User: Password:
Subscribe / Log in / New account Weekly Edition for February 12, 2009

FOSDEM09: "Aggressive" Linux power management

February 11, 2009

This article was contributed by Koen Vervloesem

At FOSDEM 2009 (Free and Open Source Software Developers' European Meeting) in Brussels, there were a number of interesting talks about the state of power management in Linux. Matthew Garrett from Red Hat talked at length about aggressive power management for graphics hardware. People tend to forget that graphics hardware is more than a processor: it is not just the GPU that draws power, the graphics card's memory, outputs, and, of course, the displays themselves all draw power as well. Until now, most of the work on power management has focused on the GPU, but if you want really good power management, you have to attack the problem on all these fronts. And that's what Garrett is doing at Red Hat and shared in his FOSDEM presentation.

The power consumption of the GPU can be decreased by two techniques: clock gating or reclocking. Clock gating means that different bits of the chip are disconnected from the clock when not in use, and thus less power is drawn. However, this functionality has to be hardwired in the chip design and it must be supported in the graphics driver. And that's where Linux is still lagging behind, according to Garrett: "For a long time Linux graphics support has focused on getting a picture. We can go further now, but we just need the documentation to adapt the drivers." Clock gating has no negative effect whatsoever on the performance of the GPU.

Reclocking is another story: when the GPU is running at a frequency of 600 MHz and you reclock/underclock it to 100 MHz, this results in a massive reduction in power usage, but it also means that the performance is reduced accordingly. Garrett cited a difference of 5 W if clock gating and reclocking is combined on Radeon graphics hardware.

The second component that can be optimized is memory: each memory access draws power. So what can we do about power consumption of memory? Read less often (which is essentially reclocking) or read less memory. Reducing the memory clock can save you again around 5 W, but it introduces visual artifacts on the screen if reclocking happens while the screen is being scanned. The other interesting route (read less memory) comes down to compressing the framebuffer. Most recent Intel graphics chipsets implement this by a run length encoding (RLE) of the screen content on a line-by-line basis. Garrett notes that this means your desktop background can make a difference in battery life: vertical gradients compress very well using this scheme, but horizontal gradients do not.

Another interesting consequence of the memory component is that periodic screen updates are really bad for power consumption. According to Garrett, moving the mouse cursor around has an instantaneous increase of power consumption by 15 W. A blinking cursor draws 2 W, and also the display of seconds or a blinking colon in the system tray clock draws unnecessary power. Garrett adds philosophically: "The whole point of a blinking cursor is attracting your attention. But when you're typing, your attention is already going to your text input, and when you're not typing, it doesn't need your attention. So is it really needed to blink the cursor?"

The third component where power management can make a difference are the outputs. Just powering off an unneeded output port saves around 0.5 W. If you know for sure that you don't need the external output on your laptop, you can safely turn it off and gain a bit of battery time. However, if you need to connect an external monitor or video projector afterward, you will first need to power on the output port explicitly. It all comes down to a tradeoff between functionality and power consumption.

The last (but not least) component of graphics hardware is the displays. This is another place were reclocking can save some watts. For example, the LVDS (Low-voltage differential signaling) link to a laptop's LCD screen uses power at each clock transition. Reducing the refresh rate reduces the power consumption. While CRT screens begin to flicker if the refresh rate is too low, TFT's don't have this problem. According to Garrett, most TFT screens can be driven at 30 Hz, but then they tend to display visual artifacts. Garrett only recommends this LVDS reclocking when the screen is idle, which saves around 0.5 W. If the screen becomes active again, the system should return to a normal refresh rate of 60 Hz. Another solution is DPMS (Display Power Management Signaling): just turn off the screen when it's idle. Even a screensaver drawing a black screen draws power, while DPMS really turns off the output.

So what's the current state of this "aggressive power management"? Dynamic clock gating is implemented in most recent graphic cards. Future developments will implement even more aggressive dynamic state management: graphics hardware will power on functionality when the system needs it and power it off when it's not used. Graphics drivers and the operating system should control this without irritating the user. Garrett stresses that power management has to be as invisible as possible, otherwise the user will not be happy and stop caring about "green" computing. Garrett is now working on the Radeon code to get some prototype functionality. As it stands now, the combination of dynamic GPU and memory reclocking can save 10 to 15 W, and LVDS reclocking can save 0.5 W. For a laptop, this doesn't make a huge difference, but it is still a significant increase in battery life.

Power management in Nokia's next Maemo device

In the embedded track of FOSDEM, Peter De Schrijver of Nokia gave an insightful but very technical talk about advanced power management for OMAP3. This integrated chip platform made by Texas Instruments is based on an ARM Cortex A8 processor and has a GPU, DSP (digital signal processor) and ISP (image signal processor). Because the chip is targeted at mobile devices, some advanced power management functionality is built-in: the chip is divided in different voltage domains, and in each module the interface clock and functional clock can be turned off independently.

Nokia used an OMAP1 chip in the N770 internet tablet, and an OMAP2 chip in the N800 and N810 internet tablets. The devices use Nokia's Maemo platform, based on Debian GNU/Linux. Last year Nokia executive Ari Jaaksi revealed that their next Maemo device would use an OMAP3 chip. De Schrijver talked about the power management architecture of OMAP3, but also about the Linux support Nokia is developing for this functionality.

Power management on the OMAP3 can be subdivided into two types. On the one hand, there is active power management. It's essentially the same principle as reclocking in graphics hardware: with a lower clock frequency, the chip is running on a lower voltage, resulting in less power consumption. With dynamic voltage frequency scaling this can be handled automatically. In Linux, the frequency scaling of the CPU is implemented in the cpufreq driver, while for the core (the interconnects between different blocks of the chip and some peripherals) there is a new API call for drivers, named set_min_bus_tput(), which sets the minimum bus throughput needed by a device.

On the other hand, when the chip is idle, there are solutions such as clock control, which can be implemented in software (by a driver) or hardware (an auto idle function). Moreover, clocks of different modules of the chip can be turned off selectively: if the interface clock is off, the core can sleep; if the functional clock is off, the module can sleep. The implementation of clock control in the OMAP3 chip is done in the clock framework of the linux-omap kernel, and Nokia is adding the patches to linux-arm now.

The OMAP3 chip knows four power states per domain: "on", "inactive", "retention" and "off". In the "inactive" state, the chip works at normal voltage but the clocks are stopped, while in the "retention" state the chip works at a lower voltage. This means that the "inactive" state uses more power than the "retention" state, but has a lower wakeup latency. The shared resource framework (SRF) that determines the power state for each domain of the chip is implemented by Texas Instruments and is hidden from the driver programmer by an API. This API has to be implemented by the power management framework and has to be used by the drivers. The API documentation is not yet released, but De Schrijver said this will be added into the kernel Documentation directory soon.

The "off" mode has some challenges: while the power management framework can handle saving and restoring the state of the cpu, memory controller and other components, each driver has to handle its module. This means: reinitialize the module when the functional clock is enabled and save and restore the context and shadow registers in memory.

In his talk, De Schrijver also gave a status update of the work. The "retention" state works. Basic "off" mode works on most development boards; drivers are being adapted for "off" mode now and will be ready at the end of February. All this code is being merged in the linux-arm kernel tree, but eventually it will be merged in the mainline kernel. According to De Schrijver, all these power management techniques will be used in the next Nokia Maemo device: the long-awaited successor of the N810.

Comments (23 posted)

Python ponders release numbering

By Jake Edge
February 9, 2009

Release engineering for a large project is always a tricky task. Balancing the needs of new features, removing old cruft, and bug fixing while still producing releases in a timely fashion is difficult. Python is currently struggling with this as it is trying to determine which things go into a 3.0.1 release versus those that belong in 3.1.0. The discussion gives a glimpse into the thinking that must go on as projects decide how, what, and when to release.

It is very common to find bugs shortly after a release that would seem to necessitate a bug fix release. Ofttimes these are bugs that would have been considered show-stopping had they been found before the release. But what about features that were supposed to be dropped, after having been deprecated for several releases, but were mistakenly left in? That is one of the current dilemmas facing Python.

One of the changes made in Python 3.0 was a change to comparisons and, in particular, removing the cmp() function. That function takes two arguments, returning -1, 0, or 1 based on whether the first argument was less than, equal to, or greater than the second. Python 3.0 set out to clean up some of the "warts" of the language; cmp() could be handled in other, more efficient ways. The only problem is: cmp() didn't really get removed from the Python 3.0 release in December.

It was recognized quite quickly (the bug report shows it being reported three days after the release), but it wasn't exactly clear what to do about it. There may now exist "valid" Python 3.0 programs that use cmp() and function correctly. This led Guido van Rossum to say: "Bah. That means we'll have to start deprecating cmp() in 3.1, and won't be able to remove it until 3.2 or 3.3. :-)" He seems to have only been half-serious, as the smiley might indicate, eventually concluding: "OK, remove it in 3.0.1, provided that's released this year." Unfortunately, the "this year" he was referring to is 2008.

Because Python 3 was such a major shift in the language, the 2to3 tool was created to help fix old code to work with the new interpreter. But, 2to3 did not change calls to cmp(), so code created using that tool will run in Python 3.0. That makes for a bit of a tangle as van Rossum explains:

Well, since 2to3 doesn't remove cmp, and it actually works, it's likely that people will be accidentally depending on it in code converted from 2.x. In the past, where there was a discrepancy between docs and code, we've often ruled in favor of the code using arguments like "it always worked like this so we'll break working code if we change it now". There's clearly an argument of timeliness there, which is why we'd like to get this fixed ASAP. The alternative, which nobody likes, would be to keep it around, deprecate it in 3.1, and remove it in 3.2 or 3.3.

As of this writing, Python 3.0.1 is intended for release on February 13 with the removal of cmp(). There seem to be a number of reasons that the release slipped into 2009, not least is the holiday season that tends to eat up a fair chunk of December. But it was also more complicated to remove cmp() than it at first appeared. There were several standard libraries and tests that were still using it as well Python internals that still referred to it. Inevitably, as those things were getting worked out, other problems cropped up.

There are some fairly serious performance problems with the new I/O library, with some experiencing read performance three orders of magnitude slower on Python 3.0. There are also problems with chunked HTTP responses when using urllib. Both of these require fairly extensive fixes, though, which also requires lots of testing. It all adds up to a lot of work, so folks start to wonder if much or all of the work shouldn't get pushed into the 3.1 release which is targeted at an April or May time frame.

There are others who argue that the 3.0 series should be abandoned entirely in the near term. Rather than have a 3.0.1 with substantial changes from 3.0—including the incompatible removal of cmp()—3.1 should be released quickly so that it is the release targeted by developers. As Raymond Hettinger put it:

My preference is to drop 3.0 entirely (no [incompatible] bugfix release) and in early February release 3.1 as the real 3.x that migrators ought to aim for and that won't have [incompatible] bugfix releases. Then at PyCon, we can have a real bug day and fix-up any chips in the paint.

There are some fairly important new features—notably moving the new I/O to C for performance reasons—that will not make it for a release in February, though. Since a 3.2 release would be quite a ways off, those features would languish for too long. 3.1 release manager Benjamin Peterson would would rather see an immediate 3.0.1 release:

However, it seems to me that there are two kinds of issues: those like __cmp__ removal and some silly IO bugs that have been fixed for a while and [are] waiting to be released. There's also projects like io in c which are important, but would not make the schedule you and I want for 3.0.1/3.1. It's for those longer term features that I want 3.0.1 and 3.1. If we [immediately] released 3.1, when would those longer term projects that are important for migration make it to stable? 3.2 is probably a while off.

There are also concerns that an immediate release called 3.1 might lead to confusion and unhappiness for users. Martin Löwis voiced those fears to general agreement:

I would fear that than 3.1 gets the same fate as 3.0. In May, we will all think "what piece of junk was that 3.1 release, let's put it to history", and replace it with 3.2. By then, users will wonder if there is ever a 3.x release that is any good.

Part of the problem is the "no new features" rule for bug fix releases—those that are typically numbered by bumping the third digit of the version number. Python established that rule in the 2.x series, to try to protect the "most conservative users" as van Rossum points out. Those users have not moved to Python 3 yet, so van Rossum argues that the rule can be suspended:

Frankly, I don't really believe the users for whom those rules were created are using 3.0 yet. Instead, I expect there to be two types of users: people in the educational business who don't have a lot of bridges to burn and are eager to use the new features; and developers of serious Python software (e.g. Twisted) who are trying to figure out how to port their code to 3.0. The first group isn't affected by the changes we're considering here (e.g. removing cmp or some obscure functions from the operator module). The latter group *may* be affected, simply because they may have some pre-3.0 code using old features that (by accident) still works under 3.0.

This argument seemed to help crystallize a consensus of sorts. There were some other discussions of exactly which "features" should make an appearance in 3.0.1, but the push for numbering the bug fix release as 3.1 seemed to fade. The 3.0.1 release is currently scheduled for February 13th, while other new features—undoubtedly along with additional fixes—will come with the 3.1 release in April or May.

Part of what was considered in the deliberations was the impact on users and what they will expect from how the releases are numbered. It is a difficult problem, as KDE found out a year ago. Users have certain expectations based on release numbering, which are largely outside of a project's control. But, some kinds of changes, especially those that are not backward compatible, necessitate a "large enough" numeric change to indicate that.

It is a fine line, which is why Python has struggled with it. One hopes that any development for Python 3—a large, incompatible language overhaul itself—avoided using cmp(), and will then be unaffected. If not, the relatively small window in time should keep the number of affected programs to a minimum.

Comments (6 posted)

KRunner and GNOME Do: the run command evolves

February 11, 2009

This article was contributed by Bruce Byfield

KRunner and GNOME's Do are both descendants of the Run tools that have been part of desktop environments for years. However, instead of allowing you to enter a single command, both Do and KRunner are rapidly evolving into full-scale application launchers that rival main menus as a tool from which to control the desktop. Both require practice to use well, but, their compactness on the screen may appeal to intermediate to advanced users — especially those who prefer keyboard shortcuts to using the mouse.

A new version of KRunner has just been released along with KDE 4.2, and should be available soon in your distribution's repositories along with the rest of the new version, although some distributions may not include it in the default KDE installation.

By contrast, Do is less tightly integrated into its desktop's development cycles, but version 0.8.0 of Do was released in late January. You can find installation instructions on the Do project site. However, many of the distributions listed do not yet have the latest version in their repositories, so, in many cases, the best option is to compile the source code, after first installing Mono support.

Using KRunner


Like Do, KRunner opens in a small window. To use it, you press Alt+F2 to start the program, then start typing. In response, KRunner displays a list of programs that could complete your input, rather like tab completion in the BASH shell, except in visual form.

In the simplest cases, what you type can be a command. On this level, KRunner differs little from a Run command, aside from the fact that you can tab to a selection or click it with the mouse. However, two dozen plugins that are installed along with the basic program extend KRunner's capabilities far beyond those of a Run command. Provided that the calculator plugin is installed and enabled, you can enter basic calculations in KRunner, using an asterisk (*) for a multiplication sign and a forward slash (/) for division along with the plus and subtraction signs. Similarly, you use KRunner to convert units of measurement, or to open a web site for currency conversion. Other plugins allow you to open a web search or to search bookmarks, contacts, recent documents or your web browser history.

The one catch with many plugins is that you need to learn a simple syntax in order to use them. For example, if you want to do a web search for "LWN" using Google, you would enter "gg:LWN". In much the same way, if you wanted to convert the average human body temperature from the Fahrenheit to the Celsius scale, you would enter "98.8 F. in C.". Fortunately, KRunner is well-documented, so you should have little trouble learning the syntax for your favorite commands.

A small complication is that KRunner includes task-oriented and command-oriented views. But apart from the positioning of suggestions, the difference is chiefly what sort of completions KRunner offers. The main advantage of the different views is that by carefully selecting them and enabling or disabling plugins, you can make the completions more likely to be the ones you want.

In addition to the two views, KRunner also offers a view of currently running processes that you can use to kill misbehaving applications. Short of a link to other system settings, KRunner could hardly be more of a command center for desktop activities.

Using Do


Do works in approximately the same way as KRunner, differing mostly in the details. To invoke Do one generally uses the "Super + Space" (typically Windows key along with space bar) combination. Like KRunner, Do works on the most basic level by suggesting completions for the shell command, binary, or task that you type. When the completion you want appears, a Run button opens in a right-hand pane that you can navigate to via the Tab key.

One of Do's main differences from KRunner is in some of the plugins you can use. As you would expect, Do uses GNOME applications like Evolution and Rhythmbox to handle requests, while KRunner uses KDE choices such as KMail or Amarok. Besides having thumbnail file previews, Do is also noticeably more web-oriented than KRunner, with plugins for blogging, RSS feeds, and Google Contacts. In fact, if you choose, you can even use Do to write a tweet or short email.

The latest version of Do also includes support for themes. One of the most useful of these themes is Docky, which converts Do into a launchpad with configurable application icons, making it more of a main menu replacement than ever.


Both KRunner and Do are convenient tools, and run almost as well under other desktops as they do on their native ones. Both, too, amount to a centralized control center that is often more convenient than hunting down the individual program in the sub-menus.

All the same, neither is a tool for a beginner. True, both support task completions, so that you can, for instance, write an email without having to remember what program is the default for emails on your desktop. However, I suspect that most users are oriented to programs more than tasks. Since neither of these programs offers a complete list of available programs, new users may find either KRunner or Do hard to use.

While a traditional menu can be cumbersome, it does have the advantage of displaying a complete list of possibilities. By comparison, in KRunner or Do, you need to already know the possibilities. Otherwise, you can hardly begin to enter one or search for it. And, to further complicate matters, some users may not remember the necessary syntax to use certain plugins unless they use the plugins constantly. This limitation affects both KRunner or Do, although Do has a simpler interface.

But for more experienced users, after a brief learning period, programs like KRunner or Do are probably more efficient than menus — not least because you can use them while keeping both hands on the keyboard rather than one straying to the mouse. You might compare the two programs to learning touch-typing: Although neither is immediately accessible, the way that a mouse and a menu are, once you are comfortable, both offer significantly enhanced ease of use and efficiency.

Comments (17 posted)

Public data for OpenStreetMap

February 11, 2009

This article was contributed by Tom Chance.

In recent months, growing recognition for OpenStreetMap has led to an explosion in imports of public and private data. Mapping every street, lake, skiing piste and pizza takeaway in the world might sound like a fun hobby, but being able to pull in your government's basic street network makes the job a whole lot easier. This mix of "crowd sourced" map data from volunteer efforts, private and public donations of data, and commercial developments based on the results, is a classic open source story.

OpenStreetMap was founded by Steve Coast in 2004, borne of a frustration with the prevailing preference for proprietary data in the UK. The Ordnance Survey, which can trace its roots back to 1747, is the part-government funded agency with some of the world's most detailed and best loved maps. Unfortunately they charge you an arm and a leg to get the underlying vector data. So out stepped Coast, equipped with a GPS, notepad and pen, followed by tens of thousands of volunteers all manually gathering the data to enter into OpenStreetMap's database. To get a feel for the explosion of data over the past year, look at this great video.

Thankfully, help for the crowd was at hand from the start. Coast quickly secured an import of GPS traces from a courier company for central London; the donation cost the courier company nothing but was very helpful for OpenStreetMap. Much more impressive imports began more recently, with the US census bureau's TIGER database bringing data for the entire street network for the United States of America in late 2007. The Netherlands appeared in even finer detail around the same time, thanks to a donation by Dutch company AND.

This process has now rapidly accelerated. You can get an idea of the scale of the import activity from these incomplete wiki pages on importing government data, the catalogue of major imports and the enormous list of potential data sources. These imports vary from quite comprehensive -- such as the Canadian Geobase -- to very specific datasets like NAPTAN (UK public transport access points) and UK oil wells. Importing vectors for buildings in addition to roads has been popular, examples include Boston in the USA and Naga City in the Philippines.

Of course, most of these imports have come from governments and public agencies who are empowered or required to release the data into the public domain. Any import needs to be carefully reviewed to ensure that copyrights - and database rights in Europe - aren't infringed. For those of us mapping in countries like the UK, this means more walking and cycling, with only occasional negotiations opening up niche data such as oil wells and bus stops. Politics still holds the project back -- or makes for more fun, depending on your perspective.

Politics was a driving force behind one of the most interesting recent collaborations between volunteers and public / non-governmental agencies. Whilst the world was watching the Israel-Palestine conflict on TV, long-time OpenStreetMap volunteer and geospatial activist Mikel Maron was attempting to produce high quality maps of the Gaza strip. Maron worked with UN and aid agencies to obtain data, gain the funds to buy aerial imagery that volunteers could trace, and locate Palestinian expatriates who could fill in details from memory.

With commercial uses for OpenStreetMap emerging, such as the recently unveiled CloudMade developer products, and free software projects like Marble integrating the maps into their interfaces, OpenStreetMap is gaining clout. In the country that started it all, a government-commissioned study found that there would be more economic benefits for the UK if map data was released into the public domain than under the current proprietary model. Under pressure from a growing campaign, and these compelling examples of the benefits of open collaboration, we might just see the terrain shifting from a few interesting imports to a major change in mainstream attitudes towards public data.

At the very least, you'll have a lot of high quality map data to play with at your leisure in the future.

(Interested in adding data to OpenStreetMap? Tom Chance will be returning in the near future with a look at how that process works.)

Comments (6 posted)

Page editor: Jonathan Corbet


Forcing updates

By Jake Edge
February 11, 2009

A recent thread on the desktop-architects mailing list touched on a subject that tends to generate strong feelings: automatic, silent updates for security issues. At first blush, it is an attractive idea that might help slow down or stop a fast-moving virus or other malware. It also would help protect users who might otherwise ignore or delay updating their system. On the other hand, there are lots of concerns about whose decision it is to have a "mandatory" update, what else might be contained in such an update, as well as how to ensure that the update doesn't break the user's machine.

Dan Kegel kicks off the discussion by asking:

Given how much malware is out there, shouldn't security fixes for remotely exploitable flaws be installed a bit more forcefully? e.g. instead of an ignorable notification, how about an in-your-face dialog saying they're going to be installed now? Or in some cases even just silently installing them?

This goes not just for distros; any ISVs is on the hook for rapid security updates these days, I would think.

While there are attractions, one of the immediate downsides was noted by KDE hacker Aaron Seigo: "distro Q/A resources would have to _significantly_ increase for this to work reliably. too many updates still break too many systems on too regular a basis." The first time a silently applied "fix" breaks someone's system, there will be a serious outcry. Microsoft and others have broken people's systems before with security updates, but that doesn't seem a good example to follow.

But, even with additional QA, there are plenty of reasons that a user might not want to get an update. GNOME foundation member Dave Neary presents several scenarios:

I for one would be a little paranoid about not being able to control installs of updates. I can imagine all kinds of scenarios where it would be undesirable: a 20M security fix starts downloading when I'm connected via GPRS at a conference, or over a 56K phone line; a kernel update downloads & requires a reboot; an application I am using and Absolutely Positively Must Keep Using for a few minutes upgrades, and isn't runtime-compatible with the update [...]

A kernel reboot or even application restart are definitely problem areas. There are many reasons a user might need to continue using a buggy application or kernel, even if the bug exposes them to an exploit. Some users have enough information to make that kind of determination, but others most definitely do not. How does the distribution or software package determine that? Presumably there will have to be settings to govern the behavior, which then begs the question: what is the default setting?

An additional problem is that users are training themselves—or the desktops and distributions are training them—to ignore pop-ups of various sorts. So suggestions like the one made by Ritesh Raj Sarraf: "For updates with priority 'security', I think it should just pop-up more often" are met with skepticism. Kegel opines:

People ignore dialogs like that. IMHO if we're going to avoid botnet nightmares, we're going to need at least some silent security updates.

That provoked a rather boisterous response from Linus Torvalds. His argument is that you can't trust the developers of various projects to determine what fixes should be applied. He is concerned that projects might want to slip other things into a "security" release:

Yes, they may "technically" be the people with the most information, but they are also the ones furthest removed from actual users - by definition. And they are also the ones that are most emotionally (and often financially) tied to things like "newest version".

His point is that he, and by extension other sophisticated users, are never going to turn over their systems to the whims of outsiders. He is willing to let distributions or even some software packages make that kind of decision, but only if things are not done silently. "There are programs that I trust to do their auto-updates, and I'm perfectly happy having firefox check for extensions automatically, for example. But even in the case of firefox, I want to _know_ when it does so."

Any kind of automated, silent upgrade feature from either a particular package or a distribution would be an enormous target for those with a malicious intent. It would be a kind of dream exploit to be able to inject malware into millions of unsuspecting systems—silent and unnoticed. A break-in to a distribution server might lead to an incredible malware outbreak, though the same thing could be accomplished today; it would just take more time.

But, the problem remains that there are lots of systems that are not getting updated and are thus vulnerable to a wide variety of exploits. As part of its Collaboration Summit, the Linux Foundation would like to have a meeting to discuss the issue. It is certainly an area where more thought is needed.

Comments (34 posted)

Brief items

Rooting your own phone: android security

Kernel hacker Pavel Machek is looking for kernel security holes, but perhaps not for the reason one would expect. He wants to exploit such a flaw to gain root on his Android G1 phone. He has already tried a few exploits that affect the 2.6.25 kernel, but none successfully to get root. He is looking for help from folks who may know of additional flaws to try. In his message, linked below, he also notes several security relevant issues with Android.

Full Story (comments: 11)

How to write a Linux virus in 5 easy steps

Here's a weblog posting by "foobar" describing an attack vector for desktop Linux systems. "When you save an email attachment under Linux, the execute flag is normally NOT set and thus, the file can't be executed just by clicking on it. So, no luck? Not so fast. Modern desktop environments, such as Gnome and KDE, conveniently offer a nice 'workaround' called 'launchers'. Those are small files that describe how something should be started. Just a few lines that specify the name, the icon that should be displayed and the actual command to execute. Conveniently, the syntax of those launcher files is the same for Gnome and KDE. And those launchers don't have to have any execute permissions set on them!" Your editor can't resist pointing out that this problem was covered here back in 2006. (Thanks to David Skoll).

Comments (75 posted)

New vulnerabilities

firefox: multiple vulnerabilities

Package(s):firefox CVE #(s):CVE-2008-5510 CVE-2009-0357
Created:February 11, 2009 Updated:February 16, 2009
Description: Firefox 1.5 (and later) suffers from a pair of vulnerabilities. CVE-2008-5510: escaped null characters are not properly handled, allowing script sanitizing processes to be bypassed. CVE-2009-0357: access to cookies is not properly restricted, creating an information disclosure vulnerability.
openSUSE openSUSE-SU-2014:1100-1 Firefox 2014-09-09
Gentoo 201301-01 firefox 2013-01-07
SuSE SUSE-SA:2009:009 MozillaFirefox 2009-02-16
Ubuntu USN-717-1 firefox-3.0, xulrunner-1.9 2009-02-10
Ubuntu USN-717-3 firefox 2009-02-11
Ubuntu USN-717-2 firefox-3.0 2009-02-10

Comments (none posted)

gnumeric: untrusted python modules search path

Package(s):gnumeric CVE #(s):CVE-2009-5983 CVE-2009-0318
Created:February 5, 2009 Updated:April 3, 2009
Description: gnumeric has an arbitrary code execution vulnerability. From the CVE entry: Untrusted search path vulnerability in the GObject wrapper around Python interpreter allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to an erroneous setting of sys.path by the PySys_SetArgv function.
Gentoo 200904-03 gnumeric 2009-04-03
Mandriva MDVSA-2009:043 gnumeric 2008-02-19
Fedora FEDORA-2009-1289 gnumeric 2009-02-05
Fedora FEDORA-2009-1295 gnumeric 2009-02-05

Comments (1 posted)

gpsdrive: multiple vulnerabilities

Package(s):gpsdrive CVE #(s):CVE-2008-4959 CVE-2008-5380 CVE-2008-5703
Created:February 5, 2009 Updated:February 11, 2009
Description: gpsdrive has multiple vulnerabilities that involve insecure temporary file usage. From the Fedora alert: This update removes several helper scripts: geo-code, geo-nearest, and gpssmswatch, which have been removed upstream due to security issues.
Fedora FEDORA-2009-1366 gpsdrive 2009-02-05
Fedora FEDORA-2009-1225 gpsdrive 2009-02-05

Comments (none posted)

gstreamer-plugins: arbitrary code execution

Package(s):gstreamer-plugins CVE #(s):CVE-2009-0398
Created:February 6, 2009 Updated:April 6, 2009
Description: An array indexing error was found in the GStreamer's QuickTime media file format decoding plug-in. An attacker could create a carefully-crafted QuickTime media .mov file that would cause an application using GStreamer to crash or, potentially, execute arbitrary code if played by a victim.
Mandriva MDVSA-2009:086 gstreamer-plugins 2009-04-03
Red Hat RHSA-2009:0269-01 gstreamer-plugins 2009-02-06
CentOS CESA-2009:0269 gstreamer-plugins 2009-02-06

Comments (none posted)

gstreamer-plugins: heap buffer overflow

Package(s):gstreamer-plugins CVE #(s):CVE-2009-0397
Created:February 6, 2009 Updated:July 13, 2009
Description: A heap buffer overflow was found in the GStreamer's QuickTime media file format decoding plug-in. An attacker could create a carefully-crafted QuickTime media .mov file that would cause an application using GStreamer to crash or, potentially, execute arbitrary code if played by a victim.
Gentoo 200907-11 gst-plugins-good 2009-07-12
Ubuntu USN-736-1 gst-plugins-good0.10 2009-03-16
Debian DSA-1729-1 gst-plugins-bad0.10 2009-03-02
SuSE SUSE-SR:2009:005 dhcp, ntp/xntp, squid, wireshark, libpng, pam_mount, enscript, eID-belgium, gstreamer-0_10-plugins-good 2009-03-02
Mandriva MDVSA-2009:035 gstreamer0.10-plugins-good 2009-02-10
CentOS CESA-2009:0270 gstreamer-plugins 2009-02-06
Red Hat RHSA-2009:0271-01 gstreamer-plugins-good 2009-02-06
Red Hat RHSA-2009:0270-01 gstreamer-plugins 2009-02-06

Comments (none posted)

gstreamer-plugins-good: heap buffer overflows

Package(s):gstreamer-plugins-good CVE #(s):CVE-2009-0386 CVE-2009-0387
Created:February 6, 2009 Updated:December 22, 2016
Description: Multiple heap buffer overflows and an array indexing error were found in the GStreamer's QuickTime media file format decoding plugin. An attacker could create a carefully-crafted QuickTime media .mov file that would cause an application using GStreamer to crash or, potentially, execute arbitrary code if played by a victim.
Gentoo 200907-11 gst-plugins-good 2009-07-12
Ubuntu USN-736-1 gst-plugins-good0.10 2009-03-16
Debian DSA-1729-1 gst-plugins-bad0.10 2009-03-02
SuSE SUSE-SR:2009:005 dhcp, ntp/xntp, squid, wireshark, libpng, pam_mount, enscript, eID-belgium, gstreamer-0_10-plugins-good 2009-03-02
Fedora FEDORA-2009-1213 gstreamer-plugins-good 2009-02-05
Fedora FEDORA-2009-1343 gstreamer-plugins-good 2009-02-05
Mandriva MDVSA-2009:035 gstreamer0.10-plugins-good 2009-02-10
Red Hat RHSA-2009:0271-01 gstreamer-plugins-good 2009-02-06
Oracle ELSA-2016-2975 gstreamer-plugins-good 2016-12-21

Comments (none posted)

java-1.6.0-openjdk: privilege escalation

Package(s):java-1.6.0-openjdk CVE #(s):
Created:February 5, 2009 Updated:February 11, 2009
Description: openjdk has a privilege escalation vulnerability. From the Fedora alert: This fixes a default security policy, that allowed unsigned applets to access the gnome-java-bridge, allowing a privilege escalation.
Fedora FEDORA-2009-1373 java-1.6.0-openjdk 2009-02-05

Comments (none posted)

kernel: denial of service

Package(s):kernel CVE #(s):CVE-2009-0031
Created:February 10, 2009 Updated:May 7, 2009
Description: From the Red Hat advisory: A memory leak in keyctl handling. A local user could use this flaw to deplete kernel memory, eventually leading to a denial of service.
Debian DSA-1794-1 linux-2.6 2009-05-06
Debian DSA-1787-1 linux-2.6.24 2009-05-02
CentOS CESA-2009:0331 kernel 2009-04-20
Ubuntu USN-751-1 linux, linux-source-2.6.22 2009-04-07
Red Hat RHSA-2009:0360-01 kernel-rt 2009-03-26
Debian DSA-1749-1 linux-2.6 2009-03-20
Red Hat RHSA-2009:0331-01 kernel 2009-03-12
SuSE SUSE-SA:2009:010 kernel 2009-02-26
Red Hat RHSA-2009:0264-01 kernel 2009-02-10

Comments (none posted)

mod_auth_mysql: SQL injection

Package(s):mod_auth_mysql CVE #(s):CVE-2008-2384
Created:February 11, 2009 Updated:February 11, 2011
Description: The mod_auth_mysql module has a flaw in how it escapes multi-byte-encoded strings, enabling SQL injection attacks.
Fedora FEDORA-2011-0114 mod_auth_mysql 2011-01-04
Fedora FEDORA-2011-0100 mod_auth_mysql 2011-01-04
Red Hat RHSA-2010:1002-01 mod_auth_mysql 2010-12-21
Mandriva MDVSA-2009:189-1 apache-mod_auth_mysql 2009-12-28
Mandriva MDVSA-2009:189 apache-mod_auth_mysql 2009-08-01
Red Hat RHSA-2009:0259-01 mod_auth_mysql 2009-02-11

Comments (none posted)

nss: rogue CA vulnerability

Package(s):nss CVE #(s):CVE-2004-2761
Created:February 5, 2009 Updated:March 18, 2009
Description: nss has a rogue CA vulnerability. From the Fedora alert: This updates adds protection against rogue CA that was generated as a proof-of- concept of the MD5 collision attacks against X509 signatures.
Ubuntu USN-740-1 nss, firefox 2009-03-17
Fedora FEDORA-2009-1291 nss 2009-02-05
Fedora FEDORA-2009-1276 nss 2009-02-05

Comments (none posted)

roundcubemail: cross-site scripting vulnerability

Package(s):roundcubemail CVE #(s):CVE-2009-0413
Created:February 5, 2009 Updated:February 11, 2009
Description: roundcubemail has a cross-site scripting vulnerability. From the CVE entry: Cross-site scripting (XSS) vulnerability in RoundCube Webmail (roundcubemail) 0.2 stable allows remote attackers to inject arbitrary web script or HTML via the background attribute embedded in an HTML e-mail message.
Fedora FEDORA-2009-1204 roundcubemail 2009-02-05
Fedora FEDORA-2009-1256 roundcubemail 2009-02-05

Comments (none posted)

squid: denial of service

Package(s):squid CVE #(s):CVE-2009-0478
Created:February 10, 2009 Updated:March 25, 2009
Description: From the Mandriva advisory: Due to an internal error Squid is vulnerable to a denial of service attack when processing specially crafted requests. This problem allows any client to perform a denial of service attack on the Squid service.
Gentoo 200903-38 squid 2009-03-24
Debian DSA-1732 squid3 2009-03-03
SuSE SUSE-SR:2009:005 dhcp, ntp/xntp, squid, wireshark, libpng, pam_mount, enscript, eID-belgium, gstreamer-0_10-plugins-good 2009-03-02
Ubuntu USN-724-1 squid 2009-02-25
Fedora FEDORA-2009-1517 squid 2009-02-12
Fedora FEDORA-2009-1526 squid 2009-02-12
Mandriva MDVSA-2009:034 squid 2008-02-10

Comments (none posted)

wicd: privilege escalation

Package(s):wicd/wicd CVE #(s):CVE-2009-0489
Created:February 10, 2009 Updated:April 10, 2009
Description: From the CVE entry: The DBus configuration file for Wicd before 1.5.9 allows arbitrary users to own org.wicd.daemon, which allows local users to receive messages that were intended for the Wicd daemon, possibly including credentials.
Gentoo 200904-12 wicd 2009-04-10
Slackware SSA:2009-040-01 wicd/wicd 2009-02-10

Comments (none posted)

Page editor: Jake Edge

Kernel development

Brief items

Kernel release status

The current 2.6 development kernel is 2.6.29-rc4, released on February 8. It contains a long list of fixes merged over the course of a week and a half. The short-form changelog is in the announcement, or see the full changelog for all the details.

The current stable 2.6 kernel is, released (along with on February 6. Both updates contain a long list of fixes. The and updates - with yet another long list of fixes - are in the review process as of this writing; they will most likely be released on February 12.

Comments (none posted)

Kernel development news

Quotes of the week

So, it was never a cpumask at all; just a remnant of the use of sigaction for interrupt handlers. We've been happily setting it throughout the kernel since 1995.

On the assumption that it has failed to coerce the spirits of our ancestors to land among us, I'll create a patch to remove it.

-- Rusty Russell

Please write good changelogs. This is not some pointless book-keeping exercise. People will make decisions about which kernel versions patches should be merged into, and they will want to know if a particular patch addresses a particular problem which they are experiencing. For this, they need information.
-- Andrew Morton

Comments (none posted)

How patches get into the mainline

By Jonathan Corbet
February 10, 2009
Once upon a time, the way to get a patch into the mainline kernel was to email it to Linus Torvalds. A hopeful developer would then wait for Linus to release a new kernel tree to see whether the patch had been included or not. In the latter case, the more persistent developers would resend the patch. Often, developers had to be persistent indeed if they wanted their code to be merged. The system was, in other words, lossy; we'll never know how much useful code was simply dropped.

The use of git (and BitKeeper before it) has brought an end to that era. Once a change gets into somebody's tree, it is relatively unlikely to be lost. It's a much better way of doing things for everybody involved; important fixes no longer get lost, and developers, rather than checking for their patches and resending them, can now devote themselves to the creation of new bugs to be fixed.

Beyond that, though, things have changed in that, for most developers, the way to get a patch into the kernel is no longer to send it to Linus. Instead, they will pass their work through a subsystem tree. This mechanism is reasonably well understood, but, to your editor's knowledge, nobody has taken a hard look at what the flow of patches into the mainline looks like now. With that in mind, your editor set out with the complementary goals of (1) charting the paths patches take on their way to Linus, and (2) figuring out how Graphviz works. A certain amount of success was achieved on both fronts.

Back in the BitKeeper days, your editor asked Larry McVoy if there was any way to track which repositories a specific changeset had passed through; unfortunately, that information was not preserved by BitKeeper. As it turns out, git does a better job of keeping that information around - though it is not a perfect record keeper either. When Linus pulls a tree from some other developer, git will (usually) add a "merge commit" to the repository which indicates where the other tree came from. This commit has (at least) two parent commits; one is whatever was at the tip of Linus's tree prior to the merge, while the other points to the tip of the stream of changesets which came from the pulled tree. Multiple trees can be merged at once; in this case, there will be more than two parent commits.

[Tree plot] By following the links from each commit to its parent, one can determine which tree each commit came from. Merges, too, are propagated up through pull operations, so it is possible to follow this history back through an arbitrary number of trees. The gitk tool does a nice job of displaying how the various paths come together into a given repository; the resulting graph can be quite complex. What your editor has done is to generate a statistical view of this process; this view loses information about specific patches, but provides, instead, an overall view of how patches get into the mainline.

A piece of the resulting graph can be seen on the right; click on the thumbnail to see the whole thing, which is quite large. It is, arguably, a messy picture, but some interesting things jump out of it. At the top of the list is the fact that the graph is quite shallow: it shows 107 trees, almost all of which feed directly into the mainline. For the 2.6.29 development cycle, only a handful of trees are pulled into a separate subsystem tree before going to Linus, and exactly one tree feeds patches through two other layers. For the most part, subsystem maintainers are going straight to Linus without dealing with middle managers.

975 of 11,260 changesets went directly into the mainline without existing in any subsystem tree at all. Some of those are the merge changesets created by Linus as he pulls trees; many of the rest are the patches which go by way of Andrew Morton. Linus wrote a very small number of them himself. And, occasionally, Linus merges a patch sent directly from a developer, but that is a relatively uncommon occurrence.

When interpreting these numbers, there is one important thing which must be kept in mind: by default, git will not record merge information when it is doing a "fast forward" merge. If a developer pulls down the current mainline repository, adds some patches on top, then gets Linus to pull the patches before anything else changes in the mainline, those patches can be added directly to the mainline without the need for a merge commit to hold things together. Fast-forward merges into the mainline are (probably) fairly rare, but they may well happen more often at the subsystem level. So this kind of information, when generated from a git repository, will never be 100% complete; some merges (and the repositories they came from) will be invisible.

For 2.6.29, two networking trees maintained by David Miller were the biggest waypoint for changesets (1910 of them) headed into the mainline; of those, many came from John Linville's wireless tree. After that, the "linux-2.6-tip" tree (the tree maintained by Ingo Molnar and company for a few subsystems, including the x86 architecture and the scheduler) contributed 1270 changesets to this development cycle. Other large sources of changes were the btrfs tree (910 changesets - the entire btrfs development history), the Video4Linux tree, the sound tree, and the ARM architecture tree. At the other end of the scale, twelve trees were the source of five or fewer changes.

For the curious, the statistics are available in text form along with the full names of the relevant git repositories. The code which generated this information is available as part of the gitdm repository at git:// An obvious place for future improvement is to track information about branches within repositories; this would increase the resolution of the whole picture. But that's for another development cycle; stay tuned.

Comments (6 posted)

Wakelocks and the embedded problem

By Jonathan Corbet
February 10, 2009
The relationship between embedded system developers and the kernel community is known for being rough, at best. Kernel developers complain about low-quality work and a lack of contributions from the embedded side; the embedded developers, when they say anything at all, express frustrations that the kernel development process does not really keep their needs in mind. A current discussion involving developers from the Android project gives some insight into where this disconnect comes from.

Android, of course, is Google's platform for mobile telephones. The initial Android stack was developed behind closed doors; the code only made it out into the world when the first deployments were already in the works. The Android developers have done a lot of kernel work, but very little code has made made the journey into the mainline. The code which has been merged all went into the staging tree without a whole lot of initiative from the Android side. Now, though, Android developer Arve Hjønnevåg is making an effort to merge a piece of that project's infrastructure through the normal process. It is not proving to be an easy ride.

The most controversial bit of code is a feature known as "wakelocks." In Android-speak, a "wakelock" is a mechanism which can prevent the system from going into a low-power state. In brief, kernel code can set up a wakelock with something like this:

    #include <linux/wakelock.h>

    wake_lock_init(struct wakelock *lock, int type, const char *name);

The type value describes what kind of wakelock this is; name gives it a name which can be seen in /proc/wakelocks. There are two possibilities for the type: WAKE_LOCK_SUSPEND prevents the system from suspending, while WAKE_LOCK_IDLE prevents going into a low-power idle state which may increase response times. The API for acquiring and releasing these locks is:

    void wake_lock(struct wake_lock *lock);
    void wake_lock_timeout(struct wake_lock *lock, long timeout);
    void wake_unlock(struct wake_lock *lock);

There is also a user-space interface. Writing a name to /sys/power/wake_lock establishes a lock with that name, which can then be written to /sys/power/wake_unlock to release the lock. The current patch set only allows suspend locks to be taken from user space.

This submission has not been received particularly well. It has, instead, drawn comments like this from Ben Herrenschmidt:

looks to me like some people hacked up some ad-hoc trick for their own local need without instead trying to figure out how to fit things with the existing infrastructure (or possibly propose changes to the existing infrastructure to fit their needs).

or this one from Pavel Machek:

Ok, I think that this wakelock stuff is in "can't be used properly" area on Rusty's scale of nasty interfaces.

There's no end of reasons to dislike this interface. Much of it duplicates the existing pm_qos (quality of service) API; it seems that pm_qos does not meet Android's needs, but it also seems that no effort was made to fix the problems. The scheme seems over-engineered when all that is really needed is a "do not suspend" flag - or, at most, a counter. The patches disable the existing /sys/power/state interface, which does not play well with wakelocks. There is no way to recover if a user-space process exits while holding a wakelock. The default behavior for the system is to suspend, even if a process is running; keeping a system awake may involve a chain of wakelocks obtained by various software components. And so on.

The end result is that this code will not make it into the mainline kernel. But it has been shipped on large numbers of G1 phones, with many more yet to go. So users of all those phones will be using out-of-tree code which will not be merged, at least not in anything like its current form. Any applications which depend on the wakelock sysfs interface will break if that interface is brought up to proper standards. It's a bit of a mess, but it is a very typical mess for the embedded systems community. Embedded developers operate under a set of constraints which makes proper kernel development hard. For example:

  • One of the core rules of kernel development is "post early and often." Code which is developed behind closed doors gets no feedback from the development community, so it can easily follow a blind path for a long time. But embedded system vendors rarely want to let the world know about what they are doing before the product is ready to ship; they hope, instead, to keep their competitors in the dark for as long as possible. So posting early is rarely seen as an option.

  • Another fundamental rule is "upstream first": code goes into the mainline before being shipped to customers. Once again, even if an embedded vendor wants to send code into the mainline, they rarely want to begin that process before the product ships. So embedded kernels are shipped containing out-of-tree code which almost certainly has a number of problems, unsupportable APIs, and more.

  • Kernel developers are expected to work with the goal of improving the kernel for everybody. Embedded developers, instead, are generally solving a highly-specific problem under tight time constraints. So they do not think about, for example, extending the existing quality-of-service API to meet their needs; instead, they bash out something which is quick, dirty, and not subject to upstream review.

One could argue that Google has the time, resources, and in-house kernel development knowledge to avoid all of these problems and do things right. Instead, we have been treated to a fairly classic example of how things can go wrong.

The good news is that Google developers are now engaging with the community and trying to get their code into the mainline. This process could well be long, and require a fair amount of adjustment on the Android side. Even if the idea of wakelocks as a way to prevent the system from suspending is accepted - which is far from certain - the interface will require significant changes. The associated "early suspend" API - essentially a notification mechanism for system state changes - will need to be generalized beyond the specific needs of the G1 phone. It could well be a lot of work.

But if that work gets done, the kernel will be much better placed to handle the power-management needs of handheld devices. That, in turn, can only benefit anybody else working on embedded Linux deployments. And, crucially, it will help the Android developers as they port their code to other devices with differing needs. As the number of Android-based phones grows, the cost of carrying out-of-tree code to support each of them will also grow. It would be far better to generalize that support and get it into the mainline, where it can be maintained and improved by the community.

Most embedded systems vendors, it seems, would be unwilling to do that work; they are too busy trying to put together their next product. So this sort of code tends to languish out of the mainline, and the quality of embedded Linux suffers accordingly. Perhaps this case will be different, though; maybe Google will put the resources into getting its specialized code into shape and merged into the mainline. That effort could help to establish Android as a solid, well-supported platform for mobile use, and that should be good for business. Your editor, ever the optimist, hopes that things will work out this way; it would be a good demonstration of how embedded community can work better with the kernel community, getting a better kernel in return.

Comments (23 posted)

DazukoFS: a stackable filesystem for virus scanning

By Jake Edge
February 11, 2009

A longstanding out-of-tree kernel feature—used by half-a-dozen or more virus scanners—Dazuko has recently changed its modus operandi in an effort to be included into the mainline. Dazuko, and now DazukoFS, are mechanisms to control access to files, which are generally used to stop Windows viruses from propagating on Linux servers. The goal is similar in many ways to that of fsnotify/fanotify/TALPA, but the DazukoFS implementation as a stackable filesystem is a completely different approach.

The Dazuko project started almost exactly seven years ago as an effort to allow user-space programs—Windows-style anti-virus scanners mostly—to make file access decisions. One of the reasons to have the scanning in user space—aside from the zero probability of getting one added to the kernel—is to keep it vendor-neutral by not favoring any particular anti-virus engine. But the means to that end was system call hooking, which is a technique that is seriously frowned upon by kernel hackers. Dazuko made an abortive move to the LSM API, but ran into various problems, including the inability to stack multiple security modules. Eventually, the project started looking at a stackable filesystem as a solution that would be palatable for moving into the mainline.

Originally suggested for Dazuko by Christoph Hellwig in 2004, a stackable filesystem has a number of advantages over the other solutions. It is a self-contained solution that won't require core kernel code changes if anti-virus developers wish to add new features. It also would add another stackable filesystem to the kernel, which may help foster a more general stackable filesystem framework. But the main reason is that the project sees it as the most likely path into the mainline. Main developer John Ogness explains:

Nearly seven years of out-of-tree development were more than enough to prove that out-of-tree kernel drivers have an unnecessarily large maintenance cost (which increases with each new kernel release). With DazukoFS mainline, anti-virus vendors would finally have an official interface and implementation on which to base their online scanning applications.

DazukoFS is mounted atop an already-mounted filesystem in order to handle file access decisions for files in the underlying filesystem. For example:

    mount -t dazukofs /opt /opt 
sets up the /opt filesystem for checking by user-space processes that open a special /dev file. All of the scanning application interaction with DazukoFS is done through /dev files, all of which is documented in Documentation/filesystems/dazukofs.txt

File access decisions are made by processes or threads which make up a "group". Groups act as a pool of available scanners to allow multiple outstanding file access decisions. Once the pool is fully occupied, file accesses will block until one becomes available. Groups are registered by writing "add=MyGroupName" to /dev/dazukofs.ctrl. A group id will then be assigned, which can be parsed from the output of reading the dazukofs.ctrl file. Group ids are then used to access the proper device for providing access decisions.

Based on the group id (N), a /dev/dazukofs.N file is created. Each process in the group registers itself by opening that device. It should then block in a read of the device waiting for a file access event. Each event has three pieces of information that are read from the device file: an event id, the process id of the accessing program, and the number of an open file descriptor that can be used to read the contents of the file. The scanning process should then perform whatever actions it requires to make the decision whether to allow or deny the access.

Because it gets passed an open file descriptor, the scanning process does not need any special privileges beyond those required to access the /dev/dazukofs* files. Once it has made the decision, the scanning process writes a string indicating the result to the device. It is then responsible for closing the file descriptor for the accessed file.

There are a few additional things that can be done via the user-space API: deleting groups, providing for some crash protection within groups, and handling accesses to protected files from within DazukoFS, all of which are described in the Documentation file.

There is also a major caveat that goes with this release of DazukoFS:

DazukoFS does not support writing to memory mapped files. This should not cause the kernel to crash, but will instead result in the application failing to perform the writes (although mmap() will appear to be successful from the application's viewpoint!).

That is done, at least partially, to avoid race conditions where a malicious program overwrites the file contents between the scanning and the actual access. This is a general achilles' heel for virus scanning mechanisms, but silently ignoring writes to mapped files is a rather extreme reaction to that problem. TALPA, which has subsequently become fanotify, defines this problem away as not being a part of the threat model it is handling. Perhaps DazukoFS should do something similar.

It would seem likely that only one of the two proposed solutions for user-space file scanning will end up in the mainline. Ogness mentions fanotify in his patch submission:

I am aware of the current work of Eric Paris to implement a file access control mechanism within a unified inotify/dnotify framework. Although I welcome any official interface to provide a file access control mechanism for userspace applications in Linux, I feel that DazukoFS provides a more elegant solution. (Note that the two projects do not conflict with each other.)

So far, there has been no comment on the v2 patch submission, but there were some suggestions to the first submission back in December. The kernel filesystem hackers are pretty busy folks in general, but right now there are numerous filesystems in various states of review: btrfs, POHMELFS, DST, FS-Cache, and others. Those may be using up all of the available review bandwidth. Ogness recently announced that he will be dropping support for the 2.x version of Dazuko—based on system call hooks—to focus on DazukoFS. In it he notes the lack of review:

As you probably know, DazukoFS has been submitted for inclusion in the mainline Linux kernel. Unfortunately it is getting practically no attention. I do not know if the silence is because I am not CC'ing the correct people, because those people refuse to look at it, or because no one has any time for it.

From the announcement, it seems clear that Ogness has the patience necessary to shepherd DazukoFS through the kernel inclusion process. It would seem that spending some time working with Eric Paris to try to find some common ground between their two solutions might be time well spent as well.

Comments (2 posted)

Patches and updates

Kernel trees


Core kernel code

Device drivers


Filesystems and block I/O

  • Boaz Harrosh: exofs. (February 9, 2009)



Benchmarks and bugs


Page editor: Jonathan Corbet


News and Editorials


February 11, 2009

This article was contributed by Susan Linton

Forget everything you ever knew about KNOPPIX because 6.0 is different from anything you've ever seen before. KNOPPIX was once a complete desktop distribution featuring KDE, lots of applications, and superior hardware detection. It was even one of the first to be delivered as a bootable live CD/DVD. Back then it was one of the most popular distributions available, but with the ease of making live CDs came lots of competition and KNOPPIX lost many of its users to the likes of MEPIS, PCLinuxOS, or Ubuntu. However, KNOPPIX developers are innovating once again, this time with a lightweight distribution offering accommodations to those with visual impairments.

The accessibility goals are being met through ADRIANE, the compilation of programs designed to help those with visual challenges navigate a system by sound-directed keyboard input. With ADRIANE, individuals with diminished visual skills can surf the Internet, read and write emails, text message, listen to music or videos, read and construct office documents, and more.

The Accessibility Interface

The changes are apparent from the start of the CD. The default boot brings the user to a plain text menu with items such as WWW, Multimedia, File Manager, Graphical Programs, and Setup. ADRIANE reads these items in a robotic British voice to the user as the cursor is moved up and down. <Enter> opens various programs such as Links for Web navigation, Mutt for e-mail, or Midnight Commander for file management. Graphical Programs will bring a submenu for OpenOffice, Iceweasel, or start the full LXDE desktop environment.

The screen reader seems to do an admirable job of reading off menus, window titles, bash prompts, key inputs, web pages, documents, or just about anything that appears on screen. It did have some difficulty keeping up with fast typing and at times just cut out all together. It can be customized for several preferences such as default language, function keys, Braille devices, and to start at login.

Using Iceweasel is an exercise in patience as the NoScript plugin output preempted anything on the web page. With today's CMS software, every web site has a ton of headers on every page which is kindly re-read with each click. Same holds true for multicolumn sites whose first column is static and chocked full of links. Due to this there may be only a very few sites that people with visual impairments might find enjoyable.

Menu navigation is confusing at first as well because the screen reader recites "Menu, Menu-Item, Sub-menu Item, Program, keyboard shortcut" for each move of the cursor or highlight. A certain amount of self training may be required before one can tune out the repetition.

The reader didn't seem to have much difficulty translating text to speech. Some words are pronounced unconventionally, with the accent on the wrong syllable or literal reading of some letter combinations, but very few words were skipped or botched completely. It actually did a very good job on a computer with lots of processing power and memory. It stopped speaking on a machine with lower resources much more often. It was also a bit unstable, especially on the slower machine. Iceweasel crashes and freezes were not uncommon and root applications were excluded altogether.

The Desktop and Applications

with LXDE

KNOPPIX is now shipping with the lightweight but capable LXDE. It strives to be a pretty, fast performing, customizable, and energy saving desktop. It is being seen in more and more distributions lately as an alternative GTK+ 2 interface due to its lower system requirements and dependencies.

KNOPPIX isn't just for the visually impaired. It can be used by anyone wanting a light desktop with a few popular applications. GMPlayer resides in the menu for audio and video playback, The GIMP manipulates your images, and GPicView provides basic image viewing. Iceweasel, Icedove, ELinks, and Pidgin network for you and the suite puts you back to work. There are a several system accessories such as Leafpad, Xarchiver, and PCMan file manager. A few system configuration tools have made it into this release such as Network card configuration, Wavelan configuration, and Synaptic software manager. Multimedia codecs are present but Flash isn't. Ironically, KNOPPIX also ships with Compiz and Compiz Fusion plugins enabled by default on supporting hardware as well as several nice screensavers. Linux kernel 2.6.28 and Xorg X server 1.4.2 form the foundation and GCC 4.3 is installable.

Missing from this release is the KNOPPIX hard drive installer, although it does have a script for installing onto a USB memory stick. Many tools and utilities that didn't make into this release are being planned for the next and hopefully the installer is on that list. Live CDs are nice, but without a hard drive installer KNOPPIX may not be feasible for daily use.

Hardware Support

Hardware support with this release is very good for devices known to work well with the standard Debian kernel. A basic DHCP network connection is available at boot with supported hardware. Graphics detection and configuration is good, even with an antique 13 inch monitor saved from the refuse pile. Without proprietary drivers, most NVIDIA and ATI/AMD graphic chips will not be able to utilize the Compiz screen effects.

The screen resolution was correctly configured on the 15.4 inch widescreen LCD of an HP Pavilion laptop. However, KNOPPIX doesn't ship with any proprietary drivers or Ndiswrapper, so some wireless network devices may not work such as the one on this laptop. The wired network card worked fine as did most of the other common devices.

Tests here showed that, despite a light desktop environment, the system requirements are a bit higher than one might think. The ADRIANE applications in combination with many of the graphical programs seem to require a recent processor and approximately a gigabyte of RAM. Although KNOPPIX did function on slower machines, more instability surfaced.

Closing Thoughts

This release of KNOPPIX 6.0 "ADRIANE" is an admirable first effort. Although ADRIANE has been in development since 2007 and was included in KNOPPIX 5.3.1, this is the first release to build completely around it. The underlying system has been rebuilt from scratch, so all in all it's shaping up nicely. The ADRIANE components aren't perfect and need a few bugs squashed, but overall it was quite amazing with its accuracy.

However, some of its quirks might keep someone with visual issues from just inserting the CD and working entirely on their own, at least until they have been trained. This would be especially true for someone new to requiring accommodations such as text-to-speech and screen readers. In tests here, our brave blindfolded guinea pig became lost and stuck within a matter of minutes in the graphical environment. On the other hand, everyone in our test lab with unobstructed sight was completely impressed with the ADRIANE technology and appreciate the work done by Klaus Knopper and his lovely wife Adriane.

Overall, it's a great first showing and subsequent releases are bound to be even more exciting. If you know someone with vision impairments, it might be worth their while to give them and walk them through a copy of KNOPPIX ADRIANE.

Comments (2 posted)

New Releases

Jaunty Alpha 4 released

The fourth alpha release of Ubuntu's Jaunty Jackalope is available for testing. Jaunty will become 9.04 when its ready. Downloads are available for Ubuntu, Ubuntu Education Edition, Kubuntu, Xubuntu, UbuntuStudio, Ubuntu Netbook Remix, and Ubuntu MID.

Full Story (comments: none)

Ubuntu Customization Kit (UCK): 2.0.8 (SourceForge)

Ubuntu Customization Kit is a tool that helps you customize official Ubuntu Live CDs (including Kubuntu/Xubuntu and Edubuntu) to your needs. You can add any package to the live system, for example language packs, or applications. Version 2.0.8 has been released.

Comments (none posted)

Distribution News

Debian GNU/Linux

Dedicating Lenny to Thiemo: Call for Signatures

Debian is dedicating the upcoming Lenny release (v5.0) to Thiemo Seufer. "The Debian Project has lost an active member of its community. Thiemo Seufer died on December 26th, 2008 in a tragic car accident. Thiemo was involved in Debian in many ways. He maintained several packages and was the main supporter of the Debian ports to the MIPS architecture. He was also a member of our kernel team, as well as a member of the Debian Installer team. His contributions reached far beyond the Debian project: he also worked on the MIPS port of the Linux kernel, the MIPS emulation of qemu, and far too many smaller projects to be named here."

Full Story (comments: none)

Bits from the ftpteam regarding the release

Debian's ftpteam has some information regarding the Lenny (5.0) release, scheduled for February 14, 2009. Click below for more information.

Full Story (comments: none)


Fedora 11 alpha - and a new community liaison

The Fedora Project has announced the Fedora 11 alpha release, complete with the requisite doggerel poetry. It is definitely early-stage software, but the announcement helpfully notes that it "should boot on the majority of systems." This is a good chance for those who are interested in the upcoming Fedora release to help find bugs.

Fedora has also brought in Adam Williamson as a community liaison. "I am working for Red Hat as of this Monday. I have been hired into the Fedora QA team essentially to drive community involvement in the Fedora QA process. RH - and, to put a more personal touch on it, Jay Turner, who's responsible for Fedora QA - felt that Fedora could really benefit from more community involvement in the QA process, so my role is to try and help develop that." Adam previously did community work for Mandriva.

Comments (8 posted)

New Distributions

Jarro Negro

Jarro Negro (English version) hails from Mexico. Its goal is to produce servers of different architectures (including SPARC). Jarro Negro is a 'built from scratch' distribution which recently added support for RPM package management. 2.0.2 is the current version.

Comments (none posted)

Distribution Newsletters

DistroWatch Weekly, Issue 289

The DistroWatch Weekly for February 9, 2009 is out. "The netbook market is not just limited to the Eee PC any more, now every major manufacturer has a netbook of some description. The software arena hasn't stood still either with many custom distributions having been created to accommodate these little machines. Intel sponsors the Moblin project which has just released a new alpha, and we take it for a test run. In the news section, the creator of Puppy Linux explains his new project called Woof, Mandriva finalises the structure for their new Assembly, things heat up in BSD land with new releases on the way, the unofficial Fedora FAQ provides updates to version 10, Fedora causes a stir after disabling the popular 'kill X' feature, and a new online Slackware package finder is made public. Also in this issue are links to two interviews - the first with a KDE developer and the second with the creator of Xfce."

Comments (none posted)

Fedora Weekly News #162

The February 8, 2009 edition of the Fedora Weekly News is out. "This week we're happy to announce the return of several beats: Marketing reports on following Fedora activity via Twitter; Ambassadors tantalizes with some Fedora polo shirts and the news that "North American Ambassadors Take Reins of XO Program"; Infrastructure notes a possible "Public Calendaring System" for the community; SecurityWeek shares an xkcd comic in "Encryption Security". Announcements highlights the K12Linux Fedora 10 Live Server in "Technical Announcements", PlanetFedora rounds up a lot of must-read blogs, Developments clarifies that "Fedora 11 Will Support i586 Instruction Set", Translation links to the "L10n Infrastructure Roadmap Proposal", Artwork suggests some "Context Free Art", SecurityAdvisories lists packages you really, really want, Virtualization defies easy summary but one exciting tidbit is "Merging KVM and Qemu Packages", and finally we have another AskFedora concerning the possibility of a "Standardized Package Format"."

Full Story (comments: none)

OpenSUSE Weekly News/58

This issue of the OpenSUSE Weekly News looks at Adrian Schröter: More efficient Factory Development, FOSDEM, Larry Finger: Getting Your Wireless to Work, Martin Schlander: Use Oxygen Icons In App Menu, Joe Brockmeier: More FOSS security scare-mongering and several other topics.

Comments (none posted)

Ubuntu Weekly Newsletter #128

The Ubuntu Weekly Newsletter for February 7, 2009 covers: Ubuntu Jaunty Alpha 4 released, Rock the Docs: Ubuntu LoCo Docs Day, Hall of Fame Interview: Christophe Sauthier, Fridge Calendar has moved, Ubuntu HugDay, New Contributing Developer, Launchpod Episode #16, Launchpad performance weeks, Full Circle Magazine #21, Ubuntu podcast #19, Toshiba Netbook with Ubuntu Remix, First Ubuntu Event in Monastir Tunisia, Team Meeting Summaries, and much more.

Full Story (comments: none)

Newsletters and articles of interest

From the archives: the best distros of 2000 (TuxRadar)

TuxRadar has an amusing walk down memory lane for anyone who has been using Linux since 2000 (or before). It is re-running an article from from the first issue of Linux Format magazine that reviewed the top distributions of 2000. "Remember that nine years is a long time in the computing world -- and even more so for Linux. [...] Corel Linux is long dead, despite a high-profile entrance into the distro scene, while Caldera Linux occupied a healthy position (before the SCO shenanigans busted it up). SUSE, Mandrake, Red Hat and Mandriva are still alive in various flavours, while the British Definite distro bought the farm and WinLinux only made it to a 2003 release."

Comments (9 posted)

Page editor: Rebecca Sobol


The EeePC as a low-power music player

By Forrest Cook
February 6, 2009

For a long time, your author has been searching for a low power music playing computer for use in an off-grid solar and wind powered mountain cabin. The desire was to have a player with capabilities that were similar to the grid-powered system used at home. This consists of a library of over 5000 FLAC-encoded audio files that are either randomly or sequentially played by one of several Python scripts. The audio is fed from the computer's sound card to the auxiliary input of a stereo amplifier.

The current off-grid audio system uses a car stereo deck with a built-in CD player driving three stereo speaker sets, all running on 12V DC power. Power consumption is in the range of 5-10 Watts, depending on volume. The car stereo deck has an auxiliary audio input for connecting external sound sources, such as a computer. After one becomes used to a Linux-powered music system with unattended playback of a large music library, manually swapping individual CDs every 45 minutes seems like a lot of trouble.

Initially, a stripped-down desktop computer was considered for the job, but the power consumption was a bit too high for continuous off-grid use, especially when powering the machine equipment through a DC to AC power inverter. A number of mini-ITX systems were considered for the job, but their prices were high, power consumption was still moderate, and an external monitor, with more power consumption, was required.

A laptop computer seemed like a better platform for building such a system. Taking the small system idea one step further, it was decided that a palmtop computer would be a good candidate for the task at hand. The ASUS Eee PC was chosen because it was inexpensive, common, tiny, self-contained and would run on low power. Also, another LWN editor had an Eee PC model 4G (701) that he was willing to part with. This machine uses a solid state flash drive for its primary filesystem.

[Eee PC music player]

One might ask, why not just get an iPod? In short, your author does not like the sound quality that comes from highly compressed audio formats, and the ability to create custom software was desired. Also, the price of large capacity hard drives has come down enough that high volume storage is no longer an issue.

The newly acquired Eee PC needed a fresh operating system installation. Ubuntu was a logical choice since it was already being used for the home-based music player. Easy Peasy 1.0 (Ubuntu 8.10) was the first Ubuntu-based distribution that was found for the Eee PC platform. The EEEBUNTU distribution also looks like a good candidate for running Ubuntu on the the Eee PC. Installing the operating system on a machine that lacked a CDROM drive involved downloading the appropriate ISO image and installing it on a USB memory stick. Creation of a bootable USB memory stick is explained in this article.

The Easy Peasy installation worked the first time, the only annoyance involved the appearance of the Ubiquity system installation window upon logging in. The Easy Peasy forum had an article on Common issues and fixes that had the solution to that problem, and some additional post-installation suggestions. An article about optimizing Linux on a solid stated drive suggested some additional tricks for improving the life of the solid state memory. The folks who put Easy Peasy together did a good job customizing Ubuntu for the Eee platform, all of the various Eee PC peripherals have worked with no problems.

A Seagate FreeAgent 320GB USB drive was chosen to hold the music collection, it is small, frugal with power and gets its operating power from the USB port. The drive required installation of an EXT3 filesystem. The entire music collection was copied over by installing the new drive on the home system and running an rsync command to populate the filesystem. As the master music archive grows, it will be simple to synchronize it with the USB drive using another rsync operation. The USB drive also provides an off-site backup for the main music collection.

A small amount of software had to be installed on the machine. The Ubuntu vorbis-tools package contains the ogg123 command line FLAC file player. Two custom Python scripts, and (available here) use ogg123 to do the rest of the work. The music is organized in a hierarchy of directory trees categorized by genre, artist and recordings. The recordings of CDs, vinyl disks and tapes each get their own directory. is run with the primary music archive as an argument, it picks random selections and plays them. It can also be run on subsets of the entire collection or on directories full of symbolic links to specific groupings of recordings. is used to play all of the songs in one particular directory. Both Python scripts can be invoked multiple times inside of a bash script for a wide variety of programmability.

Using the Kill-a-watt meter that was discussed in the aforementioned power consumption article, data was taken for various modes of Eee PC operation. With the USB hard drive connected and the screen on, the worst-case AC power usage was in the 17-21 Watt range while playing music. This is about four times better than the best power consumption achieved with the desktop machine, not counting the desktop video monitor. When the Eee PC screen is closed, power consumption drops by about 2 Watts. Removing the USB hard drive causes the power consumption to drop by around 4 Watts. Running from the AC charger, the Eee PC can play music using only 11-15 Watts. This number can likely be shaved by another 5 watts or so if the machine is powered directly from 12V DC using a car cigar lighter adapter, the AC adapter generates a lot of heat.

In the above example, minimum power usage was achieved with the hard drive disconnected. However, a music player without music isn't of much use. A bit of software solved the problem. The script was modified so that instead of playing the random music selections, it copies the songs from the hard drive to a specified directory on the flash-based filesystem. Flash space on this system is in short supply, so an external 4GB USB memory stick (1 Watt) was added to the machine. The memory stick can be loaded with many hours of music and the system can play without the hard drive. Since this mode of operation involves no spinning drives, operating the system in a car becomes a practical option. A common iPod FM transmitter would allow the player to be used in an automotive setting where no auxiliary audio input is available.

In all, this project went together rather easily, no major problems were encountered. Audio quality could likely be improved by adding an external USB sound card. A remote control device such as the Wii Remote (covered here) would be a nice addition. The Eee PC features a large amount of hardware capability in a tiny enclosure. It makes an excellent platform for a music player and is capable of much more.

Comments (7 posted)

System Applications

Audio Projects

JACK 0.116.2 + D-Bus

Version 0.116.2 of the JACK Audio Connection Kit with D-Bus support has been announced. "D-Bus modifications add optional autodetected support for the D-Bus based server control system. D-Bus is object model that provides IPC mechanism. D-Bus supports autoactivation of objects, thus making it simple and reliable to code a "single instance" application or daemon, and to launch applications and daemons on demand when their services are needed."

Full Story (comments: none)

Database Software

PostgreSQL 2009-02-06 Update Release is available

Update Release 2009-02-06 of several versions of the PostgreSQL DBMS have been announced. "The PostgreSQL Project today released updates to all active branches of the PostgreSQL object-relational database system, including versions 8.3.6, 8.2.12, 8.1.16, 8.0.20 and 7.4.24. These updates include two serious fixes, for autovacuum crashes in version 8.1 and GiST indexing data loss in 8.3, and those two versions should be updated as soon as possible. These update releases also include patches for several low-risk security holes, as well as up to 17 other minor fixes, depending on your major version of PostgreSQL."

Full Story (comments: none)

PostgreSQL Weekly News

The February 8, 2009 edition of the PostgreSQL Weekly News is online with the latest PostgreSQL DBMS articles and resources.

Full Story (comments: none)

web2py 1.56 is out

Version 1.56 of web2py, a cross-platform database driven web framework, has been announced. "web2py 1.56 is out, including a new web site with better documentation".

Full Story (comments: none)

Embedded Systems

FreeRTOS: V5.1.2 released (SourceForge)

Version 5.1.2 of FreeRTOS has been announced, several new platforms are now supported, among other improvements. FreeRTOS is a: "Mini RTOS kernel for small embedded systems. Preconfigured demo programs are included for lots of microcontroller architectures - ARM7, ARM CORTEX M3, PIC32, PPC405, 8051, AVR (MegaAVR), x86, PIC18, PIC24, dsPIC, HCS12, H8S, RDC, ColdFire, Fujitsu, etc."

Comments (none posted)

Package Management

RPM version 4.6.0 is out

Version 4.6.0 of RPM has been announced. "The primary focus on this release has been cleaning up the code-base to make it more maintainable and robust, and also more approachable to invite more community involvement. Code duplications, memory handling and various code pieces have been cleaned up. The local copies of system libraries like db4, lua, popt and libmagic were removed. New APIs have been established and dozens of old bugs have been fixed. A several obsolete features have been removed from the code base. There also have been a number of visible improvements."

Full Story (comments: 1)


OpenSIPS: new PBX dialing module (SourceForge)

A new PBX dialing module is available for OpenSIPS. "OpenSIPS is an GPL implementation of a multi-functionality SIP Server that targets to deliver a high-level technical solution (performance, security and quality) to be used in professional SIP server platforms. A new module is available in OpenSIPS (called closeddial module). This module is intended to offer a functionality similar to Centrex to OpenSIPS, allowing to define groups of closed dialling, using abbreviated codes."

Comments (none posted)

Desktop Applications

Audio Applications

Aqualung 0.9beta10 released

Version 0.9beta10 of Aqualung has been announced. "On behalf of the developer team, it is my pleasure to announce the latest release of Aqualung, an advanced cross-platform gapless music player. This release is the result of a year's work, much of which has been done by our newly joined developer Jeremy Evans."

Full Story (comments: none)

Ecasound 2.6.0 released

Version 2.6.0 of Ecasound, a multi-track audio processing package, has been announced. "New interactive commands have been added to query and manage JACK port connections. More options are also now available for setting up ecasound's own JACK ports. Severe bugs in 'playat' and 'select' objects have been fixed. A refactored ECI C implementation fixes bugs and provides improved performance for ECI apps. Many minor bugs have been fixed."

Full Story (comments: none)

Business Applications

OpenERP 5.0 released

Version 5.0 of OpenERP has been announced. "This new version comes with a full review of the web site giving access to more then 1500 pages of documentations on business management and a reorganization of the community sources build upon the Open Object framework. Free cycles of conferences are planned with the version 5.0 release of Open ERP."

Full Story (comments: none)

Data Visualization

python-graph 1.4.0 released

Version 1.4.0 of python-graph has been announced. "python-graph is a library for working with graphs in Python. This software provides a suitable data structure for representing graphs and a whole set of important algorithms."

Full Story (comments: none)

Desktop Environments

GNOME 2.25.90 beta released

Version 2.25.90 of the GNOME desktop has been announced. "This is the sixth development release, and the first beta, towards our 2.26 release that will happen in March 2009. By now most things are in place, and your mission is easy: Go download it. Go compile it. Go test it. And go hack on it, document it, translate it, fix it."

Full Story (comments: none)

GNOME Software Announcements

The following new GNOME software has been announced this week: You can find more new GNOME software releases at

Comments (none posted)

Plasma Team Looks at the Future (KDEDot)

KDE.News reports from the Tokamak II gathering. "The purpose of Tokamak II was to design features and concepts to be worked on over the next year in Plasma and the KDE desktop. Topics covered included: animations and other new features in Qt 4.5, Social Desktop concepts, desktop search, email and calendaring integration, a new system tray implementation, Plasma for educational desktops, mediacenters and PlasMate, a content creation application."

Comments (none posted)

KDE Software Announcements

The following new KDE software has been announced this week: You can find more new KDE software releases at

Comments (none posted)

Xorg Software Announcements

The following new Xorg software has been announced this week: More information can be found on the X.Org Foundation wiki.

Comments (none posted)

Financial Applications

LedgerSMB::API 0.04a released

Version 0.04a of LedgerSMB::API has been announced. "In a collaboration initiated between Nigel Titley and Hugh Esco -- but open to others, operating under a SourceForge project as LedgerSMB-OSCommerce, but with an expanded focus of supporting developers seeking to integrate LedgerSMB generically with other applications which have a need to post transactions to or pull reports from an accounting database.

Full Story (comments: none)

SQL-Ledger 2.8.21 released

Version 2.8.21 of SQL-Ledger, a web-based accounting system, has been announced. See the What's New document for release notes.

Comments (none posted)

webERP: 3.10 released (SourceForge)

Version 3.10 of webERP has been announced. "Integrated accounting ERP system. Multi-language/currency/inventory locations. Full double entry. SO/AR/PO/AP/GL/Bank/Sales Analysis. BOMs/assemblies/kit-sets. Flexible pricing. Emailable pdf reports. Fast PHP created html for any browser. Many new features and bug fixes from the last release including geo mapping, new CRM functionality, significant improvements to the API, two new themes, and the inclusion of javascript to check the input on certain forms."

Comments (none posted)


WFMath 0.3.9 released

Version 0.3.9 of WFMath has been announced. "WFMath, or the WorldForge Math library’s main focus is geometric objects, and it has classes for several shapes as well as the basic math objects, points, vectors, matrices and quaternions. It is required by all WorldForge components. This release is aimed at all developers. Changes in this version: * The headers have been cleaned up to include fewer system headers and dependencies, and keep the namespace a bit cleaner. "

Comments (none posted)

Geographical Software

Traveling Salesman: OSMbin v1.0 announced (SourceForge)

Version 1.0 of Traveling Salesman has been announced. "traveling-salesman is a GPS -route-planning and -navigation -system based on libosm and the OpenStreetMap. LibOSM of Traveling Salesman contains the reference-implementation of the OSMbin file-format. As our implementation now has advanced far enough I am happy to announce the final OSMbin file-format on the OpenStreetMap -dev and -osmosis -mailing lists."

Comments (none posted)

GUI Packages

AnyScreen: Released AnyScreen v1.0 (SourceForge)

Version 1.0 of AnyScreen has been announced. "The goal of AnyScreen is to allow simple development of OpenGL applications running on a wide range of modern output devices. Currently, AnyScreen is capable of rendering on multiple displays settings and offers various stereoscopic rendering modes."

Comments (none posted)

Instant Messaging

GOZERBOT 0.9 released

Version 0.9 of GOZERBOT, a Python IRC bot and Jabber bot, has been announced. "Finally gozerbot 0.9 has been released. This is a huge step forward to version 1.0 and contains a number of changes".

Full Story (comments: none)


Elisa Media Center 0.5.27 released

Version 0.5.27 of Elisa Media Center has been announced, it includes some new features and bug fixes. "Elisa is an open source cross-platform media center connecting the Internet to an all-in-one media player. It is written in python using twisted, gstreamer and pigment among others, and runs on GNU/Linux and Microsft Windows (XP and above)."

Full Story (comments: none)

Music Applications

QJackMMC / JackCtlMMC version 3 released

Version 3 of QJackMMC / JackCtlMMC is out. "A new version of QJackMMC / JackCtlMMC has been released today, sporting the new ability to select a device ID, a new help system, and several bug fixes. If you have a MIDI device capable of sending Midi Machine Code commands, you can use QJackMMC / JackCtlMMC to control all your JACK-based programs with your external hardware, or even internal ALSA programs that emit MMC."

Full Story (comments: none)

Office Applications

Resolver One 1.4 beta announced

Version 1.4 beta of Resolver One has been announced. "Version 1.4 of Resolver One, our Pythonic spreadsheet, uses our Ironclad project to provide (alpha-level) support for numpy in a IronPython application. You can put numpy matrices in spreadsheet cells and manipulate them like any other data".

Full Story (comments: none)


Stellarium: 0.10.1 released! (SourceForge)

Version 0.10.1 of Stellarium has been announced. "Stellarium renders 3D photo-realistic skies in real time with OpenGL. It displays stars, constellations, planets, nebulas and others things like ground, landscape, atmosphere, etc. This is the first stable version featuring the new Graphical User Interface. It contains all features introduced in 0.10.0 beta (with much less bugs!) as well as: a new script engine (in testing), new translations in Albanian and Bosnian, an improved grid rendering, the possibility to download extra star catalogs in 1 click, and various performance improvements."

Comments (none posted)

Web Browsers

Mozilla Firefox 3.0.6 released (MozillaZine)

MozillaZine covers the release of Firefox 3.0.6. "The sixth minor update to Mozilla Firefox 3 has been released. Firefox 3.0.6 fixes security vulnerabilities, improves stability, improves the ability for scripted commands to work properly with plugins and resolves a handful of other small bugs."

Comments (none posted)


BleachBit 0.3.1 released

Version 0.3.1 of BleachBit has been announced. "BleachBit is a Internet history, locale, registry, privacy, and temporary file cleaner for Linux on Python v2.4 - v2.6. Notable changes for 0.3.1: * Clean the cache and temporary files of Acrobat Reader, GIMP, Google Earth, Second Life Viewer, and winetricks. * Clean Firefox version 3's URL history without deleting the entire places.sqlite file (which also contains bookmarks). * Clean more localizations. * Vacuum the Firefox databases (which becomes fragmented). * Fixed bug that blocked cleaning of some localizations for some using Ubuntu 8.04. * Fixed bug that prevented starting BleachBit when the language was not set. * Fixed bug that prevented cleaning of the clipboard."

Full Story (comments: none)

Virtaal 0.3.0 released (SourceForge)

Version 0.3.0 of Virtaal has been announced. "Tools for localization: Pootle, a web based translation management system. Virtaal, a powerful desktop CAT tool and Translate Toolkit, providing QA, format conversion and support (PO, Java .properties, OpenOffice, Mozilla, XLIFF, TMX, TBX, CSV, Qt .ts) There are far too many improvements to list, but some of the new features include..."

Comments (none posted)

Languages and Tools


GCC 4.4.0 Status Report

The February 9, 2009 edition of the GCC 4.4.0 Status Report has been published. "Trunk remains in Stage 4 (regression and documentation fixes mode). GCC 4.4 will be branched when there are no open P1 regressions for 4.4 and the runtime library sources have been converted to GPLv3 with the new licensing exception; the number of P1, P2 and P3 regressions has been below 100 for some time. The licensing exception is waiting for the FSF to confirm to the SC exactly what wording should go in source files using the exception and whether any changes to the exception are to be made to address the possible issues discussed on this list."

Full Story (comments: none)


Caml Weekly News

The February 10, 2009 edition of the Caml Weekly News is out with new articles about the Caml language.

Full Story (comments: none)


GNU Classpath 0.98 released

Version 0.98 of GNU Classpath, the essential libraries for Java, has been announced. "The GNU Classpath developer snapshot releases are not directly aimed at the end user but are meant to be integrated into larger development platforms. For example the GCC (gcj) and Kaffe projects will use the developer snapshots as a base for future versions."

Full Story (comments: none)


cssutils 0.9.6a1 announced

Version 0.9.6a1 of cssutils has been announced, this release adds some new capabilities and improved documentation. cssutils is: "A Python package to parse and build CSS Cascading Style Sheets. (Not a renderer though!)"

Full Story (comments: none)

HDF5 for Python 1.1 announced

Version 1.1 of HDF5 for Python has been announced, several new capabilities have been added. "HDF5 for Python (h5py) is a general-purpose Python interface to the Hierarchical Data Format library, version 5. HDF5 is a versatile, mature scientific software library designed for the fast, flexible storage of enormous amounts of data."

Full Story (comments: none)

itools 0.50.3 released

Version 0.50.3 of itools has been announced, it includes several bug fixes. "itools is a Python library, it groups a number of packages into a single meta-package for easier development and deployment".

Full Story (comments: none)

SciPy 0.7.0 released

Version 0.7.0 of SciPy has been announced. "SciPy is a package of tools for science and engineering for Python. It includes modules for statistics, optimization, integration, linear algebra, Fourier transforms, signal and image processing, ODE solvers, and more. This release comes sixteen months after the 0.6.0 release and contains many new features, numerous bug-fixes, improved test coverage, and better documentation."

Full Story (comments: none)

Python-URL! - weekly Python news and links

The February 5, 2009 edition of the Python-URL! is online with a new collection of Python article links.

Full Story (comments: none)

Cross Compilers

Arduino 0013 released

Version 0013 of Arduino, a development system for the Arduino board, has been announced. "Arduino is an open-source electronics prototyping platform based on flexible, easy-to-use hardware and software. It's intended for artists, designers, hobbyists, and anyone interested in creating interactive objects or environments. Arduino can sense the environment by receiving input from a variety of sensors and can affect its surroundings by controlling lights, motors, and other actuators." See the release notes for more information.

Comments (none posted)


eric 4.3.0 released

Version 4.3.0 of eric has been announced. "this is to inform all of you about the immediate availability of the long awaited 4.3.0 release. It includes enhancements in nearly every area. Please see for yourself by downloading it from eric4 is a Python (and Ruby) IDE written using PyQt4 and QScintilla2. It comes with batteries included and is extensible via a built-in plug-in system."

Full Story (comments: none)

KDevelop 4 Beta 1 available (KDEDot)

Version 4 Beta 1 of KDevelop has been announced. "On behalf of the KDevelop team I am happy to announce that we have reached the next milestone on our way to a final release, KDevelop 4 Beta 1. We feel that KDevelop 4, although in no way feature complete, is now usable and stable enough to get first feedback from a somewhat wider audience. Being a beta there are of course still bugs and missing functionality, but we have excellent language support for C++, integration of the CMake buildsystem, subversion, git and even starts of Qt GUI designer integration."

Comments (none posted)

Test Suites

Linux Desktop Testing Project 1.5.0 released

Version 1.5.0 of LDTP, the Linux Desktop Testing Project, has been announced. " This release features number of important breakthroughs in LDTP as well as in the field of Test Automation. This release note covers a brief introduction on LDTP followed by the list of new features and major bug fixes which makes this new version of LDTP the best of the breed. Useful references have been included at the end of this article for those who wish to hack / use LDTP."

Full Story (comments: none)

TestLink: 1.8 RC4 released (SourceForge)

Version 1.8 RC4 of TestLink has been announced. "TestLink is leading open source Test management tool. The fourth 1.8 Release candidate improves stability and usability of TestLink. We solved 38 issues and requests within this build (especially installer and localization). New feature: User notification on testing assignment via e-mail."

Comments (none posted)

Version Control

GIT announced

Version of the GIT distributed version control system has been announced, it includes new capabilities and bug fixes.

Full Story (comments: none)


PLY 3.0 announced

Version 3.0 of PLY has been announced. "I'm pleased to announce a significant new update to PLY---a 100% Python implementation of the common parsing tools lex and yacc. PLY-3.0 adds compatibility for Python 2.6 and 3.0, provides some new customization options, and cleans up a lot of internal implementation details."

Full Story (comments: none)

Page editor: Forrest Cook

Linux in the news

Recommended Reading

Reflections on the hardware industry

Harald Welte reflects on the issue of insufficient FOSS support from the hardware industry. "They all have some people inside their own organization, most often actual engineers or even engineering managers up to the very senior R&D managers who understand the FOSS model and the benefits that this would or at least could bring to their products and their organizations. They want to release the source, they want to push mainline, and they might even want to release the user manuals. But inside the industry, nobody listens to what their own R&D department or event some external entity - even the very representatives of the operating system they use (Linux). The chip makers will only listen to one thing: Demand from their tier-1 customers. Whatever is in the spec of those who buy their components in millions of units will get implemented. Only those maybe biggest five board-makers are considered 'customer'. Everybody else is not." (Thanks to Paul Wise).

Comments (11 posted)

Trade Shows and Conferences

Camp KDE Talks part two (KDEDot)

KDE.News presents part two of its coverage of the Camp KDE Talks "Sunday again had talks about a large range of topics. The day started a bit late, but Guillermo Amaral really made up for it by providing us with a funny and interesting talk about the opportunities for the Business use of KDE in Mexico. He pointed out how important it is to handle cultural differences well, continuing the theme set by Pradeepto Adriaan and Till."

Comments (none posted)

Camp KDE Continues And Finishes (KDEDot)

KDEDot covers Camp KDE. "Camp KDE, the KDE community event of North and South America, has finished. Similar to the European KDE meeting, Akademy, the first two days were based around a series of talks on various topics. After that we moved towards BOF sessions, local discussions and programming. We had a trip to the Appleton Estate, visited Rick's café and had a lot of fun. The following article details some of the things that kept us busy."

Comments (none posted)


Behind the scenes in Microsoft's war against Linux (cnet)

Over at cnet, Matt Asay examines the patent deal between Brother and Microsoft. Given that Microsoft doesn't make printers or even printer drivers, the Brother deal is puzzling. "Slowly, behind the scenes, Microsoft continues to try to portray Linux as risky and Microsoft's patent coverage as insurance. Given that the company selling the insurance is also the one threatening a lawsuit, however, Microsoft needs to step very carefully to avoid the 'extortionist' label. I personally believe that it has already crossed the line and needs to get back to competition between products, not lawyers."

Comments (1 posted)

MySQL founder leaves Sun (heise online)

Heise online is reporting that MySQL founder Michael "Monty" Widenius is leaving Sun. It was rumored to be happening last September, but Widenius and Sun worked out an agreement for him to stay for three months at that time—which stretched to a few extra months. "Now, by agreement, and apparently on good terms, Sun and Widenius have parted. 'I still think that Sun was the best possible buyer for MySQL and I feel sad that things didn't work out together', he said, 'I will be available for Sun in helping them with their goals in the open source space'."

Comments (1 posted)

State of the Union at Red Hat (Red Hat Magazine)

Jim Whitehurst, President and CEO of Red Hat, provides a brief "State of the Union" for Red Hat. "I've been on the job at Red Hat since December 2007, and have had the opportunity to meet hundreds of Red Hat customers, partners, associates and industry leaders. In keeping with the U.S. presidential State of the Union address, I'd like to touch on plans for the upcoming year while also reflecting back to share a few observations from the past 13+ months." (Thanks to Rahul Sundaram)

Comments (none posted)

Red Hat Expands Real Time Linux Cloud ( reports on Red Hat's new MRG 1.1 platform. "Linux vendor Red Hat is out today with its newest Real Time Linux platform, MRG 1.1 boasting new performance, messaging and grid computing (cloud) capabilities. The new MRG 1.1 platform marks the debut of Red Hat's commercially-supported grid technology, which helps users create their own enterprise clouds as well as leverage the power of Amazon's EC2 service. Red Hat is also claiming significant performance gains with a new Real Time Linux kernel and improved messaging speeds in a bid to appeal to unique sectors such as government, military and financial services."

Comments (4 posted)

Vodafone signs Linux deal with U.S. firm Azingo (Reuters)

Reuters covers a partnership between Vodaphone and Azingo. "Vodafone has picked U.S. software firm Azingo to develop Linux-based applications, the latest sign the world's largest wireless operator by sales is keeping Linux operating system LiMo as one of its key choices. Privately held Azingo unveiled the deal on Thursday. Vodafone, one of the founding members of mobile Linux foundation LiMo, has stressed the importance of cutting the number of different operating systems, raising some media speculation it could dump LiMo support."

Comments (none posted)


Xfce creator talks Linux, Moblin, netbooks and open-source (SlashGear)

SlashGear has an interview with Olivier Fourdan, creator of Xfce. "As Intel's investment into the Moblin OS gets increasing attention, and more non-technical users are introduced to Linux-based platforms in the shape of low-cost netbooks, 2009 will see open-source become more mainstream than ever before. Under the hood there's much that makes Linux safer, more efficient and secure than rival systems, but for most new users it's what they can see on-screen that counts. SlashGear caught up with Xfce creator Olivier Fourdan, whose desktop environment has not only been selected by Intel for Moblin but can be found on many existing Linux netbooks, and talked Intel, Moblin, the future for netbooks and what challenges he sees for open-source newcomer Android."

Comments (11 posted)

Fellowship interview with Colin Turner (FSFE)

The Free Software Foundation Europe has an interview with Colin Turner. "Colin Turner is a dedicated Free Software activist and Fellowship member, working as a scientist and teacher at the University of Ulster in Northern Ireland. He has been advocating Free Software in schools and universities for many years and generously shared some of his experiences with us in this fourth instal[l]ment of our Fellowship interview series."

Comments (none posted)


Two articles on containers

The developerWorks site has posted two detailed articles on Linux container technology. this overview by Matt Helsey looks at the LXC toolkit, while this article by Serge Hallyn focuses on security issues. "A common response when someone first hears about containers is 'How do I create a secure container?' This article answers that question by showing you how to use Linux Security Modules (LSM) to improve the security of containers. In particular, it shows you how to specify a security goal and meet it with both the Smack and SELinux security modules."

Comments (none posted)

FOSS Linux CRM Roundup (Linux Journal)

Doc Searls presents an updated list of Linux-compatible CRM systems on Linux Journal. "Back at the 2003 OSCON, r0ml Lefkowitz gave a talk called "Six Missing Open Source Projects".The next year he gave a talk titled "More Missing Open Source Projects". At the top of his first list was CRM, or Customer Relationship Management, systems."

Comments (none posted)

Bruce Perens: Combining GPL and Proprietary Software (Datamation)

In an article at Datamation, Bruce Perens gives some advice on using both GPL and proprietary software, particularly in mobile phones. He looks at the reasons for keeping some parts closed (DRM or regulatory compliance for example), then offers suggestions on how to handle that safely. "Also, don't look for, and use loopholes in the Open Source licenses. Nothing makes your company look worse than taking unfair advantage of people who provided their work to you without charge, expecting in good faith that you'd honor their license. It also tends to make Open Source folks reluctant to cooperate with your company, the next time you need help with their software."

Comments (5 posted)


HP releases custom Netbook version of Ubuntu Linux (ZDNet)

ZDNet covers HP's release of the Mini 1000 Mi netbook, which features a customized version of Ubuntu. "The operating system is based on Ubuntu 8.04 Hardy Heron, and can run pretty much any application that normally runs on Ubuntu, including, Firefox, Thunderbird, Pidgin and so forth — with which the OS conveniently comes preloaded. (You’ll have to install GIMP, though.) On the other hand, the GUI hardly resembles Ubuntu, according to DownloadSquad’s Brad Linder."

Comments (13 posted)

Krita 2.0: a Host of New Features (KDE.News)

KDE.News takes a look at new features in Krita 2.0, the KDE painting and image editing application. "In KOffice 2.0, KParts have been replaced by Flake Shapes, as an end result Krita 2.0 has vector layers where you can add any combination of KOffice shapes. Examples of KOffice shapes are vector drawings, text objects or even musical notation objects. These shapes are then rendered at the image resolution and blended with your pixel layers. The same technique is used for vector selections."

Comments (none posted)

Miro 2.0 gets serious about Web video, leaves us wanting (ars technica)

Ars technica reviews the Miro 2.0 release. "A major new version of the open source Internet TV and video podcast player brings support for a variety of Web services like Hulu, YouTube, and, a separate video playing window, and a more polished UI. Most of Miro's key drawbacks, however, still remain."

Comments (none posted)


Compiz Comes Together (Linux Journal)

Linux Journal takes a look at the new Compiz Council. "Compiz — the compositing window manager responsible for more than a few dropped-jaws — has a long history of ins and outs, not the least of which includes more forks than at a garden club lunch. It seems, however, that things always come back together, and such was the case on Tuesday, as the Compiz community announced the imminent re-merger of several well known forks."

Comments (none posted)

If You Want to Change the World, You've Got to Buy Big (Linux Journal)

Linux Journal covers the demise of the One Laptop Per Child "Change the World" program. "The "Change the World" program, variously known as "Give a School" and "Give 100, Give 1000," offered individuals and groups the opportunity to donate one hundred or more laptops to children in the developing world, and designate where they should be deployed. Through the program, those with ties to particular areas — a sister organization in a developing nation, for example — were given the opportunity to have their donation directly affect children in that area. Morgan Collett, a developer at OLPC, was among the first to report the news, and wrote that several hundred XOs have already been deployed in South Africa through the program, with more in the works."

Comments (1 posted)

Page editor: Forrest Cook


Non-Commercial announcements

Ardour project loses funding

The Ardour multi-track audio recorder project has announced a loss of corporate sponsorship. "SAE announced today that they will no longer sponsor the development of Ardour. This puts me (Paul, Ardour’s lead developer) in the position of being paid solely by the donations and subscriptions made by the Ardour community. This is obviously insufficient to support myself, let alone my family, so I am obviously looking for other opportunities to earn a living. Although I intend to try to improve the revenue that Ardour itself generates, this is unlikely to be sufficient for some time to come."

Comments (none posted)

EFF calls on Federal Regulators to protect Consumers from DRM

The Electronic Frontier Foundation has called on the Federal Trade Commission to mitigate damage caused to consumers by Digital Rights Management. "In public comments submitted to the FTC today, EFF explained how DRM, backed by the anti-circumvention provisions of the Digital Millennium Copyright Act (DMCA), impedes innovation and thwarts consumers' rights to make full use of their digital music, movies, software, and videogames. EFF urged the commission to study DRM's effect on competition in the marketplace, investigate whether the effects of DRM are fully disclosed to consumers, and promote a set of "Best Practices" that, if followed, would help alleviate the burdens of DRM for consumers."

Full Story (comments: none)

New GNOME desktop testing team announced

The GNOME Desktop Testing team has been launched. "We are proud to announce that a new GNOME team has been created, focused on desktop testing automation. If you have ever wondered how could you test your application writing scripts that mimic what a normal user would do, join us in this new effort. We have a mailing list, a wiki page with documentation and a SVN module with the initial work that we have done, but we need more people to get involve to make GNOME better and better."

Full Story (comments: none)

New Books

Network Know-How--New from No Starch Press

No Starch Press has published the book Network Know-How by John Ross.

Full Story (comments: none)


Python 2.6 Quick Reference available

A new Python 2.6 Quick Reference is available online. "The Python 2.6 Quick Reference is available in HTML and PDF formats at"

Full Story (comments: none)

Meeting Minutes

Perl 6 Design Meeting Minutes (use Perl)

The minutes from the January 7, 2009 Perl 6 Design Meeting have been published. "The Perl 6 Design Team met by phone on 07 January 2009. Larry, Jerry, Allison, Patrick, Jesse, and chromatic attended."

Comments (none posted)

Calls for Presentations

EuroDjangoCon '09 Venue and Keynotes

EuroDjangoCon '09 will take place in Prague, the Czech Republic on May 4-8. "We have also extended the conference by two days so that we can have sprints. The dates are now as follows: May 4th - 6th (Main conference) May 7th - 8th (Sprints) Call for participation ends on 1st March, so please ensure you have submitted your talk before then".

Full Story (comments: none)

Upcoming Events

Announcing the Cloud Slam virtual conference

Cloud Slam 09 has been announced. "The world's leading experts and authorities in cloud computing to convene on April 20-24 at Cloud Slam 09 to analyze and uncover top trends and challenges."

Full Story (comments: none)

Demonstrating Open-Source Healthcare Solutions 2009 Conference (LinuxMedNews)

The Demonstrating Open-Source Healthcare Solutions 2009 Conference has been announced. "Lend Your Voice to this Crucial Discussion as America Transitions to a New Era Arguably, the unique elements of the 2008/2009 recession combined with a change in administration and governing philosophy constitute a unique historical moment as demonstrated by ongoing events..." The event takes place on February 20 in Los Angeles, CA.

Comments (none posted)

FSF announces LibrePlanet 2009 and annual meeting

The FSF annual meeting has been announced. "The Free Software Foundation has announced LibrePlanet 2009, an expansion of its traditional annual meeting to a two-day event. The event will be held in Cambridge, MA, on March 21st and March 22nd, 2009, and in addition to presentations from FSF staff and board members will include a full "unconference" day of work oriented toward progressing free network services and other areas important to the free software community as outlined on the FSF's High Priority Projects list."

Full Story (comments: none)

PyCon 2009 takes Python to new places

PyCon 2009 registration is open, the event takes place in Chicago, IL on March 25 - April 2. "From hackathons in Africa to a neutrino detector at the South Pole; from massive multicore machines to tiny embedded wireless devices; and from mobile phones to distributed heterogeneous networks, talks at Pycon 2009 demonstrate how Python is being used in places and in ways that will startle even longtime Python users. Python continues to branch out across software platforms as well, with several talks covering the growing use of IronPython and Jython on the .NET and Java platforms."

Full Story (comments: none)

SCALE Is almost here

The Southern California Linux Expo begins on February 20. "Free and Open Source software can save you money. Whether you're running a business or are a computer user, FOSS software is high-quality software that can be quite inexpensive. Smart organizations know that, and they come to SCALE, and sponsor SCALE. And because the FOSS community continues its vibrant growth unabated, there were more than enough organizations to fill the "dotORG" booths at this month's Expo: SCALE is full!"

Full Story (comments: none)

SOA in Healthcare Conference (LinuxMedNews)

LinuxMedNews has announced the SOA in Healthcare conference. "OMG, Health Level Seven (HL7), and the SOA Consortium announce the “SOA in Healthcare: Value in a Time of Change,” conference held June 2-4, 2009 at the Hyatt Regency O’Hare in Chicago, IL. Registration details may be found online at"

Comments (none posted)

uCon Security Conference speakers announced

The speaker lineup for the uCon Security Conference has been announced. "The conference will take place three days after the most insane street carnival in the world in Recife, Brazil, on 28th February 2009 and will also feature trainings sessions on 26th and 27th. If you are outside Brazil and plan to attend to uCon, please contact us if you need any assistance on your travel. Carnival and hacking in a row, rather unique. Don't miss the chance."

Full Story (comments: none)

UKUUG - Google Bursaries for attendees at Spring 2009

Google has announced the availability of grants for the UKUUG conference. "Google, as part of Google's ongoing commitment to encouraging women to excel in computing and technology, we are pleased to announce the 2009 Google UKUUG Student/Developer Conference Grant to encourage more female computer scientists to attend and participate in the UKUUG 2009 Conference, 24-26 March, London."

Full Story (comments: none)

Events: February 19, 2009 to April 20, 2009

The following event listing is taken from the Calendar.

February 16
February 19
Black Hat DC Briefings 2009 Washington, D.C., USA
February 20 Demonstrating Open-Source Health Care Solutions Los Angeles, CA, USA
February 20
February 22
Southern California Linux Expo Los Angeles, CA, USA
February 24
February 26
VMworld Europe 2009 Cannes, France
February 25
February 27
German Perl Workshop Frankfurt Main, Germany
February 27 PHP UK Conference London, UK
February 28 Belgian Perl Workshop Leuven, Belgium
February 28 uCon Security Conference Recife, Brazil
March 1
March 4
Global Ignite week Online
March 3
March 8
CeBIT 2009 Hanover, Germany
March 4
March 7
DrupalCon DC 2009 Washington D.C., USA
March 6 Dutch Perl Workshop Arnhem, The Netherlands
March 7 Ukrainian Perl Workshop 2009 Kiev, Ukraine
March 8
March 11
Bossa Conference 2009 Recife, Brazil
March 9
March 13
Advanced Ruby on Rails Bootcamp with Charles B. Quinn Atlanta, GA, USA
March 9
March 12
O'Reilly Emerging Technology Conference San Jose, CA, USA
March 12
March 15
Pingwinaria 2009 - Polish Linux User Group Conference Spala, Poland
March 14 OpenNMS User Conference (Europe) 2009 Frankfurt Main, Germany
March 14
March 15
Chemnitzer Linux Tage 2009 Chemnitz, Germany
March 16
March 20
Android Bootcamp with Mark Murphy Atlanta, USA
March 16
March 20
CanSecWest Vancouver 2009 Vancouver, BC, Canada
March 18 Linuxwochen Österreich - Klagenfurt Klagenfurt, Austria
March 21
March 22
Libre Planet 2009 Cambridge, MA, USA
March 23
March 27
iPhone Bootcamp Atlanta, Georgia, USA
March 23
April 3
Google Summer of Code '09 Student Application Period online, USA
March 23
March 27
ApacheCon Europe 2009 Amsterdam, The Netherlands
March 24
March 26
UKUUG Spring 2009 Conference London, England
March 25
March 29
PyCon 2009 Chicago, IL, USA
March 27
March 29
Free Software and Beyond The World of Peer Production Manchester, UK
March 28 Open Knowledge Conference 2009 London, UK
March 31
April 2
Solutions Linux France Paris, France
March 31
April 3
Web 2.0 Expo San Francisco San Francisco, CA, USA
April 3
April 5
PostgreSQL Conference: East 09 Philadelphia, PA, USA
April 3
April 4
Flourish Conference Chicago, IL, USA
April 6
April 8
CELF Embedded Linux Conference San Francisco, CA, USA
April 6
April 7
Linux Storage and Filesystem Workshop San Francisco, CA, USA
April 8
April 10
Linux Foundation Collaboration Summit San Francisco, CA, USA
April 14 OpenClinica European Summit Brussels, Belgium
April 15 Linuxwochen Österreich - Krems Krems, Austria
April 16
April 17
Nordic Perl Workshop 2009 Oslo, Norway
April 16
April 19
Linux Audio Conference 2009 Parma, Italy
April 16
April 18
Linuxwochen Austria - Wien Wien, Austria

If your event does not appear here, please tell us about it.

Web sites

Announcing the OpenProofs Wiki

The OpenProofs Wiki site has been launched. "A new site, "", has been set up to encourage the development of "open proofs". The site defines "open proofs" as "software or a system where all of the following are free-libre / open source software (FLOSS): * the entire implementation * automatically-verifiable proof(s) of at least one key property, and * required tools (for use and modification)"".

Full Story (comments: none)

Page editor: Forrest Cook

Copyright © 2009, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds