Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise news for all interests
Published March 12, 1998

Sections: Linux articles Security Kernel news Distributions Ports Software Development Tips Announcements Links of the week Feedback and corrections Other stuff: The LWN Archives Our Linux links page	Leading items Netscape has released their source code license in draft form. You can read the thing, in mind-numbing legal detail, on the mozilla.org web site. It looks pretty good; it's their own creation, but certainly adheres to the spirit of the GPL. Bruce Perens of Debian fame has pronounced it compliant with the Debian free software guidelines. The Netscape folks are looking for feedback, so check out the license if you're interested in these things and let them know what you think of it. According to the GIMP News, version 1.0 of the GIMP will be out around March 20. The GIMP is one of the truly cool Linux applications, even if it has been used to create some truly ugly, graphics-laden Linux sites. It's nice to see that it is finally ready for prime time. Here's one user's report on Linus Torvalds talk at the Silicon Valley Linux Users Group meeting, posted to linux-newbie. Here's a pretty little cost-comparison between NT and Linux for setting up an office network for 100 users. How many Linux users are there? Red Hat has revised their white paper on the subject (originally published January 11th). In the paper, they justify their current estimate of between 7-10 million Linux users, twice the estimate of a year ago. A truly phenomenal number of software announcements were made in the last week ... check out the list below.	Got some feedback, some news to publish, or something else you would like to tell us? lwn@eklektix.com is our address. Or would you like to be notified when new editions of the Linux Weekly News are published? Click here and send a blank message. Please see our contact page for other contact information. Here is the permanent site for this page.
	Linux in the news First Monday, the "peer reviewed journal on the Internet," has devoted its entire March issue to Linux and free software. Some of the stuff we've seen before (Cathedral and Bazaar, Cooking pot markets), but there's also a lengthy interview with Linus, an article by Christopher B. Browne on "Linux and decentralized development", and other good stuff as well. Getting through all this stuff will take some time, but it's time well spent. Ralph Nader thinks Dell should sell Linux boxes. Info-Policy Notes carres an article describing the barriers that exist to easy access to "alternative" operating systems, and concludes with an open letter to Michael Dell urging that systems running Linux (and other OS's) be made available. It would be good for Linux if Dell sold pre-installed systems, but I think Ralph (and others) do a real disservice when they overlook the many vendors out there that are already selling such machines. PCWorld ran this comment on Nader's proposal. In it, Linus says he welcomes the suggestion, but even being able to buy a PC without any operating system install would be an improvement. "For somebody like me, who really doesn't want to have Windows, I end up paying for Windows for no good reason. That's like paying taxes for something you really abhor." Is Windows forever? asks USA Today. Their answer seems to be "maybe not," and Linux is listed as one of the threats that Windows faces. Deja News, the original WWW archiver of netnews traffic, runs Linux! This article in Internet World talks about how their operation works. Comments in ZDNet about the Merced chip. According to one person, "Linux will be the first widely used IA-64 Unix." He goes on, however, to predict that the server market will be held by "Intel-based Linux" for some time yet. Also on ZDNet: Sun will give you 70% off Solaris if you "upgrade" from Linux or a number of other competing operating systems. Any takers? EETimes talks about a company using Linux for EDA, an acronym they never define; one assumes it means "Electronic Design Assistance" or some such. It's a favorable article, citing how much easier Linux is to manage than the alternatives. A letter to the editor in Computer Reseller News takes them to task for an interesting mistake: their "top ten selling DOS and OS/2 programs" list had Red Hat Linux in position #3.... Some people are trying to encourage PC Plus to add Linux coverage. If you want to help, speak up nicely, either via email or via their website.
	Avi Rubin maintains a list of college and gruaduate level courses in security and cryptography at http://www.cs.nyu.edu/~rubin/courses.html. He'd appreciate input and feedback to keep his site correct and up-to-date. In the ongoing problems with the use of a world-writeable /tmp directory, Stanislav Shalunov reported that a race condition exists when executing `perl -e ...'. Theo de Raadt responded that he submitted a patch for this problem to perl 5.003, which unfortunately did not make it into perl 5.004_04. He then posted his patch for 5.003 and Todd Miller's nice patch for 5.004_04. This latest /tmp problem spawned a lot of discussion about what should be done with /tmp to prevent such security problems. Here is a posting from linux-security, which outlines some of the options discussed, as well as proposing yet another. One interesting proposal recommended that temporary files be created in an untouchable area like the proc filesystem, no symlinks allowed. Of course, this would require kernel-level changes. The use of mkstemp was also encourage, but now a bug in mkstemp has been reported. Seems Linux uses a default of 666 when BSD, Solaris, etc., are (correctly) using 600. This was still found in glibc2.0.7-pre1 but the problem report caused it to be fixed in glibc 2.0.7. The list of /tmp problems goes on and on, ad nauseum. Here is a Red Hat problem with dhcp, (quickly fixed) another problem with updatedb and Slackware problems with netconfig and setup. The combination of bash 2.01 and ncurses 4.1 provides an insecure environment where a privileged user's console may be taken over.
