LWN.net Weekly Edition for October 2, 2003
LinkSys and the GPL - again
Last June, we published a story about LinkSys and its WRT54G wireless router product. That router runs Linux, but LinkSys was not making the source for its Linux kernel available as the GPL requires. In response to pressure from the community, LinkSys eventually released a kernel tarball, and it appeared that the episode had come to a close. Another apparent victory for the GPL.In this case, however, it seems that the victory celebrations were a bit premature. A group of programmers has been working with the LinkSys tarball in the hopes of creating a new, more accessible firmware image for the WRT54G. Over time, this group has come to the conclusion that the kernel source released by LinkSys is incomplete. Efforts to resolve the situation with LinkSys have not been conclusive, so, on September 28, this group sent out a letter describing its findings.
Much of the code in the WRT54G kernel gets there by way of loadable modules. In particular, much of the truly interesting stuff - the code that implements the low-level wireless functionality - is packaged in modules. The question of whether loadable modules are a derived product of the kernel - and thus subject to the GPL - is a topic of ongoing debate; not all kernel hackers are happy to see their work used by binary-only modules. A definitive conclusion in that debate may never come about; in the real world, however, binary-only modules are tolerated. Nobody has made any serious public effort to get LinkSys to release the source to its binary kernel modules. (Update: it turns out that claim is not entirely true; see the comments added to this article for details).
The results of the investigation by the WRT54G hackers, however, indicate that the WRT54G kernel contains a substantial amount of built-in code. There is no ambiguity around code which is patched directly into the kernel; it is clearly a derived product. A kernel which is patched in this way can, by the GPL, only be distributed if the source for those patches is released under the same license. LinkSys (or the contractor which did its kernel work) has tried to slip in a kernel source tarball which does not include the code found in its binary image; that is a GPL violation, and the company has been caught. It is not clear how the people involved thought they would get away with this attempt; perhaps they thought nobody was really interested in looking at their source.
What happens now? The WRT54G hackers have released their information in the hope that a wider public awareness of the problem will help push LinkSys into living up to its obligations under the GPL. It turns out, however, that the Free Software Foundation is working on this case, and they are asking for patience.
The FSF also points out that the kernel is only a part of the GPL-licensed software running on a WRT54G router. The FSF is trying to represent the copyright holders of all the affected software and resolve the whole problem. They will, they say, keep the community informed as things progress.
The FSF's work on GPL enforcement is usually hard to see; it is done in a quiet and diplomatic manner that is invisible behind the rhetoric that comes out of other parts of that organization. The FSF claims to have built the free software community, but it toots its own horn rather less on the subject of GPL compliance. But the FSF's GPL work plays a crucial role in keeping the free software community going; we owe them a debt of gratitude for the work they do to ensure that the terms of our licenses are respected. In the LinkSys case, we also owe them some space and time to do their work. The FSF has been highly successful in resolving GPL violations without the need for long and expensive court cases. With some luck and patience, we can hope to see a similar resolution here.
This week in SCOland
As much as we might have wished that the SCO case would have gone away over the last week, it's still there. So here's the obligatory update on what has been happening...IBM has filed a new set of counterclaims against SCO. The full, new filing is available in PDF format. The new material is relatively small, and makes three points.
The first of those points is a promissory estoppel claim. SCO, says IBM, promised that it would distribute Linux only under the terms of the GPL. IBM, acting on those promises, has now been burned, and has suffered an injury as a result. IBM claims damages to compensate for that injury, but the real purpose of the estoppel claim is to shut SCO up:
"Estoppel" says that a company cannot behave in one way, allow others to act based on that behavior, then change the rules afterwards. IBM is claiming that this is exactly what SCO is trying to do in this situation, and is asking the court to put a stop to it.
The second new counterclaim alleges copyright infringement based on violations of the GPL. This claim is different from (and additional to) the GPL violation claim in IBM's first counterfiling. Whereas the previous claim was a breach of contract claim (SCO did not live up to the obligations it took on when it accepted the GPL), the new one is a pure infringement claim. IBM lists several contributions for which it has registered its copyrights (they include EVMS, dynamic probes, PowerPC support, the Omni print driver, JFS, and others), and claims:
The last new counterclaim is a request for a declatory judgement along the line of Red Hat's suit. Essentially, IBM is asking the court to make SCO shut up.
SCO's response came in the form of yet another strange press release. SCO has nothing to say about IBM's description of its behavior; instead, the company has gone for a flat-out attack on the GPL:
The GPL has never faced a full legal test, and SCO believes that it will not stand up in court.
We asked SCO how it is that the GPL serves "to supplant current US copyright laws" while its own software licenses do not, but SCO chose not to answer us. Regardless, what SCO hopes to gain by attacking the GPL is unclear; its legal theories on the subject are bizarre at best. But if the GPL fails, then SCO will never have had a valid license to distribute Linux at all. It would be interesting to hear how SCO justifies its continued distribution of the Linux kernel if it believes it lacks a valid license to do so.
Red Hat, meanwhile, has filed a "memorandum in opposition" of SCO's attempt to get Red Hat's lawsuit summarily dismissed. Groklaw has posted the motion in PDF format. Also on Groklaw is this detailed analysis of Red Hat's motion which covers the relevant points.
As expected, the SCO Group has also expanded the battle to include SGI. Very little has been said in public (we're waiting for the inevitable conference call), but a couple of alert readers found the following in SGI's annual report as filed with the U.S. Securities and Exchange Commission:
SGI believes, like IBM, that its Unix license cannot be terminated in this manner. SCO arguably has a better case against SGI, since SGI did actually allow a small amount of SYSV code to slip into its Linux kernel contributions. SCO will have a hard time talking a tiny infringement involving code that, by some reckoning, is in the public domain into a major case, however.
Speaking of SGI's actions, the company has posted a letter to the Linux community from software VP Rich Altmaier. The letter admits that the ate_malloc() code shown by SCO could have been taken from SYSV, though SGI also reiterates the claim that the code in question may well have entered the public domain. SGI has sent patches to its customers removing the code in question, but it has not stopped there:
In other words, the Linux kernel has now been compared to the Unix code base by somebody other than SCO, and it has been given an (almost) clean bill of health.
SGI's letter also denies that SCO has any claim to the XFS filesystem. XFS is explicitly claimed as SGI's work.
The position described is, of course, exactly the claims SCO has made against IBM.
Finally, remember that the SCO City-to-City Tour starts on October 7. Those of you in or near Toronto, Boston, Chicago, Vancouver, Dallas, Orlando, Newark, Minneapolis, St. Louis, Irvine, or Atlanta may want to consider signing up to share your views with the company.
Distributing 2.6
As the 2.6 kernel slowly approaches release, it is natural that vendors and users are becoming more interested in what this kernel has to offer. But some distributors may be jumping the gun a bit with this kernel. Consider these announcements:
- LynuxWorks announced
that a beta version of BlueCat Linux 5.0, a 2.6-based embedded
distribution, was available. Says LynuxWorks: "
The embedded developer community has been eagerly anticipating the availability of the Linux 2.6 kernel and we are proud to offer the first embedded operating system ready for beta testing
". - SuSE has stated that SuSE
Linux 9.0 will have a 2.6 kernel option.
- SnapGear has released SnapGear Embedded Linux 3.0, which is based on the 2.6 kernel. The company claims to have the "world's first production Linux system powered by the 2.6 kernel."
The only problem, of course, is that there is no 2.6 kernel. The 2.6.0-test series is not the 2.6 kernel. It remains in active development, and many parts of it are still volatile. The most recent release (2.6.0-test6) included a fundamental change in the dev_t device number type, a bunch of scheduler work, numerous power management patches, and a lot of other changes. A number of important kernel interfaces are still in flux. Auditing for security problems still needs to be done.
One should also bear in mind that most stable kernels do not truly stabilize until several releases after "dot-zero."
The 2.5 kernel development series looks to be one of the most successful in quite some time. Many important objectives have been attained, and the 2.6.0-test kernels appear to be quite stable for most users. It is certainly an appropriate time for distributors to consider offering a 2.6 preview kernel, as SuSE will do with its 9.0 release. But it is too soon to present a 2.6-based distribution as being "production ready." Any distributor which is offering the 2.6 kernel as anything other than an early preview for testing purposes is not being entirely honest. We'll have our stable, 2.6-based distributions sometime in 2004; some things cannot be rushed.
Security
Brief items
Vulnerabilities in OpenSSL
The National Infrastructure Security Co-ordination Centre (NISCC) is an organization within the UK Government, set up to defend against electronic attack. As part of that mandate, the NISCC recently prepared a test suite to check the operation of SSL/TLS software when presented with a wide range of malformed client certificates. Dr Stephen Henson of the OpenSSL core team identified and prepared fixes for a number of vulnerabilities in the OpenSSL ASN1 code when running the test suite. Since these vulnerabilities were found during code review, there are no known exploits, and there won't be any as long as everyone updates their systems in a timely fashion. Many distributions have already provided updates for these problems, shown in the new vulnerability report listed below.All versions of OpenSSL up to and including 0.9.6j and 0.9.7b and all versions of SSLeay are affected, as well as any application that makes use of OpenSSL's ASN1 library to parse untrusted data. This includes all SSL or TLS applications, those using S/MIME (PKCS#7) or certificate generation routines.
From the advisory:
- Certain ASN.1 encodings that are rejected as invalid by the parser
can trigger a bug in the deallocation of the corresponding data
structure, corrupting the stack. This can be used as a denial of service
attack. It is currently unknown whether this can be exploited to run
malicious code. This issue does not affect OpenSSL 0.9.6. The Common
Vulnerabilities and Exposures project has assigned the name
CAN-2003-0545 for this issue.
- Unusual ASN.1 tag values can cause an out of bounds read under
certain circumstances, resulting in a denial of service vulnerability.
The Common Vulnerabilities and Exposures project has assigned the names
CAN-2003-0543 and
CAN-2003-0544 for this issue.
- A malformed public key in a certificate will crash the verify code
if it is set to ignore public key decoding errors. Public key decode
errors are not normally ignored, except for debugging purposes, so this
is unlikely to affect production code. Exploitation of an affected
application would result in a denial of service vulnerability.
- Due to an error in the SSL/TLS protocol handling, a server will parse a client certificate when one is not specifically requested. This by itself is not strictly speaking a vulnerability but it does mean that *all* SSL/TLS servers that use OpenSSL can be attacked using vulnerabilities 1, 2 and 3 even if they don't enable client authentication.
New vulnerabilities
apache2: Denial of Service vulnerability
| Package(s): | apache2 | CVE #(s): | |||||||||||||||||
| Created: | September 29, 2003 | Updated: | March 25, 2004 | ||||||||||||||||
| Description: | A problem was discovered in Apache2 where CGI scripts that write more than 4k to the standard error stream will hang the script's execution. This problem can lead to a denial of service situation. See this bug report for additional details. | ||||||||||||||||||
| Alerts: |
| ||||||||||||||||||
freesweep: buffer overflow
| Package(s): | freesweep | CVE #(s): | CAN-2003-0828 | ||||
| Created: | October 1, 2003 | Updated: | October 1, 2003 | ||||
| Description: | freesweep contains a buffer overflow vulnerability which may be exploited by a local user to obtain access to the "games" group. | ||||||
| Alerts: |
| ||||||
lsh: remotely exploitable buffer overflow
| Package(s): | lsh | CVE #(s): | CAN-2003-0831 | ||||
| Created: | October 1, 2003 | Updated: | October 1, 2003 | ||||
| Description: | lsh (an ssh implementation) 1.5.2 and prior has a remotely exploitable buffer overflow vulnerability; see this advisory for details. | ||||||
| Alerts: |
| ||||||
marbles: buffer overflow
| Package(s): | marbles | CVE #(s): | CAN-2003-0830 | ||||
| Created: | October 1, 2003 | Updated: | October 1, 2003 | ||||
| Description: | The 'marbles' game contains a buffer overflow in its processing of the HOME environment variable. A local user can exploit this vulnerability to obtain access to the "games" group. | ||||||
| Alerts: |
| ||||||
mplayer: remotely exploitable buffer overflow vulnerability
| Package(s): | mplayer | CVE #(s): | CAN-2003-0835 | ||||||||||||||||||||
| Created: | September 29, 2003 | Updated: | April 6, 2004 | ||||||||||||||||||||
| Description: | A remotely exploitable buffer overflow vulnerability was found in MPlayer. A malicious host can craft a harmful ASX header, and trick MPlayer into executing arbitrary code upon parsing that header. Read the full advisory for details. | ||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||
openssl: vulnerabilities in ASN.1 code
| Package(s): | openssl | CVE #(s): | CAN-2003-0543 CAN-2003-0544 CAN-2003-0545 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Created: | September 30, 2003 | Updated: | November 4, 2003 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Description: | Vulnerabilities have been found in OpenSSL ASN.1 code. This advisory contains details of 4 separate
problems in versions of OpenSSL up to and including 0.9.6j and 0.9.7b and
all versions of SSLeay.
An attack against other applications that use OpenSSL could result in a Denial of Service. See CAN-2003-0543 and CAN-2003-0544. It may be possible for an attacker to exploit this issue to execute arbitrary code. See CAN-2003-0545. CERT has an updated OpenSSL advisory identifying additional OpenSSL vulnerabilities. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
webfs: buffer overflows, file and directory exposure
| Package(s): | webfs | CVE #(s): | CAN-2003-0832 CAN-2003-0833 | ||||
| Created: | September 29, 2003 | Updated: | October 1, 2003 | ||||
| Description: | Jens Steube reported two vulnerabilities in webfs, a lightweight HTTP
server for static content.
CAN-2003-0832 - When virtual hosting is enabled, a remote client could specify ".." as the hostname in a request, allowing retrieval of directory listings or files above the document root. CAN-2003-0833 - A long pathname could overflow a buffer allocated on the stack, allowing execution of arbitrary code. In order to exploit this vulnerability, it would be necessary to be able to create directories on the server in a location which could be accessed by the web server. In conjunction with CAN-2003-0832, this could be a world-writable directory such as /var/tmp. | ||||||
| Alerts: |
| ||||||
Resources
Infocon Magazine Issue #1
The first issue of Infocon Magazine is now available online. Available articles include an interview with Dan Kuehl, a "psychological operations interview" with a NATO deputy commander, discussions of business continuity planning, economic espionage, and more.LinuxSecurity.com newsletters
This week's Linux Advisory Watch and Linux Security Week newsletters from LinuxSecurity.com are available.
Page editor: Jonathan Corbet
Kernel development
Brief items
Kernel release status
The current development kernel is 2.6.0-test6, which was finally released by Linus on September 27. The most significant change in this kernel, perhaps, is the long-awaited expansion of dev_t to 32 bits (as covered in last week's LWN Kernel Page). Other patches which have been merged include a device mapper update, some NFS updates, a big I2C update, Con Kolivas's and Ingo Molnar's scheduler interactivity patches, a Coda filesystem update, some initramfs tweaks, improvements in random driver locking, the removal of some ext3 debugging hooks, direct I/O support for reiserfs, some CPU frequency work, numerous power management patches, an Intel SpeedStep-SMI driver, a substantial amount of janitorial work, and lots of fixes. The long-format changelog has the details.Note that 2.6.0-test6 changed the semantics of /proc slightly as part of an effort to get thread information represented properly. That change may be reverted in a future release.
Linus's BitKeeper tree contains, as of this writing, a janitorial effort to move EXPORT_SYMBOL calls out of ksyms.c to the places where the exported symbols are actually defined, some IDE driver updates, and lots of fixes.
The current stable kernel is 2.4.22. Marcelo released 2.4.23-pre6 on October 1; it fixes a number of ACPI problems, adds SCTP support, and includes the usual pile of fixes and updates.
Kernel development news
How many groups do you need?
The Linux kernel currently allows any process to be a member of up to 32 groups at the same time. As with many such limits, the 32-group allowance is sufficient for most users, but not for all. In fact, some users have a need for significantly more group memberships than that.This problem came to Rusty Russell's attention; it seems there is a client down under with a need for almost 200 simultaneous groups. The client is running Samba-based servers and having to deal with NT's hierarchical group structure. So Rusty sent out a patch making the maximum number of groups adjustable via a sysctl file. If a process expands to more than 32 groups, the code will dynamicly allocate an array to store them all.
Rusty's patch asked for comments, and got them in the form of a rather exasperated note from Tim Hockin. Tim has been posting a very similar patch for quite some time; LWN included a version of this patch back in October, 2002. Despite repeated posts, the patch had never been picked up and merged.
In response to Tim's note, Rusty set about the task of merging the two patches. It turns out that Tim's needs were a little different, however; his customers need, for some reason, to have processes be members of up to 10,000 groups. That changes things a bit. So, among other things, the combined patch will use vmalloc() to allocate the array of group IDs should an attempt with kmalloc() fail. Since vmalloc() can create large virtual arrays in kernel space through the use of page tables, it works better when large, virtually contiguous chunks of memory are required.
That approach didn't fly with Linus,
however; he asked: "Have you been looking at glibc sources lately, or
why do you believe that we should encourage insane usage?
" These
comments have led Tim to take a turn reworking the patch. In his version,
the kernel maintains a list of individual pages full of group IDs when the
need arises. The lists are shared and reference counted (to help avoid
unnecessary copying); they are also sorted so that searches are quick.
Given that Linus is "definitely happier about
this one," there is a distinct possibility that it may yet find its way
into the 2.6 kernel. Sometimes, getting your patch in is just a matter of
waiting for somebody else to reimplement it.
Defining the kernel/user space interface
Joerg Schilling has a complaint. If you try to include the kernel header file include/linux/scsi/scsi.h in a user-space program, a number of compilation errors are the result. Joerg had reported the problem a good year ago, but it remains unfixed. "Is there no interest in user applications for kernel features or is there just no kernel maintainer left over who makes the needed work?"
The initial reaction from the kernel developers was rather unsympathetic. In the modern world, applications are not supposed to be including kernel header files directly. Instead, they should use whatever sanitized version is provided by glibc. Anybody who tries to include kernel headers into user-space applications should not complain when things fail to work.
In the real world, however, such a simple answer is not sufficient. The kernel exports a vast number of interfaces; consider just the various ioctl() calls offered by innumerable device drivers and subsystems, for example. Even if the communications between the kernel and glibc developers were better than they are, it would be difficult to expect the glibc people to keep up with every obscure interface that gets added to the kernel. As David Miller put it:
For the short term, David suggests that the relevant kernel header files should simply be fixed so that they work when included into user-space programs.
In the longer term, there is clearly a need to get a better handle on what, exactly, the interface between kernel and user space is. One approach that is being taken in this direction is to push kernel interfaces into virtual filesystems such as sysfs. Interfaces defined in this way are explicit and visible, and they rarely require any C header file support at all. The virtual filesystem approach works well in many cases, but it is unlikely to replace other kernel interfaces entirely.
So it is still necessary to, somehow, better define the kernel's binary application interface. To that end, Andries Brouwer has posted a patch bringing back the idea of a separate set of "Linux ABI" include files. In this rendition, there would be a new include/linuxabi directory (along with architecture-specific variations) which would contain header files defining constants and data structures used for communication with user space. They would be specifically intended to be included from user space. Andries starts by removing the various mount option flags from <linux/fs.h> and putting them in <linuxabi/mountflags.h>.
This idea has come up before, but it has never been adopted in the mainline kernel. Getting to a point where a significant part of the kernel binary interface is documented in include/linuxabi will clearly take a long time. Rearranging the kernel include file hierarchy may not be an appropriate thing to do at this point in the development cycle. It might not be a bad idea for early in the 2.7 series, however.
The Alan's Diary Translation Project
For those wanting to follow Alan Cox's progress as he disconnects from kernel development and heads off to pursue an MBA: Paul Sladen has been translating his diary from the original Welsh. "So, the next three days to finish hacking the VIA CLE266, unsubscribe from all the lists and buy some paper folders. Except in 3 days, awful food, woe and having to get up in the morning... I hope I can remember the hang of studying".
Software suspend work funded
Nigel Cunningham, the developer responsible for making software suspend actually work in the 2.4 kernel, has recently announced that his work is now being funded by LinuxFund.org. This grant will enable him to complete his 2.4 work, and to work at bringing it forward to the 2.6 kernel as well. For those who are interested in following Nigel's progress, he has set up a weblog on the LinuxFund.org site.
Driver porting
The zen of kobjects
| This article is part of the LWN Porting Drivers to 2.5 series. |
Part of the difficulty in understanding the driver model - and the kobject abstraction upon which it is built - is that there is no obvious starting place. Dealing with kobjects requires understanding a few different types, all of which make reference to each other. In an attempt to make things easier, we'll take a multi-pass approach, starting with vague terms and adding detail as we go. To that end, here are some quick definitions of some terms we will be working with.
- A kobject is an object of type struct kobject.
Kobjects have a name and a reference count. A kobject also has a
parent pointer (allowing kobjects to be arranged into hierarchies), a
specific type, and, perhaps, a representation in the sysfs virtual
filesystem.
Kobjects are generally not interesting on their own; instead, they are usually embedded within some other structure which contains the stuff the code is really interested in.
- A ktype is a type associated with a kobject. The ktype
controls what happens when a kobject is no longer referenced and the
kobject's default representation in sysfs.
- A kset is a group of kobjects all of which are embedded in
structures of the same type. The kset is the basic container type for
collections of kobjects. Ksets contain their own kobjects, for what
it's worth. Among other things, that means that a kobject's parent is
usually the kset that contains it, though things do not normally have
to be that way.
When you see a sysfs directory full of entries, generally each of those entries corresponds to a kobject in the same kset.
- A subsystem is a collection of ksets which, collectively, make up a major sub-part of the kernel. Subsystems normally correspond to the top-level directories in sysfs.
We'll look at how to create and manipulate all of these types. A bottom-up approach will be taken, so we'll go back to kobjects.
Embedding kobjects
It is rare (even unknown) for kernel code to create a standalone kobject; instead, kobjects are used to control access to a larger, domain-specific object. To this end, kobjects will be found embedded in other structures. If you are used to thinking of things in object-oriented terms, kobjects can be seen as a top-level, abstract class from which other classes are derived. A kobject implements a set of capabilities which are not particularly useful by themselves, but which are nice to have in other objects. The C language does not allow for the direct expression of inheritance, so other techniques - such as structure embedding - must be used.So, for example, the 2.6.0-test6 version of struct cdev, the structure describing a char device, is:
struct cdev {
struct kobject kobj;
struct module *owner;
struct file_operations *ops;
struct list_head list;
};
If you have a struct cdev structure, finding its embedded kobject is just a matter of using the kobj pointer. Code that works with kobjects will often have the opposite problem, however: given a struct kobject pointer, what is the pointer to the containing structure? You should avoid tricks (such as assuming that the kobject is at the beginning of the structure) and, instead, use the container_of() macro, found in <linux/kernel.h>:
container_of(pointer, type, member)
where pointer is the pointer to the embedded kobject, type is the type of the containing structure, and member is the name of the structure field to which pointer points. The return value from container_of() is a pointer to the given type. So, for example, a pointer to a struct kobject embedded within a struct cdev called "kp" could be converted to a pointer to the containing structure with:
struct cdev *device = container_of(kp, struct cdev, kobj);
Programmers will often define a simple macro for "back-casting" kobject pointers to the containing type.
Initialization of kobjects
Code which creates a kobject must, of course, initialize that object. Some of the internal fields are setup with a (mandatory) call to kobject_init():
void kobject_init(struct kobject *kobj);
Among other things, kobject_init() sets the kobject's reference count to one. Calling kobject_init() is not sufficient, however. Kobject users must, at a minimum, set the name of the kobject; this is the name that will be used in sysfs entries. If you dig through the kernel source, you will find code which copies a string directly into the kobject's name field, but that approach should be avoided. Instead, use:
int kobject_set_name(struct kobject *kobj, const char *format, ...);
This function takes a printk-style variable argument list. Believe it or not, it is actually possible for this operation to fail; conscientious code should check the return value and react accordingly.
The other kobject fields which should be set, directly or indirectly, by the creator are its ktype, kset, and parent. We will get to those shortly.
Reference counts
One of the key functions of a kobject is to serve as a reference counter for the object in which it is embedded. As long as references to the object exist, the object (and the code which supports it) must continue to exist. The low-level functions for manipulating a kobject's reference counts are:
struct kobject *kobject_get(struct kobject *kobj);
void kobject_put(struct kobject *kobj);
A successful call to kobject_get() will increment the kobject's reference counter and return the pointer to the kobject. If, however, the kobject is already in the process of being destroyed, the operation will fail and kobject_get() will return NULL. This return value must always be tested, or no end of unpleasant race conditions could result.
When a reference is released, the call to kobject_put() will decrement the reference count and, possibly, free the object. Note that kobject_init() sets the reference count to one, so the code which sets up the kobject will need to do a kobject_put() eventually to release that reference.
Note that, in many cases, the reference count in the kobject itself may not be sufficient to prevent race conditions. The existence of a kobject (and its containing structure) may well, for example, require the continued existence of the module which created that kobject. It would not do to unload that module while the kobject is still being passed around. That is why the cdev structure we saw above contains a struct module pointer. The reference counting for struct cdev is implemented as follows:
struct kobject *cdev_get(struct cdev *p)
{
struct module *owner = p->owner;
struct kobject *kobj;
if (owner && !try_module_get(owner))
return NULL;
kobj = kobject_get(&p->kobj);
if (!kobj)
module_put(owner);
return kobj;
}
Creating a reference to a cdev structure requires creating a reference also to the module which owns it. So cdev_get() uses try_module_get() to attempt to increment that module's usage count. If that operation succeeds, kobject_get() is used to increment the kobject's reference count as well. That operation could fail, of course, so the code checks the return value from kobject_get() and releases its reference to the module if things don't work out.
Hooking into sysfs
An initialized kobject will perform reference counting without trouble, but it will not appear in sysfs. To create sysfs entries, kernel code must pass the object to kobject_add():
int kobject_add(struct kobject *kobj);
As always, this operation can fail. The function:
void kobject_del(struct kobject *kobj);
will remove the kobject from sysfs.
There is a kobject_register() function, which is really just the combination of the calls to kobject_init() and kobject_add(). Similarly, kobject_unregister() will call kobject_del(), then call kobject_put() to release the initial reference created with kobject_register() (or really kobject_init()).
ktypes and release methods
One important thing still missing from the discussion is what happens to a kobject when its reference count reaches zero. The code which created the kobject generally does not know when that will happen; if it did, there would be little point in using a kobject in the first place. Even predicatable object lifecycles become more complicated when sysfs is brought in; user-space programs can keep a reference to a kobject (by keeping one of its associated sysfs files open) for an arbitrary period of time.The end result is that a structure protected by a kobject cannot be freed before its reference count goes to zero. The reference count is not under the direct control of the code which created the kobject. So that code must be notified asynchronously whenever the last reference to one of its kobjects goes away.
This notification is done through a kobject's release() method. Usually such a method has a form like:
void my_object_release(struct kobject *kobj)
{
struct my_object *mine = container_of(kobj, struct my_object, kobj);
/* Perform any additional cleanup on this object, then... */
kfree (mine);
}
One important point cannot be overstated: every kobject must have a release() method, and the kobject must persist (in a consistent state) until that method is called. If these constraints are not met, the code is flawed.
Interestingly, the release() method is not stored in the kobject itself; instead, it is associated with the ktype. So let us introduce struct kobj_type:
struct kobj_type {
void (*release)(struct kobject *);
struct sysfs_ops *sysfs_ops;
struct attribute **default_attrs;
};
This structure is used to describe a particular type of kobject (or, more correctly, of containing object). Every kobject needs to have an associated kobj_type structure; a pointer to that structure can be placed in the kobject's ktype field at initialization time, or (more likely) it can be defined by the kobject's containing kset.
The release field in struct kobj_type is, of course, a pointer to the release() method for this type of kobject. The other two fields (sysfs_ops and default_attrs) control how objects of this type are represented in sysfs; they are beyond the scope of this document.
ksets
In many ways, a kset looks like an extension of the kobj_type structure; a kset is a collection of identical kobjects. But, while struct kobj_type concerns itself with the type of an object, struct kset is concerned with aggregation and collection. The two concepts have been separated so that objects of identical type can appear in distinct sets.A kset serves these functions:
- It serves as a bag containing a group of identical objects. A kset
can be used by the kernel to track "all block devices" or "all PCI
device drivers."
- A kset is the directory-level glue that holds the device model (and
sysfs) together. Every kset contains a kobject which can be set up to
be the parent of other kobjects; in this way the device model
hierarchy is constructed.
- Ksets can support the "hotplugging" of kobjects and influence how hotplug events are reported to user space.
In object-oriented terms, "kset" is the top-level container class; ksets inherit their own kobject, and can be treated as a kobject as well.
![[ksets and kobjects]](https://static.lwn.net/images/ns/kset-sm.png)
A kset keeps its children in a standard kernel linked list. Kobjects point
back to their containing kset via their kset field.
In almost all
cases, the contained kobjects also have a pointer to the kset (or, strictly, its
embedded kobject) in their parent field. So, typically, a kset
and its kobjects look something like what you see in the diagram to the
right. Do bear in mind that (1) all of the contained kobjects in the
diagram are actually embedded within some other type, possibly even other
ksets, and (2) it is not required that a kobject's parent be the
containing kset.
For initialization and setup, ksets have an interface very similar to that
of kobjects. The following functions exist:
void kset_init(struct kset *kset);
int kset_add(struct kset *kset);
int kset_register(struct kset *kset);
void kset_unregister(struct kset *kset);
For the most part, these functions just call the analogous kobject_ function on the kset's embedded kobject.
For managing the reference counts of ksets, the situation is about the same:
struct kset *kset_get(struct kset *kset);
void kset_put(struct kset *kset);
A kset, too, has a name, which is stored in the embedded kobject. So, if you have a kset called my_set, you would set its name with:
kobject_set_name(my_set->kobj, "The name");
Ksets also have a pointer (in the ktype field) to the kobj_type structure describing the kobjects it contains. This type will be applied to any kobject which does not contain a pointer to its own kobj_type structure.
Another attribute of a kset is a set of hotplug operations; these operations are invoked whenever a kobject enters or leaves the kset. They are able to determine whether a user-space hotplug event is generated for this change, and to affect how that event is presented. The hotplug operations are beyond the scope of this document; they will be discussed later with sysfs.
One might ask how, exactly, a kobject is added to a kset, given that no functions which perform that function have been presented. The answer is that this task is handled by kobject_add(). When a kobject is passed to kobject_add(), its kset member should point to the kset to which the kobject will belong. kobject_add() will handle the rest. There is currently no other way to add a kobject to a kset without directly messing with the list pointers.
Finally, a kset contains a subsystem pointer (called subsys). So it must be time to talk about subsystems.
Subsystems
A subsystem is a representation for a high-level portion of the kernel as a whole. It is actually a simple structure:
struct subsystem {
struct kset kset;
struct rw_semaphore rwsem;
};
A subsystem, thus, is really just a wrapper around a kset. In fact, life is not quite that simple; a single subsystem can contain multiple ksets. This containment is represented by the subsys pointer in struct kset; so, if there are multiple ksets in a subsystem, it will not be possible to find all of them directly from the subsystem structure.
Every kset must belong to a subsystem; the subsystem's rwsem semaphore is used to serialize access to a kset's internal linked list.
Subsystems are often declared with a special macro:
decl_subsys(char *name, struct kobj_type *type,
struct kset_hotplug_ops *hotplug_ops);
This macro just creates a struct subsystem (its name is the name given to the macro with _subsys appended) with the internal kset initialized with the given type and hotplug_ops.
Subsystems have the usual set of setup and teardown functions:
void subsystem_init(struct subsystem *subsys);
int subsystem_register(struct subsystem *subsys);
void subsystem_unregister(struct subsystem *subsys);
struct subsystem *subsys_get(struct subsystem *subsys)
void subsys_put(struct subsystem *subsys);
Most of these operations just act upon the subsystem's kset.
Kobject initialization again
Now that we have covered all of that stuff, we can talk in detail about how a kobject should be prepared for its existence in the kernel. Here are all of the struct kobject fields which must be initialized somehow:
- name and k_name - the name of the object. These
fields should always be initialized with kobject_set_name().
- refcount is the kobject's reference count; it is initialized
by kobject_init()
- parent is the kobject's parent in whatever hierarchy it
belongs to. It can be set explicitly by the creator. If
parent is NULL when kobject_add() is
called, it will be set to the kobject of the containing kset.
- kset is a pointer to the kset which will contain this kobject; it should
be set prior to calling kobject_add().
- ktype is the type of the kobject. If the kobject is contained within a kset, and that kset has a type set in its ktype field, then this field in the kobject will not be used. Otherwise it should be set to a suitable kobj_type structure.
Often, much of the initialization of a kobject is handled by the layer that manages the containing kset. Thus, to get back to our old example, a char driver might create a struct cdev, but it need not worry about setting any of the fields in the embedded kobject - except for the name. Everything else is handled by the char device layer.
Looking forward
So far, we have covered the operations used to set up and manipulate kobjects. The core concept is relatively simple: kobjects can be used to (1) maintain a reference count for an object and clean up when the object is no longer used, and (2) create a hierarchical data structure through kset membership.What is missing so far is how kobjects represent themselves to user space. The sysfs interface to kobjects makes it easy to export information to (and to receive information from) user space. The symbolic linking features of sysfs allow the creation of pointers across distinct kobject hierarchies. Stay tuned for a description of how all that works.
Patches and updates
Kernel trees
Architecture-specific
Build system
Core kernel code
Device drivers
Filesystems and block I/O
Networking
Security-related
Benchmarks and bugs
Miscellaneous
Page editor: Jonathan Corbet
Distributions
Debian Labs
Martin Michlmayr has floated the idea of allowing vendors and projects to carry a Debian brand to promote their efforts and the Debian Project.Work based on the Debian Project has certainly found its way into plenty of third-party projects. The KNOPPIX project is based on Debian GNU/Linux, as well as Xandros, Lindows.com, and the Skolelinux distribution for schools. Many, but not all, of the organizations that work with Debian have also been good about folding code back into the Debian Project. It would certainly raise the visibility of the Debian Project if all of these projects carried a Debian brand. It may be no secret to KNOPPIX users that KNOPPIX is based on Debian GNU/Linux, but how many Lindows users are aware of the Debian connection?
The discussion came about because the Skolelinux project sought to call their non-profit foundation "Debian Foundation Norway." Michlmayr indicates that it would be a bad idea to let third-parties that are paying developers to use the Debian name itself:
No doubt some developers would chafe at the idea of other Debian developers being paid by the project for their efforts, while they're busy contributing for free. But few, if any, seem to mind when code makes its way back from projects that are utilizing work from the Debian Project, whether the developers working on said code are paid or volunteer. Michlmayr proposes that third parties be allowed to use a "Debian Labs" or similar brand to indicate that they're doing work related to Debian without being an official part of the Debian Project.
Though the idea has been well received so far, Michlmayr says it still needs to be fleshed out. One major question is whether for-profit companies would be allowed to use the Debian Labs brand. Several users on the Debian mailing list were against allowing for-profit companies to use a Debian Labs brand or similar, while a few said they had no problem with the idea of a commercial entity using Debian Labs.
Another concern that was raised is to make sure that any agreement that would allow an outside organization to use a Debian brand could be terminated. It would be somewhat embarrassing, to say the least, to have a "SCO Debian Labs" brand still in widespread use at this point.
If the idea comes to fruition, a Debian trademarked brand will no doubt carry much more stringent guidelines than the Linux trademark, which is administered fairly liberally. If the Debian Project can come up with a workable agreement, it would no doubt be of benefit to the project and the projects and organizations using Debian in their work.
Distribution News
Slackware 9.1 released
It's official. Slackware Linux 9.1 has been released. "This is another great release, featuring GCC 3.2.3, GNOME 2.4.0, KDE 3.1.4, and Kernel 2.4.22."
More Slackware Linux
Since the 9.1 release a a few changes have rolled in to slackware-current, including an updated OpenSSL and Perl (for security reasons), plus Samba 3.0, Xfce 4.0 and SlackPKG 0.99.1.Red Hat/Fedora
The second Fedora Core (once known as Red Hat Linux) test release is now available. "Use of test releases in production environments could lead to disastrous results, such as spontaneous musical theatre from your engineers. Be afraid." If you are not sufficiently afraid, the announcement contains a list of mirror sites.
Linux Journal provides some thoughts
on the Red Hat/Fedora merger. "The main reason for the Red
Hat/Fedora merger is straight-forward: Red Hat is a for-profit company, not
a charity. In short, Red Hat loses money on Red Hat Linux. Turning it over
to Fedora will help keep the company profitable.
"
LinuxQuestions.org interviews Jeremy Hogan, Manager of Community Relations at Red Hat.
JH) Fedora is what Red Hat Linux was. Kind of the People's Republic of Myanmar to Burma. It's a project with rolling releases, not a product with predictable release dates, support, services, etc.
Red Hat Linux bug fixes:
- gnome-pilot RHL 8.0
- ucd-snmp RHL 7.1, 7.2, 7.3
- rhpl RHL 8.0
SuSE Linux
SuSE has sent out a press release announcing that version 9.0 of the SuSE Linux distribution will be available "by October 24th." This release includes the inevitable new desktop, winmodem support, user-mode Linux, and a version of the (unreleased) 2.6 kernel along with a 2.4.21 kernel full of 2.6 backports.
SuSE has also announced the release schedule of SuSE Linux Enterprise
Server would stretch from the current 12 months to an 18 - 24 month cycle.
Vnunet covers the
announcement. "The next major Linux Enterprise Server release
will be in the second or third quarter of 2004 and will support the Linux
2.6 kernel. "[This release] will be a watershed in terms of scalability
and will be easier for independent software vendors developing for both Red
Hat and SuSE," said [SuSE VP David] Burger.
"
End of life for Mandrake 8.2, SuSE 7.2
In nearly simultaneous announcements, MandrakeSoft and SuSe have announced the end of support for their older distributions. MandrakeSoft is no longer supporting Mandrake Linux 8.2 as of September 30. The oldest supported version of Mandrake Linux is now 9.0. SuSE has cut off SuSE Linux 7.2, but is still supporting 7.3.Trustix Secure Linux
Earlier this week Trustix AS, parent company behind TSL, announced that the company was filing for bankruptcy, and as a result all sales and support of the Trustix Linux Solutions product line were suspended.Then Erlend Midttun, founding father of TSL, and TSL developer Christian Toldnes announced the start of a new company, Tawie Technologies AS, to provide full support and services. Trustix Secure Linux has become Tawie Server Linux in the process.
TSL has bug fixes in swup and swupconf available for versions 1.5 and 2.0.
Debian GNU/Linux
The September 23 edition of the Debian Weekly News looks at Gnoppix, changelog abuse, the new cdimage.debian.org with iso images and an authoritative directory structure, and much more.The September 30 edition of DWN is also available. This issue looks at the "Joey meets Joey" session at the Oldenburg Linux Developers conference; Lessons in Packaging Linux Applications; the newly formed Committee for FSF-Debian Discussion; Python Transition Problems; and much more.
Debian secretary Manoj Srivastava has announced a period of discussion on proposals to amend section 4.1.5 of the Debian constitution.
Gentoo Weekly Newsletter -- Volume 2, Issue 35
The Gentoo Weekly Newsletter for the week of September 29, 2003 is out. Topics include the next Gentoo BugDay and the featured sponsor of the week - Oregon State University.SnapGear Embedded Linux 3.0
The embedded Linux companies seem to be having some sort of race to see who can deploy the (still unreleased) 2.6 kernel first. LynuxWorks announced a 2.6-based beta three weeks ago. Now SnapGear has sent out a press release proclaiming the availability of SnapGear Embedded Linux 3.0, which, of course, includes a 2.6 kernel. The PR claims that the distribution is available for download now from snapgear.org, but it looks like it's not quite there as of this writing.
Minor distribution updates
ALT Linux
ALT Linux Compact 2.3 beta (20030926) has been released. Click below for details.ClusterKnoppix
ClusterKnoppix has released v3.2-2003-09-05-EN with minor feature enhancements. "Changes: This version syncs with the latest Knoppix release. It upgrades to kernel 2.4.22 and openmosix-1 release, upgrades to openmosix-user-0.3.4, upgrades to the latest openmosixview, adds libgtop2 libcommoncpp2-1.0- 0c102, adds chpox-0.5, adds Gomd CVS 20030917, and removes the default MFS/DFSA support because of a tmpfs bug."
Damn Small Linux
Damn Small Linux has released v0.4.8 with minor feature enhancements. "Changes: Fabian Franz's 'toram' linuxrc routine was added, so the whole system can be put into RAM, which requires only 64M of RAM. The CD player plugin for XMMS was added. The ability to chose language specific keyboard layout was restored (e.g. 'lang=de'), and the default is US English. The Debian 'wireless-tools' package was added. A bug in Xpacman was fixed, and the keys to work with German, French, and English were re-mapped. Other small feature and usability enhancements were made."
DietLinux
DietLinux has released v0.1.2 with major feature enhancements. "Changes: The Makefiles for downloading the dietlinux-files and build images were rewritten. It's now possible to build floppy images as well. Including your own files in the image has been made easier."
dyne:bolic
dyne:bolic has released v1.0 with major feature enhancements. "Changes: Important milestones for the project have been reached since the last stable release: XBOX support, automatic clustering on the same LAN, a nested data storage mechanism, and improved speed and hardware support. Many new applications have been added in order to complete the desktop functionality and fulfill many different tasks and needs which became apparent after much testing of ergonomic and usability issues."
GNOPPIX
GNOPPIX has released v0.5.4-1 with major feature enhancements. "Changes: This version adds a GNOPPIX installer, an icon for modem/DSL connections, support for NTFS volumes, a Persistent Home option, and English and US descriptions to Desktop icons. It fixes automounter close, moves to UTF-8 code, fixes changing of root and user passwords, updates the hw-database for autoconfig, backports 120 new packages, removes all non-free packages, updates to kernel 2.4.22-xfs, installs gnome-cups-manager, and include many bugfixes and updates."
SmoothWall
SmoothWall has released v2.0 beta 6 with major bugfixes. "Changes: The 2.4.22 kernel is now used and the core distribution was updated to updated Red Hat 8.0. The BeWAN PCI ADSL card is now supported, and ping and traceroute diagnostics were added to the Tools section. H.323, MMS (streaming), and Quake masquerade helper modules were included. Port forward ranges were implemented and the HTTPS admin port was changed from 445 to 441."
Source Mage GNU/Linux
Source Mage GNU/Linux v0.7, code name "Flare" has been released. Click below for details.ThinStation
ThinStation has released v1.0.1. "Changes: This version now uses busybox 1.0pre2, and updates the scripts to work with it, fixes a bug in the xf-common script for the Xvesa server, fixes a bug in sound-nasd and sound-esd which caused boot to hang, and adds a colours fix for ICA."
Warewulf
Warewulf has released v1.15 with major bugfixes. "Changes: The purpose of this release is to fix a typo/bug in the Warewulf library that caused most tools to error out."
Distribution reviews
Source Mage and Onebase Linux (DistroWatch)
DistroWatch has a review of Source Mage, with a look at some other source based distributions. "As Source Mage proclaims in their "mission statement" their goal is to give total control back to system administrators. They are not kidding. It is very clear this system means business and is not intended for beginners. Onebase on the other hand aspires to being easy to install and use even for less experienced users, as well as being flexible and powerful, yet transparent. To this end it provides a tool, OLM, intended for both configuring and managing the system. I was very curious to see how it will achieve these somewhat conflicting goals."
Page editor: Rebecca Sobol
Development
The XFce 4.0 Lightweight Desktop Environment
Version 4.0 of XFce, a lightweight desktop environment, has been announced.XFce creator Olivier Fourdan sums up the goals of the project:
![[XFce]](https://static.lwn.net/images/ns/xfce.jpg)
The full XFce 4.0
press release indicates that this version has substantial changes
from version 3.
Furthermore, the press release sums up these new capabilities:
It will be interesting to see if XFce 4 can gain a substantial following in the landscape of available Linux desktop environments. A lighter system may be able to carve out a decent sized niche on systems that don't require all of the capabilities of KDE and Gnome.
System Applications
Audio Projects
Alsa 0.9.7 released
Version 0.9.7 of the Alsa sound driver and associated utilities is available. Change information is in the source code.Planet CCRMA Changes
The latest changes to the Planet CCRMA audio packaging project include new versions of Snd, Noteedit, Lilypond, and Qjackctl.Speex 1.0.2 Released
Version 1.0.2 of the Speex speech codec has been released. "Just a bugfix release. This update adds soundcard support for Solaris and the BSDs as well as minor bugfixes and a documentation update."
Database Software
Gedafe 1.2.0 released
Version 1.2.0 of Gedafe, the Generic Database Front-End, is available. "The idea behind Gedafe is to put all the application logic into the database, along with meta-information on how to present the data. The front-end then gathers this information and uses it to build the user interface. This approach greatly reduces development time since you only have to develop the application at the database level and the web front-end comes for free."
pgAdmin III v1.0.0 Released
Version 1.0.0 of pgAdmin is available for download. "The pgAdmin Development Team are pleased to announce the first stable release of pgAdmin III, an Open Source management and administration tool for the PostgreSQL Object Relational Database Management System."
PostgreSQL Weekly News
The September 26, 2003 PostgreSQL Weekly News is out with the latest PostgreSQL database news. Topics include 7.4 Beta testing, JDBC fixes, bug fixes, and documentation updates.
Mail Software
Mailman 2.1.3 released
Verson 2.1.3 of Mailman, the GNU Mailing List Manager, is available. "Version 2.1.3 is a bug fix release which also contains support for four new languages: Ukrainian, Serbian, Euskara (Basque), and Danish. This release also contains a fix for a cross-site scripting vulnerability, as well as improved queue runner performancey."
Announcing milter-date/0.2 (beta)
Milter-date 0.2 beta, a date-based spam filter, has been announced. "How many times have you seen spam thats from the future, or is older than the world wide web, or looked at message headers and wondered why a message should take 30 days to go from one hop to the next?"
Building an Advanced Mail Server (O'Reilly)
Joe Stump writes about the process of putting together an email server in the first part of an O'Reilly series. "All Linux distributions that I know of come with an MTA of some sort. The most popular is Sendmail. Other popular MTAs include Exim, postfix, and Qmail. This article discusses how to build an advanced mail server which sports all of the latest mail protocols, checks all incoming mail for spam, and scans all incoming and outgoing mail for viruses."
Networking Tools
Announcing Divmod Quotient 0.6
Divmod Quotient 0.6 has been announced. "Quotient is multi-protocol (SMTP, POP, IMAP, SIP, HTTP, Q2Q) server that helps with all your online conversations be they over email, IRC, IM, mailing lists or voice over IP. It is written in Python on the Twisted framework and uses Lupy and SpamBayes".
Printing
LinuxPrinting.org news
The latest news from LinuxPrinting.org includes improved support for the HP LaserJet 1010, 1012, and 1015 and the HP DeskJet 5150, the 5652 printers. Also, it is now possible to access the Epson inkjet memory card readers.
Web Site Development
mnoGoSearch 3.2.15 released
Version 3.2.15 of the mnoGoSearch web site search engine is available. See the history document for change information.mod_caml 0.8.0 announced
Version 0.8.0 of mod_caml, the Objective CAML bindings for Apache, is out. "This is an interim release for testing. The main change is that some API functions which previously returned 'string option' ('None' meaning that the C string was NULL) have been changed to return just 'string', and to raise 'Not_found' if the C string is NULL."
Adding Search Functionality to Perl Applications (O'Reilly)
Aaron Trevena illustrates web site searching techniques on O'Reilly. "If you are building a small, simple database-backed web site with only a couple of hundred records, then relatively simple SQL should be all you need. It would be trivial to add a simple and Foo_Name like '%keyword%' to the queries being used. When your needs go beyond this, there are three ways you can proceed: you can use native database full-text searching, an external search engine, or you can roll your own."
Desktop Applications
Audio Applications
Audacity 1.2.0-pre2 released
Version 1.2.0-pre2 of Audacity is available. "Audacity 1.2.0-pre2 is a public test release of the free Audacity sound editor. This version fixes all of the known major bugs in 1.2.0-pre1, and we anticipate very few changes between this version and the final 1.2.0 release in a few more weeks."
Tkeca 3.0.0 Released
Version 3.0.0 of Tkeca, a GUI interface to the Ecasound audio tool, is out. "I strongly advice to upgrade to this version! I think that Tkeca is becoming in a serious recording tool."
Desktop Environments
Second KDE 3.2 Alpha 'Tereza' Released
KDE.News reports that KDE 3.2 Alpha 2 is available. "As the first Beta was delayed to finish more PIM features, we're proud to present the second Alpha release of KDE 3.2. The first Alpha was already seen as a very strong release and the second one is even better (1374 bugs closed in the last 31 days). The major changes are the import of ksvg and kpdf into the KDE distribution, along with a major rewrite of the window manager."
KDE-CVS-Digest
The September 26, 2003 KDE-CVS-Digest is available, here's the summary: "Quanta visual editor makes progress. Khtml gets text selection optimizations and immediate repaint from Safari. Kontact, KMail, KAddressbook get work on settings, time cards, drag and drop, plus many bug fixes."
Desktop Publishing
Alambic 1.0.2 available
Version 1.0.2 of Alambic, a PDF creation and distribution utility, has been announced. Changes include: "Minor fixes and enhancements for version 1.0.2. Added German localization provided by Kai-Steffen Jens Hielscher."
LyX 1.3.3 released
Version 1.3.3 of LyX, a GUI frontend to the TeX typesetting system, is out.
Electronics
Covered 20030925 available
Release 20030925 of Covered, a Verilog code coverage analyzer, is available. "This release contains the first working FSM code coverage portion in Covered."
Financial Applications
Roadmap to GnuCash 1.10/2.0
Linas Vepstas has sent out a roadmap for GnuCash 1.10/2.0 development. "The reason I'm sending this note is because I'm impatient and I want to write more code during the next month, and I have to pick what I will be working on."
Games
Monkey Bubble, a bust'a'move clone released (GnomeDesktop)
GnomeDesktop.org has an announcement for Monkey Bubble version 0.1.5. "tcataldo writes "A few days ago, the first release of Monkey Bubble landed on the internet. It is a fully functional bust'a'move clone with a few nice features : vector graphics based on librsvg, frozen bubble level support, two player games,..."
Graphics
The vtkFLTK bridge library
Version 0.4.1 of vtkFLTK is available. "vtkFLTK is a small C++ class library easing development of FLTK event-driven interfaces for use with VTK. vtkFLTK allows composition of complex graphical interfaces to complex visualization facilities by bridging disparities between FLTK and VTK event and windowing system handling." Change information is in the source code.
Instant Messaging
Gaim 0.70 released
Version 0.70 of Gaim, an instant messaging client, is available. "Our friends over at Cerulean Studios managed to break my speed record at cracking Yahoo authentication schemes with an impressive feat of hackery. They sent it over and here it is in Gaim 0.70."
Interoperability
DOSEMU 1.2.0 RC1 available
Version 1.2.0 RC1 of DOSEMU, the DOS emulator, is available. "Since Fri, 26 Oct 2001, Bart Oldeman has become coordinator/maintainer of DOSEMU, while the former coordinator Hans Lermen remained responsible in the background as a 'backup facility'. For the same reason Hans would still maintain the stable releases (currently 1.0.x), so Bart can concentrate on the development tree (currently 1.1.x). However, because of personal reasons Hans is no longer able to maintain 1.0.x now, and 1.0.x is without a maintainer. We hope to stabilize 1.1.x into a 1.2.0 release later this year (2003)."
Samba 3.0 is released
Samba version 3.0 has been released. "Samba 3.0 contains the first Open Source/Free Software implementation of Windows NT Primary and Backup Domain Controller functionality. Customers can transparently migrate their existing Windows NT domains to Samba 3.0 whilst keeping their existing user and group account databases. This enables significant cost of ownership savings over a Windows NT4 domain as a Samba 3.0 Domain Controller does not require client access licenses."
Wine Traffic
Issue #189 of Wine Traffic has been published. Take a look for the latest Wine development news.
Music Applications
Jamboree 0.3 released (GnomeDesktop)
GnomeDesktop.org has an announcement for Jamboree 0.3. "Jamboree is a music player with an iTunes like interface that utilizes gstreamer. The first public release, dubbed 0.3 contains: Browse mode, smart and normal playlists, OGG/MP3 support, lightning speed."
Ladspavst v0.1.4 available
Version 0.1.4 of the vst ladspa plugin has been released.LilyPond 2.0 released
Version 2.0 of LilyPond, a musical typesetting system, is out. "For this version, we have dramatically simplified many parts of the syntax, making it easier to use than ever before. Other improvements include quarter-tone accidentals, and conditional inclusion of music fragments."
Office Applications
Chandler 0.2 available
Version 0.2 of the Chandler Personal Informantion Management (PIM) system is out. "Our 0.2 release is an architectural release, where we focus on building Chandler as a platform. The 0.2 release was triggered by the clock as opposed to any functional or feature milestone. We want to show that we are making progress at regular intervals even though we might not have the loose ends all tidied up." For more information on the Chandler project, see the Chandler Status Update Number 9.
Office Suites
KOffice 1.3 Beta 4 Released
KDE.News mentions the release of KOffice 1.3 Beta 4. "This release sports tons of bugfixes made during the KDE developers' conference in Nové Hrady, Czech Republic (see KOffice Developers' Meeting Report). It is the last beta in the 1.3 series according to the revised KOffice 1.3 release schedule which plans the final release now for November 12, 2003."
OpenOffice.org 1.1 RC5 is ready
Version 1.1 Release Candidate 5 of OpenOffice.org has been released."The build includes bug fixes and is speedier and more robust. No new features have been introduced since RC4. Just bug fixes. We thank you for helping us find and fix them; the work the user community has done has been invaluable."
OpenOffice.org 1.1 released
It's official: OpenOffice.org 1.1 has been released. Click below for the announcement, or see the features list for an idea of what has been added this time around. "This build has, as we have learned, many new features that no other office suite has yet to think of."
Science
GRAMPS 0.9.4 released (GnomeDesktop)
Version 0.9.4 of GRAMPS, the Genealogical Research and Analysis Management System, has been announced.NAMD 2.5 (Parallel MD) Release
Version 2.5 of NAMD has been released. "The Theoretical and Computational Biophysics Group at the University of Illinois is proud to announce the public release of a new version of NAMD, a parallel, object-oriented molecular dynamics code designed for high-performance simulation of large biomolecular systems."
The Vision Egg 0.9.9 is here!
Version 0.9.9 of Vision Egg, a Python-based system that generates stimuli for vision research experiments, has been released. "There is nothing more I intend to add before I release Version 1.0 -- this is a release candidate subject to final testing and bug fixing, so I would appreciate all the abuse you can put it through. In particular, test/conform.py runs many tests on your system and reports the output."
Web Browsers
Mozilla 1.5 Release Candidate 2 Out (MozillaZine)
Mozilla 1.5 Release Candidate 2 has been announced. "This new test build contains around twenty fixes that were not in Release Candidate 1, including a new preference for specifying whether opening a bookmark group should replace the existing tabs or append the new pages to the current set."
Mozilla Links
Issue #3 of the Mozilla Links Newsletter has been published. Take a look for the latest Mozilla browser news.Minutes of the mozilla.org Staff Meeting (MozillaZine)
MozillaZine points to the September 22 Mozilla.org staff meeting minutes. "Issues discussed include Mozilla 1.5 final, Mozilla 1.4.1, Talkback, Mozilla Thunderbird, the September 30th deadline, the Roadmap, the Mozilla Foundation employees mailing list, localisation and moving the web and mail servers."
Mozilla Firebird 0.7 and Mozilla Thunderbird 0.3 Release Candidates (MozillaZine)
GnomeDesktop.org has a multiple announcement for Mozilla Firebird 0.7 and Mozilla Thunderbird 0.3. "Like Firebird, Thunderbird 0.3 will come from the 1.5 branch, with developers hoping for a simultaneous release of Mozilla 1.5 and Thunderbird 0.3."
Word Processors
AbiWord Weekly News
Issue #163 of the AbiWord Weekly News is online. "RTF import capability has been sped up like you wouldn't believe, thanks to Johnny Lee. The BeOS port verges on oblivion; get the word out; one week to find a maintainer. Languages with accented characters are known to be having issues on Win32. And!, assuming I can get this to work, we have an important poll, or something Mark wants to know...."
Miscellaneous
Axiom released as open-source software
Axiom, a common Lisp based computer algebra system, has been released as open-source software under a BSD-style license. "The project started in 1971 at IBM as a research system named Scratchpad. Scratchpad was renamed to Axiom in the 1990s and sold to NAG, which distributed it as a commercial product until 2001. Axiom is a powerful system, which in the current state "represents about 30 years and 300 man-years of research work""
Monitor Calibration Tool 0.1.1 released (GnomeDesktop)
GnomeDesktop.org mentions the release of a new version of Ross Burton's GammaarRRr monitor color calibration tool. "This tool features Black point calibration, per-Display gamma calibration for arbitrary target gamma values, a graphical editor for calibrating the gamma and a GNOME applet to select gamma corrections quickly."
Languages and Tools
Caml
Caml Weekly News
The September 23-30, 2003 edition of the Caml Weekly News is out with the week's Caml language developments.The Caml Light / OCaml Hump
New software on The Caml Light / OCaml Hump includes new versions of the GODI source-based O'Caml distribution, the Why software verification tool, Schoca: an implementation of the Scheme language, the Extlib small standard OCaml library, and the mod_ocaml Apache binding.
Java
Readable Java 1.5 (O'ReillyNet)
Stephen Jungels writes about Java 1.5 on O'Reilly. "The Java 1.5 proposal offers programmers a false choice between desirable new features and readability. In fact, all of the proposed new features for 1.5 can be represented by clear, unambiguous, and readable constructs without breaking backwards compatibility. In the rest of this article I will illustrate this point by describing three alternative syntaxes I am proposing."
Lisp
Perl
Perl 5.8.1 Has Been Released (use Perl)
Use Perl has the initial announcement for Perl 5.8.1. "Jarkko has released perl 5.8.1, and it has propagated to CPAN. Thanks for all the hard work! Changes include randomizing hash orders for security (they were never supposed to be reproduceable, anyway), module updates, and Unicode updates." See the Perl 5.8.1 official announcement for more information.
This Week on perl5-porters (use Perl)
The September 22-28, 2003 edition of This Week on perl5-porters has been published. "Perl 5.8.1 was released. 'Nuff said."
This week on Perl 6 (O'Reilly)
The September 21, 2003 edition of This week on Perl 6 is out, take a look for the latest Perl 6 developments.Announcing the Phalanx Project (use Perl)
The Plalanx project has been announced. "Andy Lester writes "Phalanx is a Perl QA project created to provide a solid testing base for Ponie, the next version of Perl 5 that will be based on the Parrot virtual machine. By increasing the test coverage of Perl modules and Perl itself, we will make Ponie be the best-tested version of Perl ever"
Getting Started With Parrot Development
Mike Scott has written a new Getting Started With Parrot Development document that's available on the Parrot Wiki.gtk2-perl "muppetman" available
A new release of the gtk2-perl Perl bindings for Gtk+ 2.x is available.
PHP
kses 0.2.1 released
Version 0.2.1 of kses, an HTML/XHTML filter written in PHP, has been released. "The 0.2.1 release adds a new object-oriented version of kses, three new attribute value checks (minlen, minval and valueless), a work-around for an Opera "feature" that treats chr(173) as whitespace, and some other minor changes."
PHP 4.3.4RC1 released
Version 4.3.4RC1 of PHP has been announced. "This release candidate contains only bug fixes, so it should be quite stable. Please test this release as much as possible, so that any remaining issues can be uncovered and resolved prior to the final release."
Python
Python 2.3.2 RC 1 released
Python 2.3.2 RC 1 has been made available. "Python 2.3.2 is a bug-fix release, to repair a couple of build problems and packaging errors in Python 2.3.1. Assuming no major problems crop up, a final release of Python 2.3.2 will follow later this week."
secsh: SSH2 protocol for python
The secsh project aims to implement an SSH2 client and server for Python. Currently, only the client is available. "Secsh is a module for python 2.3 that implements the SSH2 protocol for secure (encrypted and authenticated) connections to remote machines."
Wax primer: A simple editor
A new primer is available for Wax, a layer on the wxPython GUI system. "This document illustrates some of the basics of Wax. As an example program, we're going to make a simple editor. I'm going to build it step by step; you are encouraged to apply the changes incrementally and run the code after every step."
Tcl/Tk
Dr. Dobb's Tcl-URL!
The September 29, 2003 edition of Dr. Dobb's Tcl-URL! is out with lots of links to useful Tcl/Tk articles and info.
Page editor: Forrest Cook
Linux in the news
Recommended Reading
IBM Files New Claims Against SCO in Linux Case (Dow Jones)
According to this Dow Jones story (on Yahoo), IBM has filed a new set of counterclaims against SCO. "According to the memo, which was obtained by The Wall Street Journal, the new counterclaim charges that SCO infringed IBM's copyrights by distributing IBM's contributions to Linux after SCO had violated its Linux license by claiming a copyright on parts of Linux." So it looks like another GPL-based claim.
Strong reactions to CCIA security report give it added credibility (NewsForge)
A report (PDF format) titled CyberInsecurity: The Cost of Monopoly is currently available. NewsForge reports that Dan Geer, recently CTO of @Stake, has been fired in reaction to this report. "When you hire a security consultant for your factory or warehouse, you expect that consultant to tell you if your security fence needs reinforcement, not to defend the fence manufacturer. And if seven respected consultants tell you a particular make of fence is too weak for your purposes, and "industry associations" and "think tanks" supported heavily by that fence manufacturer lash out at the consultants and claim they being paid off by rival manufacturers even though they aren't, it's the manufacturer of the weak fences that looks bad in the end."
Proprietary software--banned in Boston? (News.com)
News.com reports that Massachusetts has adopted a new policy favoring open-source. "The state will also give preference to open-source software, although it will continue to purchase proprietary products if they are found to be superior technologically or otherwise, Kriss said. He identified state Web servers, which currently run on Microsoft's Internet Information Services software, as a potential early candidate for retrofitting. "We're taking a serious look at Apache as a Web server," he said."
Not everyone is entirely happy about it, as indicated by this press release from the Council for Citizens Against Government Waste (CCAGW).
The SCO Problem
An open-source letter (News.com)
News.com is carrying a letter from Joe Firmage, a former Novell VP and once a "good friend" of SCO CEO Darl McBride. They won't be such good friends anymore. "SCO's real agenda in refusing to identify the offending code is quite clear: Prevent the open-source community from removing and rewriting implicated segments of source code. In effect, SCO is seeking to prevent the Linux community from correcting the alleged plagiarism so as to broaden and sustain its prospects for royalties. Thus, SCO is now an accomplice to the crime it alleges by refusing to allow the alleged perpetrators to clean up their act. Courts should succinctly reject such blatant and calculated extortion."
Visions of Ka-ching Dance in Their Heads (Groklaw)
Groklaw analyzes two research papers by Renaissance Ventures on SCO. "The first document is an explanation of Renaissance's reasons for thinking SCO was a good investment. I know you've been wondering what in the world those folks in the stock market have been thinking. The second is an analysis of the SCO v. IBM lawsuit. They are both so blazingly wrong in both facts and conclusions that I fully grasp for the first time how some people may have invested in SCO, based on such misinformation." Worth a read.
SCO's FUD missiles rain down on the infidel (vnunet)
vnunet has some fun with the SCO case. "Particularly controversial was the claim that SCO had the capability to launch a wave of invoices within 45 minutes of an outbreak of licence infringement. This was flatly contradicted by intelligence reports, which insisted that the only weapons in the company's armoury were a few elderly FUD missiles and the odd bluster bomb."
HP hides its secret SCO shame (Register)
The Register follows up on HP's sponsorship of the SCO road show. "HP is still sponsoring the SCO City-to-City Tour, but it did ask the great Utah IP defender to pull mention of its backing from the Web site. Now, Microlite sits alone as a SCO friend, receiving premier sponsorship perks without paying the premiere sponsor price."
Companies
IBM, JBoss eye new Java plan (News.com)
News.com reports on possible collaboration between IBM and JBoss Group. "The two companies are investing independently in a software development technique called aspect-oriented programming, or AOP, which is intended to make application development faster, more flexible and less prone to error. Both companies are now looking to make AOP a standard feature of Java, said Bob Bickel, JBoss' vice president of corporate development and strategy."
HP shells out for SCO road show (Register)
The Register looks forward to SCO's "road show," which begins next week. "The SCO City-to-City Tour is a nice touch to the whole IP affair. It gives the impression that SCO still has a vibrant, diverse user base that is clamoring for the latest details on SCO software. While there are plenty of SCO users out there, the need for a company-backed outreach program is quite slim. That might be why per city registration is capped off at 50 customers. Wouldn't it be funny if ambitious Linux users filled all of those spots?" The article also asks why HP has signed up as the primary sponsor for this set of events.
Seagate pops Lindows onto hard drives at no charge (Register)
According to this story in The Register, Seagate will be offering its 40GB Barracuda 7200.7 drive to resellers with Lindows preinstalled. "Seagate will sell the hard drives with our without the Linux OS at the same cost and estimates that Whitebox manufacturers can save about $100 per computer by picking the pre-loaded option."
Linux Adoption
Linux in Hollywood (TechNewsWorld)
TechNewsWorld takes a lengthy look at the use of Linux in digital film production. "Contrary to common sense, to build the best secret proprietary software you need an open-source platform underneath it. The reason is that proprietary software can require tweaks to the operating system itself that no proprietary operating system vendor would be interested in implementing. Moreover, motion picture production is a very time-sensitive business. A problem in the operating system can't be allowed to hold up production. With open source, studios can throw programmers at anything, whether at the software or OS level."
Linux Taking Off, And Being Taken Off (IT-Director)
IT-Director is running a Robin Bloor column on the use of Linux in government. "In Pakistan 50,000 low cost computers will be installed in schools and colleges all over Pakistan (for less than $100 each) that use GNU/Linux. Pakistan is also considering the use of StarOffice office. Salman Ansari, an advisor to the Ministry of Science and Technology says 'Don't be surprised if we become the first country in the world to say that all (government-run) services are going to be GNU/Linux based'." As an aside, the article also mentions questions about the provenance of the code in SCO's "Linux Kernel Personality" offering.
Massachusetts Wants to Use Linux-Type Systems (AP)
The Miami Herald is carrying a AP story stating that the state of Massachusetts is adopting a policy of moving over to open systems. Quoting Eric Kriss, the state's Administration and Finance Secretary: "Kriss said the state's decision was driven by a desire to reduce licensing fees but also 'by a philosophy that what the state has is a public good and should be open to all.'"
Korea launches a switch to open source (News.com)
News.com reports on a South Korean plan to replace a significant percentage of its desktop and server systems with free software by 2007. "'If the change is successful, we will be able to save about $300 million a year. Also, we may insure security and interconnectivity of national information system', the ministry representative said. However, industry experts have expressed skepticism, saying that the country's software developers don't have the resources to support both Windows and Linux."
Legal
Europe shows little patience over patents (Financial Times)
The Financial Times reports on the European software patent vote. "So what happens next? Last week's decision is only the first stage in a procedure that will see the legislation approved by EU member states, many of which would have preferred tougher rules and will seek to have the directive returned to the parliament for redrafting. But already there is speculation that Frits Bolkestein,the EU single market commissioner, may decide to take the matter out of the European parliament's hands." (Thanks to Thomas Hood).
Interviews
Tom Adelstein interview, founder of Government Forge (DesktopLinux)
DesktopLinux.com interviews Tom Adelstein, founder & chief proponent of Government Forge. "Tom Adelstein, longtime Linux advocate and consultant has spent the last year working closely with state, local, and federal government open source software initiatives. Tom launched Government Forge, a Web site devoted to state and local governments interested in Linux and open source which is newly part of the Open Source Software Institute. In November 2002, Tom initiated the legislation for Open Source Software in Texas which resulted in Senate Bill 1579 filed by State Senator John Carona."
Porting Linux to the iPod (O'ReillyNet)
O'ReillyNet interviews Bernard Leach about porting Linux to Apple's iPod. "The port uses uClinux, a Linux flavor designed for devices that lack a memory management unit (MMU). While the iPod has some MMU-type capabilities, they are not sufficient to support the Linux kernel. The code is released under the GNU General Public license."
Ransom Love Speaks of Unix, GPL and the Lawsuit (eWeek)
eWeek interviews Ransom Love former CEO of (the company now known as) the SCO Group. "This is awkward to me, I don't know what's going on inside SCO today, and I don't want to throw stones on either side. I, however, no longer have any investments in SCO. When news of the IBM lawsuit broke, I sold the last of my stock. I no longer have any relationship with the company." (Thanks to Denice Deatrich).
Security Expert Geer Sounds Off on Dismissal (eWeek)
eWeek talks with security expert Dan Geer. "Software diversity in the name of security is by no means a new idea, but Geer and the other authors are all very visible in the high-tech industry, especially within the security community, and their opinions carry a certain weight. However, Geer said Monday that the opinions in the paper were no more controversial or edgy than many of the things he's said in speeches, interviews and other papers during his time with @stake."
Reviews
Exploring RSA Encryption in OpenSSL (Linux Journal)
Linux Journal explores RSA encryption in OpenSSL. "When sending your credit card number through a public medium, such as the Internet, your financial credibility may be compromised if the number is not first encrypted. It is impossible to tell who may be listening in on your connection as you shop for new CDs or books. The RSA encryption method often is used to hide your credit card number from would-be thiefs on the Internet, because it uses a public key to hide your information and a private key to reveal it. This article banishes the mystery surrounding RSA encryption and explains how a realistic implementation of RSA works in the OpenSSL library.Samba Team Releases Samba 3.0 (NewsForge)
Jeremy Allison introduces Samba 3.0 in this NewsForge article. "Samba 3.0 contains the first Open Source/Free Software implementation of Windows NT Primary and Backup Domain Controller functionality. Customers can transparently migrate their existing Windows NT domains to Samba 3.0 whilst keeping their existing user and group account databases. This enables significant cost of ownership savings over a Windows NT4 domain as a Samba 3.0 Domain Controller does not require client access licenses. Existing Windows tools can be used to manage a Samba PDC, allowing customer Windows expertise to be leveraged in a domain migration. A choice of LDAP back-ends allows integration with an existing customer directory service."New SuSE version coming next month (NewsForge)
NewsForge takes a look at the SuSE Linux 9.0, due out next month. "The latest version of the company's home user operating system will be the first to support AMD's Athlon 64 processor, and will include a test version of the 2.6 Linux kernel, according to Holger Dyroff, SuSE's general manager, Americas."
Miscellaneous
Helping Broadcast Radio with Linux (Linux Journal)
Linux Journal looks at the possibilities of building an automated broadcast radio station using Linux. "RFPI downloads much of its program material from the Internet--using a Linux system, of course. Rather than save the material on the computer, RFPI saves it on mini-disks. Broadcasts, then, are done with a live announcer filling in between pre-recorded material. The live broadcast also is recorded on tape for re-broadcast later in the day. In the RFPI example, the only missing link to full automation is some software."
UN Summit Tones Down Open-Source Stance (ComputerBusinessReview)
Computer Business Review Online reports that the United Nations has eliminated "Programmers Without Frontiers" and any preference for open source in the latest draft of the United Nations' World Summit on the Information Society's Plan of Action. "Language in an August draft of the WSIS Plan of Action that would have advocated the use of open-source software, particularly in developing nations, was toned down in the September 26 draft, to give equal weight to the value of proprietary software. The August draft promoted open source awareness, the creation of intellectual property mechanisms supporting open source, and the creation of a UN "Programmers Without Frontiers" body to support open source software in developing nations."
Page editor: Forrest Cook
Announcements
Non-Commercial announcements
20 years of GNU
As many readers have pointed out to us, we missed the twentieth anniversary of the initial announcement of the GNU project. Richard Stallman sent out that announcement on September 27, 1983. Not everything happened as RMS planned, but the founding of the GNU project was a crucial event in the resurgence of free software. "So that I can continue to use computers without violating my principles, I have decided to put together a sufficient body of free software so that I will be able to get along without any software that is not free."
The Linux Documentation Project turns 10
The Linux Documentation Project has sent out an announcement celebrating its tenth anniversary. "Ten years later, it is no exaggeration to say this issue has been dealt with, thoroughly: TLDP today is one of the largest Internet projects, where a few hundred people have written several hundred documents, from small manual pages to in depth guides that span over a hundred pages, covering nearly all aspects of Linux." Congratulations, and we're looking forward to the next ten years.
OpenPKG Community Feedback
OpenPKG is looking for feedback from the community. If you are using OpenPKG consider taking a few minutes to fill out this form.OpenOffice.org Community Council formed
The OpenOffice.org Community Council has been formed. "The Community Council will be charged with many tasks that directly affect you, the community. Therefore, we will be working as openly as possible and in collaboration with the community, which includes both independent users, contributors, developers as well as Sun developers and managers."
OSAF receives $2.75 million in grants
The Open Source Applications Foundation has sent out an announcment stating that it has received $2.75 million in grants. These grants, from the Andrew W. Mellon Foundation and Common Solutions Group, will be used to extend OSAF's "Chandler" application (which does calendars, email, contact management, and instant messaging) to meet the needs of higher education users.OSAF Management Committee meeting notes
The notes from the Open Source Applications Foundation meeting of September 29, 2003 are available.
Commercial announcements
Mozilla End User Telephone Support Available Soon (MozillaZine)
Telephone support for Mozilla will soon be available. "The service, which will cost $39.95 per incident, will be provided by DecisionOne, who currently offer telephone and email support for Netscape."
Ten Thumbs Typing Tutor available
A free beta version of the commercial typing software "Ten Thumbs Typing Tutor" is available.
New Books
Samba-3 Forthcoming book Release
A new book on Samba is coming out soon. "Prentice Hall PTR, the leading publisher of advanced technology books, announces the forthcoming release of, "The Official Samba- 3 HOWTO and Reference Guide".
"Learning XML, Second Edition" Released by O'Reilly
O'Reilly has published the second edition of "Learning XML" by Erik T. Ray.
Resources
LDP Weekly News
The September 24, 2003 edition of the Linux Documentation Project Weekly News is out. Take a look for the latest documentation changes.LDP Weekly News
The September 30, 2003 edition of the Linux Documentation Project Weekly News is out with even more documentation news.LPI News
The Linux Professional Institute News for September 2003 is available. "This month the President of LPI, Evan Leibovitch, is pleased to tell you of some interesting news regarding LPI's participation at the 'World Summit on the Information Society'. His article can be found at the beginning of the news letter followed by other things LPI is doing."
Quicktoots number 12
Dave Phillips has written an article on Using VST Plugins In Linux in the Quicktoots series.
Upcoming Events
Linux install party and Free software for music workshop
A Linux install party and "Free Software for music" workshop will be held at the Resonances 2003 conference at IRCAM in France on October 23, 2003. "The "Free software for music" day will make a tour on free musical and professional audio software, the evolution of Linux towards an easier use, compatibility with audio equipment, audio drivers and MIDI."
Linux Installfest in Davis
The Linux Users' Group of Davis will be holding another Linux Installfest workshop on October 5 at UC Davis in Davis, CA.Southern California Linux Expo
The Southern California Linux Expo (SCALE) will be held on November 22, 2003 in Los Angeles, CA.Hivercon 2003 speakers list
The speakers list for the Hivercon 2003 corporate security conference has been announced. The event will be held in Dublin, Ireland on November 6 and 7, 2003.Linux Accessibility Step-by-Step
A Linux Accessibility Step-by-Step pre-conference workshop will be held at the Techshare 2003 conference in Birmingham, UK on November 19, 2003. "This day long session will demonstrate the process of installing and configuring Linux for use by a blind individual. The current Red Hat distribution will be installed and augmented with speech and braille interfaces. Additional configuration will include Ethernet and modem based networking and ssh for secure remote login. The Advanced Linux Sound Architecture (ALS) will be installed to support voice over IP, and Real media streaming, wav, MP3, and ogg creation and playback." Thanks to Daniel James.
Mitch Kaypor to Keynote PyCon DC 2004
Mitch Kapor will present the Keynote at the PyCon DC 2004 conference. The event will be held in Washington, D.C. from March 24-26, 2004.Linux Asia 2004
The Linux Asia 2004 conference will be held at the India Habitat Centre in New Delhi, India on February 11-13, 2004. "The event is aimed at shifting Linux from labs to offices."
Events: October 2 - November 27, 2003
| Date | Event | Location |
|---|---|---|
| October 7 - 8, 2003 | LogOn Web Days | Across Europe |
| October 8, 2003 | Demystifying Open Source Technology for non-profits | (121 Sixth Avenue)New York, NY |
| October 12 - 15, 2003 | International Lisp Conference 2003(ILC 2003) | New York, NY |
| October 14 - 16, 2003 | 10th Linux-Kongress | Saarbrücken, Germany |
| October 15 - 17, 2003 | The First Plone Conference | (Tulane University)New Orleans, Louisiana |
| October 26, 2003 October 27 - 31, 2003 | Large Installation Systems Administration Conference(LISA) | (Town & Country Resort Hotel)San Diego, CA |
| October 29 - 31, 2003 | Asian Enterprise Open Source Conference(AEOSC) | (Suntec International Convention and Exhibition Centre)Singapore |
| October 30 - 31, 2003 | 4to Encuentro Linux | Valparaiso, Chile |
| November 2 - 3, 2003 | International PHP Conference 2003 | (Astron Hotel Frankfurt-Mörfelden)Frankfurt, Germany |
| November 6 - 7, 2003 | HiverCon 2003 | (Davenport Hotel)Dublin, Ireland |
| November 6, 2003 | Netherlands Unix Users group fall conference | (Conference Center De Reehorst)Ede, the Netherands |
| November 10, 2003 | Desktop Linux Conference | (Boston University Corporate Education Center)Tyngsboro, Massachusetts |
| November 14 - 16, 2003 | Third International Ruby Conference | (Red Lion Hotel)Austin, Texas |
| November 16 - 19, 2003 | ApacheCon 2003 | Las Vegas, Nevada |
| November 22, 2003 | Southern California Linux Expo(SCALE) | (Los Angeles Convention Center)Los Angeles, CA |
| November 24 - 26, 2003 | Open Standards and Libre Software in Government Conference(EGOVOS 3) | Paris, France |
Web sites
KDE Community Wiki Site
KDE.News has an announcement for the new KDE Community Wiki Site. "Everyone is welcome to join and participate on the content. The main idea is to share KDE users' and developers' experience. Every registered user is able to create, edit and modify the content of Wiki pages. It's fast and easy."
OpenJay.org for Open-source DJs
OpenJay.org is a new web site that is dedicated to the use of open-source software for Disk Jockeys. "The common problem is that Linux applications are usually developed by programmers thinking to other programmers and not to common users. Ok...from all this stuff came my idea to build OpenJay.org, a site dedicated to OpenSource DJs. I thinked OpenJay expressly to show the Linux audio power, giving evidence to the audio applications with reviews, tips, tricks and making easier the life of the OpenSource audio maniac".
Software announcements
This week's software announcements
Here are the software announcements, courtesy of Freshmeat.net. They are available in two formats:
- Sorted alphabetically,
- Sorted by license.
Miscellaneous
Poll: New Logo for KDE.org
KDE.News reports that the KDE Web Team has set up a public poll to determine the new logo for KDE.org. The poll is open for two weeks, starting September 28th, 2003.
Page editor: Forrest Cook
Letters to the editor
"Proposed" Software monopoly?
| From: | "Eric S. Raymond" <esr@snark.thyrsus.com> | |
| To: | wire-service@snark.thyrsus.com | |
| Subject: | "Proposed" Software monopoly? | |
| Date: | Tue, 30 Sep 2003 19:45:28 -0400 |
Citizens Against Government Waste should be ashamed of itself. As a
liberty-loving foe of intrusive government, I'm normally sympathetic to
their crusade against bureaucracy and over-regulation. But today,
CAGW made the strongest argument I've ever seen for writing them off
as mere shills for corporate greed.
CAGW's press release[1] attacking the Massachusetts Freeware
Initiative reads like it was dictated by Microsoft's PR department --
complete with a fraudalent assertion that open source is more
expensive, and even an attempt to associate open source with the
hideous evils of the Soviet Union and socialism.
CAGW affects to be horrified by what it calls a "Proposed Software
Monopoly". Which raises this question: where has CAGW been all these
years while Massachusetts taxpayers were being gouged by an *actual*
monopoly?
Massachusetts CIO Peter Quinn is doing his job, ensuring that the
government and the people of Massachusetts will no longer be
locked into closed formats and closed software and unhealthy
dependence on a monopolist. Open government demands open source.
[1] Press release at PRNewsWire
--
<a href="http://www.catb.org/~esr/">Eric S. Raymond</a>
This would be the best of all possible worlds, if there were
no religion in it. -- John Adams, in a letter to Thomas Jefferson.
Darl McBride hits the nail on the head
| From: | ketil@ii.uib.no (Ketil Z. Malde) | |
| To: | letters@lwn.net | |
| Subject: | Darl McBride hits the nail on the head | |
| Date: | 25 Sep 2003 12:37:59 +0200 |
(Not tired of the SCO case yet? :-)
Darl McBride, interviewed by Computerworld
http://www.computerworld.com/softwaretopics/os/linux/story/0,10801,84819,00.html
Clearly, the free model just about killed our company, and I would
argue that it's going to kill a lot of other software companies if
the GPL [General Public License] is able to gain a foothold and run
rampant throughout the industry.
Among all his wild and ludicrous statements, I think this is right on
the mark, addressing the core of the problem. One reason Microsoft is
so vehemently opposed to open source, is of course that, in spite of
all their ventures into different markets, it is only making real
money by producing shrink-wrapped software: Windows and Office. Open
source is threatening that business model.¹
This is, of course a real problem, in particular if you work at, own
stock in, or have your political campaigns funded by a software(-only)
company.
However, that business models are obsoleted over time is a fact of
capitalism and free markets. Railroads made a lot of other
transportation obsolete, but helped to instigate the industrial
revolution. Ever wonder how the world would look like if the horse-
and oxcart interests, unable to compete in a changed marketplace, had
managed to sue the steam engine out of existence?
But looking only at the downside is, I think, rather naive and
unproductive. With open source, a lot of power and freedom is turned
over to users, system integrators and consultants: for instance the
power to adapt anything to your specific needs, the power to repair
any perceived problem, and the freedom to be independent on any
particular manufacturer or contractor. From an economic perspective,
commercial software -- like any other "intellectual property"
introduces monopolization, the exploitation of which is generally
negative. Open source is the key to setting the economy free from
burden of these monopolies.
In a sense, the fact that SCO is suing IBM is very telling; SCO is a
software company, that, in McBride's own words, is being killed by
open source; IBM is in addition a hardware manufacturer, system
integrator and service provider that thinks open source is so
beneficial that it invests heavily in both developing and marketing
it, even if it is at the expense of IBMs own software offerings.
SCO was unable to give its products an edge over competing open source
offerings -- something that could have kept it, along with companies
like Microsoft and Oracle, alive and perhaps profitable. SCO was
obsolete, technically insignificant. It's only function now is as a
legal obstacle to technical and economical progress. Good riddance!
-kzm
¹) Ditto for Sun, who to a large extent depend on the qualities of
Solaris and control over Java to dominate the commercial Unix niche,
large scale adoption of Linux along with open source J2EE
implementations may relegate them to being yet another hardware
manufacturer.
--
If I haven't seen further, it is by standing in the footprints of giants
Page editor: Jonathan Corbet