They have plenty to talk about. Predictions for Linux in the embedded market have always been rosy, and they are getting better all the time. As Motorola's Scott Preece noted in one session, it is now expected that there will be over 200 million Linux-based phones in circulation by 2012. Linux shows up in special-purpose applications on a daily basis - often in unexpected places. Increasingly, Linux is the operating system of choice for small systems.
The royalty-free nature of Linux is certainly a reason for its success in the embedded field. If one is selling millions of gadgets, even a small per-unit royalty adds up in a hurry. But cost is not the real motivation here. The ways in which Linux can be modified for specific tasks and the general level of control it gives to vendors are both more important. Also, as Mr. Preece pointed out, there is a ready supply of Linux expertise out there for embedded companies to hire. On the other hand, very few developers go out and learn the Symbian platform on their own. There are advantages to going with a standard system.
Given this situation, one would have expected the ELC to be a large event, but it is, instead, surprisingly small. Quite a few embedded systems vendors were present - telephone handset manufacturers were especially well represented - but others were notable in their absence. ELC was not a particularly well-promoted event, which might partially explain its small size. Whatever the reason, it would be nice to see wider participation in the future; this community, like any other, needs to get together occasionally and talk.
Participation in the community was an ongoing theme of this conference, from Thomas Gleixner's opening keynote through to the end of the last day. Embedded vendors are famous for going their own way, neglecting to contribute their changes back, and generally pushing the GPL as far as they can. If there is one message which came out of this conference, it might be this: the embedded vendors are aware of their lack of participation and the problems it causes. Many of them - at least, those who came to this event - would like to make the situation better. But they often find themselves in a hard position.
Working with the community requires patience, openness, and a willingness to let go of some control. The embedded market, for the most part, does not reward those characteristics. Products come and go after a few months, and, once a product is out the door, and an embedded vendor has little motivation to continue to work with it. So merging product-specific changes back into the projects upon which they were based looks like a cost with little associated benefit. There is little intent to maintain that product into the future, and there will almost certainly be no big software upgrades for it. So the code looks dead. The fact that getting their work into the upstream repositories will help those projects support the next product better is beginning to get through to some companies, but it is a slow process.
Getting code into an upstream project - be it the kernel or higher-level software - goes best when that project is engaged from the beginning. A big after-release dump of previously unreviewed code tends to be hard to integrate at best. But the last thing a gadget maker wants to do is to release detailed internal information about its next product months before that product is announced. So late code dumps will likely be a best-case scenario for some time yet to come.
Consumer electronics products also tend to be quite static once they are shipped. When Nokia released a major software upgrade for the 770 tablet, it was the first time it had upgraded the software for any product in the field. Openness and modifiability are somewhat strange concepts for this industry. Products like the Nokia tablets and the OpenMoko phone are blazing new trails; many vendors are likely to be watching to see how well these experiments go.
Seen in this context, the announcement of the GNOME Mobile & Embedded Initiative fits right in. The GNOME developers, too, are looking to bring embedded vendors into their community and to get them to help make the platform better. They seem to be succeeding: the project claims that there are now more GNOME developers paid to work on embedded applications than on traditional desktop systems. GNOME is already a capable environment for embedded development, allowing developers to use the same software stack on all types of systems. If the project continues to be successful in getting embedded vendors to help build the platform, interesting things are certain to happen.
Some vendors have GPLv3 on their minds as well. Many of the libraries being used by embedded systems are licensed under the LGPL; once version 3 comes around, the LGPL will be essentially a patch to the GPL giving some extra permissions. So the LGPL will continue to allow proprietary applications to be used with the libraries. The LGPL does not, however, waive the anti-DRM provisions of GPLv3, meaning that users will have to be able to replace any LGPLv3-licensed libraries on their gadgets. Such replacement could allow application behavior to be changed in interesting ways - and badly mess up any lockdown scheme. How that will play out remains to be seen; embedded vendors may gain a renewed interest in technologies like SELinux or AppArmor to keep embedded applications firmly sandboxed.
These issues will certainly be worked out; the incentives to do so are strong. The embedded Linux community is on a roll, and rightly so. Linux has all of the right features and freedoms to be an attractive platform in that arena. If this industry can pull together into a true community - with the users as members too - there will be few limits on what it will be able to achieve.looked at the discussion surrounding the GNOME project's mystery announcement at the 2007 Embedded Linux Conference. That announcement turns out to be the GNOME Mobile & Embedded Initiative, a determined push to bring about world domination in the embedded area.
GNOME hacker Jeff Waugh started his presentation with a brief history of the GNOME project. He pointed out that there is a lot of innovative, bleeding-edge technology in the GNOME platform - developments which have pushed the edge within the desktop and beyond. Examples included the libxml2 library, Pango, Project Utopia (which had the goal of making hardware "just work"), Network Manager, and now the Power Manager work. Another stage in this history was the creation of the GNOME Foundation, which showed that the free software world can work with commercial interests to the benefit of both.
In recent times, the shipments of desktop PC's are in decline. On the other hand, laptop shipments are growing, and the shipments of other mobile devices are growing rapidly. There are, says Jeff, more developers paid to work on the GNOME platform for embedded use than for the desktop. Mobile devices, it seems, are the future. This is the situation that the GNOME Mobile & Embedded Initiative was created to take advantage of.
There is a long list of companies and projects which have signed on to this effort - see the obligatory collection of quotes for details. Much was made of the fact that the initiative is a cooperative effort including both companies and free projects.
The initiative, says Jeff, is about writing code. All of that code will have the full GNOME platform available to it (if it needs it), and will be ABI-compatible with the desktop platform. This "is not toy GNOME," it's the full thing. The platform will carry the GNOME LGPL license, making it available to proprietary applications - royalty-free, of course. And it's shipping today, though the first official release will be with GNOME 2.20 in September.
A wide variety of devices is covered by this platform. Examples given at the conference include the Nokia N800 (an Internet tablet device), the One Laptop Per Child XO system, the OpenMoko phone, and, at the novel end of the scale, the upcoming Vernier LabQuest, a handheld data acquisition and display device with a vast list of sensors available to it. The LabQuest was held up as an example of a device which was developed by a company with little software expertise; the Linux and GNOME platform made the whole thing relatively easy. All of these, says Jeff, are "beautiful new ideas" enabled by the open source stack.
The initial code from the GMAE initiative is available now. Possible additions in the near future include display frameworks from a number of sources (examples include the OpenMoko framework and the Hildon desktop used on the N800), applications like TinyMail, integration of GeoClue, and more. There's also low-level initiatives like better touchscreen support in GTK, fixing the floating-point usage in Cairo, etc. Beyond that, time will tell; chances are it's going to be interesting.one complaint which could be heard in the right places, however: it seems that this whole initiative was conceived of and agreed to without the involvement of the GNOME marketing team. One might well ask: if the marketing team does not get involved in an agreement like this one, what does the project keep it around for?
There's a couple of responses which are worth a read. Dave Neary, a member of this team, had some stark comments:
Jeff Waugh, the driving force behind the embedded initiative, states:
One might well argue that the GNOME marketing team has failed to live up to expectations. Some members of the team are doing so and beginning to think about ways to change that situation. As a result, we might well see a more active team in the future. But there is a question which is worth asking here: to what extent might the comments quoted above apply to any project's marketing team? It might just be that a project which is trying to grow its user and development community has little to gain from the formation of a marketing group.
