LWN.net Weekly Edition for December 14, 2006
Playing with the OLPC
The One Laptop Per Child project is likely to be familiar to most LWN readers by now. An important milestone on this project's plan for the creation of low-cost educational systems is the production of "BTest-1" systems. The project has manufactured on the order of 1000 laptops and distributed them to testers worldwide as a way of, hopefully, shaking out the remaining hardware issues and making a start on the software side of the equation. Some systems have even been shipped to Microsoft so that some sort of Windows port can be done; this move has upset some OLPC supporters, but when the designers of the laptop said they planned to make a 100% open system, they meant it.Your editor was lucky enough to receive one of these systems, after having been put through the indignity of seeing everybody else's "I got my laptop" posts first. There has not been a great deal of time to play with it yet, but your editor has had the chance to form some first impressions. The OLPC XO (or whatever it is eventually called) is going to be a nice system.
Back in July, we interviewed Jim Gettys about this system; one of the questions we asked was how they planned to keep adults from stealing the laptops from the children for their own purposes. Jim answered:
Even with this in mind, most people who see an OLPC for the first time are
surprised by just how small it is. Understanding sets in for real when one
attempts to use the keyboard; the small keys will work for a small child,
![[OLPC layout]](http://wiki.laptop.org/go/Image:Drawing75c.jpg)
but, for your fat-fingered editor, it is very much a hunt-and-peck device.
There will be very few adults who will be able to type comfortably on this
system. With the size of the device and its bright colors, they will also
look decidedly silly in the attempt. This machine is clearly for kids.
Another way to make adults look silly is to hand the laptop to one of them and suggest that they open it. Your editor has performed this experiment several times now, and has not yet seen anybody succeed. Most people try pushing on the green square that looks like a latch, but which is, in reality, the hinge. The secret is to lift up the two "ears," which happen to be the wireless network antennas, and open the top toward the handle. Anybody attempting to use a crowbar should be stopped immediately.
The display can rotate 180 degrees and be closed over the keyboard, putting the device into "ebook" mode. There is no touchscreen on the device, so the only controls available in this mode are the eight buttons (four arrows and four which, for now, look like Sony game controller buttons) next to the display.
On the software side, the test system is running a pared-down version of the Fedora Core distribution. The kernel is essentially 2.6.19-rc2 with a fair set of patches (some since merged into the mainline) to support the OLPC hardware. Many of the basic utilities are there, and there is a Python interpreter available. But anybody looking for a C compiler, OpenOffice.org, emacs, Wesnoth, etc. will not find them. The system has little space (512MB of flash storage) and even less memory, so a lot of larger applications will never find space there.
The BTest-1 release notes make it clear that the process of putting together the software is just beginning; the focus, until now, has been on getting the hardware working. So many of the provided "activities" are present only in a preliminary form, and others are not there at all yet. It is not, according to the release notes, time to test the device on children (though your editor's children disagree rather strongly). Certainly the adults are starting to have fun with the system; your editor was gratified by this brief posting on video conferencing on the OLPC using the telepathy package.
Running software on the test system drives home a point the project has been making for some time: much of the software we run now is far too bloated and slow. With a suitable amount of attention to resource use, the OLPC hardware is powerful enough to accomplish a wide variety of tasks - web browsing, document editing, video conferencing, and more. But, with the wrong software, the system will just sit there and thrash. So one of the primary goals for the OLPC software team in the coming months will be to put the system's applications on a diet until they fit comfortably on this small system. This work will benefit us all in the end; some of the work aimed at slimming down the Gecko rendering engine can already be found in Firefox 2.
Beyond that, however, this project is setting up to put millions of Linux-based laptops into the hands of children worldwide. These systems will include mesh networking and cameras; this is a combination which is likely to lead to interesting things to see on video sharing sites - and serious news channels. The laptop will be wide open, with the "view source" functionality built in. There are many people who question this project and whether the countries involved might better spend their resources on clean water, sanitation, and so on. Those are legitimate questions which cannot be simply brushed off. But one should also consider what those kids will be able to do given better access to knowledge, communications, and a platform they can hack to their own ends. It is going to be interesting to watch.
The next document format battleground
Recent weeks have seen a great deal of debate over Microsoft's OpenXML document format. This format, which is headed for standard status, is a complex beast. Some have questioned whether it will ever be able to create independent implementations of OpenXML which are truly interoperable with each other. Others ask whether it is right for the free software community to even try. To many members of our community, the right path is to encourage the use of OpenDocument, which already has standard status and implementations in free software. Why get onto another document format treadmill when a better solution is already available?These questions are valid, they deserve full consideration. But they may also, to an extent, be missing the real point. It is entirely possible that the document format battles are done; even if OpenXML is not a perfect standard, it is far more open than its predecessors. While Microsoft is not inclined to make life easy for those who would interoperate with its file formats, the company may well have realized that obscure formats have outlived their usefulness as a way of maintaining desktop domination. This might just be a battle we have won, even if the victory is rather more messy than we would like.
Before we charter an aircraft carrier for our "mission accomplished" party, however, it is worth reflecting on different forms this fight could take in the future. Cory Doctorow gave us a good hint in this InformationWeek article on "information rights management." IRM is a feature touted by Microsoft for a few years now which has the potential to complicate life considerably in the future.
IRM offers some interesting features to people who are worried about the information they put into their documents, presentations, and spreadsheets. With IRM, the document owner can specify exactly who can read a particular file, and under what conditions. Access can have an expiration time attached to it - or it can be revoked at any time. Actions like printing can be restricted. For anybody who feels the need to control information, these features cannot fail to be appealing.
But these features only work if the client plays along, and free software clients have not always distinguished themselves in this area. Or, rather, they have distinguished themselves very well by serving the needs of their users. Even if a programmer implements the "this document can only be printed once" flag, somebody else, perhaps after having lost their one printing opportunity to a particularly nasty paper jam, will hack it out. Clearly, Microsoft must prevent the creation of free applications which can read IRM-protected documents or it will be unable to live up to the promises it has made for that technology.
Microsoft has a couple of weapons at its disposal (beyond pure obscurity) which can be used against any potential free IRM implementation. One is the DMCA, which, in the US (and countries which have implemented similar laws), can be employed against those who bypass access restriction mechanisms. Anybody who posted code that, say, allowed the user to cut and paste text out of an IRM-protected document would likely face an unpleasant reception in the US. They would be in a situation much like that faced by Dmitry Sklyarov, who bypassed similar restrictions in PDF files, a few years ago.
Of course, the Sklyarov case did not necessarily work to Adobe's advantage in the end, and Microsoft might wish to avoid a similar storm of bad publicity. So, as Cory's article points out, Microsoft might pursue a different option: the use of the trusted computing module (TPM) increasingly being built into new computers. With the remote attestation feature of the TPM, it is possible to refuse to pass decryption keys to any system which cannot be shown to be running approved software. This system would be quite tight and hard to defeat - it might just work. And it would no longer matter how "open" the document format is.
The full remote attestation scenario requires the cooperation of the entire system, starting with a "secure" BIOS which initializes the TPM properly. Most systems do not currently operate in this mode, so the realization of this threat will not happen in the immediate future. One should not, however, forget that the TPM has been designed to support just this mode of operation. It does not take all that much paranoia to imagine that these capabilities will not go unused forever. "Trusted computing" has yet to touch most of us, but we ignore it at great risk. Among other things, it could make the current discussion of open document formats entirely moot.
Steps in the Fedora transition
The recent Fedora Summit reached a number of conclusions about the future of the project. These include the elimination of the distinction between Fedora Core and Fedora Extras and the extension of the support period for Fedora releases to approximately 13 months. Since then, various parts of the project have tried to figure out what is really going to happen. It is beginning to appear that a few things, at least, are coming into focus.When changes of this magnitude are in store, one's thoughts immediately turn to the most important topic: what will be the project's new name? Quite a few possibilities were discussed, including Fedora Union (not everybody liked the acronym) and Fedora Freedom (which, it seems, brings unwelcome associations with "freedom fries" to a fair number of people). After weeks of discussion, it would appear that people are converging on (...drum roll...) "Fedora." Who would have guessed?
So when will the next Freedom Fries Fedora release be?
According to a recently-posted schedule
proposal, Fedora 7 will come out on April 24, 2007. That
date seems to be driven by the Red Hat Summit, which starts on May 9;
the Fedora folks would like to have something to show off at that event.
On this schedule, the first test release would be on January 30, just
before the next FUDcon, which appears set for February 2 to 4.
Assuming the schedule does not slip, it should be possible to hand out
Fedora 7 disks to Red Hat Summit attendees.
The only problem is that Fedora schedules have been known to slip at times. This realization has led to a discussion on what went wrong, and how schedule slips might be avoided this time around. There were a number of issues that came up toward the end of the Fedora Core 6 effort, some of which would have been hard to anticipate and avoid. One of the biggest issues, however, was the fact that Xen didn't work. Fedora kernel maintainer Dave Jones has some choice words about Xen, along with a grim prognosis about the potential for future problems. It rather appears that Fedora might be best served by dropping Xen altogether, but that is unlikely to happen in the short term. Red Hat Enterprise Linux needs to have Xen (after all, Novell ships it), and Fedora is where these technologies get much of their early testing.
That said, there seems to be a fair amount of sympathy for the idea of simply dropping features with problems that threaten to delay the release. Hopefully the Fedora developers won't have to make any such choices this time around, but, should something come up, it will be interesting to see how they respond.
Another open question is what happens to the Fedora Legacy project. Nobody has really taken the step of officially shutting it down. Jesse Keating has walked away from it, however, and few people seem to see much reason for keeping it going. There are users who would like to see more than 13 months of security support for Fedora releases, but the subset of those users who are willing to help Fedora Legacy provide that support is quite small.
Meanwhile, the project did (on December 12) put this note onto its web page:
Given that the project only managed one Fedora Core 4 update ever, one could argue that the situation has not changed much. But at least it is now clear. What is less clear is how the various hosting companies which offer Fedora Core 4 servers have kept them secure so far, and what they intend to do now.
Finally, the project still has not come to a final resolution on what to do about RPM. The subject was apparently discussed at the December 12 board meeting, but no communications are, as of this writing, available. With luck, we'll hear from the project on this topic before too long. Infrastructure like RPM is too important to leave in a limbo state for this long.
Security
Another kernel core dump security issue
When a security bug is found in the kernel, a patch is usually available within hours; the kernel developers rightly take these things very seriously. Once the patch is available, the stable team typically releases a new kernel within a week or so and this is one of the big advantages of open source. Once in a while, however, a bug that has been fixed previously can creep back into the source, open or closed, and is known as a 'regression'. This week's 2.6.19.1 kernel release has a fix for something that looks an awful lot like a regression, but technically is not.
Back in July, LWN described a security problem in the then-current 2.6.17 kernel. The issue was that local users could configure their processes to write core dump files in directories that they did not have write permissions for. As the article described, this could be trivially exploited for local privilege escalation; in short, a local root hole.
This bug was fixed by the following patch:
--- a/kernel/sys.c
+++ b/kernel/sys.c
@@ -1983,7 +1983,7 @@ asmlinkage long sys_prctl(int option, un
error = current->mm->dumpable;
break;
case PR_SET_DUMPABLE:
- if (arg2 < 0 || arg2 > 2) {
+ if (arg2 < 0 || arg2 > 1) {
error = -EINVAL;
break;
}
which prevented processes from setting the dumpable flag to two. That flag
governs whether core dumps are produced by the process; the special
value of two reflects an ability to dump core with root privileges, quite
possibly to directories that the user cannot normally write to. The code
did guard against overwriting existing files, for security reasons, but
did not consider the implications of allowing user processes to effectively
write anywhere.
The code which handles the dumpable flag lives in fs/exec.c in the aptly named do_coredump() function:
if (mm->dumpable == 2) { /* Setuid core dump mode */
flag = O_EXCL; /* Stop rewrite attacks */
current->fsuid = 0; /* Dump root private */
}
and further down, flag is used as part of the filp_open() call:
file = filp_open(corename, O_CREAT|2|O_NOFOLLOW|O_LARGEFILE|flag, 0600);
At the end of September, a patch by Andi Kleen was applied to allow core dumps to be piped to a userspace process. This patch had been, according to Andi, "hanging around for a long time" and lacked the flag in the call to filp_open(). The patch made it into 2.6.19-rc1 kernel and from there into 2.6.19.
The impact of the bug is relatively low as a root user would have to set the dumpable flag to two via /proc/sys/fs/suid_dumpable. This would allow user processes to write core dumps anywhere, which is as designed, but also would allow them to overwrite existing files, which is not. It probably is not very common that admins need to configure things that way, but it certainly is not completely outside the realm of possibility either.
As described in the patch, Alexey Dobriyan used a list of warnings gathered from compiling the kernel. The warnings were grepped for 'was set but never used' and the first entry in the list pointed to this problem. The kernel produces enough warnings that problems like this tend to be obscured in a sea of bogus or overly picky warnings.
This particular bug is not technically a regression as there never was a bug that allowed this behavior until it was introduced in the patch. It has been assigned CVE-2006-6304 (as of this writing, it is just a reserved CVE with no information).
It is great to see folks scrutinizing warnings and looking for bugs in the kernel, this is just the kind of thing that the 'many eyes make all bugs shallow' theory is referring to. It would be nice to see a kernel regression test suite that contained test cases for bugs that have previously been fixed as that kind of thing might have caught this bug. It is a difficult problem, however, and keeping up with the number of bug fix patches would be daunting. Perhaps a regression suite that focused on security fixes would be a good place to start.
New vulnerabilities
clamav: missing sanity checks
| Package(s): | clamav | CVE #(s): | CVE-2006-5874 | ||||||||
| Created: | December 11, 2006 | Updated: | December 14, 2006 | ||||||||
| Description: | Stephen Gran discovered that malformed base64-encoded MIME attachments can lead to denial of service through a null pointer dereference. | ||||||||||
| Alerts: |
| ||||||||||
enemies-of-carlotta: input sanitizing
| Package(s): | enemies-of-carlotta | CVE #(s): | CVE-2006-5875 | ||||
| Created: | December 13, 2006 | Updated: | December 13, 2006 | ||||
| Description: | It would seem that enemies-of-carlotta, a mailing list manager, does not check email addresses before passing them to a shell. | ||||||
| Alerts: |
| ||||||
gnupg: stack overwrite
| Package(s): | gnupg | CVE #(s): | CVE-2006-6235 | ||||||||||||||||
| Created: | December 12, 2006 | Updated: | March 13, 2007 | ||||||||||||||||
| Description: | A "stack overwrite" vulnerability in GnuPG (gpg) allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory. | ||||||||||||||||||
| Alerts: |
| ||||||||||||||||||
kdegraphics: stack overflow
| Package(s): | kdegraphics | CVE #(s): | CVE-2006-6297 | ||||||||
| Created: | December 12, 2006 | Updated: | January 13, 2007 | ||||||||
| Description: | A stack overflow in the KFILE JPEG (kfile_jpeg) plugin in kdegraphics3, as used by konqueror, digikam, and other KDE image browsers, allows remote attackers to cause a denial of service (stack consumption) via a crafted EXIF section in a JPEG file, which results in an infinite recursion. | ||||||||||
| Alerts: |
| ||||||||||
l2tpns: buffer overflow
| Package(s): | l2tpns | CVE #(s): | CVE-2006-5873 | ||||
| Created: | December 8, 2006 | Updated: | December 13, 2006 | ||||
| Description: | Rhys Kidd discovered a vulnerability in l2tpns, a layer 2 tunneling protocol network server, which could be triggered by a remote user to execute arbitrary code. | ||||||
| Alerts: |
| ||||||
libmodplug: boundary errors
| Package(s): | libmodplug | CVE #(s): | CVE-2006-4192 | ||||||||||||||||||||
| Created: | December 11, 2006 | Updated: | May 4, 2011 | ||||||||||||||||||||
| Description: | Luigi Auriemma has reported various boundary errors in load_it.cpp and a boundary error in the "CSoundFile::ReadSample()" function in sndfile.cpp. A remote attacker can entice a user to read crafted modules or ITP files, which may trigger a buffer overflow resulting in the execution of arbitrary code with the privileges of the user running the application. | ||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||
madwifi-ng: buffer overflow
| Package(s): | madwifi-ng | CVE #(s): | CVE-2006-6332 | ||||||||
| Created: | December 11, 2006 | Updated: | December 13, 2006 | ||||||||
| Description: | Laurent Butti, Jerome Raznieski and Julien Tinnes reported a buffer overflow in the encode_ie() and the giwscan_cb() functions from ieee80211_wireless.c. A remote attacker could send specially crafted wireless WPA packets containing malicious RSN Information Headers (IE) that could potentially lead to the remote execution of arbitrary code as the root user. | ||||||||||
| Alerts: |
| ||||||||||
ruby: denial of service
| Package(s): | ruby | CVE #(s): | CVE-2006-6303 | ||||||||||||||||
| Created: | December 7, 2006 | Updated: | December 21, 2006 | ||||||||||||||||
| Description: | The Ruby CGI library, cgi.rb, does not properly detect boundaries in MIME multipart content. A remote attacker can use this to cause a denial of service. | ||||||||||||||||||
| Alerts: |
| ||||||||||||||||||
squirrelmail: multiple cross-site scripting vulnerabilities
| Package(s): | squirrelmail | CVE #(s): | CVE-2006-6142 | ||||||||||||||||||||||||
| Created: | December 11, 2006 | Updated: | January 31, 2007 | ||||||||||||||||||||||||
| Description: | Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.0 through 1.4.9 allow remote attackers to inject arbitrary web script or HTML via the mailto parameter in webmail.php, the session and delete_draft parameters in compose.php, and unspecified vectors involving "a shortcoming in the magicHTML filter." | ||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||
Page editor: Jonathan Corbet
Kernel development
Brief items
Kernel release status
The current stable 2.6 kernel is 2.6.19.1, released on December 11. It contains quite a few fixes, including two for security-related problems.There have been no 2.6 prepatches over the last week as the 2.6.20 merge window is still open. Quite a few patches have found their way into the mainline git repository; see below for a summary.
The current -mm tree is 2.6.19-mm1. Recent changes to -mm include new debugging features for kmap_atomic(), the user-space driver framework, and a public-key transport mechanism for eCryptfs. Mostly, however, -mm has shrunk considerably as patches have moved into the mainline.
For older 2.6 kernels: Adrian Bunk has released 2.6.16.35 with a few dozen fixes (one security-related). He has also released 2.6.16.36-rc1 with a handful of patches.
Kernel development news
Quotes of the week
It comes down to a question of whether we have enough leverage to push them into doing what we want, or not - are we prepared to call their bluff?
The current half-assed solution of chipping slowly away at things by making them EXPORT_SYMBOL_GPL one by one makes little sense - would be better if we actually made an affirmative decision one way or the other.
-- Martin Bligh
I think I'd favour that. It would aid those people who are trying to obtain device specs, and who are persuading organisations to GPL their drivers.
Coming soon to a kernel near you
When last week's summary was written, the process of merging patches for 2.6.20 had just begun. Linus has been busy since then; some of the highlights of what has gone in appear below.User-visible changes include:
- The kernel can now operate with a 300Hz clock rate, which happens to
work well with both 25 frame-per-second and 30 FPS video.
- New drivers for the real-time clock on OMAP1 chips, the AES engine on
Geode LX processors, IBM GXT4500P display cards, DiBcom DiB7000M and
DiB7000P demodulators, Pinnacle 400e DVB-S USB receivers, Phillips
IP3204 I2C controllers, Atmel AT91 I2C controllers, Winbond W83793
hardware monitoring chips, National Semiconductor PC87427 hardware
monitoring chips, and Apple Motion Sensors.
The "usbvision" driver has been merged, adding support for "more than
50" USB video camera devices. Finally, your editor's drivers for the
"Cafe" camera controller and OmniVision OV7670 sensor (both used in
the OLPC system) have been merged.
- The kernel can now (on i386 systems) be built in an entirely
relocatable manner. This feature is most useful for people who
install a second kernel in memory to generate crash dumps.
- Support for the Liskov-Rivest-Wagner block cypher has been added.
- A large set of fixes and enhancements for the GFS2 filesystem have
been merged; these include support for TCP connections in the lock
manager.
- Support for I/O accounting has been improved. There is a new file
(/proc/pid/io) where a process's statistics may be
read (though the netlink-based taskstats interface remains the
preferred way to get this data).
- Support for Intel's hardware virtualization features (via /dev/kvm) has been merged.
Changes of note for kernel developers include:
- Attempts to build the kernel with gcc 4.1.0 will generate warnings,
since this compiler is known to make mistakes.
- Fixes for code broken by the workqueue changes continue
to find their way into the tree. If you have to deal with some of
this code, these
instructions may prove helpful.
- As if the workqueue changes were not enough, there is also now a
"freezable" workqueue type, being a workqueue which can be frozen
early in the suspend-to-disk process. These queues are created with
create_freezeable_workqueue(); there is no single-threaded
version available.
- There is also a new run_scheduled_work() function which will
cause a previously-scheduled work_struct to run
synchronously, assuming it has not already run elsewhere.
- The internal __alloc_skb() function has a new parameter,
being the number of the NUMA node on which the structure should be
allocated.
- The slab allocator API has been cleaned up somewhat. The old
kmem_cache_t typedef is gone;
struct kmem_cache should be used instead. The various
slab flags (SLAB_ATOMIC, SLAB_KERNEL, ...) were all
just aliases for the equivalent GFP_ flags, so they have been
removed.
- A new boot-time parameter (prof=sleep) causes the kernel to
profile the amount of time spent in uninterruptible sleeps.
- dma_cache_sync() has a new argument: the device
structure for the device doing DMA.
- The paravirt_ops code
has gone in, making it easier for the kernel to support multiple
hypervisors.
- The struct path
changes have been merged, with changes rippling through the
filesystem and device driver subsystems.
- The fault injection
framework has been merged.
- There is now a generic layer for human input devices; the USB HID code
has been switched over to this new layer.
- A new function, round_jiffies(), rounds a jiffies value up to
the next full second (plus a per-CPU offset). Its purpose is to
encourage timeouts to occur together, with the result that the CPU
wakes up less frequently.
- The block "activity function," a callback intended for the implementation of disk activity lights in software, has been removed; nobody was actually using it.
The merge window remains open, as of this writing, so expect a few more things to go in before 2.6.20 takes its final shape.
Kevent take 26
Some patches make it into the kernel in something very close to their original form. Others have to go through a few changes first. The all-time record for development iterations may be held by devfs; Richard Gooch had just released the 157th revision when this ill-fated subsystem was merged for 2.3.46. On that scale, Evgeniy Polyakov is just getting started with kevent take 26; even so, the process must be starting to seem like a long one.In this case, however, the long process can be seen as evidence that the system is working as it should. The kevent subsystem is a major addition to the Linux system call API. Once it goes in, it will have to be supported forever (to a finite-precision arithmetic approximation, at least). Adding a kevent interface with warts, or which does not provide the best performance possible, would be a serious mistake. Nobody wants to be faced with designing and implementing a new event interface in a few years while supporting the old one indefinitely. So it makes sense to go slowly and make sure that things have been thought out well.
The number of people posting comments on the kevent patches has been relatively small; for whatever reason, many normally vocal developers do not seem to have much to say on this new API. Fortunately, Ulrich Drepper (the glibc maintainer) has taken a strong interest in this interface and has pushed hard for the changes he thought were necessary. One gets the sense the Ulrich and Evgeniy have gotten a little tired of each other over the last month or so. But, to their credit, they have stuck to the task. As of this writing, Ulrich has not commented on the version of the API implemented in the "take 26" patch set. It does, however, clearly reflect some of the things he has been asking for.
While Evgeniy has been concerned with getting events out of the kernel, Ulrich has been worried about performance and robustness. So he wanted ways for multi-threaded programs to cancel threads at any time without losing track of which events have been processed. Whenever possible, he would like to be able to process events without involving the kernel at all. And he has pushed strongly for timeout values to be represented in an absolute format. Evgeniy has (a bit grudgingly, at times) addressed most of these wishes.
It is still possible to get a kevent file descriptor by opening /dev/kevent, though that is no longer the only way. The kevent_ctl() system call is still used for the management of events:
int kevent_ctl(int fd, unsigned int cmd, unsigned int num,
struct ukevent *arg);
With kevent_ctl(), an application can add requests for events, remove them, or modify them in place. There is a new KEVENT_CTL_READY operation which can be used to mark specific events as being "ready" and cause the kernel to wake up one or more processes waiting for events.
The synchronous interface has been changed slightly:
int kevent_get_events(int ctl_fd, unsigned int min_nr,
unsigned int max_nr, struct timespec timeout,
struct ukevent *buf, unsigned flags);
The difference is that the timeout value now is a struct timespec. That value is still interpreted as a relative timeout, however, unless flags contains KEVENT_FLAGS_ABSTIME. In the latter case, timeout is an absolute time, and the code will print a warning to the effect that Evgeniy was wrong in believing that nobody would ever want to use absolute times.
It is expected, however, that performance-aware applications will use the user-space ring buffer rather than the synchronous interface. That ring buffer is still set up with kevent_init():
int kevent_init(struct kevent_ring *ring, unsigned int ring_size,
unsigned int flags);
The file descriptor argument has been removed from this system call; instead, kevent_init() opens a new file descriptor and passes it back as its return value. Thus, there is no separate need to open /dev/kevent.
The kevent_ring structure has changed a bit since it was last discussed on this page:
struct kevent_ring
{
unsigned int ring_kidx, ring_over;
struct ukevent event[0];
};
The new ring_over value counts the number of times that the index into the ring has wrapped around. This parameter is used to ensure that the kernel and the application have the same understanding of the state of the ring buffer before allowing the application to mark events as being consumed.
Waiting for events to arrive in the ring is done with kevent_wait(), which now looks like this:
int kevent_wait(int ctl_fd, unsigned int num, unsigned int old_uidx,
struct timespec timeout, unsigned int flags);
Here, too, the timeout value is a struct timespec, and, once again, absolute timeouts must be marked with the KEVENT_FLAGS_ABSTIME flag. This call will wait until at least one event is ready, then copy up to num events into the ring buffer. The old_uidx is the index of the last event that the calling application knows about; if more events are added between when the application checks and when it calls kevent_wait(), that call will return immediately.
In older versions of the patch, there was no way to tell the kernel when events had been consumed out of the ring; one simply had to hope this had happened by the time the index wrapped around and events were overwritten. In the new version, instead, the application's current position is tracked, and the kernel should be occasionally informed when entries in the ring buffer are freed. That job is done with kevent_commit():
int kevent_commit(int ctl_fd, unsigned int new_idx, unsigned int over);
Here, new_idx is the index of the last event which has been consumed by the application. The value for over should be the ring_over field from the kevent_ring structure. If that value does not match what the kernel thinks it should be, the attempt to update the index will fail on the assumption that the calling process got scheduled out for a while and things happened while it was not looking. If this check were not made, confusion over index wraparound could cause events to be lost.
As of this writing, the most significant comment is that the name "kevent" suggests an in-kernel API. The commenter (Jeff Garzik) prefers a name like "uevent" (even though there is already a subsystem which returns "uevents" in the kernel). If that remains the most substantial criticism, the kevent code might find its way into the mainline long before Evgeniy breaks the devfs record.
Video4Linux2 part 4: inputs and outputs
| The LWN.net Video4Linux2 API series. |
In many cases, a video adapter does not provide a lot of input and output options. A camera controller, for example, may provide the camera and little else. In other cases, however, the situation is more complicated. A TV card might have multiple inputs corresponding to different connectors on the board; it could even have multiple tuners capable of functioning independently. Sometimes those inputs have different characteristics; some might be able to tune to a wider range of video standards than others. The same holds for outputs.
Clearly, for an application to be able to make full use of a video adapter, it must be able to find out about the available inputs and outputs, and it must be able to select the one it wishes to operate with. To that end, the Video4Linux2 API offers three different ioctl() calls for dealing with inputs, and an equivalent three for outputs. Drivers should implement all three (for each functionality supported by the hardware), even though, for simple hardware, the corresponding code can be quite simple. Drivers should also provide reasonable defaults on startup. What a driver should not do, however, is reset input and output information when an application exits; as with other video parameters, these settings should be left unchanged between opens.
Video standards
Before we can get into the details of inputs and outputs, however, we must have a look at video standards. These standards describe how a video signal is formatted for transmission - resolution, frame rates, etc. These standards are usually set by regulatory authorities in each country. There are three major types of video standard used in the world: NTSC (used in North America, primarily), PAL (much of Europe, Africa, and Asia), and SECAM (France, Russia, parts of Africa). There are, however, variations in the standards from one country to the next, and some devices are more flexible than others in the variants they can work with.
The V4L2 layer represents video standards with the type v4l2_std_id, which is a 64-bit mask. Each standard variant is then one bit in the mask. So "standard" NTSC is V4L2_STD_NTSC_M, value 0x1000, but the Japanese variant is V4L2_STD_NTSC_M_JP (0x2000). If a device can handle all variants of NTSC, it can set a standard type of V4L2_STD_NTSC, which has all of the relevant bits set. Similar sets of bits exist for the variants of PAL and SECAM. See this page for a complete list.
For user space, V4L2 provides an ioctl() command (VIDIOC_ENUMSTD) which allows an application to query which standards are implemented by a device. The driver does not need to answer those queries directly, however; instead, it simply sets the tvnorm field of the video_device structure with all of the standards that it supports. The V4L2 layer will then split out the supported standards for the application. The VIDIOC_G_STD command, used to query which standard is active at the moment, is also handled in the V4L2 layer by returning the value in the current_norm field of the video_device structure. The driver should, at startup, initialize current_norm to reflect reality; some applications will get confused if no standard is set, even though they have not set one.
When an application wishes to request a specific standard, it will issue a VIDIOC_S_STD call, which is passed through to the driver via:
int (*vidioc_s_std) (struct file *file, void *private_data,
v4l2_std_id std);
The driver should program the hardware to use the given standard and return zero (or a negative error code). The V4L2 layer will handle setting current_norm to the new value.
The application may want to know what kind of signal the hardware actually sees on its input. The answer can be found with VIDIOC_QUERYSTD, which reaches the driver as:
int (*vidioc_querystd) (struct file *file, void *private_data,
v4l2_std_id *std);
The driver should fill in this field in the greatest detail possible. If the hardware does not provide much information, the std field should indicate any of the standards which might be present.
There is one more point worth noting here: all video devices must support (or at least claim to support) at least one standard. Video standards make little sense for camera devices, which are not tied to any specific regulatory regime. But there is no standard for "I'm a camera and can do almost anything you want." So the V4L2 layer has a number of camera drivers which claim to return PAL or NTSC data.
Inputs
A video acquisition application will start by enumerating the available inputs with the VIDIOC_ENUMINPUT command. Within the V4L2 layer, that command will be turned into a call to the driver's corresponding callback:
int (*vidioc_enum_input)(struct file *file, void *private_data,
struct v4l2_input *input);
In this call, file corresponds to the open video device, and private_data is the private field set by the driver. The input structure is where the real information is passed; it has several fields of interest:
- __u32 index: the index number of the input the application is
interested in; this is the only field which will be set by user space.
Drivers should assign index numbers to inputs, starting at zero and
going up from there. An application wanting to know about all
available inputs will call VIDIOC_ENUMINPUT with index
numbers starting at zero and incrementing from there; once the driver
returns EINVAL the
application knows that it has exhausted the list. Input number zero
should exist for all input-capable devices.
- __u8 name[32]: the name of the input, as set by the
driver. In simple cases, it can simply be "Camera" or some such; if
the card has multiple inputs, the name used here should correspond to
what is printed by the connector.
- __u32 type: the type of input. There are currently only
two: V4L2_INPUT_TYPE_TUNER and
V4L2_INPUT_TYPE_CAMERA.
- __u32 audioset: describes which audio inputs can be associated
with this video input. Audio inputs are enumerated by index number
just like video inputs (we'll get to audio in another installment), but
not all combinations of audio and video can be selected. This field
is a bitmask with a bit set for each audio input which works
with the video input being enumerated. If no audio inputs are
supported, or if only a single input can be selected, the driver can
simply leave this field as zero.
- __u32 tuner: if this input is a tuner (type is set
to V4L2_INPUT_TYPE_TUNER), this field will contain an index
number corresponding to the tuner device. Enumeration and control of
tuners will be covered in a future installment too.
- v4l2_std_id std: describes which video standard(s) are
supported by the device.
- __u32 status: gives the status of the input. The full
set of flags can be found in the V4L2 documentation; in short,
each bit set in status describes a problem. These can
include no power, no signal, no synchronization lock, or the presence
of Macrovision, among other unfortunate events.
- __u32 reserved[4]: reserved fields. Drivers should set them to zero.
Normally, the driver will set all of the fields above and return zero. If index is outside the range of supported inputs, -EINVAL should be returned instead; there is not much else that can go wrong in this call.
When the application wants to change the current input, the driver will receive a call to its vidioc_s_input() callback:
int (*vidioc_s_input) (struct file *file, void *private_data,
unsigned int index);
The index value has the same meaning as before - it identifies which input is of interest. The driver should program the hardware to use that input and return zero. Other possible return values are -EINVAL (for a bogus index number) or -EIO (for hardware trouble). Drivers should implement this callback even if they only support a single input.
There is also a callback to query which input is currently active:
int (*vidioc_g_input) (struct file *file, void *private_data,
unsigned int *index);
Here, the driver sets *index to the index number of the currently active input.
Outputs
The process for enumerating and selecting outputs is very similar to that for inputs, so the description here will be a little more brief. The callback for output enumeration looks like this:
int (*vidioc_enumoutput) (struct file *file, void *private_data
struct v4l2_output *output);
The fields of the v4l2_output structure are:
- __u32 index: the index value corresponding to the output.
This index works the same way as the input index: it starts at zero
and goes up from there.
- __u8 name[32]: the name of the output.
- __u32 type: the type of the output. The supported output
types are V4L2_OUTPUT_TYPE_MODULATOR for an analog TV
modulator, V4L2_OUTPUT_TYPE_ANALOG for basic analog video
output, and V4L2_OUTPUT_TYPE_ANALOGVGAOVERLAY for analog VGA
overlay devices.
- __u32 audioset: the set of audio outputs which can operate
with this video output.
- __u32 modulator: the index of the modulator associated with
this device (for those of type V4L2_OUTPUT_TYPE_MODULATOR).
- v4l2_std_id std: the video standards supported by this
output.
- __u32 reserved[4]: reserved fields, should be set to zero.
There are callbacks for getting and setting the current output setting; they mirror the input callbacks:
int (*vidioc_g_output) (struct file *file, void *private_data,
unsigned int *index);
int (*vidioc_s_output) (struct file *file, void *private_data,
unsigned int index);
Any device which supports video output should have all three output callbacks defined, even if there is only one possible output.
With these methods in place, a V4L2 application can determine which inputs and outputs are available on a given device and choose between them. The task of determining just what kind of video data flows through those inputs and outputs is rather more complicated, however. The next installment in this series will begin to look at video data formats and how to negotiate a format with user space.
Patches and updates
Kernel trees
Architecture-specific
Core kernel code
Development tools
Device drivers
Filesystems and block I/O
Janitorial
Memory management
Virtualization and containers
Miscellaneous
Page editor: Jonathan Corbet
Distributions
News and Editorials
Ulteo Linux Sirius Alpha
In July of 1998 Gaël Duval sent LWN an announcement for a new distribution called Linux-Mandrake. It was based on Red Hat Linux 5.1 and KDE 1.0. The current Mandriva Linux is a much evolved descendant of Linux-Mandrake with influences from the acquisitions of Conectiva and Lycoris. Duval continued to work on the distribution until Last March, when he was laid off from Mandriva. Since then he's been working on a new distribution, Ulteo.Like its predecessor Ulteo strives to be an easy to use desktop distribution. The initial release of Ulteo Sirius Alpha 1 features KDE 3.5.2. GNOME and XFCE desktops will be available for the final release according to the roadmap.
Ulteo has borrowed heavily on Ubuntu/Kubuntu and Debian for this first release. The Ulteo-kde "Sirius" Alpha1 download is a single live CD with an install option, like Ubuntu. The website contains a A community forum and wiki and general discussion mailing lists are available in English, Spanish, French, German, Italian and Polish. The development list is English only, so far.
From the About Ulteo page:
Much more than a new technology, Ulteo is a new concept intended to empower people with a new and more simple way to use computers. More details of Ulteo's concept will be released along with the first beta of the software.
Ulteo intends to contribute a portion of its profits to humanitarian and ecological organizations. We believe that every company which benefits from the market place should help fight against child malnutrition and current ecological disasters.
After an afternoon of playing around on the live CD this distribution shows quite a bit of potential. Congratulations to the Ulteo team for a great first release.
New Releases
OpenPKG Enterprise 1 for Business Customers
OpenPKG GmbH has announced the availability of OpenPKG Enterprise 1 to business customers. "Supported are all common hardware architectures with ix86, AMD64 und SPARC processors and Unix derivates including FreeBSD, GNU/Linux distributions und Sun Solaris. OpenPKG Enterprise 1 ships with nearly 600 software packages, which especially contain the latest versions of popular Open-Source Software components - including Apache, GCC, MySQL, PostgreSQL, Samba, Perl, PHP, Python and many more."
Release of openSUSE 10.2
Last week we announced that openSUSE 10.2 was done. This announcement (click below) looks at download information and where to get box sets.pure:dyne EXTENDED PLAY 2.3.6 is out
pure:dyne is a community effort maintained by media artists for media artists. It is a customization of the dyne:II core for realtime audio and video processing. It comes optimized for software such as Jack, SuperCollider, Csound, Fluxus and of course Pure Data with a great collection of externals (PDP, PiDiP, Gem, GridFlow, RRadical, PixelTango...).Ulteo Sirius Alpha 1 available
Ulteo is the mysterious project being pursued by Gaël Duval since he left Mandriva. This project has just announced its first alpha release. It appears to be a Debian-based distribution with an emphasis on easy and automatic administration. "What this means is that for the next alpha release version, no installation will be needed. Simply rebooting the system will be enough to get the new features and bug fixes." The download mirror appear to not be up to the current level of traffic, so waiting a while might be in order.
Distribution News
Debian Etch frozen
The announcement has gone out: the distribution which will become Debian "Etch" has been frozen. At this point, only fixes for bugs will be allowed in as Etch gets closer to its release.Terra Soft Ships YDL v5.0 DVD Set
Terra Soft has announced shipment of Yellow Dog Linux 5.0 DVD sets for Playstation3. "Available now from the Terra Soft online Store, the 2 DVD set includes more than 2000 packages for a complete desktop, development, and server solution; a printed Guide to Installation, YDL sticker, and flexible flier."
New mailing list: ubuntu-devel-discuss
The ubuntu-devel mailing list is being split into two lists, ubuntu-devel and ubuntu-devel-discuss. If you are subscribed to ubuntu-devel today, you probably also want to subscribe to ubuntu-devel-discuss. Click below for details.
New Distributions
Ubuntu-based Pioneer Linux hits the net (DesktopLinux)
DesktopLinux.com covers the inaugural release of Pioneer Linux. "Pioneer Linux targets both new and experienced Linux users, the project team said in the release announcement. The product comes in two editions: as a freely downloadable live and installation CD; and as a commercial boxed edition that includes CrossOver Office and technical support."
Distribution Newsletters
Fedora Weekly News Issue 70
The Fedora Weekly News for December 11, 2006 covers Help Needed: Integration of Fedora Directory Server, Fedora 7 Theme Needs Your Help!, Mozilla Corp. to work more closely with Linux distributors, Zod LiveCD Beta Available, Linux For You December 2006 Articles, Fedora Ambassador's Day Daily Blogs and several other topics.Gentoo Weekly Newsletter
The Gentoo Weekly Newsletter for the week of December 4, 2006 covers Gentoo Linux on Playstation 3, SCALE 5X open registration, new user representative elected and several other topics.Ubuntu Weekly News #24
The Ubuntu Weekly Newsletter for December 3, 2006 covers Ubuntu Open Week's smashing success, Technalign and Ubuntu, LoCo news, upcoming meetings (including the recently scheduled Community Council Meeting), the Kurdish Ubuntu investigation, several X server-related specifications, and much more.DistroWatch Weekly, Issue 181
The DistroWatch Weekly for December 11, 2006 is out. "As hinted earlier, the new openSUSE 10.2 was released on time. One of the most popular Linux distributions on the market, the latest release appears solid and reasonably bug-free, at least compared to version 10.1. We'll take a brief look at the new release, comment on the project's association with Novell, and provide a few handy resources for extending the product. Also in this week's issue: Debian delays Etch, Ulteo releases Sirius, Mandriva prepares a cooker snapshot, and PC-BSD reaches the final round of testing before its updated stable release. Finally, don't miss the new commercial distribution by Technalign: Pioneer Linux."
Package updates
Fedora updates
Updates for Fedora Core 6: autofs (bug fixes), autofs (rebuild due to buildsystem failure), m17n-db (bug fix), bind (bug fixes), dhcp (upgrade to ISC dhcp-3.0.5), freeradius (bug fix), openssh (bug fixes), swig (update to 1.3.31), vino (don't cause high cpu load), pygtk2 (bug fix), pycairo (update to 1.2.6), gnome-pilot (update to 2.0.15), gnome-pilot-conduits (update to 2.0.15), nautilus-cd-burner (bug fixes), beagle (update to 0.2.13), screen (new version from upstream with IPv6 patch), at (daylight-savings fix), perl-Crypt-SSLeay (bug fixes), xorg-x11-drv-tdfx (update to 1.3.0), xorg-x11-drv-s3 (update to 0.5.0), xorg-x11-server (bug fix), grep (bug fixes), parted (upgrade to GNU parted-1.8.1), pyparted (upgrade to pyparted-1.8.1), rdesktop (update to 1.5.0), vte (update to 0.14.1), ghostscript (update to 8.15.3), squid (update to the latest upstream).Updates for Fedora Core 5: nfs-utils (bug fix), swig (update to 1.3.31), quagga (bug fix), perl-DBD-MySQL (update to latest upstream version), parted (upgrade to GNU parted-1.8.1), pyparted (upgrade to pyparted-1.8.1).
Updates for Fedora Extras [5,6,devel]: ssmtp (security bugs fixed).
Mandriva updates
Updates for Mandriva Linux 2007.0: powermanga (bug fix), tomboy (bug fix for gnome-sharp2 on x86_64).Updates for Mandriva Corporate Server 4.0: phpmyadmin (update fixes bugs and security issues), php-eaccelerator (upgrade to 0.9.5 final), logrotate (bug fixes), glibc (sync kernel and userspace tools, x86_64 bug fix).
rPath updates
Updates for rPath Linux 1: setup (add programs to /etc/shells), rmake (bug fixes and enhancements).Trustix updates
Updates for Trustix Secure Linux 3.0: kernel (new upstream version).Ubuntu updates
Updates for Ubuntu 6.10: openoffice.org (bug fixes), gnome-vfs2 (monitor loop patch), xorg (upload to edgy-updates), gnome-system-tools (crasher fix), gimp (gettext domain patch), gtk+2.0 (grid_lines fix), gnome-games (fix to mahjong difficult mode score storing), libgnomeprintui (translation fix), wlassistant (bug fixes), kdebase (upload to edgy-updates), vino (fix password free patch), vino (work with nokia 770 patch), udev (include firmware_helper in initramfs), control-center (bug fixes), mdadm (bug fixes), kopete (bug fix).Updates for Ubuntu 6.06 LTS: gcl (bug fix), maxima (upload to dapper-updates).
Newsletters and articles of interest
Making a distribution secure (Linux.com)
Linux.com looks at securing a distribution. "There's no dearth of Linux distributions to choose from. With so many to choose from, one might think it's as easy as picking up the Linux kernel, throwing in a few applications, setting up repositories, making ISOs and you've got a shiny new Linux distro. Well, there's more to a Linux distro than assembling applications and making sure everything works. A lot of time and effort, at least for major distros, is spent on making the distribution secure and getting updates out in a timely fashion."
tuXlab Linux release targets education (tectonic)
tectonic covers tuXlab GNU/Linux, a new distribution based on Edubuntu and Xubuntu, from Inkululeko Technologies. "Inkululeko's Jonathon Carter says "the goal of the tuXlab operating system is to provide a user friendly, support friendly, localised, feature rich environment for schools. It forms part of the tuXlab model, which aims to develop a sustainable open source ICT model for the education- and development sector." tuXlab has been used extensively in the Shuttleworth-backed schools Linux project originating in the Western Cape but until now has not been available as a product. Carter says that it was the Foundation's policy not to fund software development internally, but that it is now possible to release and support tuXlab software since it is managed by Inkululeko Technologies, which provides Linux services to the education, development and commercial sectors."
Installing Gentoo Linux on the Playstation 3 (DesktopLinux.com)
DesktopLinux.com looks at the Gentoo PS3 Linux installation procedure. "Gentoo Linux's project team has published information -- contained in its weekly online newsletter -- on how to load and use its popular distro on the new Sony Playstation 3, which is all the rage among gamers at the moment." A full set of instructions and general compatibility notes, is available here.
Ben Collins (behind ubuntu)
Behind Ubuntu interviews Ben Collins. "What are you working on for feisty? In regards to the kernel, I'm working to improve our hardware support and stability. We're finally ramping up our kernel team, and I'm hoping this gives me more time to work on bugs and new features."
Distribution reviews
OpenSUSE 10.2 goes gold (DesktopLinux)
DesktopLinux takes a look at openSUSE 10.2. "This latest community Linux distribution from Novell, SUSE, and friends is based on a 2.6.18.2 Linux kernel. Users can choose between the KDE 3.5.5 or GNOME 2.16.1 desktop environments, both of which run on top of the X.Org 7.2rc2 windowing system."
Review: Mandriva Flash delivers Linux to go (Linux.com)
Linux.com reviews Mandriva Flash. "Mandriva Flash is a 2GB Dane-Elec USB key loaded with Mandriva Linux 2007. It gets points for style: the key is an attractive deep blue surrounded by a sturdy metal fence that leaves room on both ends to attach the key to a lanyard or keychain. The release notes say that the operating system and related files only take up half the space on the USB drive, leaving 1GB for my own files. This little powerhouse packs a lot of punch, once you get it up and running."
openSUSE 10.2: the best Linux desktop yet? (Linux.com)
Linux.com reviews openSUSE 10.2. "First impressions are important, and openSUSE 10.2 made a strong enough impression with me that I may be making openSUSE 10.2 my new desktop OS. I installed openSUSE 10.2 RC1 soon after its release in late November, and I've been kicking the tires on the final release since it was made public last Thursday. Here's my report."
Page editor: Rebecca Sobol
Development
Campcaster - broadcast radio with Linux
The Center for Advanced Media--Prague (CAMP), known for its Campsite multi-lingual news publishing system, is developing free software for use in media under the Campware name:
![[Campcaster]](https://static.lwn.net/images/ns/campcaster.png)
The various Campware projects are being worked on by an international group of software developers and the projects are funded by the Media Development Loan Fund.
One of the major projects from Campware is the Campcaster radio station automation system. Version 1.1 "Freetown" of Campcaster was recently released:
The Campcaster 1.1 press release has more information on Campcaster and how it is being used. The initial project funding has been provided by the Open Society Institute.
The major Campcaster features include:
- Designed to work on the Debian and Ubuntu distributions.
- Includes both GUI and web-based interfaces.
- Station program material is archived in a central repository.
- Supports Internet-based virtual radio stations with program sharing capabilities.
- The web-based interface allows for remote station management.
- Allows manually controlled playback of sound files and playlists.
- Includes an automatic playback system for running playlists at future times.
- Playlists can be nested within other playlists.
- The Gstreamer multimedia framework is used playback.
- Includes a search-based backup system for making archives of material.
- Includes a scratchpad interface for documenting recently played material.
- Supports multi-lingual operation through the use of Unicode.
- Has no restrictions on multiple instance uses of the software.
- Has an open and extensible architecture based on XML-RPC APIs.
For those who wish to try out Campcaster, the Installation and Setup cheat sheet has prerequisite and installation information. The software is available for download here.
System Applications
Audio Projects
Rivendell 0.9.79 announced
Version 0.9.79 of Rivendell, a radio station automation system, is out with a new SoundPanel button pause feature and a database schema bug fix.
Database Software
MySQL 5.1.14 Beta has been released
Version 5.1.14 Beta of the MySQL DBMS is out with a long list of changes. "We are proud to present to you the MySQL Server 5.1.14 Beta release, a new Beta version of the popular open source database. Bear in mind that this is a beta release, and as any other pre-production release, caution should be taken when installing on production level systems or systems with critical data."
PostgreSQL Weekly News
The December 10, 2006 edition of the PostgreSQL Weekly News is online with the latest PostgreSQL DBMS articles and resources.
Libraries
RFIDIOt 0.1i released
Version 0.1i of RFIDIOt, an open-source Python RFID library, is out. Changes include new support for FDX-B and EM4x02 tags as well as an updated GUI for e-passports.Tftpy 0.3 released
Version 0.3 of Tftpy, a Python TFTP Library, has been announced. "This release adds variable block sizes, and general option support, implementing RFCs 2347 and 2348. This is accessible in the TftpClient class via the options dict, or in the sample client via the --blocksize option."
Web Site Development
Midgard 1.8.1 "42" released
Version 1.8.1 of the Midgard web development platform has been released. "Midgard 1.8.1 release includes major features' enchancements: preview for new integrated replication functionality, compatibility with 64bit systems and major fixes."
Framework comparisons (django)
The django project notes some comparisons of web development platforms. "Web framework comparisons are inevitable, and they've been showing up more and more often. A couple of weeks ago, Alan Green and Ben Askins put together a "RailsVsDjango" report, and they presented their findings at the Open Source Developers' Conference in Melbourne, Australia. In the latest batch, both from the last 24 hours, we've got a relatively flame-baitish comparison of Django and Rails, along with a much more constructive comparison."
Zope News
The November 16-30, 2006 edition of Zope News is out with the latest Zope web development platform news.
Miscellaneous
New release of the Linux-ready Firmware Developer Kit
Release R1 of the Linux-ready Firmware Developer Kit has been announced. "In this release many bugs have been fixed and several key enhancements have been done to help the ease of use of the kit, and several new tests have been added. The Linux-ready Firmware Developer Kit is a tool to test how well Linux works together with the firmware (BIOS or EFI) of your machine, and is designed for use by both firmware development teams and Linux kernel hackers to prevent and diagnose firmware bugs."
Desktop Applications
Audio Applications
Third Issue of Amarok Weekly Newsletter Released (KDE.News)
KDE.News has announced the third issue of the Amarok Weekly News. "Third issue of Amarok Weekly News talks about cross-desktop media player cooperation, cool new additions to Amarok, and refreshed artwork. And again, it also includes useful tips."
Data Visualization
PLplot 5.7.1 released
Version 5.7.1 of PLplot, a library of functions for making scientific plots, is out. The release notes state: "This is a routine development release of PLplot. It represents the ongoing efforts of the community to improve the PLplot plotting package. Development releases in the 5.7.x series will be available every few months. The next full release will be 5.8.0."
Desktop Environments
GNOME Software Announcements
The following new GNOME software has been announced this week:- Banshee 0.11.3 (new features, bug fixes and translation work)
- cairo snapshot 1.3.6 (bug fixes)
- Gfax 0.7.6 (new features, bug fixes and translation work)
- Glade 3.0.3 (bug fixes and translation work)
- GNOME Commander 1.2.2 (new features and bug fixes)
- GNOME Commander 1.2.3 (bug fix)
- Gnome Subtitles 0.1 (new features and bug fixes)
- gnubiff 2.2.4 (bug fixes and translation work)
- Gossip 0.20 (new features and bug fixes)
- gThumb 2.8.1 (bug fixes)
- GtkSourceView 1.8.2 (bug fixes and translation work)
- metacity 2.17.3 (bug fixes and translation work)
- Pandora FMS applet 1.2 (first public release)
- Pango-1.14.9 (bug fixes and translation work)
- Sysprof Linux Profiler 1.0.8 (bug fix)
KDE Software Announcements
The following new KDE software has been announced this week:- BeQunge 0.1 (initial release)
- cb2Bib 0.7.2 (new features and bug fixes)
- digikam 0.9.0-rc2 (new features and bug fixes)
- Etree 0.1 (initial release)
- ISO - DAX - CSO Converter 1.01 (new features and bug fixes)
- ISO - DAX - CSO Converter 1.02 (gui fixes)
- K3b 1.0 RC 1 (feature complete release)
- K3DSurf 0.6.1 (new features and bug fixes)
- Kaffeine 0.8.3-1 for Mandriva 2007 (unspecified)
- KAlarm 1.4.6b / 1.9.1beta (new features, bug fixes and translation work)
- KSniffer 0.2 alpha1 (new features)
- kudev alpha (initial release)
- KWlan 0.5.7 (new features)
- Mailody 0.2.0 (new features and bug fixes)
- SIR 1.3 (new features)
- Zhu3D 2.7.9 (new features and bug fixes)
KDE Commit-Digest (KDE.News)
The December 10, 2006 edition of the KDE Commit-Digest has been announced. The content summary says: "The beginnings of Sega Genesis/Megadrive support in Gamefu. kdegames improvements continue with porting and gameplay work in KBackGammon. OpenDocument master page support in Okular. 'Idle time' detection comes to the 'powermanager' module of the Guidance system utilies. MIDI format support in KTabEdit. The new histogram graphing functionality of Strigi continues to be refined. Following Akonadi, NEPOMUK starts to utilise the power of Strigi. WHATWG audio objects supported in KHTML through Phonon. Appointment printing work in KOrganizer. Kross scripting infiltrates KWord."
Xorg Software Announcements
The following new Xorg software has been announced this week:- libXft 2.1.12 (bug fix)
- xauth 1.0.2 (bug fixes and other improvements)
- xf86-video-intel 1.7.3 (new features and bug fixes)
- xf86-video-vmware 10.14.1 (bug fix)
Electronics
Covered 20061205 released
Version 20061205 of Covered, a Verilog electronic simulation language code coverage analysis tool, is out with the following changes: "A few updates to the core code to properly support VPI usage were necessary which is why this is not a stable release. At this point, regressions are fully passing with Icarus Verilog, Cver and VCS in both dumpfile and VPI modes of operation -- an important milestone for the upcoming 0.5 stable release. There is still additional testing of existing functionality that needs to be done as well as finishing the GUI documentation support using the new HelpSystem documentation reader utility before I would consider Covered ready for a new stable release."
eispice 0.9 released
Version 0.9 of eispice, a clone of the Berkley Spice 3 Simulation Engine, has been announced. Changes include: "Added a self-extracting Windows installation binary to the download page. - Added a prototype PyB Python defined Behavioral Model. - Transitioned from using the obsolete Numeric library to the new Numpy library. - Added nested sub-circuit support."
Financial Applications
GnuCash 2.0.3 released
Version 2.0.3 of GnuCash, a money management application, has been released. "Personal and small business accounting in GNU/Linux will be easier and better after today's release of GnuCash 2.0.3. This release of the free, open source accounting program improves on the generational advances in the last version. GnuCash 2.0 is based on state-of-the-art gtk2 GUI technology. Developers worked hard to integrate the Gnome Human Interface Guidelines (HIG) for a consistent behaviour and look-and-feel for the whole Desktop."
Games
Pygame 1.8 will be released
Version 1.8 of Pygame, a Python-based game development platform, is scheduled for release on December 15. "Following a period of beta, and RC releases Pygame 1.8 will be released at 2006/12/15 10:00:36.873456 AEST!"
GUI Packages
Trolltech Releases Qt and Qtopia Core 4.2.2
Trolltech has released Qt 4.2.2. "Trolltech today announced the release of Qt 4.2.2, the latest version of its leading framework for high performance cross-platform application development; and Qtopia Core 4.2.2, the leading application framework for single-application devices powered by embedded Linux. Qt and Qtopia Core 4.2.2, which include a wide range of bug fixes and optimizations, were released today to customers and the open source community."
wxWidgets 2.8.0 released
Version 2.8.0 of wxWidgets, a cross-platform GUI toolkit, is out. "The wxWidgets team is pleased to announce a major new release. Compared with the last stable series (2.6), 2.8.0 adds wxAUI (an advanced user interface library for docking and other functionality), wxRichTextCtrl, wxComboCtrl, wxOwnerDrawnComboBox, wxTreebook, various picker controls such as wxColourPickerCtrl, wxHyperlinkCtrl, partial right-to-left language support, support for Core Graphics on Mac OS X, tar archive support, and more."
Interoperability
Wine 0.9.27 released
Version 0.9.27 of Wine has been announced. Changes include: Better support for noexec kernels, Better Dwarf support in dbghelp, Several Winsock fixes, Various code cleanups and Lots of bug fixes.
Medical Applications
Synapse EMR (LinuxMedNews)
LinuxMedNews mentions an effort to port Synapse Electronic Medical Record to Linux. "Alpha builds are now available to play with (Libc6). Synapse EMR is a GUI rich free EMR on Win32. See here Lots of things not working yet, but the basic GUI comes up. Still to work on printing, print preview etc. Only 50% thru reading Linux for Dummies so once I finish that I'll have more ideas on how to complete this project!"
Music Applications
CLAM 0.95 released
Version 0.95 of CLAM, is a C++ framework for doing research and application development in audio and music, is out. "Most important in this release is NetworkEditor 0.4, with a radically reworked UI based on Qt4.2, lots of work on stability and usability, and new visual-prototyping features. You can visually prototype standalone apps (or audio plugins): Edit audio networks with NetworkEditor, then edit its UI using Qt Designer and CLAM widgets plugins. Finally, Prototyper let you run the audio network with its UI."
pnpd 0.00.2 released
Initial release version 0.00.2 of pnpd is available. "pnpd is a new computer music system. it's based on a dataflow syntax, that is closely related to pd or max/msp, although it introduces some new concepts. at the moment, it doesn't contain a graphic user interface, but a text-based patcher language. it can be controlled via osc and support audio i/o via portaudio, the dsp backend is highly optimized for performance, especially for cpus supporting sse instructions."
Office Suites
OpenOffice.org 2.1 released
OpenOffice.org 2.1 is out; click below for details and download information. "The presentations application, Impress, now supports multiple monitors, with the presenter choosing where to display the presentation. The Calc spreadsheet has an improved HTML export capability, using styles to better recreate in a browser the appearance of the original spreadsheet. The database application, Base, has a number of enhancements, including improved support for Microsoft's Access product. The popular Quickstarter is now available for GNU/Linux users as a GTK application."
Web Browsers
Gran Paradiso Alpha 1 Released (MozillaZine)
The Alpha 1 of Gran Paradiso has been announced. "Gran Paradiso Alpha 1, an early developer milestone based on the Gecko 1.9 branch, has been released. Gran Paradiso, a mountain group located in Italy, is also the project codename for Firefox 3. There are no significant user interface changes. Core layout and rendering changes include use of Cairo as the default graphics library, use of Cocoa Widgets for MAC OSX builds and new SVG elements."
Miscellaneous
ISO Master 0.6 released
Stable version 0.6 of ISO Master has been announced. "ISO Master is a graphical editor for ISO images with support for ISO9660, RockRidge, and Joliet file names. It is useful for extracting, deleting, or adding files and directories to or from an ISO image. It is based on the bkisofs and GTK2 libraries."
MeshLab 0.9 Released (SourceForge)
Version 0.9 of MeshLab has been announced, it features new filtering tools and improved obj file handling. "MeshLab is a GPL portable and extendible system for the processing and editing of unstructured 3D triangular meshes. The system is aimed to help the processing of the typical not-so-small meshes arising in 3D scanning, providing a set of tools for editing, cleaning, healing, repairing, inspecting, rendering and converting this kind of meshes."
Languages and Tools
Caml
Caml Weekly News
The December 12, 2006 edition of the Caml Weekly News is online. Topics include: updated godi package for wyrd, Creating wrappers for C libraries, A Question About Types and Inlining, APC, IMT, IceDock and OCaml D-Bus 0.01.
Haskell
Haskell Weekly News
The December 12, 2006 edition of the Haskell Weekly News is online. Lots of new, practical Haskell libraries released this week, including support for ogg sound file parsing, a new user interface library, ftp clients and servers, database bindings as well as config files and logging.
Perl
This week on the Perl 6 mailing lists (O'Reilly)
The December 3-9, 2006 edition of This week on the Perl 6 mailing lists has been published. Take a look for the latest Perl 6 developments.
Python
python imaging library 1.1.6 final released
Version 1.1.6 final of the python imaging library has been announced. "PIL 1.1.6 final is 1.1.6b2 plus some portability fixes, and threading support for the Sane extension."
python-dev Summary
The python-dev Summary is out with coverage of the python-dev mailing list for the period of November 16-30, 2006.Python-URL!
The December 11, 2006 edition of the Python-URL! is online with a new collection of Python article links.Python Software Foundation board meeting minutes
The minutes from the November 13, 2006 Python Software Foundation board meeting have been posted.
Tcl/Tk
Dr. Dobb's Tcl-URL!
The December 12, 2006 edition of Dr. Dobb's Tcl-URL! is online with new Tcl/Tk articles and resources.
XML
4Suite XML 1.0.1 announced
Version 1.0.1 of 4Suite XML, a Python library for XML processing, has been announced. "Thanks to all the testers, there are a number of important fixes and improvements since 1.0, and we recommend upgrade from all previous versions."
CPAN Module Review: XML::Atom
chromatic reviews Perl's XML::Atom on O'Reilly. "I recently needed to filter and process some Atom feeds. I know enough XML that I could process them with my own SAX filter, but this seemed like a better opportunity to use the XML::Atom module. Fortunately, it was very easy."
XQuery, XSLT, and OmniMark: Mixed Content Processing (O'Reilly)
Alexander Boldakov, Maxim Grinev, Kirill Lisovsky discuss Mixed Content Processing on O'Reilly's XML.com. "Document-oriented XML usually has highly irregular structure in which elements might be mixed in unknown way. Processing such XML requires advanced data-driven facilities: push-style processing enriched with transformation rules and side-effect-free updates. In this article we emphasize such facilities in three XML-native languages: XQuery, XSLT, and OmniMark; and analyze applicability of these languages and their combinations to document-oriented XML processing."
Build Tools
BuildBot 0.7.5 released (SourceForge)
Version 0.7.5 of BuildBot has been announced. "The BuildBot is a system to automate the compile/test cycle required by most software projects to validate code changes. It builds and tests the tree each time a change is committed, providing status updates through a web page or other protocols."
Test Suites
Linux Desktop Testing Project 0.7.0 released
Version 0.7.0 of the Linux Desktop Testing Project (LDTP), a test automation framework and tool collection for testing the Linux Desktop, is out. "This release features number of important breakthroughs in LDTP as well as in the field of Test Automation. This release note covers a brief introduction on LDTP followed by the list of new features and major bug fixes which makes this new version of LDTP the best of the breed. Useful references have been included at the end of this article for those who wish to hack / use LDTP."
Version Control
Mercurial 0.9.2 released
Version 0.9.2 of Mercurial, a source control management (SCM) system, has been released. This version adds a number of new features and extensions.
Miscellaneous
I18N Messages and Logging (O'ReillyNet)
John Mazzitelli discusses I18N messages and logging on O'Reilly. "Sick of internationalizing by making your own code take responsibility for finding and using ResourceBundles? The i18nlog project offers an annotations-based way to simplify your internationalization tasks and even allow you to internationalize your logging. John Mazzitelli explains why this is a good idea."
Google Mondrian: web-based code review and storage
Niall Kennedy has posted a weblog entry about Guido van Rossum's Mondrian project. "Guido van Rossum unveiled his first Google project, Mondrian, tonight during a Python tech talk at the Google campus in Mountain View. Mondrian is a web-based code review system built on top of a Perforce and BigTable backend with a Python-powered front-end. Mondrian is a pretty impressive system and is currently in use across Google."
Page editor: Forrest Cook
Linux in the news
Recommended Reading
Microsoft's document gambit moves ahead (ZDNet)
ZDNet follows the battle around the OpenDocument Format (ODF) and Microsoft Office Open XML document formats. "Jeff Kaplan, the founder and director of Open ePolicy Group, which advocates for the use of "open technologies" in government, said that governments are seizing upon Microsoft alternatives out of self-interest. "Governments are leading to move to ODF because they want control over data and to break their data lock-in. They see it as a matter of sovereignty, and they are uncomfortable with continued dependency on one company," Kaplan said. He added that the expected Ecma standard certification of Office Open XML will increase confusion in the marketplace."
Novell's 'Danaergeschenk', by Georg Greve (Groklaw)
Groklaw has an article by Georg Greve of the Free Software Foundation Europe on OpenXML adoption. "German is an interesting language, and many of its words have made it into English. Novell's recent deal with Microsoft is begging to add another one: Danaergeschenk. The term translates to "Gift by the Danaer" and has the same roots as "Greeks bearing gifts," which goes back to the siege of Troy. Novell's Danaergeschenk to the world is the recent announcement to implement OpenXML support in OpenOffice.org."
Seymour Papert badly injured
Seymour Papert, a long-time AI researcher and one of the inspirations behind the One Laptop Per Child program, has been hit by a motorcycle and badly injured in Vietnam. This Boston.com story has some more information. Best wishes.
Trade Shows and Conferences
What's up next in Linux desktop standardization? (DesktopLinux)
DesktopLinux.com covers the Desktop Architects Meeting. "Over the past week, some of the Linux desktop's foremost developers gathered together in Portland, Oregon at the OSDL (Open Source Development Labs) Desktop Architects Meeting to work further on bringing order to the Linux desktop. According to John Cherry, the OSDL's Desktop Linux initiative manager, there was a good turnout of about 45 developers from the community, including major Linux vendors such as Novell and Red Hat, and ISVs (independent software vendors) like Google and Adobe."
Cory Doctorow keynotes LISA '06 (Linux.com)
Linux.com reports from the 20th Large Installation System Administration (LISA) conference. "The 20th Large Installation System Administration (LISA) conference continued Wednesday with the LISA award ceremony, a keynote by none other than Cory Doctorow, noted sci-fi author, former Electronic Frontier Foundation (EFF) employee, and consumer privacy advocate, and a slew of technical sessions. Of specific interest to systems administrators (the audience LISA seeks to attract) was that Tobias Oetiker and Dave Rand won the SAGE Outstanding Achievement award for their work on MRTG and RRDTool."
Companies
Microsoft Office lock-in and the deal with Novell (Linux Journal)
Linux Journal's Nicholas Petreley discusses vendor lock-in and Microsoft Vista. "I can't urge you strongly enough to read the article entitled How Vista Lets Microsoft Lock Users In. It details how Microsoft has built into Vista the "trusted computing" ability to lock down Office files via DRM such that no unauthorized document reader will be able to decrypt and read them. This is perhaps one of the biggest hidden weapons Microsoft has in its arsenal that could sabotage Linux and OpenOffice.org if Microsoft succeeds in its attempt to plug SUSE and all Novell's "interoperability" bonuses. Think of this, if you will, as the Tivoization of Office files, only with malicious intent."
Microsoft desperately wants my love -- and yours (Linux.com)
Robin 'Roblimo' Miller has a humorous account of a recent trip to the Microsoft corporate headquarters. "I spent December seventh, eighth, and ninth in Seattle as Microsoft's guest. Microsoft flew me there from Florida at its expense, put me up in a nice hotel, provided decent food, and comped me and four other invitees to this "special conference" with presentations about the marvels of Vista and other recent or upcoming Microsoft products. They didn't quite play the old Beatles song "Love Me Do" in the background, but it was the event's unstated theme. And, as a free bonus, Microsoft gave me a free Zune to pass on to a developer who wants to put Linux on it or make a utility that will allow it to interact with a PC running Linux."
Linux at Work
Open Source Code behind PoloMercantil
Roberto Sedycias, IT Consultant for PoloMercantil has written an article on the use of open source software for the electronic auction site www.polomercantil.com.br. "As we started the project of the electronic auction www.polomercantil.com.br, we knew that the proprietary software costs would be too high for our financial resources. Our only option then was to make use of Open Source Code softwares."
Interviews
Open Invention Network's Jerry Rosenthal Answers Your Questions (Groklaw)
Groklaw interviews Jerry Rosenthal of the Open Invention Network. "What would an OIN defense look like? Typically, our first action would be to contact the organization that is claiming patent infringement. Our goal would be to have a conversation where we allow them to license our IP in return for a license to their patents. If necessary, we might demonstrate how their products might infringe on our patents. Legal proceedings for patent infringement would be our last resort. While we can adequately handle the latter, our goal is to build the Linux ecosystem with the former."
Interview with Fred Trotter: the Medsphere saga (Free Software Magazine)
Free Software Magazine interviews Fred Trotter, editor of LinuxMedNews. "Recently Medsphere, supposedly an "Open Source" Medical Software Company, has sued its founders Scott and Steve Shreeve. Why? Medsphere claims that the Shreeves illegally released Medsphere software to Sourceforge. An "Open Source" Software company is suing its founders for releasing code under a free license... that's a bit like Ford suing its employees for making cars. Recently Fred Trotter has come forward with evidence that he claims makes the Medsphere lawsuit baseless. Read on for an email interview with Fred Trotter regarding who did what in the Medsphere lawsuit, and why every free software developer should care about what is happening to the Shreeves."
For open source networking, no open source guru required, Vyatta execs say (NetworkWorld)
NetworkWorld talks with Vyatta execs about the Open Flexible Router. "Open source router company Vyatta debuted earlier this year with a Red Hat-style alternative to Cisco and Juniper offerings: the Open Flexible Router, an open source-based WAN router and firewall stack, freely downloadable, with service and support offerings available for purchase. Since then the company has generated buzz in the network industry, while releasing products such as a pre-installed appliance-like version on Dell servers. Vyatta CEO Kelly Herrell and chief strategy officer Dave Roberts recently told Network World Senior Editor Phil Hochmuth what Vyatta is, and is not, and what it hopes to become. (The following is an edited transcript.)" (Thanks to Peter Link)
Resources
Directory services made easy with Fedora Directory Server (Linux.com)
Paul Virijevich introduces FDS in a Linux.com article. "Directory services play a vital part in today's networks by helping administrators manage network users and resources. Until recently, the only choice for deploying a secure and easy-to-use open source directory server was OpenLDAP. While it gets the job done, it lacks the polish of commercial alternatives. Now Fedora Directory Server (FDS), Red Hat's open source LDAP server, makes setting up an enterprise directory server on Linux simple."
Reviews
Linux radio suite powers independent broadcasters (Tectonic)
Tectonic (South Africa) takes a look at the Campcaster suite for radio station automation. "'Campcaster provides features that used to be only available in extremely expensive commercial radio systems,' says Sava Tatić, Managing Director of the Media Development Loan Fund's Center for Advanced Media, Prague (CAMP), which coordinates the Campware Initiative. 'We believe there is a strong north-south aspect to using and extending Campcaster,' Tatić says. 'Every time a station in North America or Europe adapts and extends Campcaster, stations in places like Sierra Leone benefit.'".
Miscellaneous
DHS gears up for research phase of open source bug hunt (Linux.com)
Linux.com looks at a security project that has used the Coverity bug checker to perform security audits on open source software. "It's been nearly a year since the US Department of Homeland Security (DHS) announced the "vulnerability discovery and remediation open source hardening project," a $1.24 million, three-year grant through its research and development arm, the Directorate for Science and Technology. Now, the security project is entering its research phase."
LinuxBIOS ready to go mainstream (Linux.com)
Bruce Byfield follows the progress of the LinuxBIOS project. "Throughout the project's history, support from chip manufacturers and OEMs has been mixed. When the project started, Minnich remembers, information from Intel was readily available. Now, information about Intel chips is closely guarded, and the company prefers to promote its mixed source Extensible Firmware Interface (EFI) as the next generation of chip technology. By contrast, Advanced Micro Devices (AMD) was slow to support LinuxBIOS, but is now a major contributor to the project. Among OEMs, supporters include Acer, Advancetech, SIS, Momentum Computer, and Newisys. The project also works closely with OpenBIOS, a project with similar aims. Currently, Richard Smith, BIOS release manager for OLPC, says, "There are about 30 chipsets in the [repository] tree with various degrees of completion. The AMD boards are supported particularly well.""
Mozilla commits to collaborating with Linux distros (Linux.com)
Linux.com reports that the Mozilla Foundation has agreed to make changes to its development and distribution processes that will accommodate the needs of Linux distributors. "The sheer number of changes made independently by the distros made merging patches upstream difficult, if not impossible, and led to secondary problems like debates over usage of the Mozilla trademark. Furthermore, the current Mozilla policy is to accept only security fixes for stable code branches. Since many distros must continue to support older Firefox releases shipping with their own long-term-support releases, even patches that provide major stability fixes would not propagate upstream."
Page editor: Forrest Cook
Announcements
Non-Commercial announcements
FSF pledges $60,000 to the Free Ryzom Campaign
The Free Software Foundation has sent out a press release announcing that has pledged $60,000 to the Free Ryzom Campaign. This campaign is seeking to purchase and free the Ryzom multiplayer game, the owner of which is currently in bankruptcy court (LWN covered this campaign last week). "The Free Ryzom campaign represents a unique opportunity for the free software movement and the emerging free gaming field. A fully free MMORPG (massively multiplayer online roleplaying game) engine and client/server architecture would allow the development of a myriad of universes, each one evolving its own philosophy and unique content - but sharing in general technical improvements." According to the release, this pledge lets the campaign raise its bid to €200,000.
Ecma International Approves Office Open XML as Worldwide Industry Standard
Ecma International has approved Office Open XML Formats as an Ecma standard and voted to submit the new standards to the International Organization for Standardization (ISO) for consideration as an ISO standard through the fast-track process.Sirius Teams Up with KDE (KDE.News)
KDE.News reports that Sirius Corporation has become a Supporting Member of the KDE project. "Sirius' commitment to KDE is our second supporting membership and follows Canonical's recent patronage of the project. Sirius and KDE are joint participants in SQO-OSS, an EU-funded project that assesses the quality of Open Source code."
Commercial announcements
Adaptive Planning Express Edition 3.0 released
Adaptive Planning has announced the release of Adaptive Planning Express Edition 3.0. "Adaptive Planning Express Edition delivers a full set of capabilities for collaborative budgeting and forecasting. Featuring improvements in global navigation, formula management, data administration, and performance, Version 3.0 provides business users in Finance and other departments with a no-fee enterprise solution that makes it easier than ever before to move beyond spreadsheets for managing budgeting and ongoing re-forecasting and analysis."
Collax releases Security Gateway With enhanced bandwidth management
Collax has announced a new version of Collax Security Gateway. "Collax today announced expanded bandwidth management of the Collax Security Gateway. The UTM solution in Version 4.0.10 prioritizes and guarantees bandwidths in Virtual Private Networks; giving Voice-over-IP (VoIP), and other critical business applications such as ERP systems, priority in the VPN tunnel."
Covalent Bundles Terracotta's Clustering
Covalent has added Terracotta Clustering capabilities to its Enterprise Ready Server product. "Covalent Technologies, a leading supplier of complete enterprise open source solutions , today announced that it is bundling Terracottas clustering technology with Covalents Enterprise Ready Server, the most widely distributed Web infrastructure framework in Fortune 500 enterprises that combines the Apache Web server, Apache Tomcat Application Server, and related modules into a single, certified build. Enterprises gain scalability, as clustering with Terracotta makes Apache Tomcat scale almost 10X better than Tomcat on its own and surpasses the scalability of the majority of commercial application servers currently available."
Fortify Software and FindBugs launch Java Open Review
Fortify Software Inc. and FindBugs have announced the launch of the Java Open Review (JOR) Project. "The goal of the JOR Project is to boost the security and quality of open source software written in Java, one of the fastest growing programming languages used by open source software developers. Fortify and FindBugs are providing the review to help open source software project owners identify and fix quality and security errors quickly -- before they affect the performance of the software or pose a security risk to users."
Intalio to release BPMS under open-source license
Intalio has announced plans to release their Intalio|BPMS Community Edition under an amended version of the Mozilla Public License. "Intalio|BPMS Community Edition includes an Eclipse-based business process design tool that supports the Business Process Modeling Notation (BPMN). It also generates executable processes using the Business Process Execution Language (BPEL), a BPEL execution engine that can be deployed on top of any J2EE application server, and a workflow framework that supports the BPEL4People model developed by IBM and SAP. Users of the Open Source Intalio|BPMS Community Edition can later on upgrade to Intalio|BPMS Enterprise Edition through a yearly subscription plan."
Customers Strongly Endorse New Microsoft-Novell Deal
Novell has a press release showing customer support for the company's deal with Microsoft. "Nearly all respondents agree with improving interoperability, having products that work well together, and having tools that make it easier to manage mixed Windows(R) and Linux environments. The survey, jointly commissioned by Novell and Microsoft, was conducted by Penn, Schoen & Berland Associates Inc., a respected independent market research firm."
Open-Xchange Announces Partnership With MySQL AB
Open-Xchange Inc. has announced a partnership and support agreement with MySQL AB. "Open-Xchange will add MySQL support to its Linux based collaboration solution, Open-Xchange Server. Both companies will work to ensure optimized interaction between MySQL databases and Open-Xchange groupware functionality for joint customers."
rPath chosen by Newbury Networks for Wireless LAN appliance enhancement
rPath has announced its selection by Newbury Networks for work on Newbury's wireless LAN location appliance. "Newbury provides real-time location tracking solutions through its patented location-based technology. Using Newburys 802.11 device tracking capabilities, the Newbury Location Appliance accurately and precisely locates Wi-Fi devices while enabling a host of enterprise applications such as asset tracking, voice, security and network provisioning. Using rBuilder, the development process for Newbury was reduced to a matter of weeks versus months."
Sun Announces Java Platform Standard Edition 6
Sun Microsystems, Inc. has announced the availability of Java Platform Standard Edition 6 (Java SE 6). "The Java SE 6 release is the result of over two years of industry-wide development involving open review, weekly builds and extensive collaboration between Sun engineers and over 330 external developers. Developers interested in getting started immediately with the Java SE 6 release can leverage the new NetBeans(TM) Integrated Development Environment (IDE) 5.5, which fully supports all the latest features of the Java SE 6 platform."
Terra Soft takes orders for PLAYSTATION3 running Yellow Dog Linux
Terra Soft will be selling PLAYSTATION3 game boxes installed with Yellow Dog Linux. "Terra Soft is now accepting pre-orders for the PLAYSTATION®3 with Yellow Dog Linux pre-installed, offering both the GameOS and Yellow Dog Linux at boot. More than a gamebox, the PLAYSTATION®3 with the multi-core Cell microprocessor was designed by Sony Computer Entertainment to function as a personal computer. Yellow Dog Linux offers this functionality with greater than 2000 applications, everything needed for a personal computer, Cell workstation, or light-duty cluster node."
TimeSys appoints Joseph J. Raffa as Interim CEO
TimeSys has announced the appointment of Joseph J. Raffa as Interim CEO by the board of directors. "Mr. Raffa replaces former TimeSys president and CEO, Larry Weidman, who recently left the company to pursue personal interests. Mr. Raffa currently serves on the board of directors at TimeSys. In this interim role, Mr. Raffa will direct and oversee company strategy and sales activities as TimeSys continues to support its successful and innovative LinuxLink(TM) web-based resource for embedded Linux developers. He will also lead the company's active search for a permanent CEO."
New Books
No Starch releases "Code Craft: The Practice of Writing Excellent Code"
No Starch Press has published the book Code Craft: The Practice of Writing Excellent Code by Pete Goodliffe.MySQL Cookbook, Second Edition - New from O'Reilly
O'Reilly has published the book MySQL Cookbook, Second Edition by Paul Dubois.
Resources
Report: free software for sustainable human development
The Asia-Pacific Development Information Programme has put together a report entitled "Breaking Barriers: The Potential of Free and Open Source Software for Sustainable Human Development"; it is a set of 14 case studies taken from all over the world. It's downloadable as a 1MB PDF file.FSFE Newsletter
The December 11, 2006 edition of the FSFE Newsletter is out with the latest Free Software Foundation Europe news.
Contests and Awards
Prize Draw for KPhotoAlbum Translators (KDE.News)
KDE.News reports on a prize draw for translation work on KPhotoAlbum. "KPhotoAlbum has entered string freeze for its new release, and author Jesper Pedersen is offering a prize draw for those who complete the translation. Individuals and teams with 100% of the strings translated will be entered into the draw for $100 to take place on hogmanay alongside the new release."
The SAGE Outstanding Achievement Award 2006
The SAGE Outstanding Achievement Award 2006 has been given to Tobias Oetiker and Dave Rand, the authors of MRTG and RRDtool. "The Swiss Open Source Software developer Tobias Oetiker together with Dave Rand receives the 2006 SAGE Outstanding Achievement Award for the creation of the Open Source Software tools MRTG and RRDtool. In their commendation, SAGE points out: "Before the creation of these tools, the only people that could reap the benefits of long-term, historical statistics gathering were people with multimillion dollar budgets. MRTG and RRDtool democratized, and therefore popularized, historical data collection. As a result, network utilization planning has gone from being guesswork to a fine art."
Calls for Presentations
Linux Audio Conference LAC2007 Call for Papers and Music
A Call for Papers and Music has gone out for the Linux Audio Conference 2007. "This is the second call for papers for the 5th Linux Audio Developers Conference (LAC2007). This is a reminder since some people might not have received the last call or might just have forgotten about the deadlines by now (08 Jan 2007 : Deadline for submission of papers, worshops, tutorials, demos, hands on demos and music)." LAC2007 takes place at the TU-Berlin, in Germany on March 22-25, 2007.
2007 Xorg Developer's Conference call for papers / attendance
A call for papers and attendance has gone out for the 2007 Xorg Developer's Conference. "The next X Developer's Conference is scheduled on February 7-9, 2007. The location is not yet firm, but we are looking at two possible locations. One is in Santa Clara, CA, and the other is in Menlo Park, CA."
Upcoming Events
PyPy Leysin Winter Sports Sprint
The PyPy Leysin Winter Sports Sprint has been announced, it will take place on January 8-14, 2007. "The next PyPy sprint will be in Leysin, Switzerland, for the fourth time. This sprint will be the final public sprint of our EU-funded period, and a kick-off for the final work on the upcoming PyPy 1.0 release (scheduled for mid-February). The sprint is the last chance for students looking for a "summer" job with PyPy this winter! If you have a proposal and would like to work with us in the mountains please send it in before 15th December".
Events: December 21, 2006 to February 19, 2007
The following event listing is taken from the LWN.net Calendar.
| Date(s) | Event | Location |
|---|---|---|
| December 27 December 30 |
23rd Chaos Communication Congress 2006 | Berlin, Germany |
| January 11 January 12 |
Foundations of Open Media Software | Sydney, Australia |
| January 15 January 20 |
linux.conf.au 2007 | Sydney, Australia |
| January 20 January 26 |
Cell Hack-a-thon | Loveland, CO, USA |
| January 23 January 26 |
Open Source Meets Business | Nürnberg, Germany |
| January 24 | European Patent Conference | Brussels, Belgium |
| January 30 February 1 |
Solutions Linux Expo | Paris, France |
| February 1 February 2 |
LinuxDays Luxembourg | Luxembourg, Luxembourg |
| February 2 | FUDCon Boston 2007 | Boston, MA, USA |
| February 7 February 9 |
Free Software World Conference 3.0 | Badajoz, Spain |
| February 7 February 9 |
Xorg Developer's Conference | Santa Clara, CA, USA |
| February 9 | Women In Open Source | Los Angeles, USA |
| February 9 | Open Source Health Care Summit | Los Angeles, USA |
| February 10 February 11 |
2007 Southern California Linux Expo | Los Angeles, USA |
| February 12 February 13 |
Vancouver PHP Conference | Vancouver, BC, Canada |
| February 12 February 13 |
Linux Storage and Filesystem Workshop | San Jose, CA, USA |
| February 12 February 16 |
Ruby on Rails Bootcamp Training | Atlanta, USA |
| February 12 February 15 |
3GSM World Congress 2007 | Barcelona, Spain |
| February 14 February 15 |
LinuxWorld OpenSolutions Summit | New York, NY, USA |
| February 15 | TiE Open Source Summit | Pittsburgh, PA, USA |
| February 16 | The Ubucon New York | New York, NY, USA |
If your event does not appear here, please tell us about it.
Audio and Video programs
Eben Moglen's Plone Conference Address (LinuxMedNews)
LinuxMedNews mentions the availability of a video keynote address from Eben Moglen's 2006 Seattle Plone Conference keynote. "Eben Moglen: '...Software can prevent software from being owned. Software itself can lift the software tax. That's where we are at this moment. On that cusp. In this neighborhood, at this moment, the richest and most deeply funded monopoly in the history of the world is beginning to fail...the very engineering limits of trying to make software that you own work as well as software that the community produces are becoming apparent...'"
Page editor: Forrest Cook
Letters to the editor
Benefits of software freedom
| From: | gralex-AT-free.fr | |
| To: | letters-AT-lwn.net | |
| Subject: | Benefits of software freedom | |
| Date: | Fri, 08 Dec 2006 15:21:48 +0100 |
Dear LWN,
I've been reading with interest the GNOME Foundation board election article and
the statements from the candidates for the positions. However, I felt I
couldn't disagree more on the views of one of them: Joachim Noreiko. You quote
him as saying:
"What freedoms exactly? The computer users I know can't code. What are they
going to with the source code they have the freedom to modify?"
That is absolutely wrong. It's like stating that if you're not a journalist, you
don't benefit from freedom of press. I'm not a coder, but I benefit greatly from
free software. In the same way that I benefit from high-quality articles in the
newspapers I read because the journalists can do their job freely. The
developers who work on free software are free to develop as they wish and
benefit from each other's openness and the end-product is good, thus benefiting
everyone.
And there's also the added benefit that because the development process is open,
I can learn from it and all the best practices that can be applied to software
development. So I can get involved at my own level.
Regards,
Alexandre
Page editor: Jonathan Corbet