LWN.net Weekly Edition for June 10, 2004
The Grumpy Editor's guide to terminal emulators
| This article is part of the LWN Grumpy Editor series. |
Once upon a time, an ADM-3A
terminal looked like a very nice interface. Those days have passed,
however;
![[xterm]](https://static.lwn.net/images/ns/grumpy/xterm-sm.png)
for many of the years
since, the definitive terminal emulator has been xterm, which was
packaged with the original X11R1 release. xterm was, for its time, a
marvel of configurability, with a nice set of menus for controlling its
behavior, setting fonts, and providing that all-important access to the
"reset" function for when it gets stuck in the VT100 graphics mode.
There is one other xterm feature which has never been matched anywhere: no other terminal emulator comes with its own Tektronix 4014 storage tube emulator mode built in. Your editor who, along with many co-workers, had sunburned his face working with real storage-tube terminals appreciated this mode at the time. It has been a while, however, since your editor (or just about anybody else) has had to run software which expects to talk to such a terminal; even so, every xterm still has a Tektronix terminal lurking within it.
In general, little has happened with xterm over the years, with the exception of the addition of color support. For the most part, development in terminal emulators has happened elsewhere. Your editor has finally decided that it is time to take a look around, and, perhaps, move beyond the venerable xterm.
But first: a word on color in terminal emulators; this is a subject on which your editor can get truly grumpy. Many developers have jumped into adding color support to terminal-oriented applications with little regard for basic human factors and usability. A usable terminal should not look like the Las Vegas strip at night. Color usage, to be effective, must be subtle and carefully thought out. In particular:
- Users must be given obvious and easy control over color usage.
Different people have very different combinations of monitors, background
colors, limitations in color perception, and general preferences.
There is no single choice of colors that will work for any substantial
portion of the user community.
- The basic nature of the human visual system is that it separates
objects based on intensity differences, not color differences.
If you are designing colors for a white-background display, every
color you use must be, with few exceptions, a low-intensity color.
Hot pink on white may look snazzy, but people will have to work hard
to read it.
- Dark blue should never be used for anything somebody is expected to read. Short wavelength colors tend to focus just in front of the retina, and will thus always be a little bit blurry.
Color xterm thus fails on all counts. The colors can be configured via the X resource database, but it is not straightforward. The default colors are on the garish side, and they are too bright.
![[rxvt screenshot]](https://static.lwn.net/images/ns/grumpy/rxvt-sm.png)
For years, the default replacement for xterm was rxvt. This terminal
emulator is, for all practical purposes, a version of xterm with a lot of
the extra stuff (such as the Tektronix mode) stripped out. It does live up
to its promise of being smaller, taking just over half the virtual memory
required by xterm. rxvt, however, suffers from a lack of maintenance (last
release was November, 2001, with a development version showing a release in
March, 2003), poor default colors, and no
menus for run-time configuration. This terminal emulator has been dropped
from a number of modern distributions.
(As an aside, rxvt, like most other terminal emulators, dropped the xterm/Xaw scrollbar. This is a big loss; no other scrollbar is as useful as the old Xaw implementation, which gives very precise control over just how much the window is scrolled. Wheel mice have made good scrollbars less important, but your editor wishes that developers interested in usability wouldn't so casually drop interaction modes which are clearly better).
If you want to know the current state of the art in terminal emulation, of course, you have to look at what the desktop projects are doing. Your editor is happy to report that neither GNOME nor KDE has neglected the lowly terminal emulator.
![[gnome-terminal]](https://static.lwn.net/images/ns/grumpy/gnome-terminal-sm.png)
GNOME's entry is gnome-terminal. This terminal emulator does all of the
stuff that one would expect of an xterm replacement, with a number of
useful new goodies:
- Tabs. A tabbed terminal emulator turns out to be just as useful as
a tabbed web browser. If you tend to have a lot of things going on at
once and limited desk space, tabs make life much easier.
- Nice configurability. It is easy to eliminate gnome-terminal's most
obnoxious features (blinking cursor, space-wasting menu bar), tweak
fonts and colors, etc. The default colors are also relatively
good, at least for people who work in a white-background mode.
- Multiple profiles. Each tabbed session can have its own fonts, colors, titles, etc. If you tend to keep tabs around for specific purposes (one could, for example, keep a root shell in one tab), you can tweak the presentation to make the current task immediately obvious.
gnome-terminal also has a nice feature in that it makes the pointer fade away as soon as the user starts typing. No more moving the mouse around to get the pointer out of your way. An invisible pointer might seem like a human factors problem in its own right, but the simple fact is that you generally have to move the pointer to find it anyway.
Your editor's biggest complaint about gnome-terminal might be that scrolling with the mouse wheel is a relatively coarse operation; xterm scrolls in smaller steps unless the shift key is held. The number of lines to scroll on a mouse wheel event would be a nice addition to the configuration screen.
![[Konsole]](https://static.lwn.net/images/ns/grumpy/konsole-sm.png)
Konsole, KDE's
terminal emulator, has most of the features described above.
In addition, Konsole offers:
- Bookmarks. In the Konsole world, a bookmark is just a saved directory
path; selecting a bookmark causes Konsole to feed a cd
command to the underlying shell.
- History browsing. Konsole can search for a string in the past
history, making it easy to go back and see what happened earlier.
- Notifications. When asked, Konsole will monitor a session for activity (or, optionally, the lack thereof) and notify the user when it happens. If you want to know right away when that long make finishes, Konsole can tell you. It also can notify you when something rings a bell in one of your sessions; such sessions are also annotated with a little bell icon in the tab bar.
Konsole, too, will hide the pointer. Unlike gnome-terminal, however, it does not wait until you start typing, but hides it regardless after a few seconds. Konsole comes with a reasonable set of default colors, and provides user control as well. The color editor works by way of "schemas," and is rather awkward to work with. The gnome-terminal profile-based mechanism seems more straightforward.
Both gnome-terminal and Konsole will let you do crazy things, like putting a background image into the terminal window. Such features make for nice screenshot eye candy, but they are not good for usability. Fortunately, nobody seems to set up either emulator with background images by default.
Both Konsole and gnome-terminal make it easy to change fonts - if you like the options provided. Your editor, who long since found a monospace X font which optimizes both readability and screen space, very much misses the ability to chose an arbitrary X font. It is probably possible by digging under the hood somewhere, but the configuration screens are not helpful in this regard. One should also note that both terminal emulators are memory hogs, requiring vastly more virtual and physical memory than xterm to run.
That notwithstanding, it is clear that both desktop projects have managed to improve the state of the art in terminal emulation. Even better, they have both managed to (1) avoid the temptation to ruin usability with flashy eye candy, and (2) retain a full set of configuration options so that this crucial tool can be tweaked to each user's needs. Congratulations would seem to be in order.
[For completeness: other terminal emulators out there include
![[Eterm]](https://static.lwn.net/images/ns/grumpy/eterm-sm.png)
9term, the Plan 9
entry; aterm, an rxvt-derived
emulator with background image support; and Eterm, an emulator which prioritizes fancy
backgrounds well above readability or usability (see image at left). There are also several
emulators designed around non-western character sets, which your editor is
in no position to review usefully.]
An activism update from Europe
Since my last article for LWN on software patents, a lot has happened. Weeks of speculation and frenzied lobbying culminated in the EU Council passing a version of the software patent directive that permits software patents; the FFII has continued to lobby on and discuss the Council's position, whilst preparing for the EU elections and the new MEPs; and the Union for the Public Domain has begun to lobby the BBC to release its archives under a Creative Commons license. And as usual, there's plenty for European hackers to do!
Software patent news
To begin with software patents, on the 18th May the EU Council of Ministers
voted on the controversial software patent directive, passing with a narrow
majority a version that, according to the FFII, ensures that "software and
business methods ... are ... to be treated as patentable inventions
" (source).
This version of the directive removed all of the important amendments made
by Parliament in September 2003 that explicitly stated that software and
business methods cannot be patented. But despite this, many ministers
continued to reassure the public, and those considering rejecting the
directive, that it would not allow these things to be patented, describing
it as a "compromise". The key to understanding this dispute is that without
all of the amendments passed by Parliament in September 2003, the
directive could still allow software patents. But the Council's compromise
scrapped the first four amendments present in the Parliament's version, and
instead made a weak version of the fifth amendment that stated that a
technical contribution must be "new".
One member of the Committee of Permanent Representatives explicitly
described it as a
"compromise between Microsoft and Linux
". When I talked to
Dr Caroline Lucas MEP (Green, UK), she commented that:
It is worth noting that the Irish Presidency of the EU, due to expire next year, is sponsored by none other than Microsoft, amongst other companies. Furthermore, "almost 35% of Ireland's registered companies totaling 150,000 are non-resident" (source) due to tax exemption laws. "Over 40% of all PC package software and 60% of business applications software sold in Europe is produced in Ireland. US companies such as Microsoft, Lotus, Claris, Digital, Oracle, IBM and Novell contribute significantly to this growth" (source). It is clear where the interests of the Irish government lie.
So where do we go from here? The Parliament has already voted against software patents, and the Council has voted for software patents. In June, the Council must formally adopt their position, which is likely (but not certain) to happen (it may get delayed, or not happen at all). Assuming it does, the Parliament must then vote again on the directive, and pass their version with an absolute majority to overrule the decision of the Council. So the next step for activists - by which I mean any EU citizen with a pen, phone and/or e-mail client - is to get back to lobbying MEPs.
It is, or was, the EU elections on June 10th. If you're an EU citizen reading this in time, make sure you go to the polling booth, and bear in mind the MEPs' positions on software patents when you cross the boxes. You can find out how they voted in September with this handy page.
Once the election results come in, we'll need to start lobbying our new representatives, and continue with those that held their seats, to ensure Parliament votes against software patents again. When the directive comes up for a vote (perhaps by the end of this year), it will need an absolute majority to pass, whereas in the previous vote it only needed a majority from those actually voting. This means that we need to persuade more MEPs to actually vote, and more to vote against software patents. The most important thing is to send off that first letter, and to then follow it up. When writing your letter, you might find it useful to look at this guide to the key arguments, and also this page to find your MEPs' contact details. If they disagree, try to respond and show why they are wrong; if they agree with you, ask them to sign the FFII's Call for Action II.
If you've got a little more spare time (i.e. half an hour), and you'd like to do more than just write a letter, there's a nice project that you can get involved in that will introduce you to the world of lobbying proper. It involves phoning MEPs and asking them some questions, then sending the results back to the FFII, so they can build up a database both of MEPs' voting records and their stated positions. To join in this project, first read this handy guide, and then find the questionnaire itself here. Though the project started only as an elections tool, it will still be useful leading up to the vote, and it gives you a good chance to really make a big difference with a small amount of your time.
You should also try to contact your national government representatives. They will often have a lot of influence over the minsters who sit in the Council, and over their party's MEPs. Again, contact them by letter, and follow up appropriately. If they're supportive, ask them to sign the FFII's Call for National Governments.
We defeated software patents in Parliament last year. If we fail this time, we will not only see large corporations using patents against free software projects increasingly aggressively, but we will also miss an opportunity to affect the outcome of the debate in the US. A vote against software patents in Europe would send a strong message to legislators in the US, and provide a huge boon to the EFF's Patent Busting Project.
BBC Archives
In other news, there has been some development surrounding the BBC's promise to give the public full access to its archives online. When originally announced, then-director general Greg Dyke suggested that they would open up the full archives, but so far the only concrete plans have been to make available thousands of three minute clips from documentaries. After a launch reception in London, which Lawrence Lessig and the BBC Archive's project leader attended, the Friends of Creative Archive have launched a campaign to have the full archives released under a Creative Commons license.
The argument behind this position is a familiar one to anyone who follows Lessig's work, but at the risk of boring you, I'll run over them briefly. Innovation, particularly amongst more creative types like musicians, artists and filmmakers, depends upon being able to draw on culture and past creations. Culture is not just about passively consuming and creating entirely new works, but about remixing and building upon past creations. The more culture there is in the public domain, the more potential there is for new and interesting work to be made. So, the activists argue, as the BBC is funded by license payers for the benefit of the British public, it ought to release its archives for the benefit of the British public.
Having an open archive of this kind would provide two special benefits to the free software community. First, it would provide a large source of DRM-free, standards-compliant media so that whatever the rest of the industry does, we will always have a decent media resource available. Secondly, it will send out a strong signal throughout the industry and to governments that the principles of the free culture and free software movements should be taken seriously. It would be much harder for the media, hardware and software monopolists to impose proprietary standards on us if organisations as large as the BBC were publicly doing the opposite. Combined with the recent work on the Dirac codec, it could be the start of a healthy alliance between the BBC and the free software community.
The creation of a free creative archive seems like an obviously good idea, and one would hope that it would strike the BBC that way, but at the moment they've not had any input from the public on this issue. So if you'd like to encourage the BBC to adopt a Creative Commons license, rather than restricting access through DRM and nasty licenses, consider signing the Friends' letter here.
A look at Firefox 0.9
The Mozilla Organization released not one, but two testing releases on June 9. Mozilla 1.7RC3 and Firefox 0.9 RC were released for widespread testing. Since Firefox is the future of the Mozilla line, we decided to take a look at the latest Firefox release to see how it is shaping up on its way to 1.0. As it turns out, a lot has changed since 0.8 and Firefox seems to be turning into an excellent browser. Naturally, we were only interested in testing the Linux version of the 0.9 release, but there are packages available for Windows and Mac OS X as well.The first noteworthy change since 0.8, or at least the change that is first notable, is the addition of an installer for Linux users. Past releases of Firefox for Linux came as tarballs without any kind of installer. For this author, the difference between using an installer or simply uncompressing a tarball of the latest build into a convenient directory is negligible. Still, many users will probably find the installer much more friendly.
At install time, the new release copies over the profile from previous versions of Firefox from the ~/.phoenix directory that was used to store user data. If the ~/.phoenix directory does not exist, then Firefox will import user data from Mozilla. This author tested both methods, and Firefox imported the data from Firefox 0.8 and Mozilla 1.7 without any problems. User profiles on Linux are now stored under ~/.mozilla/firefox/.
A few items have shifted around in the new release. Specifically, the "Options" dialog is now "Preferences" and found under the "Edit" menu, rather than the "Tools" menu. Themes and Extensions now have their own managers, rather than being part of the Options/Preferences dialog. The Extensions manager is a bit slicker now, and apparently will enable the user to update their installed Extensions through Mozilla Update. At the moment, however, this feature does not seem to be operational. Presumably, one will also be able to use Mozilla Update to install and update themes in the future as well.
One minor quibble with the Download manager: in 0.9, the default download folder is "Desktop," which hardly seems like a suitable choice even for Linux users who run a desktop environment that supports saving files to the desktop. It's fixed easily enough, but one hopes that the Mozilla team will switch the default to prompt the user for a download location.
Though this author did not conduct any scientific testing, the latest Firefox release does seem faster than the previous release. The interface, menus and so forth, seem a bit more responsive than previous releases, and rendering also seems a bit snappier. Firefox 0.9 RC also seems a bit more stable, though it has crashed once during testing. The 0.9 RC is certainly more stable than the 0.9 nightly snapshot releases that this author had been trying out.
![[Firefox screenshot]](https://static.lwn.net/images/ns/firefox-0.9-sm.jpg)
The most obvious change, and one that has generated a great deal of
discussion, is the replacement of the current Firefox "Qute" theme with
a new theme called "Winstripe." For this author, it seems like far too much
fuss over a simple change. The browsing experience itself is not hampered
by the new theme, and one expects that new themes for Firefox will become
available for those who do not enjoy the default. The fact that users are
able to focus so much attention on Firefox's theme may be a good sign,
however. This may indicate that Firefox already meets their needs in terms
of speed, stability and feature completeness -- allowing users to focus
their attention on more superficial areas. If this is the case, the Mozilla
developers should regard the theme complaints as something of a compliment.
In all, the latest Firefox is an impressive browser. It lacks polish in a few areas, but it is a solid browser with an impressive array of features. We'll be quite interested to see what the final 1.0 release of Firefox will look like when all is said and done.
Security
cvs vulnerabilities - again
Let us start with a correction: last week's cvs vulnerability timeline stated that no update had been issued for CentOS. In fact, this update was posted to the CentOS-devel mailing list on May 19. One could argue that such updates should be posted to a more prominent place, such as the CentOS web site or the (seemingly dormant) security lists mentioned on the mailing lists page; one should not have to follow a development list to get security updates. Nonetheless, we were wrong to say that an update had not been released, and apologize accordingly.Now, however, the time has come to deal with a new set of cvs security problems, as detailed in this advisory. A whole list of issues has been found; many of those are remotely exploitable. The time has come to apply a new set of updates, quickly. (And, yes, CentOS has released an update already).
Vulnerabilities in cvs are particularly scary. It is possible to run cvs in a chroot mode, which is somewhat helpful in keeping an exploit from leading to a full root compromise of the host system. But cvs servers must have access to the code repositories they serve. It is not all that hard to imagine a cvs exploit being the first step in the insertion of evil code into a free software project's repository. A carefully executed malware insertion could escape detection for a long time.
That sort of episode, beyond the immediate damage it would enable, would not reflect well on the security of the free software development process in general. We cannot afford to let it happen. With enough eyeballs, most of the obvious security problems in cvs can probably be found and fixed. That would help substantially. The simple fact, however, is that cvs is not equipped to detect direct tampering with its repositories. This shortcoming is sure to bite somebody someday; the sooner it is fixed (or avoided by a mass shift to a more contemporary version control system which performs integrity checks on its repositories) the safer we all will be.
New vulnerabilities
cvs: new vulnerabilities
| Package(s): | cvs | CVE #(s): | CAN-2004-0414 CAN-2004-0416 CAN-2004-0417 CAN-2004-0418 | ||||||||||||||||||||||||||||||||||||||||||||
| Created: | June 9, 2004 | Updated: | June 15, 2004 | ||||||||||||||||||||||||||||||||||||||||||||
| Description: | Several new vulnerabilities have been found in CVS; these include a null-termination error, a double-free vulnerability, a format-string vulnerability, and a few others; see this advisory for the details. Some of these vulnerabilities are remotely exploitable; updating soon would be a good idea. | ||||||||||||||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||||||||||||||
ethereal: more protocol dissector issues
| Package(s): | ethereal | CVE #(s): | |||||||||||||||||||||
| Created: | June 3, 2004 | Updated: | June 11, 2004 | ||||||||||||||||||||
| Description: | The 0.10.3 version may crash when you select a SIP packet. See this post to the ethereal-users mailing list for details. | ||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||
krb5: unauthorized root privileges
| Package(s): | krb5 | CVE #(s): | CAN-2004-0523 | ||||||||||||||||||||||||||||||||
| Created: | June 3, 2004 | Updated: | June 29, 2004 | ||||||||||||||||||||||||||||||||
| Description: | Multiple buffer overflows exist in the krb5_aname_to_localname() library function that if exploited could lead to unauthorized root privileges. In order to exploit this flaw, an attacker must first successfully authenticate to a vulnerable service, which must be configured to enable the explicit mapping or rules-based mapping functionality of krb5_aname_to_localname, which is not a default configuration. See the this MIT krb5 Security Advisory for more information. | ||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||
log2mail: format string vulnerability
| Package(s): | log2mail | CVE #(s): | CAN-2004-0450 | ||||
| Created: | June 3, 2004 | Updated: | June 9, 2004 | ||||
| Description: | jaguar -at- felinemenace.org discovered a format string vulnerability in log2mail, whereby a user able to log a specially crafted message to a logfile monitored by log2mail (for example, via syslog) could cause arbitrary code to be executed with the privileges of the log2mail process. By default, this process runs as user 'log2mail', which is a member of group 'adm' (which has access to read system logfiles). | ||||||
| Alerts: |
| ||||||
postgresql buffer overflow in ODBC driver
| Package(s): | postgresql | CVE #(s): | |||||||||
| Created: | June 7, 2004 | Updated: | July 28, 2004 | ||||||||
| Description: | A buffer overflow has been discovered in the ODBC driver of PostgreSQL, an object-relational SQL database, descended from POSTGRES. It possible to exploit this problem and crash the surrounding application. Hence, a PHP script using php4-odbc can be utilized to crash the surrounding Apache webserver. Other parts of postgresql are not affected. | ||||||||||
| Alerts: |
| ||||||||||
squid: buffer overflow
| Package(s): | squid | CVE #(s): | CAN-2004-0541 | ||||||||||||||||||||||||||||||||||||||||||||
| Created: | June 9, 2004 | Updated: | September 30, 2004 | ||||||||||||||||||||||||||||||||||||||||||||
| Description: | The NTLM authentication helper used by the squid proxy contains a buffer overflow vulnerability; an overly-long password may be used to run arbitrary code. Sites not using NTLM authentication are not vulnerable. | ||||||||||||||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||||||||||||||
tripwire format string vulnerability
| Package(s): | tripwire | CVE #(s): | CAN-2004-0536 | ||||||||||||||||
| Created: | June 4, 2004 | Updated: | July 7, 2004 | ||||||||||||||||
| Description: | The code that generates email reports contains a format string vulnerability in pipedmailmessage.cpp. With a carefully crafted filename on a local filesystem an attacker could cause execution of arbitrary code with permissions of the user running tripwire, which could be the root user. See this advisory on SecurityFocus for more details. | ||||||||||||||||||
| Alerts: |
| ||||||||||||||||||
Events
NYC Security Shindig Version 2.0
The second New York City Security Shindig will be held the evening of June 14. Jamie Butler will be speaking on kernel rootkits; additional attractions include free pizza and non-free beer.
Page editor: Jonathan Corbet
Kernel development
Brief items
Kernel release status
The current 2.6 prepatch is 2.6.7-rc3, which was announced by Linus on June 7. Changes include vast numbers of __user annotations (see last week's Kernel Page), some architecture updates, an NTFS update, an input driver update, some memory management fixes, the removal of IDE tagged command queueing support (which never did work properly), AGP updates, CPU frequency controller updates, and lots of fixes. The long-format changelog has the details.Linus's BitKeeper repository includes more __user annotations and various fixes. Things appear to be settling down for the 2.6.7 release.
The current prepatch from Andrew Morton is 2.6.7-rc3-mm1. Recent additions to -mm include a big, general-purpose bitmask library for use in CPU masks and such, some kernel debugger improvements, the NX no-execute support patch, message-signaled interrupt support for x86_64, some VM tweaks, a big SiS framebuffer update, device mapper support for snapshots and mirroring, and lots of fixes.
The current 2.4 prepatch is 2.4.27-pre5, which was announced by Marcelo on June 2. This prepatch is dominated by network driver and serial ATA updates; the rate of change seems to be slowing significantly.
Kernel development news
Should the Lustre preparation patches go in?
Lustre is a high-performance, distributed filesystem intended for use in large clusters. It is the latest effort from Peter Braam, who has, in the past, been responsible for the Coda and InterMezzo filesystems. Lustre has not been proposed for merging yet, but it is already in production use at a number of large supercomputing centers. Companies like Dell, Cray, and HP have been helping with its development.Mr. Braam has recently posted the second iteration of a patch intended to pave the way for inclusion of Lustre. This patch exports some symbols needed by Lustre and makes various virtual filesystem changes. With this patch in place, sites using Lustre would be able to load the filesystem as a separate module without having to patch the kernel directly. Since many of these sites, it seems, use "enterprise" distributions and cannot patch their kernels without invalidating their support agreements, this matters. Almost everybody involved would like Lustre to be usable on mainline kernels.
Most of the technical objections to the Lustre patches have been addressed; to that end, many changes were made since the first posting. There remains one objection which can still be heard from a small number of developers, however: the patch should not be merged because it provides interfaces which are not used by any code in the kernel tree. This argument has been heard before; the Linux security module patches, for example, were opposed on this basis.
It is not hard to understand a general reluctance to include (seemingly) unused APIs in the kernel. If an interface is not in active use, chances are that, when somebody does try to use it, they will find that it does not work as advertised. Unused code tends to rot over time. And all code bloats the kernel, so it makes sense to hold off on adding new code until there is a clear use for it.
It is also true, however, that the addition of new interfaces can help drive development in useful directions. The hooks needed by Lustre should be useful for a number of distributed filesystems, starting with NFS and going on to the various other cluster-oriented filesystems. Until the new interface is available, however, no filesystem will start using it. And, in any case, there is a clear user here in the form of Lustre, which is an available, GPL-licensed filesystem.
Your editor, putting on his highly unreliable clairvoyant cap, figures that the Lustre developers will eventually get their wish. Certain developers will likely make them sweat for it, however, forcing a few more iterations on the patch before it can be accepted. But in the end, nobody disagrees with the goal (being to provide a high-quality distributed filesystem for high-performance clusters) and the patches were written with a relatively light hand. There is no real reason to keep them out of the kernel.
Toward a generic wireless access point stack
The Linux kernel has long had support for wireless networking. What the kernel does not have, however, is support for operation as a wireless access point. A standard Linux system has many of the required pieces (network bridging, DHCP service, etc.), but there are necessary functions that only the kernel can provide. These include WEP encryption (or some other protocol), access control, Wireless Distribution System support, etc.The mainline kernel may not support these capabilities, but that doesn't mean they don't exist. A few different implementations of the software necessary to create wireless access points are out there; each has been developed independently, and each tends to support only one family of wireless network cards. Anybody wanting to set up an access point needs to find the implementation best suited to the hardware at hand, patch the kernel, and put all of the pieces together.
In an attempt to encourage the creation of a single access point support implementation in the kernel, Jeff Garzik has announced the creation of a new wireless patch set. He is starting with HostAP, a widely-used software stack developed for Prism-based cards. It is, he says, the implementation which is best suited to being evolved into a generic wireless stack for the kernel.
A number of the other access point implementations have taken chunks of code from HostAP, so it does seem like a good choice for a starting point. A fair amount of work may be required, however, to move it from being a driver for a specific set of cards to being a more generic implementation. Jeff hopes that this work can be done without a lot of core kernel changes; he would like to see the result merged into the 2.6 kernel. Now is the time for interested hackers to dive in and move the code in that direction.
Fear of the void
When a kernel development project lives outside of the mainline kernel tree for a long time, it often picks up its own coding conventions which do not always match well with the kernel as a whole. One such project is the ALSA sound system, which was developed independently for years until it reached a state where it seemed ready to replace the old OSS drivers; it was merged in 2.5. Now some of the kernel developers are taking a look at the ALSA code and finding things which would, most likely, not have survived for long had ALSA been an in-tree development from the beginning.One of those is the ALSA convention for dealing with driver-private data. Many structures and callbacks in the kernel support the passing of private data; this is accomplished by way of a void * pointer. Creators and users of private data passed in this way are responsible for knowing what kind of structure is being dealt with and performing the appropriate casts. In general, this mechanism works well; there have been very few bugs resulting from confusion over the type of a private data pointer.
Even so, the ALSA developers took some extra steps to ensure that errors do not creep in when private data is passed around; their conventions are documented in the ALSA driver writing manual. In brief, it works as follows. The first step is to define a structure to be used as private data, create a type for it, and assign a magic number; the code tends to look like this:
typedef struct { /* ... */ } funky_struct_t;
#define funky_struct_t_magic 0x19980122
The value of the magic number is arbitrary (but should be unique); the name must match the defined type of the structure, however.
When one of these structures is to be allocated, one of the following macros must be used:
void *snd_magic_kmalloc(type, unsigned int extra-data,
unsigned int flags);
void *snd_magic_kcalloc(type, unsigned int extra-data,
unsigned int flags);
The second version simply zeroes out the memory before returning it. Both versions allocate some extra space to store the magic number, thus identifying the allocated memory as holding a structure of the given type.
When one of these structures is to be obtained from a void * private data pointer, the cast must be done in a special way:
funky_struct_t *mydata;
mydata = snd_magic_cast(funky_struct_t, void_pointer, return -ESCREWEDUP);
This macro will ensure that the types match; the final parameter is a line of C code to be executed should a mismatch occur. There is also, of course, a snd_magic_kfree() for freeing these structures.
Attention was recently drawn to these conventions as part of an unrelated critique of the ALSA code. The kernel hackers, as a whole, do not like the "snd_magic_" macros; they feel that the rest of the kernel has gotten by just fine without that sort of infrastructure. It has also been noted that this kind of checking, if it is determined to be useful, should really be part of the central memory allocator rather than being specific to one subsystem.
In response to the discussion, one energetic hacker has already sent out a set of patches removing most of the ALSA "magic" framework. ALSA maintainer Jaroslav Kysela has requested that they not be applied at this time, however; the ALSA team would like to figure out how best to clean up that code on its own. This effort may involve simply removing it, or replacing it with a less "magic" mechanism. One way or another, the ALSA code in the future will likely look more like the rest of the kernel than it does now.
Safe PCI hot removal
The PCI hotplug mechanism promises improved server availability; when hotplug is used, PCI peripherals can be added to or removed from the system without taking the server down. As one developer found out recently, however, hotplug can also lead to the opposite result. Some devices have drivers which, if the device is removed before being closed, will crash the system. Surely, he asks, this is not the way things are supposed to be?The answer that came back indicated that, technically, this is a fine state of affairs. By the PCI hotplug specification, devices are supposed to be closed down before removal, and the operating system is not required to deal properly with the opposite sequence of events. This is, in other words, a "don't do that" situation.
That said, it is generally possible for drivers to handle a too-hot unplugging of a device. A certain degree of care is required, however. Essentially, a driver for a hot-removable device must check for errors every time it attempts to communicate with that device. An error reading from or writing to a device register is usually the first indication that the device has left the building. When such errors happen, the driver must respond accordingly: error out any outstanding operations and mark the device as being unavailable.
Over time, drivers with this kind of problem will get fixed. In the mean time, however, much driver code still shows signs of having been written when hardware additions and removals required a screwdriver and a power-down. When doing run-time surgery on an important system, it is still important to step carefully.
Patches and updates
Kernel trees
Architecture-specific
Build system
Core kernel code
Development tools
Device drivers
Filesystems and block I/O
Networking
Miscellaneous
Page editor: Jonathan Corbet
Distributions
News and Editorials
Gentoo Package Management with Portage
Before Gentoo Linux emerged (pun intended) as a powerful force on the Linux distribution scene, software installation on most distributions was a subject of much controversy and frequent criticism. The RPM package manager was often at the receiving end of the blame due to its complex dependency structures; typing "rpm dependency hell" into Google's search engine returns over 700 entries. Debian's implementation of its own package management was often seen as technically superior to those found in RPM-based distributions, but many potential users were put off by Debian's other complexities and a lack of graphical installation and configuration utilities. And while Slackware's own package management does not suffer from dependency issues (simply because it doesn't care about them), many will argue that its pkgtool and other package utilities are rather too basic to qualify as a package management tool in the true sense of the word.Enter the world of Gentoo Linux. With one short command, a user can install any application, without ever having to worry about libraries and other dependencies. The command will download the source code of the requested package, it will also download the source codes of all the dependent packages (if any), then it will configure, compile and install the package(s) without any further intervention on the user's part. Because the vast majority of packages are compiled directly from source code (with some exceptions, such as OpenOffice, Java, Opera, etc.), the user has complete control over package versions, optimizations, even optional dependencies, in some cases. In fact, the only drawbacks when compared to binary package management tools are longer installation times and fairly stringent hardware requirements - the pleasure of using Gentoo Linux rises exponentially with the power of the CPU at hand.
Portage. The main force behind Gentoo's convenient
package management is Portage. Written in Python, Portage not only
provides the all-important "emerge" command, it also groups all
packages, or ebuilds in Gentoo speak, into a logical tree-like
structure in /usr/portage/. Ebuilds can be unmasked, masked or
hard masked, with unmasked ebuilds considered stable and well-tested,
while masked ebuilds are stable, but not yet tested extensively. Hard
masked ebuilds are usually reserved for alpha or beta packages. Only
unmasked packages are installed by default, but this can be overridden
either in /etc/make.conf or on the command line like
this:
# ACCEPT_KEYWORDS="~x86" emerge packagename
The list of current masked packages is stored in
/usr/portage/profiles/package.mask. To see the available
versions of a package and their masked status in a nicely colored
output, we can use the etcat command (part of the gentoolkit
package):
# etcat -v mozilla
USE-flags. The USE-flags is a very clever concept,
serving as a central place to configure some of the most basic aspects
of the operating system and its behavior. As an example, if you prefer
to have support for ALSA for all the relevant applications, you have to
specify it as a USE-flag. Once done, these applications will be
compiled with ALSA support included. If you don't specify it centrally
in /etc/make.conf, you would have to compile the applications
with the following command:
# USE="alsa" emerge xmms
The above example is still useful in case a user wants to override the
global setting. There are over 200 USE-flags listed in
/usr/portage/profiles/use.desc; they provide many "uses" that
range from Java and SELinux support to specifying the default Japanese
input server or enabling potentially offensive items in packages. The
USE-flags also specify one of the CPU architectures - the currently
available choices include x86, ppc, ppc64, sparc, alpha, mips, hppa,
arm and amd64.
CFLAGS. Much has been said about CFLAGS on various forums, especially by those who never read the GCC manual. Probably the most important decision here is the use of march or mcpu when specifying the type of processor. The former will result in faster binaries at the expense of compatibility, while the latter will be produce somewhat slower binaries, but will cover a wider range of processors. As an example, specifying -mcpu=i586 will result in binaries optimized for i586, but they will also execute on i386; however specifying -march=i586 means that the binaries will only execute on i586, but not on i386 CPUs. Another common CFLAG is -O, which specifies a level of optimization ranging from -Os (optimized for small binaries) to -O1, -O2 or -O3 (optimized for speed). GCC provides over a hundred different CFLAGS.
Examples. Finally, let's have a look at some practical
examples to illustrate the range of available options in Portage. The
handful of the commands listed below are just a tip of the
iceberg.
# emerge-webrsync
This is the same as emerge sync (it synchronizes the local
portage tree with the latest available portage tree on official
repositories), but useful for those users who are behind a firewall
blocking the standard rsync port 873
# nice -n19 emerge -u world
This is the same as emerge -u world (it updates all installed
packages to their latest available versions), but with a low priority
so that the compilation process has a limited effect on the user's
ability, in terms of processor resources, to perform other
tasks.
# emerge -pv packagename
Lists packages that are dependent, but not yet installed, on
packagename.
# emerge /mnt/cdrom/packagename*tbz2
Installs a binary package packagename from the mounted
CD-ROM.
# emerge info
Lists all the Portage-specific variables, such as USE, CFLAGS, COMPILER,
GENTOO_MIRRORS, etc.
If you are used to the rpm command, you can install Gentoo's
epm to query packages. It takes many of the same arguments as
rpm itself:
# epm -q packagename
Returns the installed version of packagename
# epm -qa
Returns all installed packages
# epm -qi packagename
Returns information about packagename
# epm -Va
Checks the integrity of all installed packages and reports
conflicts
# epm -e packagename
Uninstalls packagename, same as emerge unmerge
packagename
Learning about Portage is a journey in itself, a road paved with many
pleasant surprises behind every turn. There is no doubt that Portage is
one of the most powerful package management utilities available today.
Distribution News
Gentoo Linux
The Gentoo Weekly Newsletter for the week of May 31, 2004 is out. This issue covers the release of Wasabi, and several other topics.Here's the announcement for the release of Wasabi 0.1, a custom log monitoring tool for Gentoo systems.
Xandros releases downloadable version
Xandros has announced the availability of an "open circulation edition" of its distribution. "'We want the Open Circulation version of the Xandros desktop to replicate like a virus,' said Dr. Frederick H. Berenstein, Xandros Chairman and CTO. 'Open computing is coming of age, and every desktop user should know that there's a full-featured Windows alternative out there, and they're going to love it!'"
Lycoris Desktop/LX 1.4 Presales Available
The Lycoris Desktop/LX 1.4 (formerly known as Update 4) is now available. Click below for the full press release.up2dateiso v1.1.0 release
Version 1.1.0 of up2dateiso has been released. This is a Python program that takes a set of distribution CD iso's and updates the rpms on them with the latest rpms from the updates archive. RH9, FC1 and now FC2 are supported.Distribution specific GNOME releases
Footnotes reports the release of Dropline GNOME 2.6.1 for Slackware and ULB GNOME 0.8.0 for SuSE Linux 9.1.DistroWatch Weekly, Issue 52
The DistroWatch Weekly for June 7, 2004 looks at Damn Small Linux extensions, and several other topics.Fedora Core
Fedora Core updates:- FC1 - strace 4.5.4-0.FC1: new upstream version
- FC1 - vim: upgrade vim to the latest patchlevel, fixes a lot of minor issues
- FC2 - cups: fixes several problems
- FC2 - strace 4.5.4-1: new upstream version
- FC2 - bison: new upstream version (fixes bug #116823)
Mandrakelinux updates drakxtools
Mandrakelinux updates the drakxtools package to correct various bugs, for Mandrakelinux 10.0.Slackware Linux
The -current branch of Slackware has several upgraded packages, an assortment of other changes and bug fixes and a new rzip-2.0. Upgrades this week include man-pages-1.64, mod_ssl-2.8.18-1.3.31, gaim-0.78, mdadm-1.6.0, clisp-2.33.2, gcalctool-4.4.8, gnome-icon-theme-1.2.3, totem-0.99.12, elm2.5.7, ImageMagick-6.0.2-2, xine-lib-1-rc4a, parted-1.6.11, php-4.3.7, cdrdao-1.1.9, vim-6.3.0, strace-4.5.4 and xchat-2.0.9. The Linux kernel 2.6.6 source package is in testing. See the slackware-current changelog for complete details.
New Distributions
Knoppix 64
Knoppix 64 is a 64 bit Debian based release for 64 bit AMD machines. The initial release, v3.4-EN-2004-05-31, is remastered from KNOPPIX 3.4. The goal of this work is to provide a 64 bit development environment along with the usual desktop tools. Language support includes English, French and German.OpenSLS
OpenSLS (or Open Secure Linux Server) is currently a concept work-in-progress. It's aim is to be a secure Linux OS based on Mandrake Linux. Unlike Corporate Server, which is a fine server operating system, OpenSLS will be much more scaled down with a lot of additional security features. OpenSLS 1.0-CURRENT alpha1, released June 3, 2004, is based on Mandrake Linux 9.2 with a lot of cleanup and enhancements.
Minor distribution updates
AGNULA/DEMUDI 1.2.0-beta0 released
The first beta release of AGNULA/DeMuDi 1.2.0 (a Debian-based distribution aimed at audio and video applications) is now available. Click below for the details.Astaro Security Linux
Astaro Security Linux has released v5.011 with minor bugfixes. "Changes: This Up2Date improves the backend performance and fixes bugs for V4 and V5 backup, content filter configuration, for RSA connections with X.509 and RSA keys, user authentication, network definitions, and uplink failover. It also adds the configuration ability to bypass the content filter/HTTP proxy if needed."
Buffalo Linux
Buffalo Linux has released v1.2.3 with minor bugfixes. "Changes: This release includes upgrades to 30 base packages, 21 extra packages, and 15 GNOME packages. The CD now recognizes a previous Buffalo version that supports upgrading (version 1.20 or higher). More minor desktop upgrades were made, including integration of gqview as the icon selector. A 68MB upgrade from 1.2.2 is also available for download."
Feather Linux
Feather Linux has released v0.5 with major feature enhancements. "Changes: This release is based on Knoppix 3.4, and thus many improvements have been made. MADWIFI, prism54, and speedtouch drivers are now included, and superior hardware support is found throughout. The GIMP script has been fixed. This release removes picocom, adds ncrypt and minicom, reincludes ndiswrapper, adds tcc documentation, and adds scripts to install Ruby, Python, Folding@Home, and GIMPS."
Gibraltar Firewall
Gibraltar Firewall has released v2.0 with major feature enhancements. "Changes: This is a new major release with many changes, focusing on content inspection. HTTP, SMTP, and POP3 traffic can be checked for viruses (clamav and Kaspersky anti-virus) and SPAM, HTTP and POP3 even transparently. User authentication for HTTP has been added, either via user lists or by integrating with MS Active Directory. The base system has been updated, and is now based on a hardened and enhanced 2.4.26 kernel which includes additional firewall match modules (e.g. the P2P traffic match module)."
GoboLinux
GoboLinux has released v011 with major feature enhancements. "Changes: This release features the introduction of Compile, a new source-based compilation system. Other distinctive features were the switch to the 2.6 kernel series (2.4 is still included), the adoption of the XOrg X11 server, and a large number of upgraded packages."
LEAF - Bering-uClibc
LEAF (Linux Embedded Appliance Firewall) has released Bering-uClibc 2.2-beta3 with major feature enhancements. "Changes: This release introduces a new flexible module loading scheme, is updated to shorewall 2.0.2f, replaces dnscache and dhcpd with dnsmasq, and has some bugfixes."
Linux From Scratch
Linux From Scratch has released v5.1.1 with minor bugfixes. "Changes: This release fixed several release-process related problems and minor spelling and grammatical errors. The package and patch versions remain unchanged." Beyond Linux From Scratch (BLFS) v5.1 is also available.
Linux LiveCD
Linux LiveCD has released v1.9.4 with major feature enhancements. "Changes: This release adds Frottle (Freenet Throttle) packet scheduling and QoS for wireless networks and mesh WiFi at /opt/frottle. There is a new default config for MRTG graphical network statistics, and updated documentation."
Recovery Is Possible!
RIP has released v9.0. "Changes: Some of the software has been updated, and the download site was changed for faster downloads. There's also a usb.sh script, to enable installing and booting the system on a USB flash drive."
Tao Linux
Tao Linux has released v1.0 Update 2. "Changes: All current updates to 5/31 were rolled into new set of ISO images. Kernels for i586 and Athlon are included. Development packages are included in the Everything install. Trademark fixes were made for Eclipse and Squirrelmail."
ThinTUX
ThinTUX has released v0.15 with major feature enhancements. "Changes: This release replaced glibc with uclibc."
Distribution reviews
Moving from Debian To SuSE Linux and Back Again (OSNews)
This OSNews article compares Debian with SuSE Linux. "I switched from Windows to Linux about 4 years ago when I finally found a distribution that didn't annoy me, Debian. It required a bit of manual tweaking but I always found that the important things "Just worked". Well after 3 years of just working, I finally rode my installation into the ground through a combination of kernel upgrades and running a diverse mix of packages from the "unstable", "testing", and even "experimental" branches of Debian. It got to the point where KDE would boot unbearably slowly, applications would fail to start, and my mouse and keyboard would stop working if I didn't use them for a few minutes. After much fiddling I finally decided a reinstall would be the path of least resistance. Since I'd been hearing all these fantastic reviews for Suse 9.1 I thought I would give it a try; after all it sounded like this was finally a no-nonsense, "just works" distribution for the fabled average user."
Page editor: Rebecca Sobol
Development
The Driver on Demand project
The Driver on Demand project is an effort by Andrew Luecke to provide installable device drivers for Linux systems via the HTTP protocol. The project summary says:
The project overview lists some of the capabilities of Driver on Demand. Here is a quick summary of features:
- Drivers are served via HTTP and cgi-bin scripts.
- Driver installations are performed via user-based click-to-install operations.
- Driver definitions are XML-based.
- The system has support for open/GPL and licensed/proprietary drivers.
- The software is open-source, it has been released under the GPL.
- The software is a combination of Perl and Bash.
- Vendors can provide automated and timely driver updates for their hardware.
- The project supports driver checksum verification through key servers for security.
- Drivers are available in standard binary, source code, and package manager formats.
- The software works with the Linux 2.4 and 2.6 kernels, 2.6 is recommended.
The current project status and news page indicate a fair amount of recent progress. Several servers are currently online, and a number of drivers have been submitted. The alpha-one version was released in May, 2004. The alpha-two version is being worked on.
Andrew Luecke noted the current state of the project:
"The project already fully supports
PCI/YENTA PCMCIA already, and will soon support everything from PCI express
to USB.
Its primary goal is to allow driver installation in linux to be easier
th[a]n Windows.
"
The author is still developing the software in a mostly solo mode, he plans on accepting patches from the outside after the next release is out. Volunteer help has been requested for some parts of the project. The Driver on Demand project looks to be a very useful addition to the Linux system, we wish the author luck in getting it widely accepted.
System Applications
Database Software
Glom 0.8.0 announced
Version 0.8.0 of Glom, a GUI-based database table designer, is out with numerous improvements.libgdamm 1.3.4 announced
Version 1.3.4 of libgdamm, a C++ wrapper for libgda and gtkmm, is out with new functions and typedefs.libgda/libgnomedb 1.1.4 released
Version 1.1.4 of libgda/libgnomedb, a database development framework, is available. The release adds numerous improvements to the development release.phpPgAdmin 3.4 Released
Version 3.4 of phpPgAdmin has been released "A new major version of phpPgAdmin is now available. phpPgAdmin is a web-based administration tool for all 7.x versions of PostgreSQL."
PostgreSQL Weekly News
The June 7, 2004 edition of the PostgreSQL Weekly News is available with the latest PostgreSQL database news.ZODB 3.3 beta 1 released
Version 3.3 beta 1 of ZODB, the Zope Object DataBase, is out. "The changes since ZODB 3.3a3 consist mostly of fixes for longstanding ZODB bugs, several of which were backported to the Zope 2.7 maintenance branch."
Device Drivers
Intel PRO/Wireless 2200BG Driver for Linux
A new set of open-source drivers are available for the Intel IPW2100 and IPW2200 wireless Network Connection miniPCI adapters. "This project was created by Intel to enable support for the Intel PRO/Wireless 2200BG Network Connection miniPCI adapter. This project (IPW2200) is intended to be a community effort as much as is possible given some working constraints (mainly, no HW documentation is available)." Thanks to Roy Whytock.
Libraries
GLib-2.4.2 released
Version 2.4.2 of GLib is out with lots of bug fixes and better translations.Librcoco 0.6.0 released
Version 0.6.0 of Librcoco,the GNOME Cascading Style Sheet parsing and manipulation C library, has been released. "Starting from this release on, several different minor versions of Libcroco can be installed on the same box. Releases of the same minor version number will be upward API/ABI compatible." Numerous changes and bug fixes are included.
Mail Software
DomainKeys Milter
A new Domain Keys mail filter has been announced on milter.org. "The Sendmail folks are rather trying to push Domain Keys and propose an OpenSource milter : dk-milter It is labelled PRE-RELEASE SOFTWARE - not to be used in any critical production environments but it is worth testing."
Sendmail 8.13.0.Beta3
Version 8.13.0.Beta3 of Sendmail has been released. The Change Notes say: "It contains the patch for parseaddr.c that was required for Beta2, the enhanced status code 4.7.1 has been replaced by more appropriate values because some broken systems misinterpret it as a permanent error, and there is a fix for calculating the sleep() time in checksmtpattack() when the delay is initially triggered."
Networking Tools
nOt 1.86 released
Version 1.86 of nOt, the Network Object Tracer, has been released. "I believe discussion will help in process of debugging and developing next versions of this tool. Please send any comments, suggestions and (what's probably the most important) new OS fingerprints to n0t database."
Printing
AFPL Ghostscript 8.30 beta release
Version 8.30 of AFPL Ghostscript has been released. new features include topological grid fitting, PDF 1.4 encryption support, a new shading render method, the experimental Rinkj driver, support for PDF 1.5, and beta support for Jpeg2000 images.
Security
Writing Nessus Plugins (O'Reilly)
Nitesh Dhanjani explains how to write plugins for the Nessus security scanner on O'Reilly. "In a previous article, I showed you how to install and use the Nessus scanner. If the bundled security checks aren't enough for you, you can write your own Nessus plugins in NASL (Nessus Attack Scripting Language). This article demonstrates how to write your own custom vulnerability checks."
Web Site Development
mnoGoSearch 3.2.18 is available
Version 3.2.18 of the mnoGoSearch web site search engine has been released. The Change Log documents a number of bug fixes.Moodle 1.3 is now available (SourceForge)
Version 1.3 of Moodle has been announced. "Moodle is PHP courseware aiming to make quality online courses (eg distance education) easy to develop and conduct. Both learning & development are guided by strong pedagogical theory. Implemented on 1000's of sites, 74 countries and 36 languages."
ZopeMag Weekly News
The May 26 - June 1, 2004 edition of the ZopeMag Weekly News is online with lots of new Zope and Plone information.
Desktop Applications
Accessibility
gnopernicus 0.9.5 released
Version 0.9.5 of gnopernicus, a GNOME screen reader for the visually impaired, is out with several new features.
Audio Applications
Muine 0.6.2 released
Version 0.6.2 of Muine, a music player, is available with support for mono beta 2. "Muine is a new music player using some new UI ideas. The idea is that it will be much easier and comfortable to use than the iTunes model, which is used by both Rhythmbox and Jamboree."
Data Visualization
Gmsh 1.53 released
Version 1.53 of Gmsh, an automatic 3D finite element grid generator, has been announced. "This version contains fairly big changes, so please report any bugs that might have crept in... The three largest modifications are: - big (huge?) improvements in the way Gmsh renders tri/quad meshes and scalar post-processing views, with speedups of more than an order of magnitude on large data sets (and as a side effect, transparency is now fully supported) - new geometrical entity selection with undo capability - full support for second order elements in the mesh module (3-node lines, 6-node triangles, 9-node quads, 10-node tets, 27-node hexas, 18-node prisms and 14-node pyramids)".
Desktop Environments
GNOME Development Release 2.7.1 (GnomeDesktop)
Development release 2.7.1 of GNOME has been announced. "Goooooooooooood morning and welcome to the FIRST release of the GNOME 2.7 development series! It's ready for your bug-busting and testing pleasure, and available for immediate download on ftp.gnome.org and mirrors."
gTweakUI 0.0.6 released (GnomeDesktop)
FootNotes carries the announcement of the release of gTweakUI 0.0.6. gTweakUI is a GConf front end providing graphical access to a whole set of configuration options which are otherwise hard to find.Java-Gnome 2.7.2 announced.
Version 2.7.2 of the Java-Gnome bindings are available. "This release contains bug fixes and enhancements to several of our core bindings as well as our initial work-in-progress for libbonobo and gnome-vfs bindings."
Simplifying GNOME file management (GnomeDesktop)
GnomeDesktop links to this LiveJournal entry outlining three proposals for more intuitive file management in GNOME. "[F]ile management today is a lot more cumbersome than it needs to be. The computer science undergrad learns the "In UNIX, everything is a file" philosophy and is blown away by the beauty of it. However, this world-view is not well suited for a user-interface. "Beauty" is not the description that springs to mind. "Kludge" is more like it."
KDE-CVS-Digest (KDE.News)
The June 4, 2004 edition of the KDE-CVS-Digest is out. The content summary says: "KDevelop has a new QT Designer port. KStars adds support for Philips webcams. Two more icons sizes are added to Konqueror file mode. The PIM Kitchensync supports syncing Kolab, eGroupware and OPIE addressbooks. Crypto improvements in KMail. KWin adds per window settings."
Desktop Publishing
Scribus 1.1.7 released
Scribus 1.1.7 is out; this is, the developers say, "the most stable, feature complete version to date." New features include better PostScript import support, fancier gradient tools, and more; click below for the details.
Electronics
Icarus Verilog 20040606
Version 20040606 of the Icarus Verilog electronic simulation language compiler has been released with bug fixes and several new features.
Games
gnome-games 2.7.3 is out
Version 2.7.3 of Gnome-games, a collection of game software, is out. "Not a lot new, but there is a new UI for changing key controls in gnect and gnibbles."
GNOME War Pad 0.3.1 released
Version 0.3.1 of the game GNOME War Pad is available with several enhancements and GTK+ 2.4 compatibility.Mapacman 0.1 released
Version 0.1 of Mapacman has been released. "Mapacman is a multiplayer online pacman game. It requires pygame and the pyarianne packages. Arianne is a multiplayer online game engine designed for turn based and real time games.
GUI Packages
Bakery 2.3.5 released
Version 2.3.5 of Bakery, a C++ Framework for creating document-based GNOME applications, is out. This release features one new function.GTK+-2.4.2 released
Version 2.4.2 of the GTK+ GUI toolkit is out. "This is a bug fix release and is source and binary compatible with 2.4.0. There are a considerable number of fixes in this release as compared to 2.4.0, especially in the areas of GtkFileChooser, GtkComboBox and GtkEntryCompletion. Also, a problem on Solaris has been fixed."
gtkmm 2.2.12 announced
Version 2.2.12 of gtkmm is out with bug fixes and other improvements.gtkmm and glibmm 2.4.2 are available
Version 2.4.2 of gtkmm and glibmm are out. "gtkmm provides a C++ interface to GTK+. gtkmm 2.4 wraps additional API in GTK+ 2.4. gtkmm 2.4 installs in parallel with gtkmm 2.2, so you can have both installed at the same time. glibmm is now a separate module, for use in non-GUI software."
Imaging Applications
The GIMP 2.1.0 release (GnomeDesktop)
GnomeDesktop.org has an announcement for development version 2.1.0 of the GIMP. "Highlights of this release are migration of menus to GtkUIManager, use of the new file chooser, and improved HIG compliance of almost all dialogs. Other new features are the ability to drag & drop files and URIs to the image window, adding a new layer, and the ability to use shortcuts regardless of which GIMP window is active."
UnZip 5.51; XV jumbo patches 20040523
New versions of the UnZip file uncompressor and jumbo patches for the XV image viewer are available. "I made the first public release of my "jumbo patches" for the XV image viewer; these incorporate roughly 25 fixes and 21 enhancements (such as PNG support!) into a pair of easily applied patches against the stock XV 3.10a sources."
Instant Messaging
Whine about your life with Drivel 1.0! (GnomeDesktop)
Version 1.0 of Drivel has been announced. "Here it is: the first stable release of Drivel, a LiveJournal client for GNOME. This release supports nearly the full range of LiveJournal features, from posting entries to editing your Friends List, all while leveraging the power and unifying characteristics of the GNOME Desktop platform."
Interoperability
Wine Traffic
The June 4, 2004 edition of Wine Traffic is available. Topic threads include: SpecOpsLabs Response, Winedbg Issue and New Changes, Winedbg & DDD, MSVCRT Headers, and AMD64 Issues.
Multimedia
Office Suites
OpenOffice.org build 1.1.59 is out
Build 1.1.59 of the OpenOffice.org office suite has been released. "This package contains Desktop integration work for OpenOffice.org, several back-ported features & speedups, and a much simplified build wrapper, making an OO.o build / install possible for the common man."
PDA Software
Guikachu 1.4.1 released
Version 1.4.1 of Guikachu is out with bug fixes and new translations. "Guikachu is a GNOME application for graphical editing of resource files for PalmOS-based pocket computers. The user interface is modelled after Glade, the GNOME UI builder."
Peer to Peer
Gnomoradio 0.12.2 released
Version 0.12.2 of Gnomoradio, a peer to peer music playing system, has been released. "Gnomoradio 0.12.2 is the first release that is declared "stable", and it is recommended that everybody upgrade. Changes from 0.12.1 include fixed handling of the cache size so files are not deleted prematurely."
Web Browsers
Mozilla 1.7 RC 3 is available
The third (and probably final) release candidate for Mozilla 1.7 is available; see the release notes for details. Downloads are available over here.Mozilla Links Newsletter
The June 4, 2004 edition of the Mozilla Links Newsletter is out with the latest Mozilla browser news.
Miscellaneous
gcalctool 4.4.8 released
Version 4.4.8 of gcalctool, the default GNOME desktop calculator, has been released. This release mainly involves bug fixes.GNOME Terminal 2.7.2 released
Version 2.7.2 of GNOME Terminal, a terminal emulator, is available with several new enhancements.GPSBabel 1.2.3 released (SourceForge)
Version 1.2.3 of GPSBabel has been released. "GPSBabel reads and writes GPS waypoints in a variety of forms. Backends include GPX, Magellan and Garmin serial protocols, Geocaching.com *.loc, GPSMan, Garmin Mapsource *.mps, Magellan Mapsend *.wpt, and many others. Release 1.2.3 includes many new features and bug fixes."
Languages and Tools
C
Notes from the GCC summit
Dan Kegel has posted some notes from the 2004 GCC summit. "The big news in the gcc world lately is the new Tree-SSA changes which were recently merged into mainline after about four years of development, and the fact that it's already paying off."
Caml
Caml Weekly News
The June 1-8, 2004 edition of the Caml Weekly News is available with the latest Caml language articles.
HTML
html_scrub -- An HTML Editing Utility for Groklaw (Groklaw)
Groklaw has announced the availability of an HTML to text converter called html_scrub. "Scott McKellar decided to take pity on me and write a command line HTML cleaning utility for me. As many of you know, Geeklog, the underlying software Groklaw uses, chokes on certain HTML. When volunteers send me documents they have turned into HTML from text, using certain automatic HTML utilities, I end up spending hours sometimes cleaning out the tags Geeklog doesn't like. It's like picking fleas out of your dog's coat."
Java
Writing Ant Tasks (O'Reilly)
Michael Fitzgerald writes about running tasks under Apache Ant on O'Reilly. "Apache Ant is an increasingly popular open source, cross-platform build tool written in Java. Ant's build files are written in XML and generally consist of a project and a set of interdependent targets. These targets contain one or more tasks that can perform all kinds of functions, such as compiling Java source code, creating .zip, .gzip, or .bzip2 archives, cleaning up old files, and so on."
EJBCA 3.0 released (SourceForge)
Version 3.0 of EJBCA, the Enterprise Java Beans Certificate Authority, has been released. "EJBCA 3.0 is a major new release taking the Open Source CA to new heights. The largest change is that it is now possible to run a complete (or several) PKI infrastructure within one single instance of EJBCA. Many other improvements are also included such as complete support for OCSP, enanced Hart token interface and flexible LDAP configuration through the Web-GUI."
Java shared classes (IBM developerWorks)
Lakshmi Shankar, Simon Burns, and Roshan Nichani explore Java shared classes on IBM's developerWorks. "Java applications face a problem today: The only containment vessel available to them is the Java virtual machine (JVM) process itself. Multiple JVMs are required to isolate Java applications from each other, and this has two major negative impacts. The first is the start up time involved for each JVM invocation; the second is the memory footprint required by each JVM. Given these costs, and the inability to isolate applications within the JVM, it is clear that something fundamental needs to be done to resolve these issues. The answer? Shared classes."
Data Models for Desktop Apps (O'ReillyNet)
O'Reilly has published The third article in Andrei Cioroianu's series on developing a Java desktop application. "Andrei Cioroianu shows how to develop data models for Java desktop applications and how JavaBeans and the Model-View-Controller (MVC) pattern can make your code more maintainable and reusable."
Lisp
SBCL 0.8.11 released
Version 0.8.11 of SBCL (Steel Bank Common Lisp) is out. "Changes in this version include the new SB-EXT:MUFFLE-CONDITIONS declaration, an improved installation script, the beginning of a condition hierarchy for use by IDEs, and more."
Perl
POE 0.29 released (use Perl)
Version 0.29 of POE, a networking and multitasking framework for Perl, has been announced. "This release includes a substantial performance increase in I/O intensive programs. It improves portability to Solaris, Windows, and Mac OS X. It improves support for really old versions of Perl---you know, the one that work makes you use in production. Several documentation nits have been picked and stomped."
This Week on perl5-porters (use Perl)
The May 31 - June 6, 2004 edition of This Week on perl5-porters is online. Here's the content summary: "As I've advertised the weekly P5P summaries during the French Perl Workshop, I feel compelled to continue to write them each week... Read on for the latest batch of commented links."
Python
Dr. Dobb's Python-URL!
The June 2, 2004 edition of Dr. Dobb's Python-URL! has been published. Take a look for the latest Python language article links.Dr. Dobb's Python-URL!
The June 8, 2004 edition of Dr. Dobb's Python-URL! has been published. Take a look for another week's worth of Python articles.
Ruby
Ruby/GtkTrayIcon 0.1.0
Ruby/GtkTrayIcon version 0.1.0 has been announced. "I'm pleased to announce the first release of Ruby/GtkTrayIcon, a Ruby binding to the System Tray Protocol Specification. This library allows Ruby developers to fill the GNOME notification area. It contains some code from the old EGG library, copyrighted by Anders Carlsson."
Tcl/Tk
Dr. Dobb's Tcl-URL!
The June 8, 2004 edition of Dr. Dobb's Tcl-URL! is available with the latest Tcl/Tk article links.
XML
Improve XML transport performance, Part 1 (IBM developerWorks)
Dennis M. Sosnoski shows how to speed up XML transports in part one of a series on IBM's developerWorks. "XML is a text markup format designed for clarity and ease of use, without concern for conciseness. Because of these design choices, text XML can be costly in terms of both document size and processing overhead. Part 1 of this two-part article shows you some of the issues involved in alternative non-text representations of XML, and covers a few of the approaches being developed for this purpose".
SVG and Typography: Bells and Whistles (O'Reilly)
Fabio Arciniegas A. plays with typography in SVG in an O'Reilly article. "In this installment of our discussion of SVG and typography, we make a departure from the sobriety of the typographic strategies we've been discussing so far and go for the other half of the fun: the bells and whistles of effects, distortions, coloring, and other unusual treatments of type. We will create reusable code (basically a cookbook) of common typographic treatments implemented in SVG."
Entity and Character References (O'Reilly)
Bob DuCharme looks at issues with XML and entity references on O'Reilly. "XSLT stylesheet developers often ask how they can leave entity references in the source document unchanged as the stylesheet passes them to the result document. For example, they want an entity reference in the source document to still be in the result document."
Page editor: Forrest Cook
Linux in the news
Recommended Reading
Open source: Prepare for attack (ZDNet)
Bruce Perens tells the community to be ready for more legal attacks in this column on ZDNet. "What we need is a one-stop, collective defense entity for open source--one that is well-capitalized and vendor neutral; one with funding primarily from enterprise users, rather than vendors with their conflicted interests; and one involved with most of the existing open-source legal defense efforts, so that it can handle cases economically and with the greatest possible expertise."
Open Source And Viruses
Santeri Kannisto, Managing Director of SOT Finnish Software Engineering Ltd. has written an editorial on Open Source and the War on Viruses. "Open Source software, such as GNU/Linux, has remained remarkably free from the viruses which have plagued closed source software. It has been claimed by closed source advocates that viruses targeting GNU/Linux will begin to appear as Open Source software gains in popularity. However, the lack of viruses threatening GNU/Linux must also be understood as a result of the Open Source business model. It is this factor that leads us to expect that GNU/Linux will continue to be largely virus-free in the future." Click below for full text.
Greedy hackers can hog Wi-Fi bandwidth (New Scientist)
The New Scientist has discovered that free software systems can make certain types of wireless bandwidth policies harder to enforce. "This type of hack became possible when a new generation of Wi-Fi access cards hit the market in 2003. The cards run the MAC protocol in software, rather than hardware. This makes it easy to change when using a Linux computer, on which all the code is openly available. For example, one line of the MAC protocol randomly assigns each hotspot user a rate for data transfer. The rates are constantly re-assigned so that on average each user receives data at the same rate. But by changing that line of the MAC protocol, a hacker can fix his rate at a high value, and siphon off most or all of the bandwidth."
The SCO Problem
Pipe Dream or Problem? (StarBanner)
The (Ocala) Star Banner is running a New York Times article on the hazards of PIPE investments. "Mr. Goldfarb's fund, BayStar, invested last October in a private placement of convertible preferred stock in the SCO Group, a technology company. A few months later, BayStar demanded its money back in a dispute over how SCO's management was handling litigation related to its interest in the Unix operating system. SCO's stock has fallen 75 percent since BayStar's investment, although Mr. Goldfarb said his loss was much smaller. 'This is a lesson in why a smart investor would hedge their Pipe investment,' he said." There has been a lot of speculation that BayStar had hedged its SCO position (and thus not lost all the money it appears to have lost); this quote would appear to confirm it.
First Report from the SCO v. IBM Hearing (Groklaw)
There was a hearing today in SCO v. IBM on SCO's motions to split the trial in two and to further delay the schedule. Groklaw has a preliminary report on what happened. "Judge Kimball took both [motions] under advisement. He acknowledged the importance of both this ruling and the ruling from the Novell hearing (which he recognized he had not ruled on yet), and said that he would try to 'get a ruling out within a few days.'"
Judge Wells Denies SCO's Motion For Protective Order (Groklaw)
Groklaw reports that SCO has lost a small battle in the IBM case: a last-minute request to delay some depositions. "Court hears arguments and DENIES the motion due to lateness of the objection and inconvenience to the parties scheduled for deposition."
Companies
The Open Sourcing of Ingres (IT-Director)
IT-Director is running a Robin Bloor column on the open-sourcing of Ingres by Computer Associates. "CA is also partnering with Zope, a popular Open Source content management solution. In effect this provides the world with an Ingres-based Open Source content management offering. On top of this CA is partnering with Plone (an Open Source Document Management solution) to provide an Ingres-based document management solution. The picture that is emerging then, is not of CA simply throwing Ingres into the Open Source pool, but using Ingres to assist mature and well respected Open Source initiatives, that could happily make use of an industrial strength database."
Open Source Risk Management Grabs Attention for Its Linux Insurance (Local Tech Wire)
Local Tech Wire takes a look at the company Open Source Risk Management. "The company hired Pamela Jones, a para-legal who started a site called Groklaw, which Linux creator Linus Torvalds called an "open source approach to law." The site enlisted the aid of hundreds of volunteers to help research Linux legal issues. Some of those volunteers include people who contributed to Unix development, Jones has said. Salon notes that some have called Jones "the maintainer of the Linux anti-lawsuit kernel." OSRM also recently appointed Linux pioneer Bruce Perens to its board."
Business
The gift economy and free software (NewsForge)
This lengthy NewsForge editorial looks at the economics of developing free software. "It's not necessarily the development philosophy that scares [big proprietary software corporations] so much as it is the erroneous idea that Free Software must be free of charge as well as free as in rights, and therefore there are no benefits for the creators and maintainers of the software. This is, as modern philosophers often say, "old thinking." It's a form of outdated reasoning from the Industrial Age."
Linux Adoption
Linux In Government: Interoperability (Linux Journal)
Linux Journal covers some Linux in Government success stories. "An outgrowth of the Massachusetts Open Source Initiative, GOCC started with seven states and four municipalities that will contribute and download open-source software designed by government agencies for their use. The repository consists of a LAMP environment. It includes MySQL, Z Object Publishing Environment application server, Apache Web server, OpenLDAP and Debian."
Linux is inching into college curricula (NewsForge)
NewsForge looks at open source use in American colleges and universities. "While it may be not soaking in as deeply at Ivy League or Pac-10 institutions, Linux and open source are a growing part of the curriculum at Marist College in New York. The 4,800-student school, with more than a decade of Linux leanings thanks primarily to the interest of school president Dennis Murray, has partnered with IBM, the Library of Congress, and most recently, Open Source Development Labs."
Legal
Lindows Wins One in the Netherlands (Groklaw)
Groklaw notes that Lindows has won a round in the Netherlands courts. "I thought you might enjoy reading the ruling from the Netherlands, in which Microsoft is told to pay Lindows the costs of their latest legal scuffle and Lindows is told it need not stop using its corporate name. There is an email to Bill Gates and Steve Ballmer from Lindows CEO Michael Robertson, in which he tells them he doesn't want the court costs. He just wants to be left alone so he can grow his business..."
Interviews
Nat Friedman on Novell's Linux Strategy (Open for Business)
Open for Business talks with Nat Friedman, VP of Novell's Linux Technologies Group. "One thing that has caused endless debate on the part of both users and pundits is exactly what Novell is up to purchasing the two companies that are the best known backers of the rival GNOME and KDE desktops, Ximian and SUSE, respectively. Many have wondered if perhaps Novell had second thoughts about GNOME after buying Ximian and thus moved on to SuSE to remedy the situation. Friedman does not see the conflicting desktop alliances as an issue. "Enterprises don't care about GNOME and KDE. They care about having a desktop environment that's stable, low-cost to administer, secure, interoperable with their existing network services, and flexible," he told OfB."
Inside Mitch Kapor's World (O'Reilly)
O'Reilly's ONLamp.com site features an interview with Mitch Kapor, where he discusses OSAF, the Chandler project, and more. "I was trying to figure out what to do next, I'd been accumulating ideas for productivity tools software people could use every day, particularly to help organize their lives. I'd acutely felt the lack of a product that I really loved, but there was a tremendous lack of commercial opportunity to start software ventures around these ideas, given the industry's structure, and I did a lot of thinking about how things might be put together, learned a lot about open source, made a pilgrimage to go see Linus, and tried to educate myself."
Resources
Music Education With Linux Sound Tools (Linux Journal)
Dave Phillips writes about the tools he uses in this Linux Journal article. "I'm frequently asked to figure out a difficult passage from music that has no available tab. If the part is on a CD track I can use Mike Oliphant's GRip software to grab the needed track and convert it to WAV. Then I can load the WAV file into the Snd soundfile editor and use its realtime time-stretching and looping capabilities to help me through the tough passage. With Snd I can quickly excise only the section I want from the WAV, slow down the section without changing its pitch (using the Expand control), and then loop-play the slowed part until I learn it."
Linux gets trial 'NX' security support (News.com)
News.com covers security technology designed to curtail the spread of viruses. "NX support is important enough that it's worth risking problems with some applications, Torvalds said. "I think most people have seen the security disaster that causes most of the e-mails on the Net to be spam. So this should be trivial to explain to people when they complain about default behavior breaking their strange legacy app," Torvalds argued." (The NX patch was also covered in last week's Kernel Page).
Trying to locate Linux muscle for your computer at home (Oakland Tribune)
The Oakland Tribune takes a quick look at some places to buy a home PC with Linux installed. "Linux computers are often grouped in the Business or Workstations area of manufacturer Web sites. Even if a company does not offer Linux installed on its hardware, many will specify which models are capable of running the system, should you decide to install it yourself. Yet IBM, for instance, sells Linux on some of its high-end workstations."
Reviews
Writing Ant Tasks (O'ReillyNet)
O'ReillyNet looks at Ant. "A nice feature of Ant is that it is designed to allow you to add your own tasks and use them in an build. This article shows you the basics of writing an Ant task and how to get a task to work."
EIOffice: The good, the bad, and the ugly (NewsForge)
NewsForge reviews the (proprietary) EIOffice suite. "The persistence of links between EIOffice applications is not just better than OpenOffice, it is far more flexible and robust than what you get with Microsoft Office. This brings a new level of power to both Linux and Windows users."
Gaim's Ground in a Closed IM World (InternetNews)
Internet News looks at the instant messenger client Gaim. "AOL's policy is similar to MSN's: friendly, but not entirely welcoming. "Our policy has always been to protect our networks from those hacking into them and nothing has changed on that front," AOL AIM spokesperson Krista Thomas told internetnews.com. "Tools like GAIM are in clear violation of our terms of service and our copyrights.""
Quick Review & Introduction to Gnome-PPP (OSNews)
OSNews has published a quick review of Gnome-PPP. "Here's a kind of an application that is sorely missing from a stock Gnome installation and not many Gnome users know about: Gnome-PPP, a front-end to the wvDial, a modem/ISDN dial-up software. Read more for some quick info on the app and a screenshot."
Web Testing with HTTP::Recorder (O'Reilly)
Linda Julien reviews HTTP::Recorder on O'Reilly's Perl.com. "HTTP::Recorder is a browser-independent recorder that records interactions with web sites and produces scripts for automated playback. Recorder produces WWW::Mechanize scripts by default (see WWW::Mechanize by Andy Lester), but provides functionality to use your own custom logger."
Miscellaneous
Testing the Linux waters - Part 1 (VNUNet.com)
Vnunet suggests that new users try out Linux using a live CD. "For many potential Linux converts a hard disk install is too much of an investment. In response to this problem, there are now several 'live' distributions that can be run directly from CD."
Testing the Linux waters - Part 2 (vnunet)
Vnunet continues looking at live Linux distributions, comparing Knoppix, Gnoppix, Morphix, MandrakeMove, SuSE Live, Mepis, Linspire Live, LNX-BBC, and Feather Linux. "If you're new to Linux and considering a live distribution as an introduction without commitment, a handful of options stand out. Unsurprisingly it's the bigger distributions that offer the fewest surprises: SuSE Live, MandrakeMove and Linspire Live offer the friendliest interfaces as well as a good mix of tools."
Arriva lo scrutinio elettronico (Repubblica)
La Repubblica has an article (in Italian) on the use of electronic voting machines in the EU parliamentary elections. Editor's translation: "The software charged with tallying the results, already used in a recent test in Sardinia, is open source. 'We're not talking about a judgment on the superiority of free software over proprietary,' noted the minister [Lucio Stanca, minister for innovation and technology]. 'It's a question of transparency: with open source any political group will be able to exercise its right to know the criteria by which the program was written.'"
Page editor: Forrest Cook
Announcements
Non-Commercial announcements
GIMP needs funding for GIMPCon June 2004
The GIMP developers have requested sponsorship help so that they may attend the GIMPcon portion of the GUADEC conference. "Our goal is to have all the active GIMP and GEGL developers present at GIMPCon 2004 in order to chart a course for the GIMP for the next year and beyond. Having completely revamped its user interface in the most recent release, version 2.0.0, the plan is now to set the GIMP on track for a new rendering engine (GEGL <http://www.gegl.org>) that will allow arbitrary colour depths and spaces."
Bill Weinberg joins OSDL
William Weinberg has joined the Open Source Development Labs as an Open Source Architecture Specialist, a newly-created position. Weinberg will work with Lab members, Linux users, press and analysts as an evangelist for Linux and OSDL programs.
Commercial announcements
Astaro Security Labs earns ICSA Certification
Astaro has announced the ICSA certification of its Astaro Security Linux Version 5 distribution. "Astaro Corp., developers of the most popular Open Source based all-in-one security product, today announced that its flagship network security application, Astaro Security Linux Version 5, has fulfilled the criteria and passed the 4.0 test for ICSA Labs Firewall Product Certification."
Bull to Offer Services on Linux/UNIX-Desktop KDE
Bull Netherlands has announced that it will provide services and solutions around KDE. "As of today companies can have professional support from Bull when migrating to Linux systems with a KDE desktop. With this Bull proves that it can offer a credible alternative to commercial software independently from their software suppliers."
Lindows offers 'Desktop Comparison Kit'
Lindows, Inc. has announced the availability of a "Desktop Linux Comparison Kit," being a single boxed set containing Linspire 4.5, Fedora Core 2, and Mandrakelinux 10.0 Community Edition. "Businesses, educational institutions and computer enthusiasts will find this Kit valuable in determining the best solution for their needs. Besides 4 gigabytes of software, a handy checklist is included to help evaluate the products on ease of installation and use, media playback, plug & play hardware device detection, virus checking and more." Past experience suggests that the checklist may not be the most objective work one could imagine (see also the choices of screenshots on "linuxshootout.com"), but it's hard to argue with a box containing the actual distributions.
O'Reilly to distribute Mandrakelinux
Mandrakesoft has sent out a press release stating that O'Reilly is now reselling Mandrakelinux in the US and Canada. Available products include Mandrakelinux Discovery 10.0 and Powerpack 10.0.
New Books
"An Introduction to GCC" published
A new book, An Introduction to GCC, is now available; it can be purchased from the usual places. The book covers the use of the compiler itself (for C and C++ in particular), rather than the languages. It is available for download under the Free Documentation License, but, if you buy it, the proceeds will go to support (unspecified) free software development and documentation efforts.New Perl and Bioinformatics book (use Perl)
Use Perl mentions a new Perl bioinformatics book. "Paul Barry writes "John Wiley & Sons Ltd. has just published my second book. Co-authored with Dr. Michael Moorhouse, Bioinformatics, Biocomputing and Perl is an introduction to bioinformatics computing skills and practice for the student (and graduate) of Biology programmes. Covers working with Perl, databases, the web and bioinformatics applications.""
"BSD Hacks" Released by O'Reilly
O'Reilly has published the book BSD Hacks by Dru Lavigne."Google: The Missing Manual" Released by O'Reilly
O'Reilly has published the book Google: The Missing Manual by Sarah Milstein and Rael Dornfest.New Book: The Linux TCP/IP Stack
Charles River Media has published the book The Linux TCP/IP Stack: Networking for Embedded Systems, a detailed guide to implementing and using the Linux TCP/IP stack in embedded systems projects by Thomas F. Herbert."Web Database Applications with PHP and MySQL, 2nd Ed." Released by O'Reilly
O'Reilly has published the second edition of the book Web Database Applications with PHP and MySQL by Hugh E. Williams and David Lane.Syngress Updates "Snort 2.1 Intrusion Detection"
Syngress has published the book Snort 2.1 Intrusion Detection by Brian Caswell and Jay Beale.
Resources
FSF Europe newsletter
The Free Software Foundation Europe has sent out the first issue of its new newsletter. This issue takes brief looks at software patents, AGNULA, an oppressive Italian "anti-piracy" law, and more.Linux Australia Testimony on US Trade Agreement
Rusty Russell has posted his testimony about Linux to the Senate Select Committee on Free Trade. "On Monday the 17th of May, I (Rusty Russell) was invited to appear before the Senate Select Committee on the Free Trade Agreement between Australia and the United States, to answer questions on the Linux Australia submission. Based on the Hansard (the official record of what was said), and the figures I presented, we have produced this page which serves as an introduction to the issue."
The LDP Weekly News
The June 2, 2004 edition of the Linux Documentation Project Weekly News is available with all of the latest new documentation.Linux Gazette June 2004
The June issue of Linux Gazette is out. This issue looks at how Linux is Changing the Face of Education in Africa, with a Bare-Bones Guide to Firewalls, and Firewalling with netfilter/iptables, plus more articles and features.
Upcoming Events
Boston/USENIX
Click below to see some of the sessions on this year's Linux/Open Source track at USENIX Annual Technical Conference from June 27 - July 2, 2004.Experts Debate Security Risks of Operating System Monoculture
USENIX 2004 will feature a debate about the security implications of an operating system monoculture, according to this announcement. "The Advanced Computing Systems Association, announced today that Verdasys Chief Scientist Dan Geer, co-author of "CyberInsecurity: The Cost of Monopoly," and Microsoft's Chief Trustworthy Computing Strategist, Scott Charney, will debate the security implications of an operating system monoculture at the USENIX Annual Technical Conference, June 27 - July 2, in Boston."
YAPC::AU (OSDC) Call for Papers out! (use Perl)
A call for papers has been announced for the YAPC::AU Perl conference."The Melbourne Perl Mongers group is holding Australia's first Open Source Developers's Conference (YAPC::AU by another name) during the 1st - 3rd December 2004."
Events: June 10 - August 5, 2004
| Date | Event | Location |
|---|---|---|
| June 10, 2004 | OMG Information Day | (The New Connaught Rooms)London, England |
| June 10 - 12, 2004 | Wizards of OS 3 | (Berlin Congress Center)Berlin, Germany |
| June 13, 2004 | 1st European Lisp and Scheme Workshop | Oslo, Norway |
| June 14 - 18, 2004 | 18th European Conference on Object-Oriented Programming(ECOOP-2004) | (The University of Oslo)Oslo, Norway |
| June 16 - 18, 2004 | Yet Another Perl Conference(YAPC::NA::2004) | (University at Buffalo)Buffalo, NY |
| June 27 - July 2, 2004 | USENIX 2004 | (Boston Marriott Coppley Place)Boston, MA |
| June 28 - 30, 2004 | GNOME User and Developer European Conference(GUADEC) | Kristiansand, Norway |
| June 29 - July 1, 2004 | Perl Workshop 6.0 | (Barbara-Künkelin-Halle)Schorndorf, Germany |
| July 12 - 15, 2004 | Real-time and Embedded Systems Workshop | Washington, DC |
| July 19 - 20, 2004 | Italian Perl Workshop | (Polo Fibonacci)Pisa, Italy |
| July 21 - 24, 2004 | Linux Symposium | Ottawa, Canada |
| July 26 - 30, 2004 | O'Reilly Open Source Software Convention 2004(OSCON) | Portland, OR |
| July 26 - 30, 2004 | IBM pSeries Technical Conference | Cairns, Australia |
| July 31 - August 2, 2004 | Vancouver Python Workshop | Vancouver, Canada |
| August 2 - 5, 2004 | LinuxWorld Conference & Expo | (Moscone Center)San Francisco, California |
Mailing Lists
Perl Quiz-of-the-Week mailing list revived (use Perl)
Use Perl has announced the revival of the Perl Quiz of the Week mailing lists. "New quizzes have already been posted, and more are solicited from people like you."
Web Hypertext Application Technology Working Group Launches Mailing List (MozillaZine)
A new Web Hypertext Application mailing list has been announced. "Ian Hickson writes: 'Some of you may be interested to hear that people from Opera and Mozilla have set up an open mailing list for discussing Web Forms 2 and other new specs that have been discussed in various places over the last few months.' The list is the public forum of the newly-formed Web Hypertext Application Technology Working Group, an organisation made of contributors from several major Web browser development teams."
Web sites
art.gnome.org makes a comeback (GnomeDesktop)
The art.gnome.org site is back online, according to this announcement. "After being down for a long while after the server intrusion a basic version of the art.gnome.org site is back online. So once again you can get hold of your favourite themes and graphics for the worlds best and most free desktop."
The OSCON 2004 Wiki
The OSCON 2004 Wiki is online. The 2004 O'Reilly Open Source Convention will be held in Portland, Oregon on July 26-30, 2004.
Software announcements
This week's software announcements
Here are the software announcements, courtesy of Freshmeat.net. They are available in two formats:
- Sorted alphabetically,
- Sorted by license.
Page editor: Forrest Cook