In the corporate environment, a marketing team takes a leading role in identifying potential customers, designing something that those customers might just want to buy, and finding ways to motivate customers to make that purchase. Once a marketing strategy has been worked out and adopted, the rest of the company is expected to work to execute that strategy. In successful companies, marketing tends to lead the way.
Most free software projects are not amenable to this sort of leadership. What gets done in free software is what individual developers decide to do - or are told to do by their employers. Paid developers may well be working toward the execution of a marketing plan, but it's their employer's plan, not the project's plan. Free software hackers will be working to make a project better, but they are not marching to the project's drummer. They will not seek approval from a project's marketing team when they decide what to hack on.
The same is true of project members who work to create initiatives or alliances in a specific area. GNOME's support of embedded applications comes as a result of work by interested developers and the companies which are operating in that area. It was a natural consequence of the way the embedded market is going; there was no need for a marketing team to foresee, plan for, or mandate a bigger role for GNOME in the embedded marketplace. If a GNOME marketing group were to call for such a role, it would have little effect on GNOME developers working on more traditional desktop applications. Free software projects are not corporations; free software users and developers will not wait for a marketing group to sign off on their plans.
Some projects do have marketing organizations which appear to be effective. The push behind the Firefox browser is arguably one of the most prominent examples; the alliances and promotional campaigns which have been arranged have undoubtedly helped to increase adoption of the software. The marketing of packages like MySQL has also been effective. There is a pattern to be seen here: in almost all of the cases where a free software project has had an effective marketing operation, that project is owned and controlled by a single corporation. In such cases, the project's marketing plan is, in fact, a component of the company's plan; it's the company's control of the project which allows its marketing objectives to drive what the project does.
In the absence of that sort of control, it's not clear what a free software project's marketing team can achieve. Certainly a marketing group can point out areas of opportunity in the hope that developers will choose to pursue those opportunities. Such pointing-out must be done carefully, though; free software hackers tend to be irritated by those who seem to be trying to tell them what to do. Marketing teams can also fulfill a useful sales role by, for example, organizing booths at trade shows, distributing live CDs, convincing distributors to package the software, etc.
But it's not the marketing group which will bring about a project's success; that depends on the code, artwork, music, documentation, support, etc. provided by the project's members. A project is made by its community, not by a marketing plan. It's hard to imagine wanting that to change.
A recently released report on the security track record of Red Hat Enterprise Linux 4 (RHEL4) sets out to quantify the risks that an administrator would have faced when using the distribution. It takes a comprehensive look at all of the vulnerabilities that were classified as 'critical' in the two years since RHEL4 was released. A measure of pride is evident in the recognition that there were only three critical vulnerabilities in the default server install, a rather nice accomplishment; the study itself is an even better result and it should set the bar for other similar studies in the future.
In stark contrast to almost daily studies that purport to 'prove' that Redmond's latest offering is vastly superior to Linux in the security arena, the RHEL study simply looks at the reported vulnerabilities in that distribution and leaves any comparisons for others. The study mainly focuses on the critical vulnerabilities, but it does look at the 'Vulnerability Workload Index' for a server install with all available packages. This index is meant to give a rough measure of the amount of work an administrator would need to do to keep a system free from all vulnerabilities. The most interesting conclusion that can be drawn from the graph is that the overall workload is pretty flat, there are certainly peaks, but it is neither increasing nor decreasing over time. Because the software released with RHEL4 is, of course, getting older and the upstream projects are likely to be releasing newer versions, a case could be made either way regarding increasing stability vs. more security issues found over time and it would appear that the two roughly balance each other.
Flaws that get the 'critical' designation are those that can lead to a system compromise in an automatic way without any user action. These are the kinds of bugs that could be exploited by worms to invade and propagate. The critical designation has been stretched to cover web browser bugs that are exploited when a user visits a site with malicious code. The vast majority of critical bugs fall into the latter category and that difference leads to 60 flaws in a system with all packages installed, 50 of which can be traced to Mozilla products or the HelixPlayer plugin.
The study goes into the 60 critical flaws in some depth, categorizing them by type and reporting on the so-called 'days of risk' (number of days after a vulnerability report before a fix is available). All critical flaws were fixed within two calendar days and 60% were fixed on the same day. The riskiest packages are also listed using a weighted score based on the number and severity of bugs in that package with various Mozilla projects coming out on top. Interestingly, the kernel dropped from #1 last year to #4 in the current report.
The risk to a system is not only a function of the vulnerabilities in the packages it has installed; exploits 'in the wild' also factor into it. The report looks in detail at exploits for 37 vulnerabilities, many of which are, unsurprisingly, either browser or 'user complicit' exploits. Triggering a user complicit exploit requires convincing a user to perform some action with a malicious file; because administrators should be wary of such things or even of running a browser from a privileged account, the impact of those exploits are limited. The seven kernel and six server exploits represent a more dangerous class, with system compromise a distinct possibility. None of the kernel exploits were remote and all were either denial of service or privilege escalation bugs. Each of the server application exploits could lead to compromise of the non-root user that runs the service.
It is interesting to note that SELinux and Exec-Shield are specifically mentioned as either eliminating or reducing the impact of eleven of these exploits. Both of these security tools are installed by default with RHEL4 and are targeted at stopping or reducing the effectiveness of just these kinds of attacks. Exec-Shield uses address space randomization and protection against executing code from the stack to avoid executing arbitrary code in the presence of a buffer overflow or similar flaw. The SELinux policy that ships with RHEL4 restricts users and processes to only that set of resources they need for their normal function and that can reduce the kinds of problems an exploited process can cause. While they are no substitute for correctly written code, these technologies are clearly helpful to reduce security threats; with luck other techniques will come along that continue this kind of work.
This is the second report on RHEL4 security; the first covers the first year of release. Based on a comment on his original article, the author is planning a four year retrospective on RHEL3 in November which should be interesting as well. The comment indicates only six critical vulnerabilities in the RHEL3 default install in its three and a half years.
It is difficult to put a label on the level of 'security risk' that a particular system has, but RHEL4 would seem to have a fairly low risk overall. If one keeps up with the patches and is reasonably cognizant of security practices, the chances for a system compromise are low. This is a real accomplishment by the Red Hat team and should be a feather in the cap for Linux in general. No software is perfect and an operating system or distribution is just a collection of software so vigilance is required. Without examining our track record, it is difficult to gauge progress and this kind of report is an excellent way to track that progress; hopefully other distributions will follow suit.
|Created:||April 23, 2007||Updated:||April 25, 2007|
|Description:||The 3proxy development team reported a buffer overflow in the logurl() function when processing overly long requests. A remote attacker could send a specially crafted transparent request to the proxy, resulting in the execution of arbitrary code with privileges of the user running 3proxy. This has been fixed in the 3proxy 0.5.3i bugfix release.|
|Created:||April 23, 2007||Updated:||May 23, 2007|
|Description:||Jonathan So reported that the airodump-ng module does not correctly check the size of 802.11 authentication packets before copying them into a buffer. A remote attacker could trigger a stack-based buffer overflow by sending a specially crafted 802.11 authentication packet to a user running airodump-ng with the -w (--write) option. This could lead to the remote execution of arbitrary code with the permissions of the user running airodump-ng, which is typically the root user.|
|Created:||April 24, 2007||Updated:||April 25, 2007|
|Description:||Stefan Cornelius of Secunia Research discovered an insecure use of the "eval()" function in kmz_ImportWithMesh.py. A remote attacker could entice a user to open a specially crafted Blender file (.kmz or .kml), resulting in the execution of arbitrary Python code with the privileges of the user running Blender.|
|Package(s):||clamav||CVE #(s):||CVE-2007-1745 CVE-2007-1997|
|Created:||April 20, 2007||Updated:||May 9, 2007|
|Description:||The chm_decompress_stream function in libclamav/chmunpack.c leaks file
descriptors, which has unknown impact and attack vectors involving a
crafted CHM file. (CVE-2007-1745)
Integer signedness error in the (1) cab_unstore and (2) cab_extract functions in libclamav/cab.c might allow remote attackers to execute arbitrary code via a crafted CHM file that contains a negative integer, which passes a signed comparison and leads to a stack-based buffer overflow. (CVE-2007-1997)
|Created:||April 23, 2007||Updated:||April 25, 2007|
|Description:||CJ Kucera has discovered that some Courier-IMAP scripts don't properly handle the XMAILDIR variable, allowing for shell command injection. A remote attacker could send specially crafted login credentials to a Courier-IMAP server instance, possibly leading to remote code execution with root privileges.|
|Package(s):||opera||CVE #(s):||CVE-2007-1115 CVE-2007-1563 CVE-2007-2022|
|Created:||April 24, 2007||Updated:||April 25, 2007|
|Description:||Opera 9.20 fixes several vulnerabilities. See the Opera changelog for details.|
|Created:||April 24, 2007||Updated:||June 18, 2007|
|Description:||PostgreSQL 8.2 and all back versions are vulnerable to a privilege escalation exploit in SECURITY DEFINER functions.|
|Created:||April 19, 2007||Updated:||April 25, 2007|
|Description:||The sqlite lightweight DBMS has a buffer overflow vulnerability that may be used by context-dependent attackers to execute arbitrary code by using an empty value for the in parameter.|
|Created:||April 23, 2007||Updated:||April 25, 2007|
|Description:||A cross-site scripting (XSS) vulnerability in export_handler.php in WebCalendar 1.0.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the format parameter.|
Page editor: Jonathan Corbet
There have been no -mm releases in the past week.
For older kernels: 184.108.40.206 was released on April 23 with a handful of fixes. Users of the 2.4 kernel can choose between 220.127.116.11 (April 22, networking fixes), 18.104.22.168 (fixes a build problem in 22.214.171.124), or 2.4.35-pre4 (April 22, various fixes).
Kernel development news
Most of the discussion, though, has centered around the CFS scheduler. Several testers have reported good results, but others have noted some behavioral regressions. These problems, like most of the others over the years, involve the X Window System. So potential solutions are being discussed yet again.
The classic response to X interactivity problems is to renice the X server. But this solution seems like a bit of a hack to many, so scheduler work has often been aimed at eliminating the need to run X at a higher priority. Con Kolivas questions this goal:
Avoiding renicing remains a goal of CFS, but it's interesting to see that the v4 CFS patch does renice X - automatically. More specifically, the scheduler bumps the priority level of any process performing hardware I/O (as seen by calls to ioperm() or iopl(), the loop block device thread, and worker threads associated with workqueues. With the X server automatically boosted (as a result of its iopl() use), it does tend to be more responsive.
While giving kernel threads a priority boost might make sense in the long term, Ingo sees renicing X as a temporary hack. The real solution to the problem seems to involve two different approaches: CPU credit transfers between processes and group scheduling.
Remember that, with the CFS scheduler, each process accumulates a certain amount of CPU time which is "owed" to it; this time is earned by waiting while others use the processor. This mechanism can enforce basic fairness between processes, in that each one gets something very close to an equal share of the available CPU time. Whether this calculation is truly "fair" depends on how one judges fairness; if the X server is seen as performing work for other processes, then fairness would call for X to share in the credit accumulated by those other processes. Linus has been pushing for a solution along these lines:
The CFS v5 patch has the beginnings of support for this mode of operation. Automatic transfers of credit are not there, but there is a new system call:
long sched_yield_to(pid_t pid);
This call gives up the processor much like sched_yield(), but it also gives half of the yielding process's credit (if it has any) to the process identified by pid. This system call could be used by (for example) the X libraries as a way to explicitly transfer credit to the X server. There is currently no way for the X server to give back the credit it didn't use; Ingo has mentioned the notion of a sched_pay() system call for that purpose. There's also no way to ensure that X uses the credit for work done on the yielding process's behalf; it could just as easily squander it on wobbly window effects. But it's a step in the right direction.
A further step, in a highly prototypical form, is Ingo's scheduler economy patch. This mechanism allows kernel code to set up a scheduler "work account"; processes can then make deposits to and withdrawls from the account with:
void sched_pay(struct sched_account *account); void sched_withdraw(struct sched_account *account);
At this point, deposits and withdrawls all involve a fixed amount of CPU time. The Unix-domain socket code has been modified to create one of these accounts associated with each socket. Any non-root process (X clients, for example) writing to a socket will also make a deposit into the work account; root-owned processes (the X server, in particular) reading messages also withdraw from the account. It's all a proof of concept; a real implementation would require a rather more sophisticated API. But the proof does show that X clients can convey some of their CPU credits to the server when processor time is scarce.
The other idea in circulation is per-user or group scheduling. Here, the idea is to fairly split CPU time between users instead of between processes. If one user is running a single text editor process when another starts a kernel build with make -j 100, the scheduler will have 101 processes all contending for the CPU. The current crop of fair schedulers will divide the processor evenly between all of them, allowing the kernel build to take over while the text editor must make do with less than 1% of the available CPU time. This situation may be just fine with kernel developers, but one can easily argue that the right split here would be to confine the kernel build to half of the available time while allowing the text editor to use the other half.
That is the essence of per-user scheduling. Among other things, it could ease the X interactivity problem: since X runs as a different user (root, normally), it will naturally end up in a separate scheduling group with its own fair share of the processor. Linus has been pushing hard for group scheduling as well (see the quote of last week). Ingo responds that group scheduling is on his mind - he just hasn't gotten around to it yet:
In other words, the automatic renicing described above is not a permanent solution; instead, it's more of a proof of concept for group scheduling. Ingo goes on to say that there's a lot of other important factors in getting interactive scheduling right; in particular, nanosecond accounting and strict division of CPU time were needed. Once all of those details are right, one can start thinking about the group scheduling problem.
So there would appear to be some work yet to be done on the CFS scheduler. That will doubtless happen; meanwhile, however, Linus has complained that some of this effort may be misdirected at the moment:
One might argue that any work which is intended for the upcoming 2.6.22 merge window needs to be pulled into shape now. But the replacement of the CPU scheduler is likely to take a little bit longer than that. Given the number of open questions - and the amount of confidence replacing the scheduler requires - any sort of movement for 2.6.22 seems unlikely.
Given that filesystem checks are something we have to deal with, it's worth thinking about how we might make them faster in the era of terabyte disks. One longstanding idea for improving the situation was recently posted in the form of chunkfs, "fs fission for faster fsck." The core idea is to take a filesystem and split it into several independent filesystems, each of which maintains its own clean/dirty state. Should things go wrong, only those sub-filesystems which were active at the time of failure need to be checked.
Like many experimental filesystem developments, chunkfs is built upon ext2. Internally, it is a series of separate ext2 filesystems which look like a single system to the higher layers of the filesystem. Each chunk can be maintained independently by the filesystem code, but the individual chunks are not visible outside of the filesystem. The idea is relatively simple, though, as always, there are a few pesky details to work out.
One is that inode numbers in the larger chunkfs filesystem must be unique. Each chunk, however, maintains its own list of inodes starting with number one, so inode numbers will be reused from one chunk to the next. Chunkfs makes these numbers unique by putting the chunk number in the upper eight bits of every inode number. As a result, there is a maximum of 256 chunks in any chunkfs filesystem.
A trickier problem comes about when a file grows. The filesystem will try to allocate additional file blocks in the chunk where the file was originally created. Should that chunk fill up, however, something else needs to happen; it would not be good for the filesystem to return "no space" errors when free space does exist in other chunks. The answer here is the creation of a "continuation inode." These inodes track the allocation of blocks in a different chunk; they look much like files in their own right, but they are part of a larger array of block allocations. The "real" inode for a given file can have pointers to up to four continuation inodes in different chunks; if more are needed, each continuation inode can, itself, point to another four continuations. Thus, continuation inodes can be chained to create files of arbitrary length.
This code is in a relatively early state; the text with the patch notes that "this is a preliminary implementation and lots of changes are expected before this code is even sanely usable." There is a set of tools which can be used by people who would like to test out chunkfs filesystems with well backed-up data. With some care and some testing, chunkfs may grow to the point that it's stable and shortening fsck times worldwide.
Meanwhile, one of the longest stories in Linux filesystem development has to be the reiser4 filesystem. By the time Hans Reiser first asked for the merging of reiser4 in July, 2003, the filesystem had been under development for some years. Almost four years have passed since then, and reiser4 remains outside of the mainline kernel. Hans Reiser is now out of the picture, his company (Namesys) is in trouble, and, to a casual observer, reiser4 appears not to be going anywhere.
There has been a recent increase in interest in this filesystem, though. It turns out that two Namesys employees are still working on the filesystem "mostly on enthusiasm." They have been feeding patches through to the -mm tree, and they are getting toward the end of their list of things to fix. So we might see a new push for inclusion of reiser4, perhaps as soon as 2.6.23. But, says Andrew Morton, some things would have to happen; in particular, there needs to be a new review of the reiser4 code.
Or we could move all the reiser4 code into kernel/sched.c - that seems to get people fired up.
Your editor will go out on a limb and suggest that a mass move of the reiser4 code is unlikely. But a new round of talk on actually merging this filesystem is starting to look reasonably likely. There's enough work - and enough interesting ideas - in this code that people are unwilling to let it just fade away. Perhaps, soon, it will be heading for its long-sought spot in the mainline.suspend2 suspend-to-disk code. Ingo Molnar, acting on the reports, found and fixed a bug in CFS. As a way of returning the favor, he then posted a review of the suspend2 code, noting that "the patch looks sane all around" and asking whether there were any plans to get suspend2 into the mainline kernel.
Perhaps Ingo wasn't listening the past few times this topic has been brought up. His question was music to suspend2 author Nigel Cunningham's ears; Nigel promptly responded with a lengthy reasons to merge suspend2 document. Among many other things, he notes that the user-space software suspend implementation (uswsusp) is still running behind suspend2 in features. It is true that little has been heard from uswsusp in recent times; there has not been a release since last November. Uptake by distributors has been slow. But that didn't stop uswsusp hacker Pavel Machek from jumping in saying "Well, current uswsusp code can do most of stuff suspend2 can do, with 20% (or so) of kernel code."
Those who followed the discussion one year ago when uswsusp was merged may remember that it triggered a debate on which functions can sensibly be moved out of the kernel to user space. Many developers thought that suspend-to-disk functionality was, perhaps, on the wrong side of that line. After this debate, the number of proposals for moving functionality out of the kernel fell significantly. People are still sensitive to the issue, though, as can be seen in this response from Linus:
In a later, calmer moment he added:
This discussion should help to keep a lid on future "move kernel code to user space" projects. While there are certainly times when such moves make sense, there are also situations where putting functionality in user space just makes things harder. That said, one should not expect the recently-posted Kcli patch, intended to help move entire applications into the kernel, to get into the mainline anytime soon.
Meanwhile, what about suspend2? It is possible that the renewed discussion might provide some impetus for the merging of this longstanding development. Certainly suspend2 has a significant user community which would appreciate inclusion in the mainline. The amount of discussion has been relatively low, though. It may well be that enough systems now have working suspend-to-RAM support that the level of interest in suspend-to-disk is rather lower than it once was.
Patches and updates
Core kernel code
Filesystems and block I/O
Virtualization and containers
Page editor: Jonathan Corbet
News and Editorialssome release highlights for the upcoming Fedora 7 release. Here's a quick look.
Fedora 7 will have Spins with different combinations of software to meet the requirements of end users. Each spin contains a very small boot.iso image for network installation. Users will be able to add GNOME and KDE to create live CDs that will also work as a single disk install. Other users looking for an upgrade path may spin a regular image for desktops, workstations and servers. A third possibility is to create a set of DVD images that include all the software in the Fedora repository.
For the desktop user Fedora 7 will have GNOME 2.18 and KDE 3.5.6. Fast User Switching has been integrated, display devices can be hot plugged and work automatically, thanks to the inclusion of Xorg Server 1.3, and NetworkManager presents a graphical interface that allows users to quickly switch between wireless and wired networks for increased mobility. Also Fedora 7 has a new "Flying High" theme, Firefox 2, improved I18N support, and the SELinux troubleshooting tool 'setroubleshoot' is enabled by default. The kernel has a new FireWire stack for more robust device handling and it implements dynamic ticks for improved power management. The experimental nouveau driver has been integrated within Xorg and the kernel for those with nVidia cards. The mac80211 (formerly Devicescape) wireless stack is also part of the Fedora kernel.
Smolt is an opt-in hardware profiler used to get anonymous, automated hardware information from users. It has been integrated with firstboot in the installer and all data is available on the Smolt homepage. The profile information will be used to encourage cooperation from vendors in improving end user hardware experience, and to prioritize development and quality assurance on commonly used hardware.
The Fedora Directory Server base is now part of the Fedora software repository. Also all of the Python software available in the repository uses Python 2.5.
All in all, Fedora 7 is shaping up to be great release.
New ReleasesForesight Desktop Linux v1.2.1 has been released. This version provides some package updates, "...but mostly we have replaced firstboot with a more robust mechanism for configuring Xorg and creating the first user." OpenPKG Enterprise 1 Pro is tailored for SMEs and professionals, replaces OpenPKG Community 2-STABLE and this way fills the gap between OpenPKG Community CURRENT and OpenPKG Enterprise 1." OpenPKG is revising its offerings to better balance the needs of enterprises, professionals and developers. The Ubuntu team is proud to announce version 7.04 of the Ubuntu family of distributions. Ubuntu is a Linux distribution for your desktop or server, with a fast and easy install, regular releases, a tight selection of excellent software installed by default, an incredible variety of add-on software available with a few clicks, and professional technical support from Canonical Limited and hundreds of other companies around the world."
Distribution NewsGoogle will fund the students mentioned below to work full time on these tasks during their summer vacation, from May 28th to August 20th. They will be guided and evaluated during this time by active Debian developers." here) suggest that this is a popular idea in the openSUSE community. The Community Council is our highest governing body of the project, and makes fundamental decisions around our community structure, and code of conduct. They serve to mediate disputes and also appoint the leaders of key community teams. We specifically have 5 independent candidates because we believe that it's important to have a broad coverage of timezones and areas of expertise on the CC." Xandros engineers worked closely with their Linux Foundation counterparts in perfecting the new, automated testing procedures that will facilitate broad application developer support to Xandros Server 2.0 and all other standards-based Linux operating systems."
New DistributionsBugnux is a live CD Linux distribution made specifically for software testers. It is based on Mandriva and PCLinuxOS and runs entirely in RAM. Bugnux contains an extensive set of open source software testing tools that can be used for functional and performance testing. It also has standalone tools to test GUI applications and Mozilla Firefox extensions as well as a set of stress and load testing tools that can be used to assist in testing performance of web applications. Polippix is the Political Linux Distribution of Denmark. It was created to counter the increasing amount of surveillance in Denmark, where the ISP's will soon be required to log a lot of data. The CD has created quite a stir in Denmark recently. Read more in this MadPenguin review. (Thanks to pointwood) An initial version of the XtreemOS operating system for PCs is planned to be distributed under open source licence after the first two years of the project (Spring 2008). The XtreemOS system will eventually be available for a wide range of hardware platforms: PCs, clusters and mobile devices (mobile phones, PDAs, etc.)."
Distribution NewslettersGentoo Weekly Newsletter for April 16, 2007 covers GWN seeking writers, April Gentoo Council meeting, Gentoo on AppleTV, and several other topics. DistroWatch Weekly for April 23, 2007 is out. "The week belonged to Ubuntu, whose new version 7.04 was made available as planned despite the skipped release candidate a week earlier. The hype surrounding the new release of the popular operating system completely eclipsed that of another desktop-oriented distribution - Mandriva Linux 2007.1, which was also made available last week, but which generated little excitement in comparison. Also in the news: a new openSUSE-based live CD featuring the latest KDE 4 snapshot, a link to an interview with Novell's Nat Friedman, and an update on the development of PC-BSD. Finally, don't miss our fifth and final part of the overview of top ten distributions, featuring Gentoo Linux and FreeBSD."
Newsletters and articles of interestCentOS 5.0, Ubuntu 7.04 and Debian 4.0.
Distribution reviewsreviews CentOS 5.0. "CentOS is more than RHEL with the trademarks removed, which in itself is a big job as you'll see in the Release Notes. (The CentOS team are so paranoid about infringing on Red Hat's trademarks that you'll find hardly any mentions of "Red Hat" in the CentOS distribution or on the Web site. Instead, they refer to it as "UOP", or Upstream Operating system Provider.) They maintain their own package repositories, and apply security patches as they receive them from upstream. CentOS supports a range of hardware architectures as this matrix shows. They're always going to be behind RHEL; with security fixes they're right on top of things, and with things like new releases and support for multiple architectures, they sometimes lag a few weeks behind RHEL. It's free and it's binary-compatible with RHEL, so no complaining allowed." covers a new live CD Linux distribution targeted at newbies and technophobes. "BabelLinux is tailored for simplicity, to give users access to the seven most common applications. It boots from the (free) CD, and once booted the OS can't write to the local hard drive or USB media. Instead, users can store their data online in the "BabelBank" - which is how the venture will get its revenue."
Page editor: Rebecca Sobol
The project is still in the early phases of its development, basic features are still being added: "Currently, there are two major features missing. The first is bug listings. The links to List Bugs at the top of each page will go nowhere. This should be implemented quite quickly. The other major feature is dealing with merging."
DisTract is being released under the 3-clause BSD license. The software has been written in the Haskell language and takes advantage of several open-source packages. The movement of bugs across the net is handled by Monotone, a distributed version control system and the Markdown text-to-HTML conversion tool is used for working with bug descriptions and comments. DisTract defines bug information with its Bug Fields. Three field types have been defined: free form fields are for basic bug descriptions, simple lists are for keeping track of things like bug revision histories and graphs are for tracking the state of bugs.
Release 0.1.1 of DisTract came out after the original announcement, it focuses on building the code: "This version has no new features other than the fact that it actually compiles in a sane way which no longer requires endless amounts of jiggery-pokery. This has been achieved by improving the hinstaller module which DisTract depends on. Thus for all of you who downloaded the source tarball of version 0.1 and were then deeply alarmed by the compilation instructions, fear not. The Compilation page is now, correspondingly, simpler!"
DisTract is available for download here.
Database Softwareshows how to build a data warehouse with MySQL. "Most of us are at least somewhat familiar with the kind of relational database schemas that are created for e-commerce sites, among others. But there's another kind of database model out there: the data warehouse. Sam Tregar gives us the lowdown on this highly UNrelational database." The frequency of security fixes recently is a result of increased scrutiny of the PostgreSQL code by government agencies and security-conscious companies." SQLite, a light weight DBMS, is out. Changes include: "Performance improvements added in 3.3.14 but mistakenly turned off in 3.3.15 have been reinstated. A bug has been fixed that prevented VACUUM from running if a NULL value was in a UNIQUE column."
InteroperabilityThis is the third release candidate of the Samba 3.0.25 code base and is provided for testing only. An RC release means that we are close to the final release but the code may still have a few remaining minor bugs. This release is *not* intended for production servers. There has been a substantial amount of development since the 3.0.23/3.0.24 series of stable releases. We would like to ask the Samba community for help in testing these changes as we work towards the next significant production upgrade Samba 3.0 release."
Mail Softwarehas been announced. "Hermes is a generic, transparent, multi-platform anti-spam SMTP proxy that uses a combination of techniques (like greylisting, throttling, etc.) to stop spam from reaching your mailbox. It's compatible with most SMTP extensions like STARTTLS (for SSL security) and SMTP-AUTH (for user authentication)."
Networking ToolsThis is the first release the PowerDNS Authoritative Server since the Recursor was split off to a separate product, and also marks the transfer of the new technology developed specifically for the recursor, back to the authoritative server. This move has reduced the amount of code of the Authoritative server by over 2000 lines, while improving the quality of the program enormously."
Web Site DevelopmentMidgard 1.8.3 release includes major bugfixes and replication framework enchancements. " mnoGoSearch, a cross-platform web site search engine, is out. See the change log for a list of new features and bug fixes.
Audio Applicationsannounced the latest issue of the Amarok Weekly Newsletter. "A new issue of the Amarok newsletter is out. It talks about interesting new developments, Amarok's Summer of Code projects, the current events in the 1.4 stable branch, and continues to provide cool Amarok-related tips." jack_nuke is a client for the Jack Audio Connection Kit used to generate "unwanted" data on jack ports (both midi and audio) to test the robustness of other jack client applications. For those who've heard of Jack demolition, jack_nuke proposes similar functionalities as far as audio is concerned (jack_nuke is based on its code)." ofqf is a native OSC implementation in Qt4. Native means that ofqf doesn't depend on other external libs (except for QtCore and QtNetwork) and ofqf isn't just a wrapper around liblo or something."