	The current development kernel release is 2.1.89. This release was slow in coming, and changed a lot of things. It seems mostly stable, but it appears that some of the swap changes made in this release have been hard on interactive performance. The disk cache is able to grow a bit more than is wise, leaving user processes out in the cold. It's being worked on... But the big news, as of press time, is the pre-2.1.90 patch that Linus released. See his announcement. There are a couple of important things in this release: perhaps foremost being that the 2.1.8x networking problems are fixed. Since the announcement came out, a couple of notes suggest that the fix is not yet complete, but Dave Miller's "TCP warpath" seems to have achieved results. (The second pre-90 patch, released while this was being written, adds some more TCP improvements.) This means that one of the major roadblocks to 2.2 has been removed, and the serious code freeze (without "ice breakers" this time) is about to go into place. Also relevant is a "minor thing" that Linus did: kerneld has been removed from the 2.1 kernel. Kerneld, for those who don't know, is a user-mode daemon which automatically loads kernel modules (device drivers and such) when they are needed. Some distributions (i.e. Red Hat) depend heavily on kerneld in their stock configurations. Removing it is going to stir some things up. The replacement for kerneld is a thing called "kmod", written by Kirk Petersen and Cyrus Durgin. See a recent announcement and the documentation file from the kernel tree. Kmod has been incorporated into the pre-90 patch, and is thus available without further effort. Kmod does seem like a simpler solution to the problem; it remains to be seen whether it can truly replace kerneld or not. Gregory Travis, who posted some context switching benchmarks comparing Linux and NT a while back has pursued the subject further. It seems that Linux does better in some situations, but tends to degrade much more than NT when there is a large number of runnable processes. He ran more benchmarks, including a set with a slightly modified scheduler, and came up with these results and a detailed analysis as well. There are a couple of sources of slowness, including (1) uses a linear search on the queue of runnable processes when scheduling, and (2) some of the actually priority-setting code can be slow. Linus posted some remarks on the subject, describing the reasoning behind the scheduler design decisions. If you have an application using the old "callout" tty devices, /dev/cua*, it's time to begin thinking about changing it. A proposed change for 2.2 will put in a kernel warning when a program uses one of these devices, and they may go away altogether in 2.3. The thought is that device locking should be handled in user mode, and that the kernel should be out of that business. Anders Hammarquist has fixed the problems that prevented the new kernel NFS implementation from being compiled on glibc2 systems. A version has been made available on the Debian FTP server; a cleaner version of the fix should be made more widely available shortly. Many networking (and other) fixes are being produced by Bill Hawes. Bill is perhaps one of the great unsung heroes of the 2.1 kernel. If you see him at Linux Expo, shake his hand and buy him a beer... Alan Cox has put out the 2.0.34 pre3 patch as he heads towards a new release of the old stable kernel series. This patch does not yet have the fix for the mysterious lockup problem that affects some machines with a lot of network activity - that problem has not yet been nailed down. There are also some problems with actually applying and compiling this patch; a bit of last minute flakiness seems to have slipped in. A fixed version should come out in a few days. Meanwhile, for those who are having difficulties with the 2.0.3* lockup problems, David Ferry has put together a patch against 2.0.29 to create an ultra-stable kernel. His announcement is here.	Since we're a weekly publication, chances are we'll be behind a rev or two on the kernel release by the time you read this page. Up-to-the-second information can always be found at LinuxHQ.
	Caldera For those running into initial problems with 1.2 installs, check out the 1.2 FAQ. If you have problems with your CDROM drive being detected during installation, remember that Caldera posts updated boot disk images on their ftp site. Check to see if your CDROM is included in one of the new ones. Debian Bruce Perens put out a comment on Debian's Trademark policy. No business can use the word Debian in their business or domain name. To save money and time, contact them first and ask about any planned use. Barring exceptional circumstances, hamm (Debian 2.0) will freeze on March 16th. The upcoming freeze has stirred up a large amount of posts about how to find and handle orphaned packages or packages with critical bugs, whether the non-386 architectures will make the release date and more ... Testers Are Needed for the Hamm Freeze! Here's your chance to contribute to the effort, if you haven't yet. And to upgrade your bo system to hamm? The latest offer is dpkg-get, a deity method. The claim is that it obsoletes dpkg-ftp, dpkg-http, pkg-order, autoup.sh and possibly others. Christian Schwarz has created a Debian Resources page. Red Hat Red Hat will be at a couple of user group meetings over the next couple of weeks. Check out the User Group Calendar below. Lots of people are poking Red Hat to find out if Red Hat 5.1 is on the way. No official answer, but it is definitely in the works, as can be deduced from several hints: the presence of Red Hat in the newsgroups has gone down, workers that will comment say it is certainly being thought on, and last, it was pointed out that Red Hat upgrades typically come out just before a major Linux event or expo ... Problems with the upgrade or installation of Red Hat 5.0 are still extremely common. No universal solution has been reported, but check out the errata pages on the Red Hat website first. S.u.S.E.
	Tres Hofmeister reported to us that Linus Torvalds was presented with a Palm Pilot by folks from 3-Com, in recognition of the fact that Linux is being ported to the Pilot by the Linux/Microcontroller Project. If you're interested, he also forwarded a copy of a recent digest from pilot-unix, which describes the purpose of the pilot port of Linux. The sparc port of hamm (to be Debian 2.0) is close, but unlikely to make the freeze date (March 16th). They will be working to "catch up" to the Intel release during the Freeze, so they could still make the release date, or come out soon after.
	Java Sun wants to poll java developers for information. If you are interested, sign up , give them your number and a time to call and you may get a chance to talk with someone directly. Christopher Seawood posted a list of tweaks he used in order to get Java Studio 1.0 & Java Web Server 1.1 working under linux. He was not able to get Java Workshop 2.0 going, but Joachim Bergmeyer was, using a patch from S.u.S.E. He also posted various unofficial jdk 1.1.5 builds built using a glibc motif 1.2.4 and RedHat's glibc motif 2.1. Embedded Systems In response to several requests, William R. Kerr posted a detailed discussion of the system-level issues in implementing cPCI Hot Swap in an operating system to linux-embedded. Real-time The real-time Linux folks want to put out a release concurrent with the upcoming 2.2 stable kernel release. Here's a quick note describing what they hope to have in place.
	Stefan Waldherr has updated his Star Office page to include the patch from StarDivision that hopefully fixes the problem with random lockups. From one of your editors' personal experience: Red Hat distributions (and probably others) use Wietse Venema's version of portmap which can use the TCP wrapper control files (/etc/hosts.allow and /etc/hosts.deny) to decide who can map ports and who can't. However, "to avoid deadlocks" portmap doesn't reverse map IP addresses to host names before checking. Thus, all entries for portmap must use IP addresses, and not host (or domain) names. Forget this, and you'll find access being denied when it seems it should be allowed...
	Software Package Version Description a2ps 4.9.10 Any to PostScript filter ACUA 2.07 Access control and user administration AutoRPM 1.2 automatically keeps RPMS up-to-date C50SIM n/a simulator for TMS320C50 dsp ccmalloc 0.2.1 memory profiler and malloc debugger chpp 0.2 a general purpose preprocessor cvs2html n/a converts cvs log information to html DAS driver n/a driver for DAS 1600/1400/1200 and compatibles DosLinux 54 small linux system for dos dds 1.0.0alpha Distributed Dependancy Scheduler Follow 2.02 Web usability analysis tool (COMMERCIAL) fortune 0.1 simple, small, fast fortune program Grail 0.4 Python web browser Help ToolKit for Motif 0.9beta easy development of on-line help for Motif applications IPChains 1.3 kernel firewall replacement ivtools 0.6.2 C++ application frameworks for spatial data Ktk 0.1 Qt look'n'feel for Tcl/Tk applications MaMa 1.0a1 "Make Master" graphical front end for 'make' program. monctrl 0.1 Philips monitor software control panel MPSQL 1.5.3 a SQL GUI client for PostgresSQL ncurses 4.2 terminal control library netcdf 3.4 System-independent scientific data format newsfetch 1.11 pull news via NNTP to a mailbox nosql 0.9 Unix RDBMS nv-dc1000 0.1beta Transfer images from the NV-DC1000 digital camera Open Sound System C++ Wrappers n/a minimal C++ wrappers around OSS-lib Pathetic Write n/a Yet Another Half-working Word Processor pavuk 0.8 WWW mirroring tool with or without GUI interface pdict 1.0 phonetic work lookup program PostgreSQL 6.3 SQL RDBMS Procinfo 13 system information utility rhupgrade 2.0 upgrade your RedHat system by hand RITW n/a Very simple network monitoring tool Screader 1.5 A screen reader for Linux scwm 0.6 Scheme Configurable Window Manager siggen 2 signal generator progs for soundcards sendfile 2.1 async file transfer service Socket Script 1.5 create networking-oriented programs Sound Recorder 0.02 record samples or tracks from line or cdrom input Spak 0.6b Arbitrary Packet Generator/Sender Sprocket 0.4.0 graphical ftp-client Tag-types 0.0.6 Utilities for manipulating tagged files taper 6.8.4 Backup software for tape drives, floppies, ZIP drives urlmon 3.0b URL monitoring software utok 1.5 Unique TOKens Uwatch 0.1a Monitor Logins/Logouts WipeOut 1.2 integrated software development environment for C++ and Java projects (COMMERCIAL) WWWOFFLE 2.1 World Wide Web Offline Explorer X-CD-Roast 0.96d-beta3 a CD-Writer-Package based on cdrecord and mkisofs XEmacs 20.4 an internationalized text editor Xenmenu 0.8b ASCII Menu Generator XFracky 2.5 a multithreaded Tcl/Tk based application for rendering fractals XFree86 3.3.2 The X window system XNew 0.4a Account Request/Creation Tool xpdf 0.7a a PDF viewer for X Yalsim 2 Yet Another Logic/Timing Simulator (COMMERCIAL $1) ypserv 1.3.0 NIS v2 server ypbind-mt 1.0 multithreaded NIS binding daemon Projects Albrecht Kleine is looking for a beta tester for the new release of the TYA just-in-time-compiler. The Mexico Linux User Group is sponsoring a Linux-IRC Project. Their goal is to have multiple channels, i.e., #kernel, #admin, #net, #gnu, and more, plus to be able to use the channel for teaching classes, conferences and user groups meetings. Perhaps they can join with linpeople, an older IRC network that is not widely known. The X11 Games page has been recently updated and the maintainer is looking for new links and games. A decision has been made to migrate SMGL-Tools and the Linux Documentation Project to a new document type definition, DocBook. The FreeDOS project is not new, but here's a reminder, if you're interested in DOS, you'll be interested in this project. Resources The March issue of the Linux Gazette has been released. Linux Central's has Redhat's 5.0 distribution for $1.95. The book, "Samba: Integrating UNIX and Windows", has been published by Specialized Systems Consultants Inc. (SSC). Events The O'Reilly-sponsored Perl Conference has issued its Call For Papers. The conference will be held August 17th through the 20th in the Fairmont Hotel in San Jose, California. Web sites Web Watcher now has its own domain, thanks to the folks at VA Research! The Linux Questionnaire gives people a place to report their experience with Linux and see the survey results, updated hourly. Here's a page that offers help with Linux setup on Digital VP-567 & VP-500 series: http://www.dcs.shef.ac.uk/~u7gl . User group Calendar Thursday, March 12th The Beowulf cluster will be the topic of presentation at the next Boulder Colorado Linux Users Group meeting. The Atlanta Linux Enthusiasts will meet today. Saturday, March 14th The Red Hat Tour will meet with the UCLA Linux User's Group. Several local computer users groups are having their annual Computerfest at the Illinois State Fairgrounds in Springfield, Illinois. Tuesday, March 17th Red Hat will be meeting with the umbc linux users group. Wednesday, March 18th The next meeting of the Worcester Linux Users' Group (WLUG) will be held. Saturday, March 21st Skaane Sjaelland Linux Users Group (SSLUG) will hold a meeting in Lund, Sweden at the University of Lund. Other User Group News Here is the announcement for the first Czech Linux Users' Group Meeting in Cikhaj. To become a member, check out this posting. (In Czech) The UNIX/Linux Special Interest Group of the Dayton Microcomputer Association meets on the first thursday of every month. The GNU Generation Computer Group of Corpus Christi Texas (GGCG) now has a mailing list .
	Linux links of the week Anybody who doesn't have "ssh" on their systems should wander over to the ssh home page and learn about it. Ssh is the realization of some of the promise of cryptography, providing secure communications (all traffic is encrypted), protection against password sniffer attacks (one of the biggest sources of breakins), and protection against host spoofing attacks. It's easy to install and use, and you'll never use rlogin again. Red Hat users can get an RPM of ssh from the Replay crypto archive. This site is conveniently hosted outside of the U.S., so the nonsensical American crypto laws are not a problem. They have a lot of good stuff beyond ssh as well. If you're one of the three readers of this page who don't know about Slashdot.org, go check it out now. It's the best source of up-to-the-second news on the net.
	Feedback and Corrections Many people posted that they had registered on the Linux Counter quite a while ago and been given an id number greater than 60,000 quite a while ago. No word yet from the maintainers of the site as to why their summary report still showed less than 60,000 ...

This page is produced by Eklektix, Inc.