[LWN Logo]
[LWN.net]

Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise news for all interests


Sections:
 Main page
 Security
 Kernel
 Distributions
 Development
 Commerce
 Linux in the news
 Announcements
 Back page

Other LWN stuff:
 Daily Updates
 Calendar
 Linux Stocks Page
 Book reviews
 Penguin Gallery

 Archives/search
 Use LWN headlines
 Advertise here
 Contact us

Recent features:
- RMS Interview
- 2001 Timeline
- O'Reilly Open Source Conference
- OLS 2001
- Gaël Duval
- Kernel Summit
- Singapore Linux Conference
- djbdns

Here is the permanent site for this page.

See also: last week's LWN.

Leading items and editorials


BT attempts to enforce its patent on linking. It must really be true that British Telecom is a foe of software patents. What else could explain its behavior, which is clearly intended to demonstrate just how ridiculous and destructive those patents are?

The company, remember, claims that an old patent (from 1976) covers the act of linking between pages on the web. As a result, says BT, anybody who makes such links without licensing the patent is guilty of infringement. There are, of course, a few people and companies here and there which are guilty of this nefarious deed, meaning that BT should have no shortage of possible legal targets.

One wonders, then, how Prodigy was chosen for the honor of being the first victim of BT's legal team? (That team, incidentally, is Kenyan & Kenyan, the same company that sent out the ":CueCat" letters for Digital Convergence. They seem to be making a determined effort to kick Canter and Siegal out of the Internet doghouse). Some legal eagle has presumably calculated that Prodigy has the proper combination of deep pockets and shallow legal coverage. A good result from the first case would certainly help BT in its task of shaking down the rest of the American Internet industry. BT must be hoping for a quick settlement.

One can only hope that Prodigy stands its ground. BT will have a very hard time winning this case on its merits, for a couple of reasons.

The first reason is that, of course, there is a certain amount of prior art out there. The patent was filed early - 1976 - so many of the technologies we are familiar with now do not apply. But the patent is predated by Ted Nelson's Xanadu work, the pioneering efforts of Doug Englebart, and, of course, Vannevar Bush's amazing As We May Think, which was published in 1945. In the light of that work, BT's patent looks decidedly unoriginal.

There is also the little difficulty of proving that anybody is actually infringing on the patent, even if it is held to be valid. There are a couple of independent problems here:

  • The patent involves the use of a dumb "remote terminal." Modern computers used to access the web do not really fit the description of a "remote terminal" as used in the patent.

  • Patents written in a "client/server" mode, as it turns out, are hard to enforce. An ISP like Prodigy is really only supplying the server side of the mechanism described in the patent; the client ("remote terminal") side is provided by the user. It is difficult to say who, if anybody, is really infringing on the patent, since nobody is implementing the full system described in the claims.

(The above is lifted from Greg Aharonian's PATNEWS newsletter, which covers the topic in detail. See the Internet Patent News Service page for more information on PATNEWS).

So BT is not going to have a easy time prosecuting this patent. With luck, however, the company will, in failure, succeed in convincing a wider group of people that software patents are a bad idea.

(See also: Don Marti's open letter to the CEO of Prodigy, Rick Collette's petition to British Telecom asking the company to back off, and news articles in The Register and News.com).

The LWN.net 2000 annual timeline. Our long-time readers will know that we have made a bit of a tradition out of our annual, year-end timeline. We're happy to announce that the initial version of our LWN.net 2000 timeline is now available. Check it out for a summary of the major events in the Linux community over the last year. As always, it has been an interesting ride.

For the curious, here are the timelines for 1999 and 1998.

When Linux companies go bad. What happened to Corel? Earlier this week C|Net's News.com reported that Corel was considering a sale of its Linux business to a venture capital group known as Linux Global Partners (LGP). While C|Net reported possible transactions, the National Post was a bit more firm: "Software maker Corel Corp. has agreed to sell its Linux line of products to a New York-based venture capital firm in a transaction that will close in January, sources close to the deal said [on December 15th]." The news wasn't the first report of Corel's fall from the Linux hierarchy - see ZDNet's report from November - and it probably won't be the last. With all the speculation circulating, what does Corel have to say? "We have no further comment on this issue."

Assuming the sale is a done deal, what does this say about Corel and, more importantly, about Linux distributors? Is this a trend for commercial Linux distributors? Hardly. Red Hat is more robust now than ever, having handily beaten analysts' 3rd quarter earnings estimates. And TurboLinux had a stellar year, garnering over $80 million in investments.

So the problem is essentially limited to Corel. Why? What happened? By May of 1999, Corel's WordPerfect had generated over a million downloads to beta users. Overall, Corel estimates they have 22 million WordPerfect users worldwide (all platforms). Quite a start to their entrance into the Linux business world. Later, the Debian-based Corel Linux distribution hit the streets to much fanfare. In early 2000, Corel announced their intention to port their popular graphics application Corel DRAW! to Linux, eventually releasing it to beta along with a free version Corel's PHOTO-PAINT. The future looked bright for desktop applications on Linux.

But then things got ugly. Earlier this year, Corel tried to acquire tools vendor Borland Software Corp. to extend its Linux offerings, but the deal fell through after Borland uncovered Corel's poor financial condition and Corel's stock price fell. This past summer, Corel cut 21% of its staff (320 employees). CEO Michael Cowpland resigned in August, starting speculation that the Linux emphasis at Corel might not extend much past Cowpland's reign.

In the November ZDNet article, CEO Derek Burney claimed Corel was refocusing, not relinquishing, its Linux business. Linux now is one of Corel's four business operations - the others are graphics software, business applications and new ventures. However, Corel's Linux operating system, and a Linux version of WordPerfect, generate only about 10 percent of Corel's revenue, which was $36.4 million in the quarter ended August 31. This is hardly the sort of income necessary to maintain the development staff necessary for expanded Linux support and still meet the needs of existing Windows customers.

Corel made several mistakes on the road to profitability with Linux:

  • They wasted time on a Corel branded distribution. They could easily have picked up one of the myriad of other distributions available (see the Distributions page for a long list of possibilities).
  • They required software sales to be their primary form of revenue for Linux products, while all other Linux software companies are mixing software sales with support and other services.
  • They relied too heavily on WINE and didn't consider how that one library could be such a limiting factor to overall product viability. Native ports are less prone to such limitations across an extended product line.
  • They focused on a non-existent desktop market for Linux.
Essentially, they jumped the gun in the desktop race - and they ran in high heels. They looked nice, but it was a painful run.

Corel wasn't completely dead just yet, though. In October, Microsoft invested $135 million in the company to work on .Net services, which Corel initially viewed as not including Linux. According to Burney, who spoke to ZDNet at Comdex: "we didn't understand that an operating system could be constituted as a set of .Net services," Burney explained. This is a realization that Corel has arrived at as it has explored .Net technologies under nondisclosure agreements with Microsoft, he said. In theory, at least, this would mean that a client accessing .Net back-end services wouldn't have to run Windows, Burney said. The investment gave Microsoft a 25% stake in the company.

But that wouldn't be enough to sustain the Linux effort. After Cowpland's departure, it became obvious something had to be done. In an interview with InfoWorld in November, Burney stated "To be successful in the Linux market, you need a wider product offering. There's got to be some kind of acquisition," he said. "It could go either way... there are no sacred cows." The sale was just a matter of time.

The choice of LGP isn't necessarily a bad one. LGP has an investment portfolio of key Linux companies including Helix Code, CodeWeavers, GNU Cash and Metro-Link. The sale price of $5 million in cash is in line with the $6.2 million Corel's Linux business pulled during its current fiscal calendar. The sale might just be a good thing, if LGP manages to find the right management team to run their newly purchased entity.

What is Linux? That may seem like a strange question from a publication like this; it's thus, perhaps, even stranger that it comes from Jon 'maddog' Hall. One would expect that the Executive Director of Linux International and the Director of Linux Evangelism for VA Linux Systems would have an answer...

It starts with an amusing quote from Sun CEO Scott McNealy, quoted in this ZDNet article:

You people just don't get it, do you? All Linux applications run on Solaris, which is our implementation of Linux.

Some people were annoyed by this statement, though most were simply amused. Or even flattered...after all, it's not that long ago that Sun would have taken pretty strong offense at the notion that Solaris is an implementation of Linux.

This is where maddog Hall comes in. In a rare appearance on the linux-kernel list, he points out that nobody has really defined what "Linux" is.

At least, nobody has made that definition in a way that is widely accepted. The Free Software Foundation is happy to define Linux as being just the kernel - the systems we actually use are, instead, "GNU" systems. This claim is, needless to say, controversial. But if Linux is just the kernel, what about RTLinux (a real-time version), mkLinux (a microkernel variant), the S/390 kernel (running on a virtual machine), and so on? The Linux kernel is an amorphous thing.

Increasingly, "Linux" means the binary interface that runs a certain class of applications. Vendors like Sun have been making an effort to implement that API - it was a very quick switch from "Linux has no applications" to "we run Linux applications." Quoting from Mr. Hall:

If it is true that "all Linux applications work on top of Solaris", what standard prevents them from calling Solaris just another implementation of Linux? And should it?

He suggests that the Linux Standard Base may be the right body to set a standard for what is called "Linux." The LSB, perhaps, really needs to deal with the tasks it has now before taking on new ones. But the question is worth asking: what, exactly, is Linux? And correspondingly, what is not Linux? How much do we want to be flexible and where will flexibility lead us astray? Can a proprietary operating system ever be considered "an implementation of Linux", when Linux has always been "Free"? There is a lot to ponder.

Michael Hammel officially joins the LWN Team. Many of you may have already noticed a different name on a response to an enquiry, comment or suggestion sent to LWN in the last couple of months. Michael Hammel actually joined our team in September, much to the joy and relief of the rest of our team members. The volume of news, development and general information about the Linux community has only continued to grow, as we're sure all of you have noticed. Michael's addition to the staff was therefore both a necessity and an opportunity of which we plan to take advantage.

Many of you already know Michael, either through his website, Graphics Muse, his book "The Artists' Guide to the Gimp", his articles for Linux Magazine, Linux Answers and Linux Journal, his talks at a variety of conferences or through his work as Chairman and co-founder of the Colorado Linux Info Quest conference (coming up again March 30th, 2001!). You'll now also meet him within the LWN halls as well, as primary editor of the LWN Daily Page and much more. Please join us in officially welcoming Michael to the LWN team.

Inside this week's Linux Weekly News:

  • Security: /tmp discussed again, a plague of Zope security hotfixes, GnuPG, JPilot and more.
  • Kernel: The Linux Quality Database project; the public nature of linux-kernel.
  • Distributions: Distribution year in review, state of the Woody, Red Hat does IA-64, and Caldera sponsors Samba
  • Development: Debian Jr packages, LyX GUIs, XFree86 4.0.2, SpaceChart 3D
  • Commerce: Embedded Linux training, Red Hat's financial results, Linux is hard at work.
  • Back page: Linux links, this week in Linux history, and letters to the editor
...plus the usual array of reports, updates, and announcements.

This Week's LWN was brought to you by:


December 21, 2000

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 Development
 Commerce
 Linux in the news
 Announcements
 Back page

See also: last week's Security page.

Security


News and Editorials

The inherent problems in /tmp. A topic of much discussion on BugTraq this week was the security problems inherent in the use of a /tmp directory. It was pointed out, arguably enough, that the entire /tmp model is in direct conflict with the overall Unix model of security. Unix was developed as a time-sharing system, thus it was also designed to protect one user from the actions of another.

Into this model was introduced /tmp, a shared directory to which anyone had write privileges and the ability to delete files created by other users. Why? Looking back from a historical angle, one might first guess that it was introduced due to limited resources, in order to share space more efficiently. On the other hand, Unix filesystems already do this quite efficiently. There is no advantage from a space perspective from having a shared /tmp directory as opposed to a /tmp/$user directory hierarchy. The same rules about file deletion could be applied to this type of space; as a systems administrator, this editor managed many "temporary disks", large amounts of shared space with a limited life-span for the files on the disk. These disks were not managed as world-writable directories; instead, they contained subdirectories for each user.

Cudgeling the memory cells as to when and why /tmp was used, its earliest advantages all amounted to programmatic convenience. It was easier to scrub a single directory than a directory hierarchy. It was easier for a programmer to know the name of a directory to which temporary files could be written and to assume that such files would be automatically deleted, rather than manage the deletion directly. Files written to /tmp didn't clutter up a user's home directory, didn't count against the normal disk quotas. In general, simple checks to make sure sufficient space existed on the disk before writing were skipped as well. As best as we can remember, /tmp is simply a programmatic convenience.

Of course, /tmp was also adopted during an era of extreme trust, so the security issues were simply not considered to be as important as making sure that people could work easily and conveniently while efficiently sharing resources.

The first rule of thumb in a /tmp-related vulnerability is that the programmer is at fault. This is correct; an application that uses a temporary file in a world-writable directory has a responsibility to do so securely. Nonetheless, the use of world-writable directories will continue to be a source of new vulnerability reports. Any distribution that prides itself on security would be wise to implement, by default, a system with user-specific temporary file storage, either under $HOME or elsewhere. Of course, the first one to try will be the one to find all the applications that ignore the TMPDIR environment variable and have "/tmp" hard-wired into the application. It would not be an easy or simple transition.

All of this is theoretical, of course. What is not theoretical right now is the need for all programmers to fix sloppy programming habits in the way they use /tmp. Kris Kennaway posted a nice, concise message which should serve as a good rule of thumb for how to deal with /tmp, leaving us with applications that will work whether a system uses a shared /tmp directory or some safer alternative.

December CRYPTO-GRAM newsletter. Bruce Schneier's CRYPTO-GRAM newsletter for December is out. It covers, of course, electronic voting, along with a look at IBM's new crypto algorithm and digital safe deposit boxes. The newsletter is also available on Bruce's site.

Slackware Linux announces OpenSSL cryptography libraries. Slackware Linux announced the addition of the OpenSSL cryptography libraries and the OpenSSH suite of network connectivity tools. Users of Slackware 7.1 and -current can download these packages from Slackware's current developmental tree.

eCrime, Law and You (ZDNet). The Wall Street Journal's Keith Johnson takes a look at The HoneyNet Project in his article eCrime, Law and You. Honeypots are baited traps for hackers. In this case, the honeypots are used primarily as learning tools, with a "know your enemy" concept.

"To be sure, Spitzner's HoneyNet Project -- which includes some 30 security professionals, programmers and psychologists, all working on the project in their spare time -- isn't the first time honeypots have been used to gather intelligence on the Internet underground. ...

But unlike previous honeypots, which were baited with known vulnerabilities designed to mimic various computers, Spitzner's team puts unmodified production systems online -- networks with the same specifications, operating systems and security as those used by many companies. And this project isn't a hush-hush, internal corporate operation like previous honeypots: Spitzner posts all of his findings on the Internet for the security community to see at project.honeynet.org".

Kaspersky Lab 'year end' review. Kaspersky Lab has published a anti-virus year in review document. It's mostly Windows-oriented, of course, but there is a brief section on Linux. "Despite the fact that some species are able to replicate and work independently, no Linux virus has ever been detected 'in-the-wild.' Kaspersky Lab experts assume that this is because the Linux desktop standard is not as popular as its competitors." ...or, perhaps, it's the fact that it takes a little more than a bogus email attachment in the Linux environment...?

Security Reports

GnuPG web of trust circumvention. A couple of security problems with GnuPG were discussed on the gnupg development mailing list recently. The first problem deals with web of trust circumvention, made possible because private/secret keys will be imported from public key servers along with private keys, without user intervention. The same problem can occur via the "--import" option.

As a result, a new "--allow-secret-key-import" option has been added to GnuPG and a security patch against GnuPG 1.0.4 has been released.

Note, we compliment Red Hat on their advisory on this topic, which provided excellent references for tracking down the original source material for these vulnerabilities.

This week's updates:

Zope local role and DTML editing vulnerabilities. It has been a busy week for the Zope team. Two more security hotfixes were released this week, one for a problem with the processing of local roles and the other a problem where users with DTML editing privileges can manipulate the raw data of an object for which they have no privileges.

These two vulnerabilities following quickly on the report of a Zope legacy vulnerability last week. Zope 2.2.5 should be released in the near future, including all the recent security hot fixes.

This week's updates:

JPilot directory permissions problem. JPilot is a desktop organizer for the PalmPilot that allows information from a PalmPilot to be sync'd to the disk of a Unix or Linux system. A directory permissions problem was reported in JPilot by Weston Pawlowski. By default, JPilot uses the default umask on its ".jpilot" subdirectory and files. As a result, private information, including possibly passwords, may be readable and/or writable. An easy workaround is to change the default permissions on the ".jpilot" directory. Check BugTraq ID 2136 for more details.

nano tmplink vulnerability. Nano is a free pico clone. Not too surprisingly, it has also been found to be vulnerable to the same tmplink problem originally reported in the joe editor in November. Check BugTraq ID 2135 for more details.

This week's updates:

stunnel local arbitrary command execution. stunnel is an SSL encryption wrapper designed to be used with Internet daemons such as POP and IMAP, to prevent cleartext passwords from passing across the network. Insecurely-structured calls to syslog can be exploited by a remote attacker to gain local access, potentially as root. The release of stunnel 3.9 fixed this problem, as well as others. For more details, check BugTraq ID 2128.

This week's updates:

BSD ftpd single byte buffer overflow. The ftpd daemon provided with NetBSD and OpenBSD was found to be vulnerable to a one byte overflow, which can be exploited remotely to gain root access. Note that this vulnerability is being actively exploited. FreeBSD and Linux systems are not vulnerable. The anonymous ftp service must be enabled and a writable directory provided for the exploit to work. OpenBSD has released a patch and the NetBSD CVS source tree is reported to have been fixed. Check BugTraq ID 2124 for more details.

  • Trustix, not vulnerable, but new BSD ftpd packages provided anyway
  • OpenBSD
  • Trustix, BSD ftpd packages updated due to a typo in the original patch

Multiple vulnerabilities in FreeBSD procfs. FreeBSD issued an advisory warning of multiple vulnerabilities in procfs which can be exploited locally to gain root, to hang the system or to bypass restrictions on the super-user account. Workarounds and patches are made available. Note that they mark this vulnerability as not specific to FreeBSD. Presumably Linux systems are not impacted, but other BSD systems may be. For more details, check BugTraq IDs 2131 and 2132.

Another potential buffer overflow in bftpd. bftpd 1.0.13 was announced last week to address multiple vulnerabilities, including multiple buffer overflows. This week, an additional potential buffer overflow was reported by Christophe Bailleux. Perhaps as a result, bftpd 1.0.14 was released this week, with a note that security has been improved yet again.

expect buffer overflow. Expect is a nice tool for automating interactive applications. This week, a buffer overflow in expect was reported. Any script written with expect can be exploited. Of course, only setuid/setgid scripts will subsequently yield an increase in privileges. No information on a fix for this problem has been reported yet.

itetris local root vulnerability. An exploit has been published that can reportedly be used to gain local root access via a 'system' call whose input is not thoroughly checked. No confirmation, patch or fix for this has been posted yet; you may wish to disable itetris on your system until one is made available.

ProFTPD memory leak. A potential memory leak in ProFTPD was reported this week which could be exploited to cause a denial-of-service attack via the use of the SIZE command. Sample code to demonstrate the problem has been posted. The developers have been informed, but have not yet been able to recreate the symptoms.

cgi-bin scripts. The following cgi-bin scripts were reported to contain vulnerabilities:

  • AHG EZshopper, a perl-based e-commerce package, can be manipulated to read any file under the webserver's root directory. Here is this week's NSFocus advisory. Also note, however, that this is an old, unfixed bug. Check BugTraq ID 2109 for more details.

  • Subscribe-Me Lite, a non-commercial mailing list manager, contains a vulnerability that can be exploited to arbitrarily delete subscribers from the mailing list using the administration panel. The original note to BugTraq indicates that the author has been notified and appropriate changes made. Check the cgiscriptcenter product page for update information.

  • simpleguest.cgi contains a vulnerability that can be exploited to execute arbitrary code under the identity of the webserver. An exploit has been made available. No reference to these problems was found on the homepage.

Commercial products. The following commercial products were reported to contain vulnerabilities:

  • Cisco Catalyst switches contain an ssh protocol mismatch that can be exploited to cause a denial-of-service vulnerability. Catalyst software release 6.1(1c) fixes the problem.

  • Watchguard SOHO Firewall had four different vulnerabilities reported this past week. All have been addressed as of the latest release of the software, version 2.2.1. For more information, check BugTraq IDs 2113, 2114 and 2119.

  • CoffeeCup FTP client contains weak password encryption, allowing server passwords to be compromised.

Updates

Secure Locate buffer overflow. Originally reported in the November 30th LWN Security Summary, the first distribution update for this problem came in this week from Debian.

This week's updates:

Zope security update. The Zope Legacy vulnerability was reported last week. All versions of Zope up through 2.2.4 could be exploited to allow anonymous users privileges inside the server. The application of the Zope Legacy hotfix is highly recommended.

This week's updates:

Previous updates:

DNS-based IRC server denial-of-service vulnerabilities. Check last week's Security Summary for the original report of denial-of-service vulnerabilities and more in multiple IRC clients, including BitchX 1.0c17-2 and earlier.

This week's updates:

Previous updates:

rp-pppoe denial-of-service vulnerability. Also first reported last week, Roaring Penguin Software's PPPoE client (a user-space PPP-over-ethernet client) contains a boundary condition exception that can be exploited to cause the connection to drop when a malformed TCP packet is received. rp-pppoe 2.5 has been released to fix the problem.

This week's updates:

Previous updates:

Oops buffer overflow. Check the December 14th LWN Security Summary for the original report. Version 1.5.1 has been released with a fix for this problem.

This week's updates:

ssldump format string vulnerability. Last week, we discussed a format string vulnerability in ssldump. This week, ssldump author Eric Rescorla responded, pointing out that the issue is not actually a format string vulnerability; it is "a pointer indirection problem resulting from a bug in the handling of sequence number wraparound". He is working on a fix for the problem and asked people to let him know of any other problems in ssldump that they find.

pam_localuser buffer overflow. A buffer overflow was reported in the pam_localuser module on December 7th.

This week's updates:

Previous updates:

ed symlink vulnerability. Originally reported on November 30th, Alan Cox noticed that GNU ed, a basic line editor, creates temporary files unsafely. The problem has subsequently been fixed in ed 0.2-18.1.

This week's updates:

Previous updates:

Netscape 4.75 buffer overflow. First spotted via this FreeBSD advisory and reported on November 9th, a buffer overflow in Netscape 4.75 enables a client-side exploit. Check the November 9th LWN Security Summary for our original report. Netscape 4.76, which was released on October 24th, fixes the problem.

This week's updates:

Previous updates:

tcsh symlink vulnerability. A /tmp symbolic link vulnerability was reported in tcsh on October 29th. Check BugTraq ID 1926 for more details.

This week's updates:

Previous updates:

klogd/sysklogd format string vulnerability. Check the September 21st LWN Security Summary for the original report of this problem. Note that the "new" advisory listed this week is actually quite old; we don't know what kept it from getting posted in September, when it was dated, but we have included it this week in order to give a round report on available updates for this problem.

This week's updates:

  • TurboLinux (dated September 28th, released via BugTraq December 20th)
Previous updates for this problem (all from last week):

Resources

sshmitm and webmitm. Dug Song released sshmitm and webmitm this week. These are tools for testing potential simple active monkey-in-the-middle attacks against SSH and HTTPS.

Events

Upcoming security events.
Date Event Location
December 20-21, 2000. The Third International Workshop on Information Security University of Wollongong, NSW, Australia.
December 27-29, 2000. Chaos Communication Congress Berlin, Germany.
February 7-8, 2001. Network and Distributed System Security Symposium San Diego, CA, USA.
February 13-15, 2001. PKC 2001 Cheju Island, Korea.

For additional security-related events, included training courses (which we don't list above) and events further in the future, check out Security Focus' calendar, one of the primary resources we use for building the above list. To submit an event directly to us, please send a plain-text message to lwn@lwn.net.

Section Editor: Liz Coolbaugh


December 21, 2000

LWN Resources
Security alerts archive

Secured Distributions:
Astaro Security
Castle
Engarde Secure Linux
Immunix
Kaladix Linux
NSA Security Enhanced
Openwall GNU/Linux
Trustix

Security Projects
Bastille
Linux Security Audit Project
Linux Security Module
OpenSSH

Security List Archives
Bugtraq Archive
Firewall Wizards Archive
ISN Archive

Distribution-specific links
Caldera Advisories
Conectiva Updates
Debian Alerts
Kondara Advisories
Esware Alerts
LinuxPPC Security Updates
Mandrake Updates
Red Hat Errata
SuSE Announcements
Turbolinux
Yellow Dog Errata

BSD-specific links
BSDi
FreeBSD
NetBSD
OpenBSD

Security mailing lists
Caldera
Cobalt
Conectiva
Debian
Esware
FreeBSD
Kondara
LASER5
Linux From Scratch
Linux-Mandrake
NetBSD
OpenBSD
Red Hat
Slackware
Stampede
SuSE
Trustix
turboLinux
Yellow Dog

Security Software Archives
munitions
ZedZ.net (formerly replay.com)

Miscellaneous Resources
CERT
CIAC
Comp Sec News Daily
Crypto-GRAM
LinuxLock.org
LinuxSecurity.com
Security Focus
SecurityPortal
   

Sections:
 Main page
 Security
 Kernel
 Distributions
 Development
 Commerce
 Linux in the news
 Announcements
 Back page

See also: last week's Kernel page.

Kernel development


The current development kernel release is 2.4.0-test12. The -test13 prepatch is up to 2.4.0-test13-pre3. In addition to the major makefile thrashup, it contains a large cleanup for shared memory handling and a number of other fixes.

Those who are interested in reasoning behind the makefile changes can take a quick look at this note from Linus which we fished out from among the extensive spam on the kbuild list.

Alan Cox has put out 2.4.0-test13-pre3ac2 which contains a number of pending fixes. It is, says Alan, "for the adventurous."

The current stable kernel release is 2.2.18. Work continues on 2.2.19, with the current prepatch being 2.2.19pre2. The bulk of the effort currently is oriented toward integrating Andrea Arcangeli's virtual memory work.

2.2.18 breaks the emu10k1 (SB Live!) driver, at least if it's compiled directly into the kernel. The fix, for those not wanting to wait for 2.2.19, is to apply this small patch.

The Linux Quality Database Project. Michael D. Crawford has announced a new bug tracking project for the Linux kernel. His plan is to put together a database-backed web site where users can report kernel bugs, search for bugs relating to their hardware, and track when and how things get fixed.

The idea certainly has merit. There is currently no formal mechanism for tracking kernel bugs other than the extensive database in Alan Cox's head (and the "TODO" lists that are kept at the end of development cycles). The "AC" database appears to be comprehensive, but access is difficult for most Linux users, and making backups has proved difficult. A development project as fundamental as the kernel really should have a better scheme for keeping track of things.

Of course, this sort of thing has been tried before. The real problem is not the development work in making the system function; that is relatively straightforward. But if the kernel developers do not actually make use of the resulting system, its database is worthless. Kernel hackers tend to be busy people, they are uninclined to spend time maintaining some database somewhere. Linus, in particular, has been unenthusiastic in the past.

So this project has some challenges in front of it. Success will require paying as much attention to the human side of the equation as to the technical side, if not more. If it works, the rewards will be worth it.

On the public nature of the linux-kernel list. The linux-kernel list has long been a place where people have said what they thought, without a great deal of concern over who might be watching. They do so, in fact, to the tune of about 200 messages per day. LWN includes messages from this list, but we have always made a point of passing over the more inflammatory stuff. After all, very little is accomplished by reproducing flamewars.

Increasingly, however, linux-kernel is being watched by people who have little real interest in the kernel itself. Journalists see the list as a way to tune into what's going on with Linux, and not all of them will resist the opportunity to engage in a little sensationalism.

Example: we would not have normally included Linus's opinion on Red Hat 7 here. Excerpts from that posting, however, showed up on Linuxgram as "Linus Savages Red Hat 7.0". There is little new to be said about the choice of compiler in that release (which LWN covered at the beginning of October); the only point was that Linus was speaking strongly, as is his way at times.

This particular episode doesn't mean much. The real point is that Linux kernel development, at least as it is expressed on linux-kernel, is an increasingly public process. The open nature of the process is a good thing, of course, but a spotlight that is too bright could prove to be worrisome. The development process will be hurt if developers no longer feel that they can speak freely to each other. It would be a shame if communications among the developers were to be repressed, or if it were to move to closed, invitation-only mailing lists.

(Those who are really interested in the Red Hat 7 discussion may want to look at the responses from Alan Cox and Jakub Jelinek).

Other patches and updates released this week include:

Section Editor: Jonathan Corbet


December 21, 2000

For other kernel news, see:

Other resources:

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 Development
 Commerce
 Linux in the news
 Announcements
 Back page

See also: last week's Distributions page.

Lists of Distributions
distrowatch
ibiblio
Kernelnotes
Linux.com
LinuxLinks
Woven Goods

Embedded Distributions:
3ilinux
Bifrost
Blue Cat Linux
BluePoint Embedded
Compact Linux
Coollinux
DSPLinux
ELinOS
ELKS
Embedded Debian
Embedix
Etlinux
FlightLinux
Hard Hat Linux
Jailbait
Linux/Coldfire
LEM
Midori
NeoLinux
OnCore Systems
PeeWeeLinux
RedBlue Linux
RedIce-Linux
Royal Linux
RTLinux
Tynux
uClinux
White Dwarf Linux

Handhelds/PDAs
Agenda-VR
Familiar (iPAQ)
Intimate (iPAQ)
Linux DA
PocketLinux
PsiLinux

Secured Distributions:
Astaro Security
Castle
Engarde Secure Linux
Immunix
Kaladix Linux
NSA Security Enhanced
Openwall GNU/Linux
Trustix

Special Purpose/Mini
2-Disk Xwindow System
Mindi Linux
SmoothWall

Floppy-based
Brutalware
BYLD
Coyote Linux
DLX
Fd Linux
Fli4l (Floppy ISDN/DSL)
floppyfw
Floppix
FREESCO
Linux in a Pillbox (LIAP)
Linux Router Project
LOAF
muLinux
Nuclinux
Proxyfloppy
ShareTheNet
Small Linux
Tomsrtbt
Viralinux_II

CD-based
BasicLinux
BBLCD Toolkit
CDLinux
Crash Recovery Kit
DemoLinux
Devil-Linux
Finnix
Gibraltar
innominate Bootable Business Card
Linuxcare Bootable Business Card
LNX-BBC
MkCDrec
RunOnCD
Sentry Firewall
SuperRescue
Timo's Rescue CD
Ututo
Virtual Linux

Zip disk-based
NBROK
ZipSlack

Small Disk
hal91
MicroLinux
--> Peanut Linux
PKLinux
Relax Linux
TA-Linux
Tomukas
ttylinux
VectorLinux

Wireless
Bambi Linux
Flying Linux

Hardware-specific
(ARM)
ARM Linux
(Beowulf)
Scyld Beowulf
(IBM)
Think Blue Linux
(Oracle's NIC)
NIC Linux
(PA-RISC)
PA-RISC Linux
(Playstation)
Runix
(PowerPC)
Black Lab Linux
LinuxPPC
MkLinux
Yellow Dog
(Sparc)
Splack
UltraLinux
(Older Intel)
ClarkConnect
Monkey Linux
TINY

DOS/Windows install
Armed Linux
DragonLinux
Phat Linux

Diskless Terminal
GNU/Linux TerminalServer for Schools
K12LTSP
LTSP
Pygmy
Xdenu

Distributions


Please note that security updates from the various distributions are covered in the security section.

News and Editorials

The Year in Review. It's my turn to work the Distributions page and, as with everyone who works a Weekly page here at LWN, I had to come up with some meaningful lead in to the week's summaries. At this time of year news comes slowly - except for Security which seems to never take a holiday. There was very little topical news for Linux distributions in general. So I thought "If nothing much happened this week, then how about the rest of the year?" Ah yes - the year in review. What better time to look back than the time when, well, I have nothing else to talk about.

The most common form of work avoidance for writers this year is to compile their top 10 lists: top 10 distributions, top 10 updates, top 10 reasons why I can use old Red Hat CDs as decorative coasters, etc. Since I think Top 10 lists are pretty mindless, I think instead I'll just peruse the just published LWN Timeline for distribution-related events of significance during the past 12 months.

The first event is actually a non-event - Linux distributions pass the Y2K bug test quite handily. Was there ever a doubt? While many smaller and less supported applications held on to the year 100 (versions of Elm for example), the kernel itself came through relatively unscathed.

In February Caldera launched its IPO. Very few Linux distributions have filed for IPOs yet - and in the current climate of Wall Street further filings seem doubtful for the near term. What started the year as a craze ended the year in a daze. But then what stock sector didn't? Linux stocks haven't died completely, but they will have to address the more mundane issues of revenue and, eventually, profit over the next year if they expect to regain any of the ground they lost this year.

TurboLinux made a fair amount of noise over the year. It first garnered a $50 million investment from companies such as Dell and Compaq, later adding Oracle to its list of prominent investors. It followed that investment with another $30 million round in October. A month after receiving the initial $50 million investment the company shipped TurboLinux 6.0. In May they announced, as did SuSE, planned support for big iron from IBM - the S/390 distributions. In August TurboLinux was selected by HP to be installed on some of that hardware companies IA-64 workstations and joined a host of other companies in opening the Oregon-based Open Source Development Lab. Finally, October found TurboLinux filing for its IPO minus original founders Cliff and Iris Miller who left to form Mountain View Data.

Embedded distributions were big news all year as the PC sector slid and the Internet device sector grew. Hard Hat Linux (MontaVista), BlueCat Linux (Lynx Real-Time) and White Dwarf Linux (EMJ Embedded Systems) all hit the streets in February. In May Debian joined the fray with the Embedded Debian Project. And Lineo released Embedix 3.0 in October.

Some of the other important distribution news this year included:

  • The launch of the Red Escolar Project in May. This project is destined to have a major impact in Mexico, aimed at providing usable systems for 5 year periods.
  • Dell's announcement that Red Hat would be its third "strategic, global operating system" along with Windows and NetWare. In itself this was a strong endorsement, but its also just the most visible of a long string of hardware vendors making Linux a pre-installed option.
  • IBM's slew of announcements in December, including the announcement of a $5 billion spending spree on Linux development. Big Blue Penguins - not as scary as they sound, actually.
While all of these were of major importance in the distribution arena this year, the growth of embedded distributions has to be the biggest news. The PC isn't dead, but that market's growth is slowing. Application specific devices - most importantly the handheld field - are where the action will be in the coming year.

Debian: State of the Woody. Anthony Towns has sent out a 'State of the Woody' posting describing where he thinks the next major Debian release stands. It is a good summary of what has been accomplished so far with this release, what problems remain (installation, mainly), and gives a time line for a stable release next June. Worth a read.

Red Hat. Red Hat had several announcements this week. The first was their announcement of the availability of the Beta version of Red Hat Linux for Itanium-based systems based on Red Hat 7.

Another announcement from the company pointed out that Red Hat had received several prestigious awards from leading industry publications and recognition at industry tradeshows in the year 2000.

Finally, Red Hat issued a bug fix advisory for gcc 2.96, which was shipped - amidst a slew of controversy - with the Red Hat 7 release. The bug fixes address various items, many of which appear related to g++ and cpp (the preprocessor).

Turbolinux Signs Linux ISP Deal with Chinese Ministry of Information Industries. Turbolinux announced it had signed a contract with the Huasong Company, an affiliate of the Chinese Ministry of Information Industries (MII), to provide Turbolinux solutions for the ministry's Internet infrastructure and telecommuncation centers in as many as 500 cities across China.

Caldera Sponsors Samba Client Library Development. Caldera Systems, Inc. announced that they have contracted with Richard Sharpe of the Samba team to create a client library for Linux and Microsoft integration. The Caldera-funded project includes the development of library source code, associated reorganization and reuse of Samba code and documentation of the library application program interface (API). As part of the Samba project, the library and documentation will be available under the General Public License (GPL). Caldera's engineering group will work with the Samba team to complete the project by February 2001.

New Distributions

GNU/Linux Ututo. A new distribution announced this past week, GNU/Linux Ututo is the first GNU/Linux distribution done in Argentina. The web site is in Spanish, so you may want to check out the usual Babel Fish translation.

We searched for a link to this distribution but couldn't find one (no link is provided in the article). If anyone has a pointer to a web site for this distribution let us know so we can add it to our ever growing list of distributions.

General-Purpose Distributions

Mission Critical Linux Convolo Cluster 1.2. Mission Critical Linux announced the availability of Convolo Cluster Version 1.2, a Linux cluster solution that supports Network File System (NFS) failover.

Debian Weekly News for December 19th, 2000. The latest issue of the Debian Weekly News has hit the streets. Topics covered include the new "testing" branch and its association with woody, vote counting issues and security fixes for zope, slocate and various editors.

Slackware. Slackware: announced this week that OpenSSL, the free Secure Sockets Layer library, and OpenSSH, the free encrypted remote shell program, have been made available in Slackware-current.

In addition, KDE has been updated to 2.0.1 in -current, and the Mutt mail client and AT&T's Korn Shell 93 have been added to the distribution.

MSC.Linux. MSC.Software Corp. announced this week the beta availability of MSC.Linux, a clustering version of the Linux operating system designed for engineering and corporate environments.

Embedded Distributions

PeeWeeLinux. PeeWeeLinux, a small footprint embedded distribution, announced release 0.53.24 this past week. The web site for the distribution also mentions 0.53.25 but has not publicly announced that release.

Mini/Special Purpose Distributions

Coyote Linux. Coyote Linux versions 1.23 and 1.24 were releases earlier this past week. Version 1.24 represents the latest stable release of Coyote Linux. Among the features added are SSH for secure remote access, support for systems without a math-coprocessor, updated network card drivers, and several bug fixes (including the broken DHCP server support in 1.23). Version 1.23 fixed serveral bugs and includes the 2.2.18 kernel. It also has an updated PPPoE daemon.

muLinux. muLinux, a floppy based distribution, quietly released 11r2. The previous stable release was 10r5.

NetBSD 1.5. Wasabi Systems, Inc., a company founded by key members of the NetBSD project, released a CD version of NetBSD 1.5 this week. The Standard Edition, which ships immediately, contains 2 CDs which are bootable on x86 PC, Alpha, DECstation, SPARC, UltraSPARC, Power Macintosh, VAX and many other platforms. A 12-page installation guide is also included. The Package Release, which will be available sometime in January, includes the Standard Edition plus an extra CD with 3rd party applications precompiled for the x86 platform.

Section Editor: Liz Coolbaugh


December 21, 2000

Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed.


Leading
Caldera OpenLinux
Debian GNU/Linux
Linux-Mandrake
Red Hat
Slackware
SuSE
TurboLinux

Also well-known
ASPLinux
Best Linux
Conectiva Linux
e-smith
Kondara MNU/Linux
Progeny
Rock Linux

Non-technical desktop
easyLinux
Icepack Linux
Independence
LibraNet
Redmond Linux
WinSlack

Education
Boston University
kmLinux
LinuxFromScratch
OpenClassroom
Red Escolar

General Purpose
Alzza Linux
aXon Linux
Bad Penguin Linux
BearOps
Black Cat Linux
BluePoint Linux
BYO Linux
CAEN Linux
Cafe Linux
ChainSaw Linux
Circle MUDLinux
cLIeNUX
Complete Linux
Console Linux
Corel Linux
CRUX
Darkstar Linux
DLite
easyLinux
Elfstone Linux
ESware Linux
Eurielec Linux
eXecutive Linux
Fried Chicken
FTOSX
FullPliant
Gentoo
Go!Linux
HA Linux
Halloween Linux
HispaFuentes
IceLinux
Ivrix
ix86 Linux
J-LINUX
JBLinux
Jurix
KRUD
KSI-Linux
Lanthan Linux
Laonux
LASER5
Leetnux
Linpus Linux
Linux Cyrillic Edition
Linux MLD
LinuxOne OS
LinuxPPP
Linux Pro Plus
Linux-SIS
LNX System
LoopLinux
LSD
Lute Linux
MageNet
Mastodon
MaxOS
minilinux
MSC.Linux
nmrcOS
NoMad Linux
Omoikane GNU/Linux
PingOO Linux
Plamo Linux
PLD
Project Ballantain
PROSA
Rabid Squirrel
Repairlix
Root Linux
Scrudgeware
Serial Terminal
Sorcerer
spyLinux
Stampede
Stataboware
TechLinux
TimeSys Linux/RT
Tom Linux
Trinux
Turkuaz
Ute-Linux
VA-enhanced Red Hat
Vine Linux
Virtual Linux
WholeLinux
WinLinux 2000
XTeamLinux
ZipSpeak

Country-specific
Argentina
GNU/Linux Ututo
Britain
Definite Linux
Eridani
China
COSIX
Red Flag
France
Linux/MNIS
Italy
LinuxEspresso
Madeinlinux
Vedova
Spain
Linux Esware
Thailand
Kaiwal Linux
Thai Linux Extension

Related Projects
Chinese Linux Extension

Historical (Non-active)
Dualix
Gentus
Giotto
MCC Interim Linux
OS2000
Storm Linux
Yggdrasil

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 Development
 Commerce
 Linux in the news
 Announcements
 Back page

See also: last week's Development page.

Development projects


News and Editorials

In last week's LWN development section, window systems for PDAs were discussed. One reader pointed out that running a remote X window system display from a PDA is already possible with the Agenda VR3 platform. This page has numerous links to Agenda VR3 projects. Thanks to Dan Stromberg. That one should be listed under instant results.

Browsers

Mozilla Status Update for December 13, 2000. A new Mozilla Status Update has been published. Check it out for the latest status on Composer, MailNews, Rendering, XML/DOM, and more.

Databases

Python Berkeley Database 3.1.x wrappers. Robin Dunn has announced a new BerkeleyDB wrapper module for Python. This project is unique in that it does not rely on SWIG like previous wrappers.

Education

Linux in education report #35 for December 18th, 2000. The latest Linux in Education report has been published by SEUL/edu. Discussions cover using the Gimp, Sketch, and various other tools for graphing and plotting, plus the usual list of new educational applications available for Linux.

Debian Jr. Package List. The current list of packages has been published for the Debian Jr. project. "The primary goal of the Debian Jr. project is to make Debian an OS our children want to run. This involves some sensitivity to the needs of children as expressed by the children themselves. As parents, developers, older siblings, sys admins, we need to keep our ears and eyes open and discover what it is that makes computers desirable to children. Without this focus, we can easily get sidetracked trying to achieve abstract goals like 'user friendliness', 'simplicity', 'low maintenance', or 'robustness' that, while they are certainly laudable goals for Debian as a whole, are too broad for addressing the specific needs and wants of children."

Dr Genius 0.5.10 released. Version 0.5.10 of Dr Genius is now available for download. Dr Genius, Dr Genius Refers to Geometry Exploration and Numeric Intuitive User System, aims to help with the visualization of geometry. The project is the result of the merging of two other projects, George Lebl's Gnome Genius Calculator and Hilaire Fernandes' GTK Dr. Geo. Dr Genius is licensed under the GPL license.

Electronics

New releases from gEDA. The gEDA project has announced new versions of the gschema schematic capture program and the Icarus Verilog circuit simulation software.

Embedded Systems

Fundamentals of Real-time Linux Software Design (LinuxDevices). LinuxDevices.com presents a technical white paper by Kevin Dankwardt, explaining the fundamentals of real-time Linux system programming. "If there is only a single task to worry about, lots of issues, such as kernel preemptibility, are no longer pertinent. If you are not dealing with hardware interrupts, then, do you really have a real-time system (we include timers here)? If your target system has multiple CPUs then you may have a means of distributing your tasks and interrupts in such a way that the issues discussed, again, are not important."

Embedded Linux Newsletter, December 14th, 2000 (LinuxDevices). This week's issue of the Embedded Linux Newsletter is out. Topics for the past week included PDA alternatives, point of sale terminals, and a slew of papers from the second annual Real-time Linux Workshop.

Games

Indrema updates open-source stance (LinuxDevices). Indrema, maker of an embedded Linux based game console has updated its position with regards to the open-source development model. "After extensive feedback from the open source community (most of whom were concerned about the conflicts of certification with the bazaar development model), Indrema has decided to change the freeware / Open Source portion of the certification plan to better accommodate independent developers, particularly Open Source developers."

Interoperability

Caldera sponsors Samba client library development. Caldera Systems has announced that it is sponsoring Samba developer Richard Sharpe to develop a new client library for the Samba system.

CodeWeavers Releases a Packaged Wine Preview (Linux Today). The Code Weavers have announced a packaged version of Wine that works with Gnome and KDE. A Wine Configuration Wizard, Wine Launcher, and the WineMaker porting tool are included in the package.

Wine Weekly News for December 18, 2000. The December 18, 2000 version of the Wine Weekly News has been published. This issue has an in-depth feature on dynamic loading in Wine as well as the usual project status information.

Network Management

OpenNMS Update, Volume 1, Issue 39 (December 20th, 2000). The latest OpenNMS Update has arrived. Version 0.4.1 of OpenNMS has been released and some common questions regarding it have been answered. Also included are a list of new features, a wish list, and some afterthoughts about productivity during the holidays.

Office Applications

LyX Development News for December 20th, 2000. A new issue, number 10, of the LyX Development News has been published. This edition covers the debate on keeping or dropping GUI independence for that application along with a brief history of the LyX name. The usual batch of development quotes and mail thread summaries are also included.

The Gimp version 1.1.31 is available. Developer's Version 1.1.31 of the Gimp is available for download. This follows last week's release of version 1.1.30 with a few more bug fixes. If this version proves to be stable, it will soon become Stable Version 1.2.

On the Desktop

XFree86 4.0.2 Released. The XFree86 Project, Inc has released XFree86 Version 4.0.2. This release brings X support to the Darwin/Mac OS X PowerPC platform, support for many new graphics cards, Render support, enhanced internationalization, and even an improved XTerm, among other things.

KDE 2.1 beta 1, Qt 2.2.3 released. The announcement for KDE 2.1 beta1 has gone out. This release contains a new theme manager, the Pixie image viewer/editor, the KDevelop C/C++ IDE, and more.

Also, Trolltech has announced the release of the Qt 2.2.3 GUI framework. This is a bugfix release.

10 Questions with Charles Northrup. Charles Northrup, CTO of Global Technologies Ltd. Inc and lead developer on their GNOME for Windows Project is interviewed by Linux Orbit's John Gowin.

"Linux Orbit: It was noted on the press release that work was being done on a KDE port as well. What's the timeline for the KDE port?

Charles Northrup: This is dependent on user demand mostly. We have not received any requests for KDE to date. If the requests come in, we will look at this effort more seriously."

The People Behind KDE: Luigi Genoni. The people section of dot.kde.org spotlights Luigi Genoni. "What is your role within KDE?
I'm the maintainer of knetfilter, a gui to set up and configure firewalls with Linux 2.4.0 and iptables. It is a marginal application in front of the KDE great stuff, but it is one of the many applications for sysadmins developed for KDE that, in my opinion, make KDE as rich and interesting as it is for the users.
"

Linux Accessibility Conference and GNOME. The Linux Accessibility Conference will take place during CSUN's Sixteenth Annual International Conference, March 22-23, 2001 at the Los Angeles Airport Hilton Hotel.

"The mission of the conference is twofold:
1) To demonstrate the potential of Linux and free software in the accessibility arena.
2) To formulate a course of action for advancing Linux accessibility and to begin to organize interested supporters and developers into working groups focusing on specific topics. These topics include: GNOME, KDE, X Windows, Console, Braille, Speech, Internationalization and Localization (i18n and l10n), Internet Applications (Mozilla), and Universal Accessibility Standard.
"

Easy GUI programming with EasyGTK (IBM developerWorks). IBM's developerWorks is carrying a story on using EasyGTK, a wrapper library around GTK+ that purports to make writing GTK+ applications simpler. "The Gnome Toolkit (GTK+) is a free toolkit for creating great user interfaces. EasyGTK is a wrapper library that translates calls into GTK+, removing much of the effort and time needed to master GTK+." Gnome Toolkit? Try Gimp Toolkit, guys.

Printing Systems

Cups V1.1.5 released. Version 1.1.5 of the Common Unix Print System (CUPS) has been announced. A huge list of changes are listed including security fixes, installation improvements, more USB support, new documentation, and lots of other stuff.

LPRng 3.7.2 available. Version 3.7.2 of the LPRng enhanced print spooler is available for download. Information on this release is somewhat sparse at this time.

Science

SpaceChart 3D starmapping for Gnome. A new version of SpaceChart has been released. " SpaceChart is a program that allows you to see the stars in glorious 3D and rotate them to see them from any point of view. You can also limit which stars you want to see, according to their spectral class and luminosity, and draw links between all stars closer than a certain distance. "

Systems Administration

Interview with David Cantrell (Userlocal.com). Userlocal.com interviews David Cantrell, a noted Slackware developer. "Using the CHECKSUMS.md5 files that we provide in the distribution, autoslack will look at your machine and a distribution tree of your choice and tell you what packages can be removed, upgrade, or new ones that can be installed. Optionally it can download those packages and/or perform the actual package operation."

Web-site Development

Midgard Weekly Summary, December 20th, 2000. The Midgard Weekly Summary has been posted. Features include the upcoming final 1.4 candidate, the implementation of a nightly build system, and Midgard 2.0 schedules.

ZopeLDAP 1.1.0 released. A new version of ZopeLDAP is now available. This release brings the ability to run in a non-transactional mode, a Python friendly Entry object API, and improved documentation.

Zope Weekly News for December 14, 2000. The December 14, 2000 edition of the Zope Weekly News has been published. News includes the release of Zope 2.3 Alpha 1 and the upcoming release of Zope 2.2.5.

Section Editor: Forrest Cook


December 21, 2000


Application Links
GIMP
Mozilla
Galeon
High Availability
ht://Dig
mnoGoSearch
MagicPoint
Wine
Worldforge
Zope

Open Source Code Collections
Berlios
Freshmeat
OpenSourceDirectory
Savannah
Le Serveur Libre
SourceForge
Sweetcode

   

 

Programming Languages


Assembly Language

The new Amiga: VP assembly code demo (developerWorks). It's not Linux specific, but Amiga's cross platform development environment - the Tao Group's Virtual Processor (VP) technology - is intriguing on it's own. IBM's developerWorks is carrying a story showing an example application written in this new, "hardware independent", assembly language. " VP code is, in a nutshell, the ideal assemble language. In fact, it's such an improvement over traditional non-virtual assembly language that it needs to be seen and understood in order to be appreciated. Just to highlight a few of its strong points: it has an unlimited number of integer and floating-point registers [and] you can use high-level looping constructs (similar to those in a higher-level language like C)."

Java

Building Servelets with Session Tracking (IBM developerWorks). IBM's developerWorks is running a tutorial on Building servlets with session tracking by Jeanne Murray. "This tutorial teaches techniques for building Internet applications using servlet and JSP technology. A key point is to enable session handling, so the servlet knows which user is doing what. The tutorial shows a URL bookmarking system in which multiple users access a system to add, remove, and update an HTML listing of bookmarks. The servlet uses JSP technology to handle the user interaction." Registration is required.

Perl

Perl 5.6.1 TRIAL1 Released (Use Perl). Release 5.6.1 TRIAL1 of Perl has been released. This is a trial version, it's not ready for production yet.

Perljvm Under Active Development Again (Use Perl). The Perljvm project, which aims to port Perl to the Java Virtual Machine, is under active development again.

PHP

PHP 4.0.4 released. PHP version 4.0.4 has been released as of December 19, 2000. This version contains a ton of bug fixes as well as a few new features.

Introduction to PHP (IBM developerWorks). IBM's developerWorks has run an introduction to PHP that describes the PHP web scripting language. "PHP is a scripting language that is embedded in HTML and interpreted by the server. It can be used to manage dynamic content, work with databases, handle session tracking, and even build entire e-commerce sites. It works well with a number of popular databases, including MySQL, PostgreSQL, Oracle, Sybase, Informix, and Microsoft SQL Server."

Python

Python-URL! for December 18th, 2000. The latest Python-URL! has hit the ether, with topics covering the use of Python in cryptography and math, variable/parameter/assignment semantics, and using Python to access the parallel port lines under Windows 95.

Jython 2.0a2 released. Version 2.0a2 of Jython is available. Jython is an implementation of the Python language written in Java.

Smalltalk

Bistro 3.4 available. Nik Boyd has announced the availability of Bistro 3.4. Bistro is a variation of Smalltalk that runs on top of the Java VM.

Tcl/tk

Scripted wrappers for legacy applications (REGULAR EXPRESSIONS). In a REGULAR EXPRESSONS article, Cameron Laird and Kathryn Soraiz show us how to use Perl and Tk to build a gui wrapper around a C program.

Dr. Dobb's Tcl-URL! for December 18th, 2000. The weekly edition of Dr. Dobb's Tcl-URL! has been published. Featured topics include authenticating usernames and passwords in URLs, handling background errors, and a comparison of Tcl to other scripting languages.

Tcl/Tk 2001 Conference Announcement. The Tcl/Tk 2001 Conference has been announced for July 23-27, 2001 in SanDiego, California.

Section Editor: Forrest Cook

 
Language Links
Caml
Caml Hump
Tiny COBOL
Erlang
g95 Fortran
Gnu Compiler Collection (GCC)
Gnu Compiler for the Java Language (GCJ)
Guile
Haskell
IBM Java Zone
Jython
Free the X3J Thirteen (Lisp)
Use Perl
O'Reilly's perl.com
Dr. Dobbs' Perl
PHP
PHP Weekly Summary
Daily Python-URL
Python.org
Python.faqts
Python Eggs
Ruby
Ruby Garden
MIT Scheme
Schemers
Squeak
Smalltalk
Why Smalltalk
Tcl Developer Xchange
Tcl-tk.net
O'Reilly's XML.com
Regular Expressions
   

Sections:
 Main page
 Security
 Kernel
 Distributions
 Development
 Commerce
 Linux in the news
 Announcements
 Back page

See also: last week's Commerce page.

Linux and Business


Embedded Linux. Linux training has been big business for some time now, but it is mostly aimed at Linux on the desktop and Linux system administration. Until now there has been little or no training for those interested in embedded Linux. Now both Lineo, Inc. and MontaVista Software are gearing up to fill that gap.

Lineo's Lineo Academix is a scholastic program designed to prepare students for the field of embedded Linux programming. MontaVista, instead, will launch MontaVista University on January 15, 2001 to train developers working in the open source embedded Linux domain. Next, of course, will come the certification exams.

In other embedded news, EMBLIX, the Japan Embedded Linux Consortium, announced their first elected officer corps, the results of an election process that was initiated at MST 2000 last month. The consortium also established three working groups designed to initiate discussion within the embedded Linux community about platform and interoperability issues.

Red Hat third quarter revenue grows to $22.4 million. Red Hat, Inc. reported revenue of $22.4 million for the third quarter of fiscal 2001, ended November 30, 2000. That's an increase of 112% over the $10.5 million reported for the third quarter of fiscal 2000 and an increase of 21% over the second quarter of fiscal 2001. Gross margin was 60% for the third quarter fiscal 2001, versus 58% reported in the second quarter fiscal 2001 and 41.5% in the third quarter fiscal 2000. The Company reported an adjusted net loss of $900,000, or $0.01 per share, for the third quarter of fiscal 2001, compared to an adjusted net loss of $5.4 million, or $0.04 per share, for the third quarter of fiscal 2000. They are still not making a profit, but they getting closer.

Linux is hard at work in many fields. Linux NetworX, Inc. announced that Lawrence Berkeley National Laboratory, Berkeley Calif., has selected a Linux NetworX cluster computer system for its Drosophila Genome Project. The Linux cluster of 40 processors will be used by the Berkeley Lab to analyze and sequence the Drosophila (fruit fly) genome.

Linbox has announced (in French) that it has sold 950 Linux-installed servers to the French Direction Générale des Impôts - which administers taxation. An English translation is available via Babelfish.

RSS 1.0 Released by International Working Group. RDF Site Summary (RSS, also referred to as Rich Site Summary format) 1.0, an XML-based application enabling Web sites to describe and syndicate site content and metadata, has been released.. RSS is used by many sites, including LWN.net, to post headlines from their sites for external use. This is the first update to RSS since Netscape released version 0.91 in July,1999.

Eazel Announces Sun to Adopt Nautilus Software for Solaris Operating Environment. Eazel has announced that its Nautilus environment will be shipped with Solaris by Sun, along with GNOME 2.0. Sun will also contribute some development help to Nautilus.

Press Releases:

Open Source Products

Unless specified, license is unverified.
  • DevelopOnline (TEMPE, Ariz.) announced that Motorola is making its newest telecommunications PowerPC-based hardware platform available online to DevelopOnline's community of developers.

  • DevelopOnline (TEMPE, Ariz.) announced that IBM Microelectronics is making its PowerPC Platform with the new 405GP processor available on DevelopOnline's collaborative development Web site.

  • Lutris Technologies Inc. (SANTA CRUZ, Calif.) announced that Lutris Enhydra 3.5, an application server capable of supporting wireless protocols, has been released to manufacturing and may now be ordered online.

  • Metaflow Technologies Inc. (GRENOBLES, France) introduced Implosion, a system on chip (SoC) design platform that uses Open Source IP for its key hardware and software components.

  • Progress Software Corporation (BEDFORD, Mass.) announced that its new open source site, www.possenet.org, is up and running and offering collaborative access to the latest release, Version 9.1, of its Application Development Environment (ADE) source code. CollabNet is providing its SourceCast environment as the infrastructure for the www.possenet.org site.

  • VeriSign, Inc. and Telcordia Technologies, Inc. (MOUNTAIN VIEW, Calif.) announced the opening of the first public trial, part of the ENUM World project, for testing services and applications using the ENUM standard. Participants in the trial will have free access to an open source software development kit and use of the trial registry.

Proprietary Products for Linux

  • Aladdin Knowledge Systems (CHICAGO) announced plans to offer a beta version of HASP for Itanium, a comprehensive software security product.

  • Mission Critical Linux, Inc. (LOWELL, Mass.) announced the immediate availability of Convolo Cluster Version 1.2, with full support for Network File System (NFS) failover.

  • Oracle Corp. (REDWOOD SHORES, Calif.) announced the availability of Oracle Internet File System, designed for Internet-based applications using Java and XML. The latest version is available free-of-charge as part of Oracle8i, Release 3 for Linux platforms.

  • PolyServe (BERKELEY, CA) introduced LocalCluster Enterprise, a new high-availability server clustering solution for data replication of web- and IP-based services.

  • VMware, Inc. (PALO ALTO, Calif.) announced that its VMware Express desktop software is now available directly from VMware on its Web store ( http://www.vmware.com ) for $79. VMware Express allows users to run either MS Windows 95/98 applications on a Linux system.

Products and Services Using Linux

  • e-smith (BOSTON) announced the latest upgrade of the Linux-based e-smith Server and Gateway, version 4.1, with virtual private networking and e-smith Web mail.

  • LinuxWizardry Systems, Inc. (BOCA RATON, Fla.) announced a new product for the Magic Passage DSL/Cable Router product line. The new model will be designated the Magic Passage 1400 and will be an entry-level alternative to the current Magic Passage 2540.

  • Stream Machine (SAN JOSE, Calif.) announced a reference design that captures, stores, and streams digital media to computers and entertainment products throughout the networked home. The Maestro Reference Design, available in the first quarter of 2001, is based upon the Stream Machine SM2210 codec, a market-leading MPEG2 compression / decompression chip now in full production. And Maestro uses an embedded Linux operating system.

Servers, installed Linux optional

  • Dell (ROUND ROCK, Texas) announced that DellHost, Dell's integrated Web hosting service, is offering expanded custom, multi-tier solutions that include firewall and load balancing servers. DellHost has a PowerEdge 2450 server featuring dual 1GHz Intel Pentium III processors, 1GB RAM, three 9GB SCSI hard drives and Red Hat Linux operating system for $799 per month, plus set-up fees.

  • IBM (ARMONK, N.Y.) announced that its new IBM eServer z900, "the reinvented mainframe", began shipping to customers around the world.

  • Rave Computer Association, Inc. (Sterling Heights, Michigan) has added a redundant 4UAXmp rackmount to its family line of Rave AXmp Systems.

  • SteelCloud (DULLES, Va.) announced the ultra high-performance SteelCloud Model 1000.

Products with Linux Versions

  • Advanced Visual Systems (WALTHAM, Mass.) released version 5.1 of the AVS/Express data visualization platform. Features include OpenGL rendering on Linux-based systems.

  • American Megatrends Inc. (ATLANTA) announced support for Red Hat Linux, RAID 10 and multi-controllers to its MegaRAID IDE100 and MegaRAID IDE66 hard drive accelerators. Linux drivers are available for download on AMI's web site at www.ami.com.

  • Asante Technologies, Inc. (SAN JOSE, Calif.) announced that the company is now shipping GigaNIX, its new Gigabit Ethernet adapters for Apple Mac OS, Windows and Linux systems.

  • ELSA (SAN JOSE, Calif.) announced shipment of the GLoria lll professional graphics accelerator optimized for mechanical computer-aided design, professional game development and film animation and effects.

  • ELSA (SAN JOSE, Calif.) announced the shipping of the Synergy III professional graphics accelerator with application specific optimizations and dual monitor support.

  • Equator Technologies, Inc. (CAMPBELL, Calif.) announced the availability of its Shark MAP-CA Development Board and the iMMediaTools Software Toolkit, version 5.2. Red Hat Linux 6.2 is supported.

  • Hewlett-Packard Company and Sprint PCS (PALO ALTO, Calif. and KANSAS CITY, Mo.) announced an agreement to jointly market and sell the HP Openmail Anywhere solution as part of the Sprint PCS Wireless Web for Business.

  • Marimba, Inc. (MOUNTAIN VIEW, Calif.) announced the release of Timbale version 1.2. With this latest release, Marimba introduces a cache module and added platform support (including some versions of Linux).

  • SteelEye Technology Inc. (MOUNTAIN VIEW, Calif.) announced an extension of its LifeKeeper Next Generation Enterprise Reliability Platform into MySQL database environments.

  • MAPICS, Inc. (ATLANTA) announced the delivery of the Spanish translation of Point.Man 5.0, MAPICS' extended enterprise application.

  • Tarantella, Inc. (SANTA CRUZ, Calif.) and Alternative Technology, Inc. announced that they have signed an agreement for Alternative Technology to distribute the Tarantella web-enabling product line.

  • Wind River Systems, Inc. (ALAMEDA, Calif.) announced general availability of the SNiFF+ 4.0 source code analysis environment for advanced source code visualization and navigation.

Books and Training

  • LinuxCertified.com will offer its next weekend System Administration bootcamp on January 20-21, 2001 in San Francisco bay area (south bay). This workshop is designed for IT professionals and is designed to cover the most important Linux administration areas.

Partnerships

  • 2netFX and Zapex Technologies, Inc.announced an alliance to design and deliver innovative hardware and software broadcast solutions to be used in the IP distance learning market. The first system offered by the alliance is a Linux-based server solution.

  • e-smith, inc. (BOSTON) announced the e-smith Authorized Partner Program, an initiative designed to help solution providers deliver network server solutions to small and mid-size businesses.

  • Lutris Technologies Inc. (SANTA CRUZ, Calif.) announced a licensing partnership with Pixo, Inc.. Under the terms of the agreement, Pixo's Internet Microbrowser will be integrated with Lutris Enhydra 3.5.

  • Lutris Technologies (SANTA CRUZ, Calif.) announced an agreement with RadView Software Ltd. to integrate and distribute RadView's WebLoad 4.5 with Lutris Enhydra 3.5.

  • Metro Link, Inc. (Fort Lauderdale, FL), a provider of graphics display software for embedded Linux, announced that it has become a member of MIPS Technologies' MIPS Alliance Program (MAP).

  • Netgem (PARIS) announced the integration of its Linux-based technology by Gradiente Eletronica, a major TV and consumer electronics manufacturer in Brazil.

  • Quicknet Technologies, Inc. and Arcom Control Systems (SAN FRANCISCO and KANSAS CITY, Mo.) announced that they have joined forces to deliver a Voice-over-IP (VoIP) solution to Williams Communications. The APC-Industrial PC is the result of a combined effort of integrating Arcom's APC Celeron (19" rack-mount PC), Quicknet's OpenH323 (an H.323 protocal stack) and the Internet PhoneJACK in a LINUX workstation as specified by Williams Communications.

  • Turbolinux, Inc. (TOKYO and SAN FRANCISCO) announced a global OEM distribution agreement with Compaq Computer Corp. to provide Turbolinux as a bundled or factory-installed option with certain models of Compaq ProLiant industry-standard servers. The agreement also permits Compaq to bundle and pre-install TurboLinux software on AlphaServer and AlphaStation systems.

  • Turbolinux, Inc. (SAN FRANCISCO) announced it has signed a contract with the Huasong Company, an affiliate of the Chinese Ministry of Information Industries (MII), to provide Turbolinux solutions for the ministry's Internet infrastructure and telecommuncation centers in as many as 500 cities across China.

Investments and Acquisitions

  • Sendmail, Inc. announced the acquisition of Nascent Technologies. Sendmail will take ownership of Nascent's Mailspinner product line, renamed Sendmail Mobile Message Server, a Wireless Application Protocol (WAP) or iMode enabled wireless email offering. Sendmail will also take over support of Nascent Technologies' customers, integrators and partners.

Financial Results

  • Progress Software Corporation (BEDFORD, Mass.) announced results for its fourth quarter and full fiscal year ended November 30, 2000. Revenue for the quarter decreased 15 percent to $66.4 million, down from $78.1 million in the same quarter last year.

Linux At Work

  • BigStorage, Inc. (San Francisco, CA) announced its successful installation of 10TB of its iRAID and nearline data storage at EMusic.com, an e-commerce music company based in Redwood City, CA that specializes in the distribution of MP3 audio files over the World Wide Web. The press release did not say which Linux distribution was used in the facility.

Other

  • NetSilicon, Inc. (WALTHAM, Mass.) announced its plans for continued market leadership in the intelligent, networked device industry. The company outlined a product strategy focusing on increased commitment to Linux and other open source solutions. These include the addition of EL/IX applications programming interface (API) to its NET+OS(TM) product, and the availability of a Java-based product.

  • ServiceWare Technologies, Inc. (OAKMONT, Pa.) announced it has expanded the Foundation Package of its leading IT knowledge portal, RightAnswers.com, with content from ten new software titles from Caldera, Corel, GNOME, McAfee, Norton, Oracle and Sun.

Section Editor: Rebecca Sobol.


December 21, 2000

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 Development
 Commerce
 Linux in the news
 Announcements
 Back page

See also: last week's Linux in the news page.

Linux in the news


Companies

Embedded Linux targets military apps (LinuxDevices.com). Here's an article on LinuxDevices.com looking at the Rymic Systems box that is being considered by the U.S. military. "The system's operating system is uClinux, a 'small foot-print' version of Linux that supports MMU-less processors such as Netsilicon's Net+Arm. Utility software within the device provides Ethernet-based Internet access, including FTP, HTTP client and server functions, and POP3 and SMTP mail protocols."

Coming soon: an Italian Renaissance in Embedded Linux? (LinuxDevices). LinuxDevices looks at ETLinux and RTAI - two Italian-based embedded Linux offerings. "Notwithstanding Linuxcare's lack of priority on EtLinux development, embedded Linux developers have continued to express strong interest in it for future embedded designs, as evidenced by data collected in LinuxDevices.com's Embedded Linux Market surveys. Recognizing the continued interest in EtLinux, a former employee of PROSA recently told LinuxDevices.com, 'we hope to restart developing EtLinux'."

Red Hat beats the Street (Upside). Here is Upside's take on Red Hat's third quarter earnings report. "In their careful quizzing of company officials, it's evident that analysts want a clearer idea of how the company will grow revenues 85 percent in the next fiscal year, and they didn't necessarily get it."

VA bolsters push for big business customers (News.com). News.com listened in on the VA Linux Systems conference call, where CEO Larry Augustin presented a strategy more oriented around large business customers. "Augustin said the company is making progress in its enterprise effort, recently closing a deal to sell more than 1,000 servers to a financial services company."

Eazel's Linux software moves to Sun's Solaris (News.com). C|Net's News.com has posted their take on the Eazel/Sun partnership. "For years, Sun didn't bother much with desktop software, preferring to focus its marketing efforts on servers and small computing devices, where Microsoft doesn't have much of a stronghold. Instead, Sun focused on bypassing Windows by promoting Java, software that works regardless of whether a consumer's computer uses the Mac OS, Windows, Solaris or any other operating system."

Open-source software firm enters wireless territory (News.com). C|Net looks at Sendmail's venture into the Wireless arena. "Terms of the Nascent acquisition weren't announced, but Olson said it is a stock and cash agreement with a multimillion-dollar value. Nascent's staff of 10, most of them programmers, will be added to Sendmail's 165 employees, and Sendmail will use the Nascent acquisition to launch a mid-Atlantic sales office."

Linux Firms Sing The Big Blues (ZDNet). ZDNet takes a look at how IBM's participation is making waves with Linux distribution and service companies. "Some TurboLinux executives are having second thoughts about agreeing to support the complete IBM eServer line. In TurboLinux's case, company executives say it has its hands full with its own clustering work and attempting to be first to market with Linux for the Itanium."

IBM's Palmisano sets sights on business customers (News.com). C|Net's News.com interviews IBM President and COO Sam Palmisano, asking the IBM exec about that company's plans for Linux. "The concern with Linux is that it's not ready for the enterprise environment because it's not industrial-strength. Well, there's nobody more industrial-strength in the world than IBM. There's no platform more industrial-strength than Freeway or 390.

I am going to be presenting (a keynote) at LinuxWorld in January...If I stroll in there not with some Net-gen company but a German bank, Japanese bank or U.S. securities firm--these are very conservative places--it will give this whole movement a lot of momentum. And we're going to stroll into LinuxWorld with those references."

The future is... Darwindows? (ZDNet). Apache, Perl and even XFree86 on the Mac - ZDnet looks at Darwin, the BSD-based underlying OS to Mac OS X. "So Darwin will probably work with your Apple hardware, it's a breeze to install, the system requirements are modest compared to MacOS X -- 32MB of RAM and 800MB of storage -- and, as a member of the BSD family, it has the pedigree of one of the world's most stable, scalable, and Internet-capable operating systems."

Business

To open source, investors tune out, companies tune in (Upside). Upside offers up this broad-scoped piece on how companies are soaking up open source concepts and methods even while investors are tuning out the efforts. "Slowly but surely, companies such as IBM, Hewlett-Packard (HWP) and even Oracle (ORCL) have re-positioned themselves as the best friends of the open source community, while former starlets such as Red Hat (RHAT) and VA Linux (LNUX) scramble to earn their first profitable dollar."

Open-source database companies open shop (News.com). C|Net looks at the recent announcements from Great Bridge, NuSphere and AbriaSoft in the open source database market. "Great Bridge hopes eventually to reproduce the success Red Hat has had in establishing a foothold against operating system competitors such as Sun Microsystems and Microsoft. Though Great Bridge's database software competes with that from bigger fish such as Sybase, Oracle, IBM, Informix and Microsoft, the more likely competitors for now are smaller companies such as AbriaSoft."

Sun moves up on IBM in server sales (News.com). News.com looks at the server market in light of a recent IDC report. "Systems based on the Linux operating system and rack-mountable servers grew much faster than the overall server sector, IDC said. Linux server sales increased 178 percent from the third quarter of 1999 to the third quarter of 2000, while rack-mountable server sales grew 400 percent."

Mega-Corps Fawn Over Linux (Wired). Wired News takes a look at Bruce Perens' new job with HP and other open source evangelists. "It's a job description that Perens shares with open-source supporters at several large U.S. technology firms, including, on the opposite coast, IBM (IBM). Big Blue's unofficial evangelist is Linux guru Irving Wladawsky-Berger, who goes by the official title of vice president of technology and strategy."

Open-source backers: No fear (ZDNet). Bruce Perens responds to ZDNet's column on open-source backers being afraid of being co-opted by big companies. "Did the community bend? No, the mountain came to Mohammed: IBM and Apple changed their licenses to comply with the Open Source Definition and got the collaboration they were looking for. So, even when Stallman's licenses aren't used, the corporations participate using the Debian Project's rules."

Who's afraid of the Big Bad Wolves? (ZDNet). Evan Leibovitch thinks the open source movement is bigger than IBM, HP, Compaq, and Sun all rolled up together - and the GPL is the IT world's Magna Carta. "Those who want to participate in the Linux world, regardless of size, are quite welcome to add their fingers to this grand virtual Ouija board. They can help steer, but if they push too hard the rest will just push back -- harder."

Hollywood dealt setback in DVD code case (News.com). The California Supreme Court is ordering a lower court to show why Matthew Pavlovich should remain part of the DeCSS case even though he doesn't live in California. "The order applies only to Pavlovich and does not ensure he will be removed from the suit, but it could signal that the end is near for many defendants in the year-old case: Of 21 defendants listed by name in court papers, 18 do not live in California, according to Pavlovich's attorney, Allon Levy."

Linux - a failure on the desktop?. Here's an article on the "Temple of Technology" site claiming that Linux has failed on the desktop. "Another important problem is the GPL itself in my opinion. This means that there are limited commercial interests in investing huge amounts of money into a product that a user can download for free. The main stream of revenue is therefore boxed versions for users uncomfortable with downloading it from the net, or users that would like the manual that comes with the boxed version."

Resources

Update on Indrema's Linux-based set-top game console (LinuxDevices). Indrema has provided to LinuxDevices.com a status update and clarification concerning issues of game development and licensing, development tools, plans for games, and expected availability of the Indrema Entertainment System itself (i.e., the game console).

Reviews

APC SmartUPS 700 (SignalGround). Signal Ground is carrying a review of the APC SmartUPS 700, a Linux-friendly UPS system. "The software came in an RPM. It installed without a hitch on my Debian system (after converting the packages to .deb format with alien), and it put most of its files in /usr/lib/powerchute. After the software is installed, you have to run a configuration script. The script does a number of different things, including configuring serial connectivity, modifying your "halt" shutdown script, and updating the EEPROM on your UPS."

Interviews

Interview: Robin Miller. O Linux interviews Robin Miller of NewsForge. " We love LWN and LinuxToday dearly, but we are not the same as they are. They are much more focused than NewsForge, but NewsForge is much more complete than either of them and has an entirely different style. I like to think our headlines are funnier, too."

Miscellaneous

Ten Linux toys for the eye and imagination (LinuxWorld). From sliding penguins to card strategy to building cities, LinuxWorld shows us some of the games available for Linux this year. "I'm sure everyone with a computer has heard of Sim City, the excellent city simulation. As mayor of your own metropolis, you must build roads, balance the yearly budget, plan city additions, and provide power and water services for the virtual residents, known as sims. If the sims are upset or don't think you're doing your job properly, they'll let you know by complaining like hell or moving to another city."

Section Editor: Rebecca Sobol


December 21, 2000

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 Development
 Commerce
 Linux in the news
 Announcements
 Back page

See also: last week's Announcements page.

Announcements


Resources

LinTraining lists 400 Linux training centers. An announcement has gone out that Dave Whitinger's LinTraining site now has a full 400 training centers listed.

Important message for LinuxStart mail users. This is a message from LinuxStart about the cancellation of its mail service. French text follows the English text.

LinuxLookup Tip of the Week. This week's TOTW: The Linux "file" command uses a number of methods to determine what a file contains. LinuxLookup looks at the most accessible part of its algorithm this week, the "magic" file. Read the full tip at LinuxLookup.

High Availability Cluster Checklist. The folks at Mission Critical Linux pointed out this article from Linux Journal on choosing the best high-availability failover cluster. The High Availability Cluster Checklist is a clear and concise way to wade through the marketing hype.

Events

EuroZopeCon Amsterdam announced. We received an announcement for EuroZopeCon Amsterdam, a conference for European Zope users. It will take place during Linux Expo in Amsterdam, January 23 and 24, 2001. We also have the announcement in French.

IDG World Expo on LinuxWorld. IDG World Expo announced that it expects the upcoming LinuxWorld Conference & Expo to surpass all previous attendance records. The event is scheduled for January 30 - February 2, 2001 at the Jacob K. Javits Convention Center in New York City.

Singapore Linux Conference call for papers. The Singapore Linux Conference will be held in, well, Singapore on March 21 to 24, 2001. A call for papers has gone out; they are looking for submissions on a number of topics. The deadline is January 5.

Linux Accessibility Conference and GNOME. The Linux Accessibility Conference will take place during CSUN's Sixteenth Annual International Conference, March 22-23, 2001 at the Los Angeles Airport Hilton Hotel.

January/February 2001 events.
Date Event Location
January 17 - January 20, 2001. linux.conf.au University of New South Wales, Sydney, Australia.
January 21 - January 23, 2001. First Annual International Linux Plug Fest Sponsored by Linuxcare, Inc. Embassy Suites Hotel, Burlingame, CA.
January 23 - January 24, 2001. Linux Expo - Amsterdam Amsterdam, Netherlands.
January 30 - February 2, 2001. LinuxWorld Conference & Expo Jacob Javits Convention Center, New York, NY.
January 31 - February 2, 2001. Linux Expo Paris Paris, France.
February 3 - February 4, 2001. Open Source and Free Software Developers' European Meeting Brussels.
February 14 - February 16, 2001. O'Reilly Peer-to-Peer Conference Westin St. Francis Hotel, San Francisco, California.

Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn@lwn.net in a plain text format.

User Group News

LUG Events: December 21, 2000 - January 4, 2001.
Date Event Location
December 30, 2000. Central Ohio Linux User Group (COLUG) Columbus, Ohio.
January 2, 2001. Linux Users' Group of Davis (LUGOD) Z-World, Davis, CA.
January 3, 2001. Kansas City Linux Users Group (KCLUG) Kansas City Public Library, Kansas City, MO.
January 3, 2001. Southeastern Indiana Linux Users Group (SEILUG) Madison/Jefferson County Public Library, Madison, IN.
January 3, 2001. Silicon Valley Linux Users Group (SVLUG) Cisco Building 9, San Jose, CA.
January 4, 2001. Edinburgh Linux Users Group (EDLUG) Holyrood Tavern, Edinburgh, Scotland.

Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn@lwn.net in a plain text format.


December 21, 2000

   

 

Software Announcements


Here are this week's Freshmeat software announcements. Freshmeat now offers the announcements sorted in two different ways:

Sorted by section and Sorted by license

 

Our software announcements are provided courtesy of FreshMeat

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 Development
 Commerce
 Linux in the news
 Announcements
 Back page

See also: last week's Back page page.

Linux Links of the Week


GeekIssues promises "Technology, Politics, Sarcasm." It covers a wide range of issues, many of which are of interest to the free software community.

In case you've not looked at enough patent information...what was once the IBM patent database is now Delphion. Should you ever want to delve into the details of a patent, this is the place to look.

Section Editor: Jon Corbet


December 21, 2000

   

 

This week in history


Two years ago (December 24, 1998 LWN): it was a slow week, due to the holidays. Back then, too, people were wondering about what IBM was going to do...

But what's really held IBM back from an official support alliance with Red Hat, say sources close to the company, are legal issues. If IBM supports Linux the way it supports other operating systems, it will need to tweak the operating system itself, and that could raise liability questions neither IBM nor its many partners want to deal with.

People seemed to have reached a point where they worry a lot less about the liability issues.

ZDNet ran a Top Tech Newsmaker poll. Linus Torvalds came in second, having been beaten, 2-to-1, by Jenni of the JenniCam.

After resisting for some time, Red Hat quietly dropped a set of KDE RPMs into its "Rawhide" distribution. Red Hat also put an end to its practice of dropping updates into second and subsequent pressings of its CDs. Until then, one Red Hat 5.0 CD could be visibly identical to another, but have a different set of packages.

GNOME 0.99.0 was released.

One year ago (December 23, 1999 LWN): Eric Raymond announced his forthcoming book, The Art of Unix Programming. The book was to document what makes the Unix tradition special, and was to be written with a great deal of help from the community. Eric did not, however, set a deadline for this book; currently it is available through Chapter 2.

People wondered about the 2.4 kernel...

Colin Tenwick, vice president and general manager European operations for Red Hat, confirmed that the kernel would be released formally to the Linux community the same time as Windows 2000.
-- VNUnet, December 20, 1999.

Needless to say, things didn't happen that way. In an attempt to get a guess at when the release would happen, Tummy.com announced its When's 2.4 poll. From the results page we see that the most optimistic entrant picked January 27, 1999. A full 87.7% of the entries taken so far (it is still open, obviously) gave dates prior to the present.

Richard Stallman called for a boycott of Amazon.com as a result of Amazon's use of software patents.

Linux-Mandrake 7.0 beta was released, as was Mozilla M12.

Corel's Linux distribution was due to hit the shelves any day. Meanwhile, the company foreshadowed the general decline in Linux stocks by dropping down into the low teens from its high of $43. Of course, the low teens would look pretty good to Corel investors these days...

Red Hat, instead, announced a two-for-one stock split.

Even if Linux does turn out to be the greatest thing since the graphical user interface, I sincerely doubt that people buying shares of VA Linux (or any of the Linux companies) at their current valuations will do anything but lose sleep and/or money.
-- Pat Dorsey, Morningstar.

 
   

 

Letters to the editor


Letters to the editor should be sent to letters@lwn.net. Preference will be given to letters which are short, to the point, and well written. If you want your email address "anti-spammed" in some way please be sure to let us know. We do not have a policy against anonymous letters, but we will be reluctant to include them.
 
   
Date: Fri, 15 Dec 2000 00:51:21 +0100 (MET)
From: David Kastrup <David.Kastrup@neuroinformatik.ruhr-uni-bochum.de>
To: letters@lwn.net
Subject: Defamation of Pascal


I take exception to the uncommented and uninformed bigotry of Linus
Torvalds against Pascal in his one-year old quote given in last Linux
Weekly, especially as this nonsense is picked up by the editor:

          The fact that our forefathers were Pascal-programmers, and
          started counting from one does not mean that we have to
          continue that mistake forever. We've since moved on to C,
          and the change from 1999->2000 is a lot more interesting in
          a base-10 system than the change from 2000->2001.

    Of course, it looks like no 2.4.0 by the end of the millennium
    even by the reckoning of Pascal programmers...

The pure unadulterated fact is that Pascal is agnostic.  Its arrays
start wherever the programmers want them to start.

You can declare:

var at1: array [1..30] of integer,
    at0: array [0..29] of char,
    at5: array [5..10] of -3..7;

Pascal has enough faults of its own.  We don't need to start
phantasizing about imaginary ones.

Most probably Mr. Torvalds is confusing Pascal with Fortran which
indeed has its arrays starting at 1.

David Kastrup                                     Phone: +49-234-32-25570
Email: dak@neuroinformatik.ruhr-uni-bochum.de       Fax: +49-234-32-14209
Institut für Neuroinformatik, Universitätsstr. 150, 44780 Bochum, Germany

   
Date: Wed, 20 Dec 2000 16:21:53 -0500
From: "Jay R. Ashworth" <jra@baylink.com>
To: letters@lwn.net
Subject: "Network Appliances" -- what a difference a year (and Linux) makes

Well, tis almost Christmas.

One of the presents a manufacturer hopes you'll put under someone's
tree this year is the New Internet Computer; the Internet- and Linux-
based network computer from a subsidiary of Oracle -- the company
that's been trying to promote the network computer idea for years, in
hopes of breaking the Microsoft monopoly; Larry Ellison reputedly hates
Bill Gates' guts.

The rapid advances in Linux development in the last several years,
combined with the near-ubiquitous presence of the Internet in the
American home, and the appearance of motherboards that actually
have integrated peripherals powerful enough to *use*, have brought
things to a point where the New Internet Computer Company can sell
their "Internet Appliance" for $199, without a monitor but including
everything else, *without* an Internet bundling/kickback deal.

This last point is very important: has anyone heard anything of the...
damn; I can't even remember the name :-) -- that integrated LCD screen
IA that was released around last Christmas, made tandem waves by being
hacked, and then by annoying the manufacturer because it was being
hacked.

Why was the manufacturer annoyed?  Well, because they decided on a
"give away razors; sell blades" business modem that had them making
most of their money off the bundled Internet access service... which
the hackers weren't using.

The NIC people didn't make this mistake.  You can use their little
black box with any internet service you like; commercial dialup
services, Netzero, even BAMnet, a Pennsylvania based combination ISP/
CLEC who bill the long distance and access at a combined 6.5c/minute,
passing it through to your local phone company; no advance setup,
apparently, required.  (Presumably, you have to dial that carrier's
1010 code, but that's it.)

Even more importantly, though (to me, and I suspect to many others)
will be the fact they've *also* included 10/100 Ethernet (and USB) on
the box.  The theoretical advantages of the X-terminal model in
business have long been understood -- minimization of desktop
maintenance and the like being the biggest -- but the things have just
been too damned expensive.

Not anymore.

$200 plus a monitor is sufficiently cheaper than a "real PC" to make
the *inital* cost differential something you can sell to management,
let alone the reduction in recurring costs.  The software is Linux
based; the changes for the custom hardware are GPL'd; the application
field for Linux is growing... how could it get much better?

I've talked to NIC's sales manager, concerning the one point in their
sales agreement that gave me pause: they effectively limit sales to
retail end-customers.  He tells me that this is primarily because their
margin on the boxes is razor thin -- they won't be offering discounts
at *all*.

Hey, that's ok for me.  I can add enough value to sell them for $300 a
desktop, and still save people a shitload and a half of money in the
long run.

And since they got all the glue right, they'll be useful to many
people, in many environments, that the original manufacturer (in the
immortal words of Arlo Guthrie) hadn't even counted upon.

In the long run, since they make, not lose money on every unit, that
can only benefit the manufacturer.  Case in point example to everyone
else.  In the Internet Age, you can't *pull* a fast one; it will break.

[ checks the LWN archives ]

Let this be a lesson to the manufacturers of the i-opener; perhaps
their choice of product name will prove more prophetic than they had
expected.

A quick glance at their website ("you've tripled the price, why?" and
"Why is Netpliance announcing a 'membership program'?") suggests not.

I especially like the *answer* to that last question:

> Netpliance is introducing the Membership Program because the components
> of the program will provide our customers with an even more fulfilling
> online experience that, once again, is centered around simplicity. This
> is the principle upon which we founded the company. We choose to
> reinforce that commitment to our customers whenever we can.

Does anyone here need any more on that?

Cheers,
-- jra
-- 
Jay R. Ashworth                                                jra@baylink.com
Member of the Technical Staff     Baylink
The Suncoast Freenet         The Things I Think
Tampa Bay, Florida     http://baylink.pitas.com                +1 727 804 5015
   
From: Anton Ertl <anton@a0.complang.tuwien.ac.at>
Subject: Elevator algorithms
To: letters@lwn.net
Date: Thu, 14 Dec 2000 14:55:59 +0100 (MET)

There are a few aspects that earlier messages missed:

All file systems require that the disk writes the blocks in the given
order, otherwise the file system may be corrupt upon a power outage
(and yes, we have had power outages on system with an UPS, due to the
UPS breaking down).  That's certainly true for journaling and
log-structured file systems, and file systems that use ordering
constraints to maintain a certain amount of consistency (e.g., BSD FFS
without and with soft updates).  Even file systems like ext2 that rely
on fsck instead of write ordering constraints, need synchronous writes
upon fsync.  Data bases also have write ordering constraints (they
usually work similar to journaled file systems).

AFAIK the only way to ensure these write ordering constraints are
heeded on current disks is by turning off write caching (see
http://www.complang.tuwien.ac.at/anton/hdtest/).  So anyone with
valuable data will turn off write caching; on a SCSI disk I measured
there was no way to enable write caching, presumably because SCSI
disks are usually used for valuable data.

Unfortunately no-write-caching implies a total order on the requests,
whereas the actual write order requirements are usually a partial order.
An elevator algorithm can exploit the freedom available in the partial
order to produce a more efficient sequence.

- anton
   
Eklektix, Inc. Linux powered! Copyright © 2000 Eklektix, Inc., all rights reserved
Linux ® is a registered trademark of Linus Torvalds