Desktop PublishingDockboard has been announced. "Dockboard is an outline editor created for authors writing books, articles, and other published works. It provides the ability to organize small to large documents." Compared with the previous beta release we have fixed several bugs and added some graphical improvements: A new math toolbar replaces the old (faithful) math panel. The converter file cache can be now configured in the graphical interface. The TOC dialog is now a dock widget, embedded in the main window."
ElectronicsgEDA electronic design and analysis project had a recent code sprint. "The 5th worldwide gEDA code sprint was held last Saturday (2007//10). This sprint was particularly successful (with at least ~20 different people hanging out in irc). The irc log from this code sprint has been posted."
GamesGlobulation 2 has been announced. "Globulation 2 is an innovative Real-Time Strategy (RTS) game which reduces micro-management by automatically assigning tasks to units." See the Changes document for information on this release.
Mail ClientsClaws Mail, an email client, has been announced. "This release fixes a security bug (CVE-2007-1558) which affects APOP users. If you're using APOP for POP3 authentication you are strongly advised to upgrade." an announcement for the Thunderbird 2 email client. "Scott MacGregor of Team Thunderbird writes in with news of the release of Mozilla Thunderbird 2: "Thunderbird 2 is now available for download on Windows, Mac and Linux in over 35 languages. Thunderbird 2 offers easy ways to manage and organize your email with message tags, advanced folder views, message history navigation, find as you type, and improved new mail alert notifications." See the Thunderbird 2 Features page for more information on this release.
Office SuitesThe OpenOffice.org community is pleased to announce plans to extend the power of the database application, Base, with Report Designer, based on Pentaho's open-source reporting engine. Scheduled to be available in the next feature release of OpenOffice.org, Report Designer will particularly interest business users, as it will give them the ability to create sophisticated business intelligence reports from various sources, including OLAP and XML, and save them using the OASIS OpenDocument format, or ODF, the ISO-approved open standard for file format, among others."
Web Browsersreports that support for Firefox 1.5 - which was supposed to end on April 24 - has been extended to mid-May. "This suggests that the Mozilla Corporation wants to extend support for Firefox 1.5 until after Firefox 2 has been pushed out to 1.5 users via the software update feature built in to the browser. To date, the update functionality in 1.5 has only offered 1.5.0.x patches to users, despite the Mozilla Corporation's stated intention to allow 1.5.0.x to 2.0.0.x upgrades."
Languages and Tools
C... I'm not going to consider any of these issues blockers after Sunday, April 29. At that point, I plan to freeze the branch and build a release candidate. Then, about a week later, I plan to release 4.2.0. There has been more than enough time for people to test and fix bugs." We held a GCC mini-summit at Google on Wednesday, April 18. About 40 people came. This is my very brief summary of what we talked about. Corrections and additions very welcome. The goal of the mini-summit was just to let gcc developers meet face to face and talk. There was no goal of actually making any decisions, and, indeed, no decisions were made."
C++I have just created a new branch for development of C++0x-specific features in the GNU C++ front end. The branch is branches/cxx0x-branch in Subversion, and information about this branch is available at http://gcc.gnu.org/projects/cxx0x.html."
JavaFull merge of 1.5 generics work. Bootstrappable with OpenJDK javac compiler. URLConnection timeout support. TimeZone can use platform zoneinfo file when available. The Collection classes, lang.management and util.spi have been updated to 1.6. Addition of 1.6 ServiceLoader. Speedup for cairo and freetype Graphics2D support. The ASM library is now included. Better detection of browser plugin mechanisms for gcjwebplugin applet support in mozilla, iceweasel and firefox." works with JMS topics and queues on O'Reilly. "Most JMS destinations are created administratively and treated as static resources, but you can dynamically create your own topics and queues at runtime. In this article, Thribhuvan Thakur shows us how to create temporary JMS topics and queues, and discusses architectural reasons why we might want to do so."
PerlWeekly Perl 6 mailing list summary is out with coverage of the latest Perl 6 developments.
PostScripthas been announced. "Artifex Software, Inc. and artofcode LLC are pleased to announce the release of GPL Ghostscript 8.65. This is the latest in our stable 8.5x series, and the first new release since we began developing under the GPL. In addition to numerous bug fixes, conformance with published test suites is much improved in this release."
PythonThis is the first bugfix release of Python 2.5. Python 2.5 is now in bugfix-only mode; no new features are being added. According to the release notes, over 150 bugs and patches have been addressed since Python 2.5, including a fair number in the new AST compiler (an internal implementation detail of the Python interpreter). This is a production release of Python, and should be a painless upgrade from 2.5."
XMLponders beautiful XML design on O'Reilly. "Given that beauty is in the eye of the beholder, I had better define some criteria. To me, technology is beautiful when it achieves a balance between power and simplicity -- hitting a local maxima in the design space, if you will, such that it cannot be made any simpler without making it less powerful, and it cannot be made any more powerful without losing its simplicity."
MiscellaneousBIEW has been announced. "BIEW (Binary vIEW) is a free, portable, advanced file viewer with built-in editor for binary, hexadecimal and disassembler modes."
Page editor: Forrest Cook
Linux in the news
Recommended Readingexamines some FUD. "As I've noted before, I am something of a connoisseur of Microsoft's FUD against open source, in part because I believe each successive FUD-flavour of the month gives important hints about the evolution of the thinking and strategy within the company. The latest development in this area, which revolves around patents, is no exception -- not least because I think people are drawing the wrong conclusions from it." covers this week's bad software patent - one which could well come to bite the free software community as well. "The patent in question was originally filed by Xerox back in 1991. It referenced that company's earlier patents, dating back to 1984, that dealt with graphical user interfaces. This specific patent describes a 'workplace' that consists of multiple windows and 'other display objects' on the screen, and describes each window as potentially containing a 'linking data structure.' If a user clicks on one of the links in each window, it can cause the contents of said window to change, reflecting a different 'workplace.'"
Trade Shows and Conferenceslooks forward to eLiberatica. "eLiberatica, the first national Romanian conference on free and open source software (FOSS), is scheduled for May 18-19 in the city of Braşov. The conference is the result of 18 months of planning by Lucian Savlac, a Romanian immigrant to Canada, assisted by FOSS licensing consultant Zak Greant. The goal is nothing less than unifying FOSS promotion throughout Romania and encouraging its adoption by business through grassroots organization. The goal, says Greant, "is to help build a broad, sustainable, effective free and open source movement in Romania that includes programmers, university students, and business people."" This Channels India article, the Open Invention Network has started a road show in India. "'Many Indian software development companies and customers have found it challenging to understand and adhere to intellectual property IP and patent rules and regulations,' said Jerry Rosenthal, chief executive officer of Open Invention Network. 'Because Linux is based on openness and sharing of the software code base, it is ideally suited for Indian software developers, vendors, resellers and customers that want access to powerful IT technology without worrying about IP and patent issues.'" covers the recent Linux on Wall St. conference. "Tim Burke, director of emerging technologies at Red Hat, took the stage at the Linux on Wall St. conference and provided the suit-and-tie audience with a real business case for Real Time Linux, the next evolution of Linux."
Companieslooks at an IBM announcement. "Today, IBM announced a public beta trial of a virtual Linux environment that will let x86 applications run on its System p Unix servers without modification. The new IBM System p Application Virtual Environment (AVE) technology will allow x86 binaries to run as well without modification, removing the biggest barrier against effective virtualization for some companies. As a result, customers will be able to consolidate dozens, if not hundreds, of servers into one virtual environment." covers Red Hat's promotion of open-source science. "Red Hat is taking a second crack at trying to spread its open-source philosophy beyond the realm of software development. On Wednesday, the Raleigh, N.C.-based Linux seller announced a partnership with the nearby University of North Carolina to try to encourage use of the open, collaborative model in the fields of health care research, biotechnology, bioinformatics and public policy. "The history of open source has taught us that the more broadly and transparently information is shared and re-used, the faster and stronger the results," Joanne Rohde, Red Hat's executive vice president of operations, said in a statement." reports that Red Hat has acquired MetaMatrix. " Red Hat has reached an agreement to acquire privately held data management firm MetaMatrix, the companies announced Tuesday. Red Hat executives said MetaMatrix's software will be bundled in with its JBoss middleware as part of a services-oriented architecture package."
Linux Adoptionreports that Michael Dell is using Ubuntu Linux on his laptop. "What operating system do the heads of Fortune 500 companies run on their personal laptops? In the case of Michael S. Dell, president and CEO of Dell, it's Ubuntu 7.04 Feisty Fawn. Yes, the head of Dell Inc., with a market-capitalization of just south of $56-billion, isn't just saying that Dell will be selling Linux-equipped PCs in the near future -- he's already running Linux at home."
Interviewshas announced the latest interview in the People Behind KDE series. "For the next interview in the fortnightly People Behind KDE series we travel over to Germany to talk to the key to your personal information storage, a highly dedicated KDE-PIM developer (though hide any small animals when visiting his apartment!) - tonight's star of People Behind KDE is Volker Krause." talks briefly with Bob Metcalfe. "It's the sustainability long-term of the open source model that I worry about. Who will take care of the software after the novelty wears off and the volunteers lose interest and get real jobs?" Mr. Metcalfe appears not to have noticed that an awful lot of those "volunteers" already have real jobs.
Resourcesintroduces Rails' ActiveRecord on O'Reilly. "ActiveRecord is one of the key elements that makes up Ruby on Rails. It is the crucial link between Rails and the underlying databases that fuel it. Gregory Brown, lead developer of Ruby Reports, begins a two-part exploration of what makes ActiveRecord tick."
Reviewslooks at Recoll. "Desktop search engines are all the rage these days. While Beagle may be the most popular desktop search engine for Linux, there are alternatives. If you are looking for a lightweight and easy-to-use yet powerful desktop search engine, you might want to try Recoll. Unlike Beagle, Recoll doesn't require Mono, it's fast, and it's highly configurable. Recoll is based on Xapian, a mature open source search engine library that supports advanced features such as phrase and proximity search, relevance feedback, document categorization, boolean queries, and wildcard search." reviews ThinkingRock on News.com. "ThinkingRock is not released under a free software license, but it is freely distributable, and the creators have indicated that it may be relicensed when the 2.0 version is released. ThinkingRock is not your everyday task manager. If you're not into the Getting Things Done method of task management, ThinkingRock will feel more than a little awkward." takes a look at ViziFrame. "A company specializing in weather reporting has used Linux to build an inexpensive digital sign capable of delivering custom weather channels to truckstops, private airports, marinas, and golf courses. ItWorks's ViziFrame runs Slackware Linux on an x86 processor, and supports TVs or computer displays."
Miscellaneouslooks at the recently announced GNOME Mobile & Embedded Initiative (GMAE). "The GNOME Mobile & Embedded Initiative will advance the use, development and commercialization of GNOME components as a mobile and embedded user experience platform. It brings together industry leaders, expert consultants, key developers and the community and industry organizations they represent."
Page editor: Forrest Cook
Non-Commercial announcementsThe directive now goes to the Council for its first reading. Several Council members, such as the Dutch and UK governments, have already expressed serious concerns about the scope and nature of this directive." The Electronic Frontier Foundation's (EFF's) European Office today announced a broad coalition aimed at fixing a poorly drafted intellectual property enforcement proposal that could make criminals of thousands of people in the European Union. The Second Intellectual Property Rights Enforcement Directive (IPRED2) -- set for vote in the European Parliament early next week -- makes "aiding, abetting, or inciting" intellectual property infringement on a "commercial scale" a criminal offence. However, IPRED2 defines criminal offences so vaguely that creators of legitimate websites, Internet service providers, and even librarians could be investigated by the police and face criminal records as well as fines of hundreds of thousands of euros." FSFE criticises the proposed "second Intellectual Property Enforcement Directive" (IPRED2) for sweeping criminalisation across various areas of law and loosely described areas of activity, including for 'attempting, aiding or abetting and inciting.' The proposed text criminalises these acts for infringement of many dissimilar laws including copyright, trademark, and patents. "This threatens" according to a press release of FSFE "to introduce intimidating degrees of punishment to activities which individuals, community-based projects, and other small to medium-sized groups participate in - groups that may not have sufficient money or lawyers to defend their rights in court."" The Electronic Frontier Foundation (EFF) took aim today at a bogus patent threatening innovative technologies that enhance consumer awareness, requesting a reexamination by the United States Patent and Trademark Office (PTO). NeoMedia Technologies, Inc., claims to own rights to all systems that provide information over computer networks using database-like lookup procedures that rely on scanned inputs, such as a barcode. NeoMedia has used these claims not only to threaten and sue innovators in the mobile information space, but also to intimidate projects focused on increasing awareness among consumers about the social and environmental impact of the products they buy." a weblog entry on what he will be doing once the GPLv3 process stops dominating his life. "As I return to teaching at Columbia I need to concentrate more of my remaining spare time and effort on the affairs of the Software Freedom Law Center, which is inevitably going to mean less involvement with the affairs of other organizations I care very much about. In particular, its time for me to leave the board of directors of the Free Software Foundation, where Ive been since 2000." announced its six newest members. "The Open Solutions Alliance (OSA), a nonprofit, vendor-neutral consortium dedicated to driving interoperability and adoption of comprehensive open solutions, today announced that six new organizations have joined the Alliance. The new members include Black Duck, The Mambo Foundation, Onepoint, The Open Source Technology Alliance (TOSTA), Palamida and Project.net. The OSA today has 18 members."
Commercial announcementsannounced a deal wherein CollabNet will be buying the SourceForge Enterprise Edition code and business from VA. The SourceForge site will apparently remain with VA. "With the addition of SourceForge Enterprise Edition business to CollabNet's product portfolio and team, we have become the standard for this new method of performing decentralized development. Unlike conventional software development systems, CollabNet's solutions are designed to promote and optimize the benefits of collaboration and distributed software development, based on open source principles" No mention of open-sourcing the newly-acquired code, however. (Thanks to Rick Moen, who has posted some history of the SourceForge code). The revamped tool set features a complete graphical user interface makeover making it more flexible and easy to customize. NightStar 4.1 is one of the most advanced, yet easy-to-use debugging environments for troubleshooting and tuning complex Linux software applications." announced a patent deal. "In these product lines, Samsung and its distributors and customers may utilize Microsoft's patents in Samsung's products with proprietary software, and Samsung will also obtain coverage from Microsoft for its customers' use of certain Linux-based products." announced the availability of the Java technology stack and developer tools for Ubuntu 7.04. "This stack, which is comprised of key popular Java technologies such as GlassFish(TM) v1 (the open source Java Platform, Enterprise Edition 5 implementation), Java Platform, Standard Edition (JDK 6), Java DB 10.2 (built from Apache Derby) and NetBeans(TM) IDE 5.5 -- will be available in the Multiverse component of the Ubuntu repository on April 19." announced the launch of the Zenoss Global Partner Program. "The new program brings expanded services and technology capabilities to Zenoss users worldwide and creates new business opportunities for systems integrators, hosters, managed service providers, ISVs and OEMs. The Zenoss Global Partner program provides a business and technology framework for partnering with Zenoss, Inc. to deliver professional services, managed services and technology solutions related to Zenoss Core, the highest ranking open source IT monitoring solution on Sourceforge.net."
Contests and Awardsannounced the winning of CODiE awards by SUSE Linux Enterprise Desktop and ZENworks Asset Management. "Novell's Linux* and enterprise management services took home top honors for Best Open Source Solution and Best Asset Management Solution at the 2007 CODiE awards, the annual program led by the Software Industry and Information Association (SIIA) to recognize innovation in the software industry. SUSE(R) Linux Enterprise Desktop from Novell(R) won in the open source category, while Novell ZENworks(R) 7.5 Asset Management beat out the competition in the asset management category."
Education and CertificationThe Linux Professional Institute, the world's premier Linux certification organization, announced new affiliates throughout Europe and Africa including LPI-Spain, LPI-France, LPI-Maghreb, LPI-Malta/Cyprus and a new partner in South Africa."
Calls for Presentations
Upcoming Eventshas announced the Edu and School Day, which will take place in Glasgow, Scotland during the Akademy conference. "You are invited to aKademy Edu & School Day on Tuesday 3rd July. This day will focus on installing and running free educational software in schools, presenting software as well as getting feedback from teachers and community people." DAM-4 is being held in conjunction with the Linux Foundation Collaboration Summit. The Linux Foundation Desktop Linux workgroup is planning and sponsoring this event for the desktop architects. Once again, the intent of this meeting is to bring desktop organizations together to address common problems and to create some working synergy across organizations." has been announced. This year's program will examine how open technologies are making breakthroughs in the mainstream IT community, and delve into the advances on the open source horizon. Now in its ninth year, OSCON is the annual gathering of developers, hackers, visionaries, and alpha geeks who are driving the open source movement. OSCON returns to the Oregon Convention Center in Portland, Oregon July 23-27, 2007." announced the SugarCRM Global Developer Conference. "SugarCRM, the world's leading provider of commercial open source customer relationship management (CRM) software, today announced that it will host the first ever SugarCRM Global Developer Conference, May 3-5, 2007, at the Sainte Claire Hotel in San Jose, California. HP, Intel, Microsoft, MySQL, Novell, Pervasive, Oracle and Sun are among the industry leaders sponsoring the conference, which is designed for developers, administrators, users, and managers of CRM projects."
|Ubuntu Education Summit||Sevilla, Spain|
|SugarCRM Global Developer Conference||San Jose, CA, USA|
|Libre Graphics Meeting 2007||Montreal, Quebec, Canada|
|LayerOne Security Conference||Pasadena, CA, USA|
|May 5||Ubucon - Sevilla||Sevilla, Spain|
|Ubuntu Developer Summit||Sevilla, Spain|
|May 7||CommunityOne||San Francisco, CA, USA|
|World Summit on Intrusion Prevention||Baltimore, MD, USA|
|Annual Java Technology Conference||San Francisco, CA, USA|
|OSHCA 2007||Kuala Lumpur, Malaysia|
|Red Hat Summit||San Diego, CA, USA|
|IEEE International Workshop on Open Source Test Technology Tools||Berkeley, CA, USA|
|May 10||NLUUG Spring Conference 2007||Ede, The Netherlands|
|Conferenze Italiana sul Software Libero||Cosenza, Italy|
|KOffice ODF Weekend||Berlin, Germany|
|The Pure Data Spring School 2007||Glasgow, Scotland|
|php|tek||Chicago, IL, USA|
|RailsConf 2007||Portland, Oregon|
|eLiberatica Open Source and Free Software Conference||Brasov, Romania|
|FreedomHEC||Los Angeles, CA|
|BSDCan 2007||Ottawa, Canada|
|The 3rd International Workshop on Software Engineering for Secure Systems||Minneapolis, Minnesota, USA|
|Rockbox International Developers Conference 2007||Stockholm, Sweden|
|May 19||Grazer LinuxDays 2007||Graz, Austria|
|Make Magazine Maker Faire 2007||San Mateo, CA, USA|
|May 19||Linuxwochen Austria - Graz||Graz, Austria|
|International PHP 2007 Conference||Stuttgart, Germany|
|Python Bootcamp with David Beazley||Atlanta, USA|
|Open Source Business Conference||San Francisco, USA|
|Linux Days 2007, Geneva||Geneva, Switzerland|
|PGCon 2007||Ottawa, ON, Canada|
|May 25||Linuxwochen Austria - Krems||Krems, Austria|
|May 26||PAKCON III||Karachi, Pakistan|
|Where 2.0 Conference||San Jose, CA, USA|
|European ADempiere Developers Conference||Berlin, Germany|
|I FLOSS CONFERENCE RESISTENCIA||Resistencia, Argentina|
|3rd UNIX Days Conference - Gdansk 2007||Gdansk, Poland|
|Linuxwochen Austria - Wien||Wien, Austria|
|Journées Python Francophones||Paris, France|
|PyCon Uno - First Python Italian conference||Florence, Italy|
|June 10||Pluto Meeting 2007||Padova, Italy|
|Third International Conference on Open Source Systems||Limerick, Ireland|
|Linux Foundation Collaboration Summit||Mountain View, CA, USA|
|June 16||DebianDay||Edinburgh, Scotland|
|June 16||Firefox Developer Conference||Tokyo, Japan|
|Debian Developer Conference||Edinburgh, Scotland|
|2007 USENIX Annual Technical Conference||Santa Clara, USA|
|O'Reilly Tools of Change for Publishing Conference||San Jose, CA, USA|
|Advanced Workshop on GCC Internals||Bombay, India|
|IT Underground||Dublin, Ireland|
|June 20||Open Source Showcase @ OpenAdvantage||Birmingham, UK|
|June 23||Mozilla Developer Day||Paris, France|
|SOA World Conference and Expo 2007||New York, NY, USA|
|2007 Linux Symposium||Ottawa, Canada|
|Summer School of Sound||Lancaster, UK|
|June 29||NLUUG event theme innovation Enschede||Enschede, the Netherlands|
|Akademy 2007||Glasgow, Scotland|
If your event does not appear here, please tell us about it.
Event Reportsweb site for the recent 2007 Linux Audio Conference (LAC) has been updated. "It took us a while, but finally (and hopefully) the last updates have been made to the LAC website."
Page editor: Forrest Cook
Copyright © 2007, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds