upgrade to upstream version 1.25), tog-pegasus (more upstream 2.5.2_APPROVED bug fixes), selinux-policy (bump for FC5), mailcap (add audio and video x-ms mime types), hplip (update to 1.6.6a), system-config-kickstart (bump release to fix updates), coreutils (update to 5.97), GFS-kernel (update to 2.6.17-1.2157_FC5), dlm-kernel (update to 2.6.17-1.2157_FC5), cman-kernel (update to 2.6.17-1.2157_FC5), gnbd-kernel (update to 2.6.17-1.2157_FC5), flex (reverted posix patch). conary, conary-build, conary-repository (Conary 1.0.23 maintenance release), latex2html (bug fix). change log says, "We *are* getting closer to 11.0, friends." A 22.214.171.124 kernel was followed by a 126.96.36.199 kernel in extras/ and there's a 188.8.131.52 kernel in testing. Other upgrades include samba, KOffice and lilo.
Newsletters and articles of interestintroduces Will Woods. "Will Woods, the new test lead for the Fedora Project, has only been in his position a few weeks, but already he has a clear goal in mind. Whenever Fedora is mentioned on Slashdot, he notes, "There's always someone who will comment that Fedora is just Red Hat's beta test for Red Hat Enterprise Linux (RHEL). It's not true, and I want no one to have cause to say that ever again.""
Distribution reviewsreviews DesktopBSD. "Like PC-BSD, DesktopBSD provides many features that will allow a complete Unix novice to start using the operating system immediately. Those already familiar with FreeBSD and the KDE desktop will recognize the tools underlying the GUI conveniences." short review of Feather Linux. "As a live CD, Feather can accomplish a lot of tasks, such as performing backups of your existing hard drive files or recovering a misbehaving operating system. You can also boot with the "toram" option, which loads the CD to RAM, thus allowing you to eject the CD-ROM whilst improving the overall speed of the system. There are other possibilities as well, such as booting Feather from a USB stick, or from a multi-session CD, which allows you to add more packages to the live CD, in effect creating your own customized Feather CD." reviews SLED 10. "The newest SUSE Linux Enterprise Desktop, version 10, is so close to being done that you can almost taste it. Novell released the gold master last week to its partners, and the server version, SLES (SUSE Linux Enterprise Server), based on the same code, is also almost ready for release. This is an early review of the new version of SLED 10 (SUSE Linux Enterprise Desktop)." reviews the Sams Publishing's Linux Starter Kit. "Sams Publishing's Linux Starter Kit bundles a SUSE Linux 10.1 DVD, a searchable SUSE reference manual in PDF, and a paperback Quick Start Guide together in one $40 package. Here is a look inside. Since SUSE 10.1 has already been reviewed extensively, and is not the product of Sams' efforts, I will dispense with reviewing directly. It is worth examining Sams' choice of distributions, however. SUSE is a good choice because -- despite being historically a KDE distro -- since its acquisition by Novell, it has elevated GNOME desktops to more-or-less equal status."
Page editor: Rebecca Sobol
DevelopmentRosegarden is a MIDI sequencer application for Linux that has been under development for a number of years. The Freshmeat listing shows the initial project registration on May, 1998. The project went through a branch/rewrite, the original version was renamed X11-Rosegarden and the new Qt-based version was named Rosegarden 4. The current project description states:
The Rosegarden online tour explains the capabilities of the software. Rosegarden features include:
The latest version of Rosegarden is available for download here, it is a good idea to review the minimum system requirements for hardware selection and supporting software before installing the software.
If you are looking for a capable MIDI sequencer, give Rosegarden a try.
Audio ProjectsThe 0.7 development series of Beast focusses on improving usability and ease of music production. Feedback is very much appreciated, please take the opportunity and provide your comments and questions in online forums like the Beast Help Desk, Beast Bugzilla or the mailing list, all of which can be reached through http://beast.gtk.org/." This release finally handles the packet disordering UDP does. Thus high channel counts can now be achieved. However a 24ch in/out link over 100Mbit gave me a major "net xrun" storm on vanilla 2.6.15 kernel. At a roundtrip latency of 2.9ms that is. It was reliable with 5.8ms. 16 channels gave me some "net xruns", which i could not hear though. i expect this performance to increase when using an rt-kernel with the network-irq set to rt-prio. So please report back."
Clusters and Grids2.0.6 has significant bug fixes and enhancements making it a worthwhile upgrade for anyone running R2 CRM-style configurations, or who want to."
Database SoftwareHampusDB is a flexible and efficient hybrid database, a mixture of a filesystem and a database. The aim is to fill the gap when storing data in a relational database is to rigid and storing data in textfiles is too cumbersome. A typical example would be XML, configuration or heirarchical data."
Librarieshas been released. "Release 3.9.1 fixes a bug in the GIF plugin. This bug may cause FreeImage to crash on some malformed GIF files, so that an update is highly recommended."
For some history on Wireshark, see this recent LWN interview with developer Gerald Combs.
Securityis out with a bug fix. "BlockSSHD protects computers from SSH brute force attacks by dynamically blocking IP addresses by adding iptables rules."
Web Serviceshas been announced. "The main aim of this release has been to improve the functionality of the WSML Text Editor and Reasoner Views with respect to syntax completion. In the previous release only keywords where recommended and this keyword recommendation was not sensitive to the current location in the document. This release sees the addition of full context sensitive syntax completion."
Miscellaneousis available. "Smbind-0.4.4 has been released. Smbind is a PHP-based tool for managing DNS zones for BIND via the web. Supports per-user administration of zones, error checking, and a PEAR DB database backend. This is a bugfix release."
Business Applicationshas been announced. "This is a new release of OpenWFE, an open source java workflow engine / environment. It is a complete Business Process Management suite, with 4 components : an engine, a worklist, a webclient and an 'apre' (Automatic Participant Runtime Environment). OpenWFE 1.7.1 brings two new features : decision tables and generic (regex) users. Decision tables are excel tables used to modify workitem fields. Generic users is a new technique for managing users and their task lists."
Desktop EnvironmentsThis is our fourth development release on our road towards GNOME 2.16.0, which will be released in September 2006. GNOME 2.15.4 has some rough edges but you should definitely try it to see how well it works." 2.15.x has been especially rough on all of us due to the API/ABI changes. We are finally beginning to see the light. With a two day delay to fix all kinds of build and dependency issues throughout the entire GNOME stack, GNOME 2.15.4 finally got ready to be released today. Given that work and the fact we are getting closer to the various freezes in the unstable branch, we are heading straight towards feature complete, stable and usable apps again -- ready for all your smoketesting pleasure."
Desktop PublishingThis is a bug fix release that improves performance, stability and native OS support."
Mail Clientscovers a new release of the Evolution email client. "Philip Van Hoof wrote: "Here are the patches to get the upstream version of evolution-data-server and evolution-exchange to start using the mmap technique for loading the header and content info summary data of Evolution and tinymail. I expect it to reduce memory usage of Evolution with approximately fourty to sixty megabytes of ram, depending on the amount of folders you have.""
Music Applicationsis available. "We have released TuxGuitar-0.7, a multitrack guitar tablature editor and player written in Java-SWT, It can open GP3,GP4 and GP5 files. Changes: A score viewer was added. A transport was added. A clone track option was added. An option to move a track up and down was added."
Office Applicationshas been released. "This is a maintainance release of eGroupWare, a multi-user, web-based groupware suite developed on a custom set of PHP-based APIs. Currently available modules include: email, addressbook, calendar, infolog (notes, to-do's, phone calls), content management, forum, bookmarks, and wiki. Release 1.2-104 contains no new features, only bugfixes. Every productional system should get updated to this version."
Office Suiteshas been announced. "The KOffice team today released the second bug-fix release in their 1.5 series. Several crash bugs were fixed, as well as a PowerPC issue in Krita and of course many smaller issues. There are also updated languages packs and a totally new language: Traditional Chinese."
Video ApplicationsOpen Movie Editor is available. "Open Movie Editor is designed to be a simple tool, that provides basic movie making capabilities. It aims to be powerful enough for the amateur movie artist, yet easy to use." See the status page for the project state.
Languages and Tools
LispThis version features better ANSI compliance, improved I/O functionality and performance, a new argument for SAVEINITMEM, and more. CLISP is one of the most popular and actively maintained open-source Common Lisp implementations."
Cross CompilersSmall Device C Compiler, is available. "SDCC is a Freeware, retargettable, optimizing ANSI - C compiler that targets the Intel 8051, Maxim 80DS390, Zilog Z80 and the Motorola 68HC08 based MCUs. Work is in progress on supporting the Microchip PIC16 and PIC18 series. The entire source code for the compiler is distributed under GPL."
Page editor: Forrest Cook
Linux in the news
Recommended Readingfinds an allegory for the world of free software in the movie "Brazil". "The world depicted in a different movie, "Brazil", is similar to that of Matrix in that it is governed by controlling self-interest. Freedom, as in free speech, is a partial cure for controlling self-interest, which is what makes the concept of free software superior to any other type of software. But there's more to free software than concept. There's implementation. And that's where free software sometimes gets into trouble with self-interest." an essay that looks at software evolution from a biological point of view. "If the software performed better--in the sense that an organism had more reproductive success--the changes might become incorporated into the genome across an entire species. This was only a metaphor, but it was a powerful one. One example of its power is the rise of genetic algorithms. Rather than trying to find a perfect solution to a problem--the ideal shape for a plane, for example--genetic algorithms create simulations and tweak them through a process that mimics evolution. The algorithm can seek out good solutions very effectively. This sort of evolution resembles old-fashioned, closed-source software. All of the innovations happen in-house--that is, within a single species." (Thanks to Martin Michlmayr.)
The SCO Problemanalyzes SCO's new redacted version of its Objections to Order Granting in Part IBM's Motion to Limit SCO's Claims. "Note as I do with a smile number 2 on the list, where Sontag's statement was that they had compared the Linux kernel and System V and found "many instances where our proprietary software has been simply copied and pasted or changed in order to hide the origin..." SCO then states in the Appendix: This is an accurate statement of comparison work performed by SCO in advance of public statements. There are in fact instances in which SCO's proprietary System V code was simply copied and pasted into the Linux kernel or associated libraries that were then included in a Red Hat distribution. Items Nos. 183, 184, 272. Ah! Weasel! Thy name is SCO. Hint to nongeeks: the libraries they are talking about are not part of the Linux kernel."
Companiesreports on Google's joining with the ODF Alliance. "To Google's recent purchase of Writely, a Web-based word processor; the creation of Google Spreadsheet; and the release of Google Calendar, you can now add impending broad support for the ODF (Open Document Format) to Google's online office moves. During the 4th of July week, Google quietly joined the ODF Alliance. The Alliance seeks to promote and advance the use of ODF." reports on Red Hat's moves into the world of Telecom. "Linux leader Red Hat is aggressively pushing its Linux solutions into the telecom space with a series of new partner initiatives. One part of the push is Red Hat's partnership with IBM and HP, which is intended to produce a hardware and software combination targeted at carrier-grade deployment. The other part is Red Hat's Telecommunications Partner Program, which is about driving both awareness and adoption of Red Hat-based carrier-grade solutions and platforms." covers the reappearance of RidgeRun. "RidgeRun, a stalled start-up focused on Linux development for Texas Instruments (TI) dual-core (RISC/DSP) processors, has re-launched. The new RidgeRun will offer Linux, Windows, and RTEMS BSPs (board support packages), drivers, application development, and software integration services for ARM-based processors from multiple vendors, including TI. Todd Fischer, who directed engineering for the old RidgeRun, will provide technical leadership for the new RidgeRun as well. Other principals include Clark T. Becker, former CTO of Best Buy, and Michael Frank, a former Best Buy GM."
Linux Adoptionreports on the use of Mandriva Linux by the Moroccan Ministry of Agriculture. "The Ministry of Agriculture, Rural Development and Sea Fisheries (MARDSF), one of the first Moroccan government departments to take advantage of free software, has just signed a contract with Liberty Tech to migrate all its servers to Mandriva Linux. Technical support will be handle by Mandriva and Liberty Tech via a yearly subscription to the Mandriva Corporate Club."
Linux at Worklooks at open source software in the health care industry. "It is important to recognize that a wide range of OSS solutions are already in use in health care, generally consisting of technical tools and business applications - Linux, Apache, Open Office, mySQL, FireFox, and other fairly well known products. In addition, there are a large number of health care specific OSS solutions that have also been developed and are being widely deployed, such as OSCAR, FreeMed, MedLine, BLAST, Epi-X, SaTScan, VistA, and many more." (Found on LinuxMedNews) reports on the Japanese Choromet robot project. "Four companies in Japan have created a low-cost, user-programmable humanoid robot targeting educational and research applications. The HRP-2m Choromet uses technology from Japan's National Institute of Advanced Industrial Science and Technology (AIST), and is user-programmable thanks to open software running on a user-space real-time Linux implementation. The Choromet stands about 13-3/4 inches tall, and is capable of walking upright on two legs. It can also assume supine or prone positions, and stand up from either."
LegalFlorian Mueller, the founder of the award-winning NoSoftwarePatents campaign that helped to defeat the EU software patent directive last year, was one of the speakers at the hearing. He said in his speech that the EPLA "is just another attempt to give software and business method patents a stronger legal basis in Europe than they have now. [...] From a software patents point of view, the EPLA would have far worse consequences than the rejected patentability directive would have had: not only would software patents become more enforceable in Europe but also would patent holders in general be encouraged to litigate."" reports on a new copyright law in France. "The French law on authors' rights orders the creation of a new regulatory authority to ensure companies using DRM respond to requests for interoperability information. DRM technology developers may prevent publication of source code based on the information they disclose if they can show that it hurts their system's security. That's bad news for programmers wanting to distribute alternatives under an open-source licence, said noted free software campaigner Richard Stallman. "If they are allowed to provide such information under NDA, then it would not be possible to develop free software using the information," since the NDA - or nondisclosure agreement - would forbid publication of the source code, Stallman said at a conference in Paris on Monday." (Thanks to Max Hyre.) looks at GPL compliance and the derivative distribution. "The article revealed that many distributions' maintainers were erroneously assuming that they did not need to provide source repositories for packages they did not modify, so long as the original upstream distribution did provide the source code. This responsibility is by no means new, but seems to have been widely overlooked. David Turner, GPL compliance officer at the Free Software Foundation, suggested that these distros might come into compliance by making some arrangement with the upstream supplier." looks at source distribution compliance for the GPL v2, and how it could change in GPL v3. "The goal of the GNU GPL is to ensure that all users have the four essential freedoms -- (0) to run the program, (1) to study and change it, (2) to redistribute it, and (3) to distribute modified versions. Access to the source code is essential for freedom 1 and freedom 3. Thus, we designed the GNU GPL to insist that all redistributors make the source code available to their users. This requires them to do a little extra work, but that work is generally necessary for the sake of the users' freedom. Keeping source code conveniently and reliably available for the users is more important than saving distributors a little effort." covers a debate over network neutrality between Vinton Cerf and David Farber. "What Farber is most worried about, he said, is poorly drafted legislation that would leave regulation of the Internet open to broad interpretations that could lead to unintended restrictions on the use of the Internet . He said that regulators, in an attempt to somehow make the Internet more fair, could actually end up restricting access. "The network never has been a fair place," he said. Cerf responded, saying that the Internet flourished when common carriage rules applied, but Farber argued that such regulation could become a slippery slope if Congress gets involved."
Interviewshas announced a new People Behind KDE series interview. "Today on People Behind KDE we introduce you to Ellen Reitmayr, one of KDE and OpenUsability.org's top usability experts. Ellen has done a lot to help the usability of Kontact and other applications but is now focusing on a consistent user experience for the whole KDE desktop. In her interview we get to find out about her "denkbrett" and "liebsters"." interviews the JRuby development team. "Alternative Ruby implementations seem to be on the move throughout the Ruby community. JRuby is the furthest along at this point, so I decided to talk to Charles Nutter and Thomas Enebo, two of the principal programmers on the project. Read on to hear what they have to say about Ruby, JRuby, and the art of re-implementing Ruby." talks with Martin Michlmayr. "In the last two years, Martin Michlmayr has gone from serving as Debian Project Leader to studying for a doctorate at the Centre for Technology Management, University of Cambridge. His dissertation, tentatively titled "Quality Improvement in Volunteer Free Software Projects: Exploring the Impact of Release Management," is sponsored by Google, Intel, and other companies with an interest in free software development. Michlmayr told NewsForge he sees the need for quality assurance as the price that many projects must pay for their popularity and growing maturity. However, in order to perceive this need correctly, he believes, projects need to take a revised look at the familiar dichotomy of the cathedral and the bazaar."
Resourcesa pair of videos on Ubuntu package management. "The first video in this pair shows you how to update all the software in your Ubuntu GNU/Linux installation in a single, big gulp. The second video shows you how easy it is to install and remove software with the Synaptic Package Manager." an article on using NFS across multiple operating systems. "The first thing that comes to most sysadmins' minds when they hear about file and print services in mixed Windows and Linux environments is probably Samba, but you can also make a rock-solid system for sharing resources via NFS on the *nix platform and DiskShare on Windows. What's wrong with Samba? Nothing. I use DiskShare on Windows instead of Samba's SMB/CIFS sharing because I need a fileshare on Windows storage (SAN) to be accessible by Solaris clients, and unfortunately there is no SMB/CIFS support in the Solaris kernel yet." covers data security in LAMP applications. "An often overlooked aspect in the LAMP application solution is the protection of the application and configuration data. This article examines how to use available open source tools to protect the LAMP application data. The security aspects of the application data and securing the LAMP application servers is beyond the scope of this article. It is also important to test the data recovery scenarios before the actual need arises." covers a new web site that aims to be a directory of open source projects. "While other open-source databases offer this to some degree, many times developers are left wondering about licensing, Collison said. Accordingly, Ohloh also lists the licenses held for the open-source project, as well as a link to the full text of each license. (The name Ohloh refers to a cry of enlightenment in Buddhism and also the name of the first surfboard in Hawaii.)" looks at using LastFMProxy with Last.fm. "In "Last.fm makes Internet music social," Dmitri Popov extols the wonders of Last.fm, a "social" music site that lets users create Internet radio stations that fits their tastes. Last.fm provides a free player for Linux, but if you want to use Last.fm with your favorite Linux player, you'll need the LastFMProxy written by Vidar Madsen." looks at WPA2. "Wi-Fi Protected Access version 2 (WPA2) is becoming the de facto standard for securing wireless networks, and a mandatory feature for all new Wi-Fi products certified by the Wi-Fi Alliance. We all know the security weaknesses of its predecessor, WEP; this time they got it right. Here's how to implement the WPA2 protocol on a Linux host and create a secure wireless access point (WAP) for your network."
Miscellaneouscovers some changes to the LGPL license, as told by Richard Stallman and Eben Moglen at the GPLv3 conference in Barcelona, Spain. "Instead of being a separate license, the LGPL will be the GPL with additional privileges, a kind of template of what additions should be. First Stallman: One of the nice things this has enabled us to do is: we have been able to rewrite the Lesser GPL - the GNU LGPL - so that it uses this clause. The GNU Lesser GPL will not have to restate most of the things in the GPL, it will say it's the GNU GPL plus these added permissions. One of the other benefits we get from this is that we make it clear that any time someone adds extra permissions on top of the GNU GPL, that when you modify the program you can take off those added permissions. You can release your version under the strict GPL and nothing more."
Page editor: Forrest Cook
Non-Commercial announcementsThe Free Standards Group (FSG), a nonprofit organization dedicated to developing and promoting open source software standards, today announced Linuxprinting.org, the de facto standard repository for printer drivers on Linux, is merging with the FSG's OpenPrinting workgroup and will be integrated and supported in the Linux Standard Base (LSB). The result will be easier and standardized printing functionality on Linux and an ease of support for Linux and printing vendors and makes the Free Standards Group the central organization for printing on Linux and open source Unix." has announced the first Season of KDE event, which takes place from July 10 - November 11, 2006. "The first Season of KDE has started. The Season of KDE is a follow-up project to Google's Summer of Code, giving all the applications that did not make it into the final selection a chance to be implemented anyway. We are happy to announce that 14 students have agreed to work on their projects even without the financial support from Google." a request for hardware funds. "It's hot and you're melting? The KDE.org hardware infrastructure owned by KDE e.V. is melting as well! Out of the desperate need to upgrade our current disk RAID, we need new hard drives. If you have visited bugs.kde.org any time the last couple of months, you've noticed that this site often responds extremely sluggish. To improve the situation, we need to employ a new server, but need some more money for the hard drives for this beast!"
Commercial announcementsannouncement about its Lustre File System. "(CFS), announced that its Lustre(R) File System has established a world leadership position in High Performance Computing (HPC) in the area of parallel, scalable cluster file systems. With the most recent release by the TOP500 Supercomputer Sites, it was confirmed that the highest-ranked supercomputers in North America, Europe and Asia rely on Lustre technology to meet their requirements for scalability and high performance." announced a partnership with XenSource Inc. "Microsoft Corp. and XenSource Inc. today announced they will cooperate on the development of technology to provide interoperability between Xen(TM)-enabled Linux and the new Microsoft(R) Windows(R) hypervisor technology-based Windows Server(R) virtualization. With the resulting technology, the next version of Windows Server, code-named "Longhorn," will provide customers with a flexible and powerful virtualization solution across their hardware infrastructure and operating system environments for cost-saving consolidation of Windows, Linux and Xen-enabled Linux distributions." announced the appointment of Colin Hope-Murray as its Linux User Advisory Council director for Europe, the Middle East and Africa. "Hope-Murray will focus OSDL's EMEA efforts with a specific emphasis on the requirements of Linux and open source users. Europe is considered a spawning ground for Linux and open source projects. With projects such as Linux, Mandriva, MySQL, Trolltech and many others rooted in Europe, the region is in a position to drive new business opportunities around these technologies. Hope-Murray will help facilitate user discussions that bring potential obstacles to the surface and help drive solutions." "VMware, an independent subsidiary of EMC with separate sales, marketing and R&D, grew total Q2 revenues 73% year-over-year to $157 million, its highest growth rate in five quarters. VMware now has an annualized run rate of $630 million."
Contests and AwardsCLAM is an open-source C++ framework for doing research and application development in the audio and music domain. It offers a conceptual model for audio systems, a repository of processing algorithms, data types, and tools , as well as applications for analysis, synthesis and processing of audio signals. These features can be exploited to build cross-platform applications or to build rapid prototypes." has been announced. "OpenWengo Code Camp is a friendly, challenging and mind-stimulating contest aimed at pushing open source software projects forward. Students apply for proposed software development subjects for which they have a particular interest in. These subject proposals describe ways to bring enhancements to existing or new FOSS projects, generally by writing source code."
Education and CertificationTimeSys(R) Corporation, the leading developer service provider for the embedded Linux market, announces the next series of embedded Linux webinars, available beginning mid-July. The latest series will cover topics ranging from testing and validation features available for LinuxLink subscribers to advice on some great projects in the open source community targeted directly at embedded developers."
Calls for Presentations
Upcoming Eventsannounced the LinuxWorld Healthcare Day, which will take place at the upcoming LinuxWorld Conference and Expo in San Francisco, CA. "Linux World is hosting a Health Care day organized by OSDL.org on August 15. This is shaping up to be a key event on open source and health care -- a focused opportunity to absorb the latest info on this wave of the future, a less expensive and safer way to go." call for participation for the Siggraph 2006 graphics conference. The event will be held on August 1-3, 2006 in Boston, MA. "The Blender Foundation, the GNOME Foundation (including the GIMP) and the Uni-verse consortium have partnered together to organize a presentation of Free and Open Source software for the entire Computer Graphics creation pipeline. We will have a 30'x20' island stand in the main aisle of the Siggraph 2006 conference." announced the WebGUI Users Conference. The event will take place in Las Vegas, NV from September 13-15, 2006. WebGUI is an open-source content management system.
|July 20 - 22, 2006||Ottawa Linux Symposium 2006(OLS 2006)||Ottawa, Canada|
|July 22 - 23, 2006||LugRadio Live||(Wolverhampton University)Wolverhampton, UK|
|July 24 - 28, 2006||O'Reilly Open Source Convention(OSCON 2006)||Portland, Oregon|
|July 29 - August 3, 2006||Black Hat USA 2006 Briefings and Training||(Caesars Palace)Las Vegas, NV|
|July 30 - August 3, 2006||SigGraph 2006||(Boston Convention and Exposition Center)Boston, MA|
|August 4 - 6, 2006||DEF CON 14||(Riviera Hotel)Las Vegas, NV|
|August 4 - 6, 2006||Wikimania||(Harvard Law School)Cambridge, MA|
|August 4 - 6, 2006||Vancouver Python Workshop||Vancouver, BC, Canada|
|August 8 - 10, 2006||Flash Memory Summit||(Wyndham Hotel)San Jose, CA|
|August 14 - 17, 2006||LinuxWorld San Francisco 2006||(Moscone Center)San Francisco, CA|
|August 14 - 17, 2006||ApacheCon Asia||(Trans Asia Hotel)Colombo, Sri Lanka|
|August 17 - 18, 2006||Python for Scientific Computing(SciPy2006)||(Caltech)Pasadena, CA|
|August 18 - 19, 2006||The Ubucon Conference||(Google headquarters)Mountain View, CA|
|August 28 - 31, 2006||Bellua Cyber Security Asia 2006||(Jakarta Convention Center)Jakarta, Indonesia|
|September 11 - 13, 2006||OpenOffice.org Conference(OOoConf 2006)||Lyon, France|
|September 12 - 15, 2006||php|works/db|works 2006||Toronto, Canada|
|September 13 - 15, 2006||2006 WebGUI Users Conference||(The Vegas Club Hotel and Casino)Las Vegas, NV|
|September 14, 2006||NLUUG najaarsconferentie 2006||(De Reehorst)Gelderland, The Netherlands|
|September 14 - 16, 2006||Wizards of OS 4 - Information Freedom Rules||Berlin, Germany|
Web sitesJimmy Wales of wikipedia fame has started campaign.wiki http://campaigns.wikia.com/wiki/Campaigns_Wikia. While the overall site is still developing its primary goals (ie whether the site is for campaigners to develop better ways of getting to the public, or whether the publi[c] are discussing issues to add real content to [there] is the beginning of a DMCA discussion. The page has been trolled and vandalised already, and is locked. So I am posting to the discussion page to request that the information be updated."
Audio and Video programsare available. has announced the availability of new audio interviews. "At the recent KDE Four Core meeting Aaron Seigo interviewed a number of the developers. You can hear them now on the new KDE://radio (listing) site. Subscribe to the podcast feed in Ogg or MP3. The interviews cover the new liveui framework, Akonadi PIM Storage Service, the Human Interface Guidelines and many more."
Page editor: Forrest Cook
Letters to the editor
|From:||"Michael K. Johnson" <johnsonm-AT-rpath.com>|
|Date:||Thu, 13 Jul 2006 16:46:14 -0400|
In regards to http://lwn.net/Articles/190385/, we are providing an
updated advisory which radically revises the description of the
vulnerabilities and upgrades the rating.
I am concerned (and I with others have raised this concern on
vendor-sec) that there has been a tendency in advisories to label
almost any bug as a potential privilege escalation, and I fear that
doing so whenever no one is confident that the bug cannot lead to
a privilege escalation will lead to lack of attention paid to the
cases where there is a known privilege escalation vulnerablity,
due to alert fatigue.
Our approach is intentionally not to artificially inflate advisory
ratings, and to release updated advisories whenever appropriate.
It is always possible that in the human process of evaluating
severity, we will mis-judge any particular vulnerability. When we
do so, our policy is to release advisory updates, as we would for
any other significant mistake in an advisory. (This will be our
sixth advisory update for any reason, out of 126 released advisories
for rPath Linux 1.) The change in status itself should help avoid
the alert fatigue problem for users of rPath Linux.
Least importantly, your complaint about nominal version numbers
really doesn't apply to our advisory. It is specifically about
previous versions of the kernel package we provide, not previous
versions of the kernel. That distinction is both key to Conary
technology (we do not use version number ranking within Conary) and
also the reason that we consistently use wording such as "previous
versions of ... package" in our advisories. Our advisories are
not meant to cover software outside our repositories; the generic
descriptions of vulnerabilities is properly done within the CVE
system, not in vendor-specific advisories.
Thank you for recognizing that we did at least publish the
original advisory and update in a timely manner, and for your
continued intelligent and insightful coverage of Linux generally.
|From:||"Jay R. Ashworth" <jra-AT-baylink.com>|
|Subject:||Yeah, a letter to the editor|
|Date:||Thu, 13 Jul 2006 18:07:14 -0400|
Think about this, folks:
What would we do if Microsoft released IE7.0 simultaneously...
for Windows 2K/XP, OS/X and Linux?
And was 100% ALA/Zeldman compliant?
Jay R. Ashworth firstname.lastname@example.org
Designer Baylink RFC 2100
Ashworth & Associates The Things I Think '87 e24
St Petersburg FL USA http://baylink.pitas.com +1 727 647 1274
Fanfic: read enough, and you'll loose your mind. --me
|From:||"Floris Kraak" <randakar-AT-gmail.com>|
|To:||"Ken Brown" <kebrown-AT-nvidia.com>, "Derek Perez" <dperez-AT-nvidia.com>, "Andrew Fear" <afear-AT-nvidia.com>|
|Subject:||Open letter to nVidia: Please open source the legacy nVidia video drivers|
|Date:||Tue, 18 Jul 2006 13:18:02 +0200|
Greetings, The issue I am about to discuss has been talked about before. The linux community has asked nVidia for open source video drivers in the past and most likely will again. nVidia so far has consistently said 'no', citing various reasons*. It is my belief many of those reasons are invalid when it comes to drivers for cards older than two years**. The so called 'legacy' drivers. Allow me go through the arguments one by one. 1) 'the graphics market is hotly competitive .. [we] want to maintain the proprietary, trade-secret nature of [the drivers] as long as possible' (ATI quote) This argument does not apply for legacy drivers. If you still have a trade secret in a graphics card driver two years after it's released the competition is simply not doing it's job. So far the evidence suggests otherwise. 2) 'It's so hard to write a graphics driver that open-sourcing it would not help' (quoting Andrew Fear) That statement is just not true - neither the linux nor the X community can be accused of not writing high quality, highly complex software. It can be said*** that the reverse is true - it is so hard to write a graphics driver that keeping it closed will hurt. It is certainly not true for legacy drivers, where the development effort largely consists of keeping them working as new kernel versions appear. This effort would be considerably easier if these drivers were to be part of the mainline linux kernel. 3) 'customers aren't asking for open-source drivers' I'm a customer. I'm asking. With me there are tens of thousands of linux enthousiasts who are asking. In fact large government institutions such as the Department of Defense**** are asking too. Given the current growth figures for Linux, Firefox and other open source software I think it's safe to say pressure from real customers will only grow with time*****. 4) Third-party intellectual property. This may be the only reason I cannot argue against, simply because I cannot argue against something if I don't know details about it. All I can say is that nVidia appears to have stated in the past that this was not a major obstacle. Even if it is an obstacle for some parts of the code then nVidia may still be in a position to release partial drivers, old libraries or even specs for the older cards. Having countered the arguments against opening up legacy drivers I want to make a case in favor of it. There are several reasons why nVidia would benefit from opening up their legacy drivers. a) Costs. It can easily be argued that opening up the legacy drivers will shift some of the maintenance burden of those drivers to the Linux community, freeing up development resources inside the company. b) PR. nVidia will be lauded for doing the right thing, for showing vision. It would probably be hailed as a victory for the open source community and as such generate a fair amount of positive press. c) Higher quality drivers. The open source community has long maintained free software is higher quality software. Undoubtedly the peer review process that is part of the linux development model will help improve the drivers. Finally, I call upon nVidia to put it's money where it's mouth is. Andrew Fear said****** "We believe in open source where it makes sense". It makes sense here. I call upon nVidia to follow up on that statement. *) A short list of them, and some debuking can be found here: http://lwn.net/Articles/180633/ **) Needless to say I am in support of Open Sourcing the graphics drivers of all major players entirely. But I am not making an argument for that here. ***) "On binary drivers and stable interfaces", discussing why keeping a driver closed source hurts development. http://lwn.net/Articles/159313/ ****) Department of Defense report "recommends that the DoD move to a roadmap to adopt open source and open standards, maintaining that such a move is not only in the US national interest, but in the interests of US national security." http://www.businessreviewonline.com/os/archives/2006/07/o... *****) Also interesting is the fact that graphics cards get compared on how well they support Linux nowadays: http://tomshardware.co.uk/2006/07/12/geforce_and_radeon_t... ******) "We believe in Open Source when it makes sense." http://www.zdnetasia.com/news/software/0,39044164,3935258... Regards, Floris Kraak --- "Any technology distinguishable from magic is insufficiently advanced." --- Corollary to Clarke's Law
Page editor: Forrest Cook
Copyright © 2006, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds