Other LWN stuff:
 Daily Updates
 Calendar
 Linux Stocks Page
 Book reviews
 Penguin Gallery

 Archives/search
 Use LWN headlines
 Advertise here
 Contact us

Recent features:
- RMS Interview
- 2001 Timeline
- O'Reilly Open Source Conference
- OLS 2001
- Gaël Duval
- Kernel Summit
- Singapore Linux Conference
- djbdns

Here is the permanent site for this page.

See also: last week's LWN.

Leading items and editorials

Weiss said he could see a day when "80 per cent of the revenues, indirect or direct, attributed to Linux will go into IBM coffers unless companies like HP, Red Hat and VA Linux smarten up their act. IBM will have a stranglehold on the community"

Mr. Weiss also says:

The biggest problem IBM has is that it appears to the Linux community that it is trying to take over the Linux momentum and grab what this OS has to offer

It is interesting that Mr. Weiss has such sense of the Linux community - Gartner has, in general, kept its distance from that community. From LWN's viewpoint, IBM has not yet frightened all that many people. One can always find those who will complain about corporate involvement in Linux, of course. But, in general, IBM's Linux moves have been seen as good news.

The more interesting question, though, is this: should we be scared of IBM? Those who look can certainly come up with reasons to worry:

• IBM dominated the computing industry for much of its history; the company really only lost its grip around the beginning of the 1980's. For much of the time before then, it owned the market in a way that Microsoft can only dream about. And, needless to say, IBM did not always play nice.

• IBM is clearly interested in Linux and free software. A company does not publicly commit to investing a billion dollars in a field without seeing some commercial potential there.

• The existing players could prove highly vulnerable to an IBM offensive. An IBM Linux distribution, if well done, could be a powerful contender in the corporate market. IBM already has service offerings and preinstalled Linux systems aimed at that market. It also has a large array of add-on proprietary software (WebSphere, DB2, etc.). IBM, if it wanted, could look much like the IBM of old, whose customers bought everything they needed from one source.

IBM, thus far, has taken great care not to upset the Linux community. It is careful about free software licenses, has been careful to work with multiple Linux distributors (and has not created a distribution of its own), and, in general, has avoided looking like it wants to take the whole pie. These efforts have paid off; IBM's image in the Linux community is pretty good.

But IBM is a company like any other, beholden to its shareholders. IBM executives have been very clear that they see free software as a disruptive technology. One can be sure that, given that they believe free software will be highly successful, they want to own a large part of that success. If other Linux companies look like they are threatening IBM's success, IBM will certainly respond in a competitive manner. Companies can not ignore competitive threats and survive.

So IBM is likely to work harder, compete harder, and do its best to own a large part of the Linux market. Should the Linux community be worried about a future that is more blue? Certainly Linux companies should be worried - they will face no end of threats over the next few years. But even they could find themselves better off: IBM, in seeking its piece of the Linux pie, has a good chance of making that pie much larger. Billion dollar investments and high-profile deployments will grow the market for everybody. In a few years, many Linux vendors could find themselves with a smaller market share, and a lot more business.

The Linux community should have little to fear, as long as IBM continues to play by the rules. Free software will remain free, and nobody will ever be forced to do business with IBM, or any other company, to use it. IBM bears watching, as do all companies working with free software. But it is not a particular threat, even if it is big and blue.

Zend launches its PHP products. For years, the PHP language (once "Personal Home Page," now "PHP: Hypertext Preprocessor") has been the engine behind a great many web sites. Its C-like syntax, performance, and database interfaces have all combined to make it, arguably, the most popular server scripting language available.

Also for some time now, a company called Zend Technologies has been contributing to the PHP project. Among other things, the high performance "Zend engine" powers the (relatively) recent PHP 4.0 release. Zend has done much to advance the PHP state of the art.

Now it's time for Zend to make some money from all this. The company's plans became clear with this press release, which came out on January 23. Zend is offering a whole range of products and services oriented around PHP, including:

• The "Zend Cache." This product, aimed at very high volume web sites, caches the intermediate, compiled versions of PHP scripts. If your traffic is high enough, this caching can make a real difference.

• The "Zend Encoder" works like a Java bytecode obfuscator. Using the encoder, a proprietary software vendor can distribute "PHP scripts" in an unreadable form that is resistent to reverse engineering.

• The "Zend IDE," an integrated PHP development environment. Among other things it includes a debugger which allows the debugging of PHP scripts remotely. One can only hope they have thought through the security implications of remote server script debugging.

• The "Zend Launchpad," which appears to be an FTP site allowing the download of "Zend certified" versions of PHP.

• A subscription plan which provides regular PHP updates, access to technical support, and "special offers and exclusive offerings throughout the year."

• A web-oriented support offering.

A couple of aspects of these offerings jump out at the reader. The first is that the support offerings are clearly not at the core of what Zend is up to. The offerings are minimal, and, at the given price levels ($50/year for "non-commercial" customers, $70/month for the rest), will not generate large amounts of revenue. There are no expensive "we'll do your web site with PHP" offerings, consulting services, or PHP enhancement services. Unlike Great Bridge, NuSphere, and others, Zend is not centering its business around services for free software.

Instead, Zend is a proprietary software business which is supporting PHP as the loss-leader platform on which to base its (expensive) products. Those who are in doubt can check out Zend's software license which has the usual proprietary stuff in it - including a prohibition on reverse engineering of the product.

It is, of course, entirely within Zend's rights to offer its work as a proprietary product. And even if Zend has not embraced the "all free software" view, the company has certainly done much to support a highly successful free software product. It will be interesting to see if this approach to running a (partially) free software business is successful.

Meanwhile, the all-free competition is not standing still. Digital Creations has just put out a press release announcing the (forthcoming) release of Zope 2.3. Among other things, this version of Zope includes its own caching system for dynamic content. It also includes a number of ease-of-use improvements that are intended to mitigate the notorious Zope learning curve. Digital Creations has done well with the pure services model, and thus continues to put its developments under a free software license.

LinuxPPC goes non-profit. LinuxPPC, the organization behind the popular LinuxPPC distribution for PowerPC computers, was originally founded in 1997 as a for-profit company. However, their intent was always to become a non-profit organization, with the goal of supporting Linux on the PowerPC platform. Filing as a for-profit company was initially just easier and less expensive.

Then came the Linux stock phenomena and the "dot-com" craze. The hoopla distracted them from their original purpose for a while. They turned down a lot of offers, listened to people who told them a non-profit couldn't survive in that kind of environment and slowly build a solid, small business.

Once the stock market hype died down, their original plans looked more promising than ever. As a result, LinuxPPC is moving ahead to file as a non-profit corporation. Why? In a word, "Control". No venture capitalists, angel investors or stockholders to drive the mission of the company. The control rests with the users and developers of LinuxPPC.

For more details, please check out our interview with Jason Haas, who, along with Jeff Carr, founded LinuxPPC.

And don't worry, the LinuxPPC distribution will be here for a long-time to come.

On the joys of copy protection. For those who haven't seen it, this posting from John Gilmore on copy protection is certainly worth a read. It is a clear discussion on how numerous companies are attempting to use technology to take away rights that are otherwise guaranteed, and how there's a better way.

It's no coincidence that the open source, free software, and Linux communities are among the first to become alarmed at copy protection. They are actively making their livings or hobbies out of eliminating scarcity and increasing freedom in the operating system and application software markets. They see the real improvement in the world that results -- and the ugly reactions of the monopolistic and oligopolistic forces that such efforts obsolete.

The full posting is long but worth the trouble.

LinuxWorld and Linux Expo Paris happen next week. The LinuxWorld Conference and Expo is happening next week in New York. Expect the usual: suits and ties, loud music, corporate hype, wild parties, and, of course, lots of Linux. LWN.net editors Liz Coolbaugh and Michael J. Hammel, as well as LWN.net team member Dennis Tenney will all be there. Stop by and see our talks or look for us in the Exhibit Hall. And keep your browser tuned to LWN, of course, for news from the event.

Also happening next week is Linux Expo Paris in, well, Paris. LWN, alas, will not be there, a mistake that we intend not to make again next year.

Meanwhile, if SuSE CTO Dirk Hohndel looks tired, be nice to him: he is currently listed as a speaker at both shows...

LWN turns 3. The very first LWN weekly edition came out on Thursday, January 22, 1998. Three years later, we're still here - though, hopefully, we've improved a little on the way. We're looking forward to many more years...

Inside this week's Linux Weekly News:

• Security: Real damage from the Ramen worm, MySQL, sash, micq, webmin, kdesu, crontab, icecast and bing vulnerabilities.
• Kernel: Ways of speeding up data copies; 2.4.0 and USB module autoloading; moving kbuild to SourceForge.
• Distributions: Good news for SPARC, Microwindows 0.89pre7 packed with new features.
• Development: The Open Source Development Lab opens, GIMP flurry, MySQL 3.23 MSQL 3, Bind and Python updates.
• Commerce: Linuxcare Managed Services, LinuxWorld announcements.
• History: bob@redhat.com's new web site, the Netscape source release, and more.
• Letters: Dell laptops, Linux pronounciation, NFS and journaling filesystems

This Week's LWN was brought to you by:

• Jonathan Corbet, Executive Editor
• Elizabeth O. Coolbaugh, Managing Editor
• Michael J. Hammel, Senior Editor

See also: last week's Security page.

Security

News and Editorials

Multicast impacts from the Ramen Worm. Last week, in our coverage of the Ramen Worm, we mentioned the network impacts of the Ramen Worm, but like many other news reports, we glossed over them quickly. That did not do justice to the most-likely unintended consequences of the Worm; its impact on multicast networks.

The Ramen worm was designed to use a binary called "randb" to generate a list of class B networks to scan. That causes the impact of the worm to be somewhat randomly scattered. However, the first byte of the IP addresses generated ranged from 13 to 242 -- a range that includes multicast addresses. On other words, the Ramen worm is also scanning multicast networks, and the results are far from pleasant.

What is multicast? Where most Internet traffic is much like a telephone call, directly from one IP address to another, multicast traffic is more like radio or television. All sites that have "tuned in" to the multicast broadcast will receive it - and can broadcast to all other participants as well. The multicast network is designed such that data need cross any network segment only once, even if it is being broadcast to many recipients on the other side. Example uses of multicast include the broadcasting of real-time audio and video from conferences or tuning in on the space shuttle. Check the Multicast over TCP/IP HOWTO for more details.

The IP address range for multicast is 224.0.0.0 through 239.255.255.255. This range is thus included in the address space attacked by the Ramen worm. Each scan packet sent by the multicast scan generates a Multicast Source Distribution Protocol (MSDP) Source Availability (SA) message. Bill Owens reported:

Unfortunately the scanner being used is very efficient and can cover a /16 in about 15 minutes, generating 65000 SA messages. The SA messages are flooded throughout the multicast backbone and the resulting load on the routers has caused degradation of both multicast and unicast connectivity

For the past nine days, this has resulted in repeated storms of network traffic on multicast networks. The graph reporting statistics over the past month is particularly telling -- the level is flat for the first two weeks, then shows tremendous peaks of traffic, each reprenting a multicast storm.

All of this tells us that multicast has been proven vulnerable to a denial-of-service attack. That problem is being heavily discussed on the Internet2 multicast and MBONE mailing lists.

As a result, though, the damage from the Ramen worm is much higher than we originally reported.

As a side note, Crispin Cowan from Immunix reported that FormatGuard, used by Immunix to prevent format string vulnerabilities, successfully blocked all three of the vulnerabilities exploited by the Ramen worm.

French hackers break SDMI, publish results. Two French hackers, Julien Stern and Julien Boeuf, have broken the Secure Digital Music Initiative's watermarking scheme. However, being French, they (1) have declined to sign SDMI's nondisclosure agreement, and (2) are not subject to the Digital Millennium Copyright Act. So they have published their findings, both in French and in English. (Found on Da Linux French Page).

Linux Gets Stateful Firewalling (SecurityPortal). SecurityPortal covers Netfilter, the packet filtering system provided by the new 2.4 kernel release, in this article by Jay Beale. "The 2.4 kernel's packet filtering system, Netfilter, is Linux's first stateful firewall. Stateful firewalls represent a major technological jump in the intelligence of a firewall and are present in all serious Enterprise firewalling products. Among many enhancements, this "statefulness" allows Netfilter to block/detect many stealth scans that were previously undetected on Linux firewalls."

Security Reports

MySQL buffer overflow. Nicolas Gregoir reported a buffer overflow in the MySQL server that can be exploited remotely to gain access to the system under the uid of the mysql server. MySQL 3.23.31 and earlier are affected. MySQL 3.23.32 fixes the problem. Check BugTraq ID 2262 for more details.

• Debian
• Linux-Mandrake, including new PHP packages
• Red Hat
• Red Hat, new PHP packages

sash readable file vulnerability. Debian released an advisory this work for sash, reporting that versions of sash prior to sash 3.4-4 did not properly clone /etc/shadow, leaving a fully readable file as a result. They have provided updated packages for stable.

micq remotely exploitable buffer overflow. Micq is a public domain ICQ clone. Micq 0.4.6 is reported to contain a remotely exploitable buffer overflow that can be used to execute arbitrary code. micq 0.4.6p1 contains a backport of the fix provided by Debian. Check BugTraq ID 2254 for more details.

This week's updates:

• Debian

webmin tmpfile vulnerability. Webmin, a perl-and-web-based systems administration interface, is reported to insecurely create temporary files in several instances. webmin 0.84 contains a fix for this problem.

This week's updates:

• Caldera

kdesu password sniffing. Caldera issued an advisory for kdesu, a KDE2 program that is used to run systems administration commands under the root account. They report that a bug in kdesu will allow any user on the system to steal passwords entered at the kdesu prompt. Sebastian Krahmer (SuSE) and Waldo Bastian (KDE) are also acknowledged for their part in helping to track down this problem. Presumably, any other system shipping KDE2 may also be affected.

FreeBSD-specific ipfw/ip6fw vulnerability. FreeBSD issued an advisory reporting a problem with ipfw/ip6fw that is specific to FreeBSD. The ECE flag is incorrectly treated, potentially incorrectly allowing some traffic through the IP filters. Updates for the problem are provided.

crontab file access vulnerability. FreeBSD put out an advisory and updates for a problem with crontab(8) which can allow any file on the system that matches a crontab file in format to be read. This also includes any file where every line either begins with a "#" or contains only whitespace.

This problem is not FreeBSD-specific. No related reports have been seen.

icecast format string vulnerability. A format string vulnerability was reported this week in icecast 1.3.8beta2 and prior. This can be exploited remotely to execute arbitrary code. Exploits for Slackware and Red Hat have been published. icecast is an MP3 server. So far, an updated version of icecast has not been published.

This week's updates:

• Red Hat

bing local root exploit. Paul Starzetz reported a buffer overflow in bing that can be exploited locally to gain root access. bing is a tool designed to help calculate the network bandwidth between two points. bing 1.04 and earlier are vulnerable; bing 1.0.5 has been released to fix the problem.

Commercial products. The following commercial products were reported to contain vulnerabilities:

• Watchguard Firebox II has been reported to contain a password retrieval vulnerability. Upgrades have been made available.

• Netscape Enterprise Server has been reported to be vulnerable to a denial-of-service attack. No vendor response has been seen so far.

• Netscape Enterprise Server has also been reported to contain an input validation vulnerability that can be exploited to disclose a directory listing of the target server. Disabling web publishing will temporarily close the hole. No vendor response has been seen so far.

• Netscape FastTrak Server is reported to be vulnerable to a denial-of-service attack via its cache module. No vendor response has been seen so far.

Updates

PHP Apache Module per-directory and virtual hosts vulnerabilities. Check the January 18th LWN Security Summary for the original report of the problems. An upgrade to PHP 4.0.4pl1 will resolve the issues.

This week's updates:

• Conectiva
• Linux-Mandrake

ssh1 secure RPC vulnerability. Last week, we mentioned a vulnerability in ssh 1.2.30 secure rpc encryption. This week, Dan Harkless pointed out that the vulnerability applied not just to ssh 1.2.30, but to ssh 1.2.30 and all earlier versions of 1.2.X.

glibc RESOLV_HOST_CONF preload vulnerability. Check the January 18th LWN Security Summary for the initial report of this problem, which can be exploited to gain local root access. This week's updates:

• Immunix

• Red Hat (January 18th)
• Slackware (January 18th)
• Debian, 2.2 not vulnerable, testing and devel trees are (January 18th)

glibc local write/ld.so.cache preload vulnerability. Red Hat issued another update to glibc this week to fix a preload-related vulnerability. In this vulnerability, the glibc preload check was not applied to libraries that had already been loaded into /etc/ld.so.cache. This can be exploited to create/overwrite files without authorization.

This week's updates:

• Linux-Mandrake
• Trustix

• Red Hat (January 18th)

Multiple vulnerabilities in splitvt. Multiple vulnerabilities were reported in splitvt in the January 18th LWN Security Summary, including several buffer overflows and a format string vulnerability. An upgrade to splitvt 1.6.5 should resolve the problems.

This week's updates:

• Debian
• Debian, updated advisory due to package mixup

jaZip buffer overflow. A buffer overflow was reported last week in jaZip, a program for managing Iomega Jazz or Zip drives.

This week's updates:

• Debian

wu-ftpd insecure tmpfile creation. Check the January 11th LWN Security Summary for the original report of twelve packages with tmp race problems, of which wu-ftpd was one.

This week's updates:

• Debian
• Debian, Intel ia32 packages recompiled due to missing PAM support
• Debian, another problem with the Intel ia32 packages fixed

• Immunix (January 11th)
• Linux-Mandrake (January 18th)
• Linux-Mandrake, previous update installed the wrong pam support file (January 18th)

tinyproxy heap overflow attack. Check the January 18th LWN Security Summary for the initial report. This can be exploited to cause a denial-of-service. tinyproxy 1.3.3a has been released to fix this problem.

This week's updates:

• Debian

BIND 8.2.2-P5 denial-of-service. A denial-of-service vulnerability was reported in BIND 8.2.2-P5. Check the November 9th, 2000, LWN Security Summary for the initial report. BIND 8.2.2-P7 contains a fix for the problem.

This week's updates:

• FreeBSD

• Conectiva (November 16th, 2000)
• Conectiva, updated (November 16th, 2000)
• Definite Linux (November 16th, 2000)
• Debian (November 16th, 2000)
• Linux-Mandrake (November 16th, 2000)
• Red Hat (November 16th, 2000)
• Slackware (November 16th, 2000)
• CERT (November 16th, 2000)
• Caldera (November 16th, 2000)
• Immunix (November 16th, 2000)
• Kondara (November 16th, 2000)
• Trustix (November 16th, 2000)
• SuSE 7.0, not vulnerable (November 16th, 2000)
• SuSE 6.0 through 6.4 (November 23, 2000)

XFree86 security problems. Check the October 26th, 2000 LWN Security Summary for the original report on multiple security problems in XFree86 3.3.5, 3.3.6 and 4.0.

It is well worth noting that updates from other Linux vendors for these problems still haven't been seen. Even the Conectiva announcement only covered one of the reported vulnerabilities.

This week's updates:

• FreeBSD, XFree86 3.3.6

• Conectiva, for one of the vulnerabilities

Events

Upcoming security events.

Date	Event	Location
February 7-8, 2001.	Network and Distributed System Security Symposium	San Diego, CA, USA.
February 13-15, 2001.	PKC 2001	Cheju Island, Korea.
February 19-22, 2001.	Financial Cryptography 2001	Grand Cayman, BWI.
February 19-22, 2001.	VPN Con	San Jose, CA, USA.
February 24-March 1, 2001.	InfoSec World 2001	Orlando, FL, USA.
March 3-6, 2001.	EICAR and Anti-Malware Conference	Munich, Germany.
March 27-28, 2001.	eSecurity	Boston, MA, USA.
March 30-April 1, 2001.	@LANta.CON	Doraville, GA, USA.

For additional security-related events, included training courses (which we don't list above) and events further in the future, check out Security Focus' calendar, one of the primary resources we use for building the above list. To submit an event directly to us, please send a plain-text message to lwn@lwn.net.

Section Editor: Liz Coolbaugh

LWN Resources


Secured Distributions:
Astaro Security
Castle
Engarde Secure Linux
Immunix
Kaladix Linux
NSA Security Enhanced
Openwall GNU/Linux
Trustix

Security Projects
Bastille
Linux Security Audit Project
Linux Security Module
OpenSSH

Security List Archives
Bugtraq Archive
Firewall Wizards Archive
ISN Archive

Distribution-specific links
Caldera Advisories
Conectiva Updates
Debian Alerts
Kondara Advisories
Esware Alerts
LinuxPPC Security Updates
Mandrake Updates
Red Hat Errata
SuSE Announcements
Turbolinux
Yellow Dog Errata

BSD-specific links
BSDi
FreeBSD
NetBSD
OpenBSD

Security mailing lists
Caldera
Cobalt
Conectiva
Debian
Esware
FreeBSD
Kondara
LASER5
Linux From Scratch
Linux-Mandrake
NetBSD
OpenBSD
Red Hat
Slackware
Stampede
SuSE
Trustix
turboLinux
Yellow Dog

Security Software Archives
munitions
ZedZ.net (formerly replay.com)

Miscellaneous Resources
CERT
CIAC
Comp Sec News Daily
Crypto-GRAM
LinuxLock.org
LinuxSecurity.com
Security Focus
SecurityPortal

See also: last week's Kernel page.

Kernel development

Those looking for something meatier may want to consider, instead, 2.4.0-ac11 from Alan Cox. This release contains literally hundreds of patches - almost 10MB worth.

Cutting out the middleman in data transfers. The discussion started by David Miller's posting of an experimental zero-copy networking implementation (discussed on this page two weeks ago) continues, though it has moved into new areas. One of those is the optimization of data transfers to avoid copying the data as much as possible. Consider, for example, the sendfile() interface that Linux supports now; using sendfile(), an application (a web server, say) can transfer a disk file to a network socket without ever having to read it into user space. There is an obvious performance gain from operating in this mode for certain applications.

So, why not extend the idea to its logical conclusion? Why not have a system call that says "copy data from here to there, and optimize as much as possible"? One approach to this mode is Larry McVoy's 'splice' interface, which tries to provide a general way for user space processes to control high-performance copies. It provides "push" and "pull" primitives which handle the destination and source sides of a copy, respectively, and give the application some latitude in how the two are put together.

Here's Linus's comments on splice and why it has not been implemented so far. Essentially, sendfile handled the task that most users wanted, the splice interface needed a bit of work, and it didn't fit well into the structure of the kernel at the time. The kernel has since evolved, and Linus's message hints that an implementation of a modified form of splice would be easier now, and that it might even be accepted.

One can take the idea further, however: why not, when appropriate, simply tell the hardware to copy the data between devices directly and leave the kernel (and the processor) out of it altogether? According to Linus, that's one of those great ideas that turns out not to be so great in practice. His short response to the idea was:

device-to-device copies sound like the ultimate thing.

They suck. They add a lot of complexity and do not work in general. And, if your "normal" usage pattern really is to just move the data without even looking at it, then you have to ask yourself whether you're doing something worthwhile in the first place.

Further into the discussion, Linus came up with other reasons to avoid direct device-to-device (D2D?) copies. One is that there is very little use for the capability in the end. One can talk, for example, of streaming video directly to disk - but how often will a user be recording video without wanting to look at it too? Another is that very little hardware supports that mode of operation. Linus sees a trend toward connecting hardware with direct, point-to-point links that are not amenable to direct operations between devices. Quoth Linus: "Just wait. My crystal ball is infallible."

TCP_CORK or MSG_MORE? Another branch of the same discussion has to do with getting optimal performance from network transfers. Imagine a web server using the sendfile() interface described above. In response to a request for a page, the server will first write out a short set of HTTP headers, then use sendfile() to actually transfer the page data. By the time the sendfile() call is actually made, however, the headers will have gone out on the net as a very short packet. The result is poor performance on both the sending and receiving side.

Linux has handled this issue with a TCP option called TCP_CORK. If an application sets that option on a socket, the kernel will not send out short packets. Instead, it will wait until enough data has shown up to fill a maximum-size packet, then send it. When TCP_CORK is turned off, any remaining data will go out on the wire.

TCP_CORK does the job reasonably well. Recently, however, a contingent led by Ingo Molnar has been pushing for a new interface which uses a flag called MSG_MORE. Rather than applying to the socket in general, MSG_MORE is attached to a one or more write operations on that socket. It says "there will be more data coming," and the kernel knows to buffer data to get bigger packets. The advantages of this approach are said to be (1) it requires no persistent state on the socket, thus helping, among other things, to avoid programming errors; and (2) it avoids the system call overhead of toggling the TCP_CORK flag. Ingo used MSG_MORE in the implementation of the TUX kernel web server, and is happy with the results.

Linus, however, is not convinced. MSG_MORE requires a flag to be set on every transfer, only works on sockets, and requires that the code that is doing the writing be aware of the flag. TCP_CORK, instead, works with programs using the standard I/O package, and it can be set on sockets that are passed to other applications, such as CGI scripts, that are completely unaware of its presence. The TCP_CORK flag preserves a lot more of the standard Unix stream semantics.

Conclusion: don't expect to see MSG_MORE show up in user space anytime soon.

Fixing the 2.4.0 USB breakage. When 2.4.0 came out, it included a last-minute change to the usb_device_id structure, which is used to find driver modules for specific USB devices. Unfortunately, the form of this change was such that it broke the USB autoloading mechanism entirely. Since then, the USB maintainers, along with modutils maintainer Keith Owens, have been trying to figure out a way to make things work again.

The problem is that modutils, which handles the actual module loading process, can not distinguish the new usb_device_id structure from the old one. Making modutils work with the 2.4.0 version of the structure is not a problem - but then it will cease to work for earlier versions. Keith Owens places great importance on backward compatibility, and does not want to break things for any version. So he has produced a kernel patch which adds a version number to the relevant structures. With versioning, changes can be detected and everything can be made to work.

Linus, however, does not want to apply the patch. It is, after all, a binary interface change; such changes are generally avoided within a stable kernel series. Besides, the only other kernels which used the USB device table were the 2.4.0-test kernels - that structure was added in 2.4.0-test10. Nobody feels all that bad about breaking the prerelease kernels, in the end.

Almost nobody, that is; Mr. Owens is still not entirely happy. He has released modutils-2.4.2 which makes the 2.4.0 format work, but he has done so "under protest." People who want to be able to switch between 2.4.0 and the 2.4.0-test kernels will have to keep two versions of modutils around; everybody else can just install 2.4.2 and USB autoloading will work again.

Should the kbuild list move to SourceForge? Michael Elizabeth Chastain has posted a proposal to move the kbuild mailing list (which discusses the kernel configuration and building system) to a SourceForge project. He has a few reasons, but any kbuild reader will know the first one intuitively: spam routinely exceeds real postings on that list. With luck, moving to a site with better spam filtering would help to make the list usable again.

The one objection to the move came in the form of this posting, which raised the concern that the free software world is becoming too dependent on SourceForge.

But it just concerns me when a single company has the ability to (temporarily) freeze the development of half the world's open-source software just by unplugging a roomful of servers, either voluntarily or not (think "court order").

This is a concern that LWN has raised in the past as well. This time, however, there was a semi-official response in the form of this message from Eric Raymond, who is on the VA Linux board of directors. According to Eric:

We're not blind to this problem. We don't want to be a chokepoint; it's in VA's interest for the community to know it's protected against accident or malfeasance. This is why we're developing a network of active mirror sites -- not just to improve performance, but so one of them could take the baton if the SourceForge primary site had to shut down for some reason.

It is good to see an acknowledgement of this concern from VA. SourceForge is a great resource, but it has led to an unprecedented concentration of free software projects in a single place.

Other patches and updates released this week include:

• Neil Brown has released a RAID5 patch which should fix the filesystem corruption problems that people have been reporting.

• Douglas Gilbert's The Linux SCSI subsystem in 2.4 HOWTO has been accepted by the Linux Documentation Project. It describes the SCSI system from a user's perspective, with much useful information on SCSI configuration and operation.

• Dynamic Probes 1.3 has been released by Suparna Bhattacharya at IBM.

• Heinz Mauelshagen has released version 0.9.1beta2 of the Logical Volume Manager subsystem.

• A new multi-queue scheduling patch has been released by Mike Kravetz. It includes a set of benchmark results that would appear to indicate much improved performance when dealing with large numbers of processes.

• Robert de Vries has posted a version of the POSIX timers patch for the 2.4.0 kernel.

• Version 1.8 of the x86 performance monitoring counters driver has been released by Mikael Pettersson.

• Rusty Russell posted a patch fixing some 2.4.0 netfilter bugs.

• A.M. Kuchling has written up a look at Linux kernel development, comparing it (unfavorably) with how Python development is handled.

• Greg K-H has released a new version of the hotplug scripts package.

• If you're looking for a kernel hacking task to jump into, there's a whole set waiting on the new netfilter TODO list, maintained by Harald Welte.

• David Miller has released an updated version of his zero-copy networking patch.

• Sam Watters has posted the 'PAGG and Job module' for the 2.4.0 kernel. It is a job-level accounting system which has been developed by Los Alamos National Laboratory and SGI. This module works with the Comprehensive System Accounting package, also just released.

Section Editor: Jonathan Corbet

For other kernel news, see:

• Kernel traffic
• Kernel Newsflash
• Kernel Trap
• 2.5 Status

Other resources:

• L-K mailing list FAQ
• Linux-MM
• Linux Scalability Effort
• Kernel Newbies
• Linux Device Drivers

See also: last week's Distributions page.

Lists of Distributions
distrowatch
ibiblio
Kernelnotes
Linux.com
LinuxLinks
Woven Goods

Embedded Distributions:
3ilinux
Bifrost

BluePoint Embedded
Compact Linux
Coollinux
DSPLinux
ELinOS
ELKS
Embedded Debian
Embedix
Etlinux
FlightLinux
Hard Hat Linux
Jailbait
Linux/Coldfire
LEM
Midori
NeoLinux
OnCore Systems
PeeWeeLinux
RedBlue Linux
RedIce-Linux
Royal Linux
RTLinux
Tynux
uClinux
White Dwarf Linux

Handhelds/PDAs
Agenda-VR
Familiar (iPAQ)
Intimate (iPAQ)
Linux DA
PocketLinux
PsiLinux

Secured Distributions:
Astaro Security
Castle
Engarde Secure Linux
Immunix
Kaladix Linux
NSA Security Enhanced
Openwall GNU/Linux
Trustix

Special Purpose/Mini
2-Disk Xwindow System
Mindi Linux
SmoothWall

Floppy-based
Brutalware
BYLD
Coyote Linux
DLX
Fd Linux
Fli4l (Floppy ISDN/DSL)
floppyfw
Floppix
FREESCO
Linux in a Pillbox (LIAP)
Linux Router Project
LOAF
muLinux
Nuclinux
Proxyfloppy
ShareTheNet
Small Linux
Tomsrtbt
Viralinux_II

CD-based
BasicLinux
BBLCD Toolkit
CDLinux
Crash Recovery Kit
DemoLinux
Devil-Linux
Finnix
Gibraltar
innominate Bootable Business Card
Linuxcare Bootable Business Card
LNX-BBC
MkCDrec
RunOnCD
Sentry Firewall
SuperRescue
Timo's Rescue CD
Ututo
Virtual Linux

Zip disk-based
NBROK
ZipSlack

Small Disk
hal91
MicroLinux
--> Peanut Linux
PKLinux
Relax Linux
TA-Linux
Tomukas
ttylinux
VectorLinux

Wireless
Bambi Linux
Flying Linux

Hardware-specific
(ARM)
ARM Linux
(Beowulf)
Scyld Beowulf
(IBM)
Think Blue Linux
(Oracle's NIC)
NIC Linux
(PA-RISC)
PA-RISC Linux
(Playstation)
Runix
(PowerPC)
Black Lab Linux
LinuxPPC
MkLinux
Yellow Dog
(Sparc)
Splack
UltraLinux
(Older Intel)
ClarkConnect
Monkey Linux
TINY

DOS/Windows install
Armed Linux
DragonLinux
Phat Linux

Diskless Terminal
GNU/Linux TerminalServer for Schools
K12LTSP
LTSP
Pygmy
Xdenu

Distributions

News and Editorials

Good news for SPARC. Times are good for people wanting to use Linux on the SPARC platform. Both SuSE and Slackware made new announcements this week. SuSE announced the availability of the first beta for SuSE Linux 7.1 for SPARC. The announcement contains a list of known bugs that you'll want to review before you decide to take it for a spin.

The Slackware Linux Project announced that the "-current" tree for Alpha machines is now publicly available. This is in a much earlier development stage than the SuSE port, but it is gaining some enthusiastic involvement.

For those of you interested in the Slackware port, be sure to check out the Slackware Port-SPARC forum. From it, we gleaned success stories for booting Slackware on a SPARCstation 20, but IPC and ELC users appear to be having a harder time getting started.

General-Purpose Distributions

Debian News. This week's Debian Kernel Cousin covers discussions on security issues and quirks with the "man" command and its caching capability. A compromise was reached on how to handle changes to the standard options for the "tar" command. And a huge number of Linux conferences in Germany and elsewhere in Europe were mentioned.

Of most importance, though, was a report from Bdale Garbee on bind 9.1.0. For those of you that remember back that far, the bind 8.2 series generated some controversy in September of 1999 due to its implementation of the RSA algorithm, something that almost caused Debian to drop the use of bind and work to develop a free alternative. A compromise was worked out and bind was kept, but relegated to non-free. Bdale now reports that he's been able to work out similar issues with bind 9.0.0 and 9.0.1, which would have made them incompatible with the Debian Free Software Guidelines as well. As a result, the soon-to-be-released 9.1.0 version of bind will be fully compliant with the DFSG -- but will still reside in non-US, due to its cryptographic components.

This week's Kernel Cousin Debian Hurd reports on the progress of a project that is developing a set of Hurd installation CDs. While progress is being made, don't expect to see these CDs available anytime soon.

Linux-Mandrake News. A look at the Linux 2.4 kernel from a strictly Linux-Mandrake point of view was provided this week. After all, like most major distributions, Linux-Mandrake already uses a heavily customized version of the Linux 2.2 kernel (including ReiserFS support, for example). So why should a Linux-Mandrake user get excited about seeing Linux 2.4 in a future distribution? PCMCIA, USB, Fire-wire and ISA PnP support, NFSv3, improved SMB support, improved network security, stability and speed, video support and more. "Nope, we aren't likely to get bored this year..".

Slackware News. Userlocal.com is a new site that is focusing, in particular, on the Slackware community. We always welcome the addition of new sources of information on Slackware and we expect Slackware readers will also.

An updated version of SlackReiser, a set of boot and root disks to support installing Slackware on a ReiserFS file system, was released this week. The changes were minor.

Although neither a development tree nor a bootable CDROM image is currently available, Chris Lumens is also working on an Alpha port for Slackware. Alpha-related questions can be mailed directly to him.

Embedded Distributions

Microwindows 0.89pre7 released. Greg Haerr posted an announcement for Microwindows 0.89pre7 this week. This is a development release containing some major enhancements, small additions and bug-fixes. Microwindows runs on PDAs, WebPADs and set-top boxes. Support for the G.Mate YOPY PDA has been added and extensive auto-generated documentation is now available. Freetype font caching has been enabled as well. The list is much longer that that, so take a look yourself if you are interested.

Mini/Special Purpose Distributions

ClarkConnect. Another distribution aimed specifically at taking an older system and turning it into an Internet gateway is now available. ClarkConnect is aimed specifically at home users with broadband Internet connections. It is based on Red Hat 6.2, but trimmed down and secured.

Minor distribution updates. The following distributions released minor updates this week:

• mulinux 11r6. mulinux is a single-floppy distribution with base support for PPP, mail processing, NFS, Samba, FTP, IRC, and more.

• Coyote v1.28-pre1 was released on January 18th. This is a development snapshot that includes the h.323 and ICQ masquerading modules. Coyote Linux another single-floppy distribution, primarily intended to support sharing an Internet connection.

Section Editor: Liz Coolbaugh

Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed.

Leading
Caldera OpenLinux
Debian GNU/Linux
Linux-Mandrake
Red Hat
Slackware
SuSE
TurboLinux

Also well-known
ASPLinux
Best Linux
Conectiva Linux
e-smith

Progeny
Rock Linux

Non-technical desktop
easyLinux
Icepack Linux
Independence
LibraNet
Redmond Linux
WinSlack

Education
Boston University
kmLinux
LinuxFromScratch
OpenClassroom
Red Escolar

General Purpose
Alzza Linux
aXon Linux
Bad Penguin Linux
BearOps
Black Cat Linux
BluePoint Linux
BYO Linux
CAEN Linux
Cafe Linux
ChainSaw Linux
Circle MUDLinux
cLIeNUX
Complete Linux
Console Linux
Corel Linux
CRUX
Darkstar Linux
DLite
easyLinux
Elfstone Linux
ESware Linux
Eurielec Linux
eXecutive Linux
Fried Chicken
FTOSX
FullPliant
Gentoo
Go!Linux
HA Linux
Halloween Linux
HispaFuentes
IceLinux
Ivrix
ix86 Linux
J-LINUX
JBLinux
Jurix
KRUD
KSI-Linux
Lanthan Linux
Laonux
LASER5
Leetnux
Linpus Linux
Linux Cyrillic Edition
Linux MLD
LinuxOne OS
LinuxPPP
Linux Pro Plus
Linux-SIS
LNX System
LoopLinux
LSD
Lute Linux
MageNet
Mastodon
MaxOS
minilinux
MSC.Linux

NoMad Linux
Omoikane GNU/Linux
PingOO Linux
Plamo Linux
PLD
Project Ballantain
PROSA
Rabid Squirrel
Repairlix
Root Linux
Scrudgeware
Serial Terminal
Sorcerer
spyLinux
Stampede
Stataboware
TechLinux
TimeSys Linux/RT
Tom Linux
Trinux
Turkuaz
Ute-Linux
VA-enhanced Red Hat
Vine Linux
Virtual Linux
WholeLinux
WinLinux 2000
XTeamLinux
ZipSpeak

Country-specific
Argentina
GNU/Linux Ututo
Britain
Definite Linux
Eridani
China
COSIX
Red Flag
France
Linux/MNIS
Italy
LinuxEspresso
Madeinlinux
Vedova
Spain
Linux Esware
Thailand
Kaiwal Linux
Thai Linux Extension

Related Projects
Chinese Linux Extension

Historical (Non-active)
Dualix
Gentus
Giotto
MCC Interim Linux
OS2000
Storm Linux

See also: last week's Development page.

Development projects

News and Editorials

Cooperative open-source lab opens doors. The big story of the week in open source development had to be the opening of the new Open Source Development Labs outside Beaverton, Oregon. The labs, funded with $24 million from companies like Hewlett-Packard, Intel, IBM, Computer Associates, NEC, Hitachi, Mitsubishi Electric, Dell Computer and SGI, is intended to be a hotbed for open source development in a commercially productive way. Most of the major Linux companies also are involved, including Red Hat, VA Linux Systems, Caldera Systems, SuSE, Turbolinux, Lynuxworks and Linuxcare. Ross Mauri, vice president of Unix software at IBM, has been appointed president of the lab's governing board, while Brian Behlendorf, chief technical officer of CollabNet and co-founder of Apache, is among the board appointees, according to an ZDNet story on the opening of the lab.

Known simply as OSDL, the lab, which was the brainchild of Scott McNeil who was then president of SuSE's American operation, is located near the IBM and Intel facilities in Beaverton and was originally expected to be a subsidized laboratory where open source developers could test and optimize their work on high-end enterprise systems. Unfortunately, not all developers were motivated by the inclusion of commercial interests in their projects. But OSDL is expected to change that. As Nicholas Petreley wrote in LinuxWorld's online magazine, "Until now, companies would have to go to Linus and friends and say, `Please make Linux work better with 32 processors.' Now they are saying, `Here is a machine with 32 processors. Have fun.'"

In its new 11,000 square foot building in the high-tech area west of Portland, Oregon, the lab holds a vast array of equipment for both development and testing by both remote and local participants. Hardware includes 4 4-way and 8-way IA-32 servers, 50 2-way IA-32 servers for load generation, 5.1 terabytes of storage, high-speed fiber switches and gigabit ethernet connections, and multiple developer workstations.

According to News.com, two projects are under way at the lab: "one for getting Linux to work well on servers with as many as 16 CPUs and another for testing the Jabber instant messaging software with more than 64,000 customers exchanging messages."

The opening of this lab will definitely be a boost for commercial hardware vendors hoping to get Linux support for their systems without having to hire the developers to do the work. Who will benefit most from this remains to be seen, but for now all parties seem excited about the possibilities. The question that remains is whether such large scale commercial support can decrease the time to market for new hardware support under Linux.

Rasterman's new toy (LinuxToday.au). Reporting from linux.conf.au, this article in LinuxToday.au focused on a talk given by Rasterman, the mastermind behind the Enlightenment window manager, also known as Carsten Haitzler.

Raster's topic (and new toy) turned out to be his latest project, which he calls "EVAS". EVAS is what Raster described as a 'canvas', and seems to be the latest exciting development in the Linux window manager world. EVAS provides the possibility for Raster to build a whole slew of features into the up and coming Enlightenment 0.17, as well as demonstrating just how powerful XFree86 can be when integrated well with the OpenGL libraries.

Browsers

Mozilla status updates. The Mozilla project posted their weekly status update. Areas that saw activity this past week included the Necko/Imagelib code, XPToolkit, and print related areas within the rendering code.

Bluefish HTML Editor Review (Linux Orbit). Bluefish, an HTML editor written in GTK+, was reviewed this week in this article from Linux Orbit. "Experienced coders will appreciate the time saved by these dialogs when creating complex tables, forms, and framesets. The dialog options for creating form elements in particular were very well thought out. To a new user who has never created HTML pages before, getting a page created with forms is a simple task with Bluefish. Some of the other tabs include CSS, Javascript, and WML."

Databases

MySQL 3.23 pronounced stable. The MySQL team announced this past week that, after 2 years of development, the 3.23 release of that package is fit for human consumption. "Apart from being more stable, more optimized and more portable, the MySQL 3.23 release has several major features not present in the 3.22 or 3.21 releases. These include: full-text search, replication between a master and many slaves and several new table handlers that support large files and transactions by using the Berkeley DB library from Sleepycat Software to implement transaction-safe tables."

MSQL 3 to be released in February. After almost a year of inactivity, Hughes Technologies has announced plans for version 3.0 of the MSQL database.

Education

News from Linux for Kids. Linux for Kids pointed us to a couple of new projects this week. PyTraffic is python based car game while MCSE trainer is an arcade game that teaches mouse skills.

Electronics

Icarus Verilog. The gEDA project quietly announced this week the release of an Icarus Verilog snapshot.

GIMP

GIMP News. There have been various bits of GIMP news this month, but we somehow managed to miss them. It's time to catch up:

• Newsforge posted an article titled Grok This - Getting Savvy With The GIMP, a review of Carey Bunk's Grokking the GIMP text.
• New GFig tutorials have been posted.
• GIMP 1.2.1 was released this past week.

Interoperability

Wine Weekly News. This week's edition of the Wine Weekly News includes coverage of ports to BeOS and S/390, documentation issues and unicode support.

Bind 9.1.0 released. A new version of BIND, an implementation of the Domain Name System (DNS) protocols, has been released. BIND 9.1 has a number of new features as well as numerous bug fixes and cleanups.

Network Management

OpenNMS Updates, Vol 2 Issues 3 and 4. OpenNMS posted two updates this week, one right after last week's LWN Weekly publication deadline and one right before this week's deadline. OpenNMS Volume 2 Issue 3 was published late last week and included news on the changes to the core team, an expanded roadmap, and presentations coming up in Philadelphia and New York.

The latest OpenNMS update, issue 4, includes a discussion on a lightweight interface, user interface and SNMP coding projects status, and updates to the teams speaking engagements.

Office Applications

Aethera Messaging Client Beta 1. theKompany.com released its first public beta of Aethera, a groupware and messaging system designed for use in KDE.

Linux and the Palm Pilot updated. The Linux and the Palm Pilot page has been overhauled and now includes coverage on GNOME integration along with stand alone applications and development tools.

On the Desktop

CVSSearch, KDE code search tool (KDE Dot News). According to KDE Dot News, Amir Michail, creator of the CodeWeb data mining tool, is back with CVSSearch, a tool that searches for code fragments using CVS comments. It will eventually index over 350 KDE applications and promises to be very useful.

Status report: Java in Konqueror. Wynn Wilkes posted an update on Java support being added to KDE's browser, Konqueror. Among other things, he reports that "applet loading via proxies and over https should work now. Https support is achieved by using the JSSE (Java Secure Sockets Extension) classes. They can be obtained from http://java.sun.com/products/jsse/. "

KDE Studio Gold, a development tool for KDE. theKompany.com released a commercial distribution of the open source KDE development tool KDE Studio, which the company calls KDE Studio Gold.

The future of GNOME revealed at Linux.conf.au (LinuxWorld Australia). GNOME hackers George Lebl and Maciej Stachowiak presented a paper at LinuxWorld Australia outlining the future of GNOME, including peeks at GNOME 1.4 and GNOME 2.0. "GNOME Office is becoming quite advanced," said Stachowiak. "We are undecided about whether to incorporate the features of OpenOffice into GNOME or to replace it altogether."

Sun to host GNOME development meeting. Sun will host a development briefing covering GNOME Application Development for Solaris on February 14th in Menlo Park, California.

xml-i18n-tools released. Kenneth Christiansen and company have just released the xml-i18n-tools. This set of translation tools will be used accross a wide range of GNOME applications in order to help bring you GNOME in your local language.

Printing Services

KDE.com Offers Free Docbook Compilation Service. As reported on KDE Dot News: a new "DocBook documentation generator" has been set up on KDE.com. It will generate HTML from the KDE DocBook documentation, thus saving the hassle of making DocBook work on your local system. It's a nice service, but it does highlight just how obnoxious it can be to make DocBook work properly.

Science

LinuxMedNews launches jobs section. LinuxMedNews launched a jobs and classifieds section to their growing web site. They also reported on the upcoming 14th Computer-based Medical System Symposium.

Systems Administration

Mailman Made Easy (WebTechniques). WebTechniques took a look this week at installing and configuring the Mailman mail list manager. "Mailman is the free software contender to mail-server products such as Lyris, which feature GUI-driven administration, user-level access to preferences, and built-in archives, digests, and the like. Based on the popular Python programming language, Mailman is intended to be used on UNIX systems, and can be installed alongside Majordomo on the same server, without conflicts."

PIKT, Problem Informant/Killer Tool, v1.12.1. PIKT is a cross-platform, multi-functional tool for monitoring systems, reporting and fixing problems, and managing and administering system configurations in a heterogeneous network of workstations. Version 1.12.1, primarily a bug fix release, was made available for download this week.

Web-site Development

Zope Weekly News for January 19th, 2001. The latest issue of the Zope Weekly News has hit the streets. News this week includes updates on Zope 2.3, documentation issues and the new Zope.org web site.

Zope 2.3.0 beta3. The third beta release of Zope 2.3.0 has been released. It includes the new Zope cache manager, the SiteAccess package, and a whole list of other goodies.

Weblog 1.71. A new release of Weblog hit the streets earlier this week. This version includes support for Avantgo and VoiceXML, among other things.

Section Editor: Michael J. Hammel

Application Links
GIMP
Mozilla
Galeon
High Availability
ht://Dig
mnoGoSearch
MagicPoint
Wine
Worldforge
Zope

Open Source Code Collections
Berlios
Freshmeat
OpenSourceDirectory
Savannah
Le Serveur Libre
SourceForge
Sweetcode

Programming Languages

Perl

Cultured Perl: Perl 5.6 for C and Java programmers (IBM developerWorks). In this look at the upcoming Perl 5.6 release, Teodor Zlatanov shows us the feature differences between Perl and standard languages like C and C++. "Perl often bewilders even experienced programmers, primarily because it allegedly makes it too easy to write obfuscated code. But the confusion regarding Perl's structure, features, and philosophy is inevitable given that it's such a rich and powerful language, and that it was designed from the start to allow for more than one way to do the same thing."

This week on perl5-porters (15--21 Jan 2001). This week's Perl5-porters mailing list was rather active, covering topics such as signals, large file support, token parsing and printing, and unicode.

A Beginner's Introduction to POE (Perl.com). Perl.com also carried an introduction to POE, the Perl Object Environment. "It's not much of an exaggeration to say that POE is a small operating system written in Perl, with its own kernel, processes, interprocess communication (IPC), drivers, and so on."

PHP

PHP Weekly Summary for January 24th, 2001. The weekly summary for PHP was posted just as we went to publish this week. News included the announcement of PHPLIB and PEAR merging, discussions on advanced data types for PHP, and the report of a bug in the handling of multi-dimensional forms.

Python

Python 2.1a1. Guido van Rossum has announced the release of Python 2.1a1, the first alpha release of Python 2.1.

Jython 2.0 released. The release of Jython 2.0 has been announced. Jython is a Java implementation of the Python programming language, which allows Python to be compiled down to Java byte code. Thus, Python code can be run on Java virtual machines anywhere - at least, to the extent that any Java code can.

Python-Dev for January 15th, 2001. News from the python development community comes from the Python-Dev weekly summary, which includes this week an update on the 2.1alpha1 release, speed improvements in file.readline, and updates on pydoc.

Dr. Dobb's Python-URL! for January 22nd. Dr. Dobb's weekly list of Python-related links has been posted. Some of the links in this week's summary include the announcement for Jython 2.0, an overview of python documentation tools and a preview of Tkinter 3k.

Ruby

Updated stable snapshot. A new stable snapshot of Ruby was announced this week.

Tcl/Tk

Dr. Dobb's Tcl-URL! for January 22nd. Dr. Dobb's weekly list of Tcl-related links has been posted. Some of the links in this week's summary include news on the 8th annual Tcl/Tk conference in San Diego to be held in July and a discussion on why python has surpassed Tcl and related issues.

Software Development Tools

Loki releases updates to open source packages. Loki Software has published updates to their Setup, Update Tool, Uninstall Tool and Patch Tools.

Section Editor: Michael J. Hammel

See also: last week's Commerce page.

Linux and Business

Linuxcare launches system administration services. Linuxcare's new Managed Services program provides subscribers with an array of services and support aimed at the ISP market. No doubt Linuxcare will target other markets with similarly comprehensive offerings in the future, if all goes well. Briefly, here's a look at what an ISP can expect for its monthly subscription fee.

• A tailored Linux distribution along with installation, configuration, optimization and tuning services.

• Systems monitoring.

• Remote systems administration.

• Remote software updates.

• Repair/Reprovisioning services to automate repairs and minimize downtime.

Essentially, an ISP can offer Linux hosting services to its customers while outsourcing the administration to Linuxcare. Our experience in the support business suggests that there are quite a few ISPs out there that could benefit from such a service.

This offering is similar to the Red Hat Network, but of course it is different too. With Red Hat's offering each subscriber can chose a level of administration support from simple notification when a update or security patch is available to having the update or patch installed remotely. Linuxcare's offering always includes the latter. Red Hat Network also differs by taking a broader approach to the set of potential subscribers. (See LWN for Sept. 28, 2000 for a description of Red Hat Network.) Linuxcare's offering of a tailored Linux distribution is what really sets it apart from similar offerings, though. Linuxcare has the expertise to start with wide array of Linux distribution's for those who want to start with something other than Red Hat Linux. (See also: Linuxcare's announcement.)

LinuxWorld Conference & Expo. LinuxWorld takes place January 30 - February 2, 2001, at the Jacob Javits Convention Center in New York City. This is one event which tends to be accompanied by a deluge of press releases. Here are some of the press releases we've seen so far.

• Progeny Linux Systems and Maximum Linux magazine are holding a raffle for Debian GNU/Linux First prize is a Sony Vaio Laptop.

• Sair Linux and GNU Certification, Inc. will offer free Linux review sessions and certification testing to pre-registered convention goers.

• PolyServe, Inc. will demonstrate its new high-availability server clustering solution.

• REDSonic will be attending the Expo. REDSonic product announcements appear in the "Products and Services Using Linux" category below.

Linuxcare Labs Addresses Need for Independent Linux Certifications. Linuxcare, Inc. unveiled a suite of tiered testing services for enterprise Linux deployments.

More Linux certification news. Linux Centers USA has opened 12 centers to prepare candidates for Linux+ and Red Hat certification tests.

RedFlag Software joins GNOME Foundation. RedFlag, a Linux distribution in China, has joined the Advisory Board of the GNOME Foundation. As part of the membership, RedFlag will work to localize GNOME into Simplified Chinese.

Bear River Associates Releases Open Source Framework. Bear River's C++ framework provides UI components, streams, TCP/IP and scanning features.

Bear River also released Janx, a server-side Java application framework for developing web sites and web-hosted software. Janx combines Java and XML.

Apple Linux Technology Manager Joins Terra Soft. Kevyn Shortell, the former Linux Technology Manager for Apple Computer, has joined the Terra Soft Solutions, maker of Yellow Dog Linux for the PowerPC.

Corel's new strategy. Here's the press release from Corel on its new strategy. It's clear as mud... "Corel will leverage its solid foundation as a global technology leader with over 15 years of experience to enhance its relationships with existing customers while targeting new customers in emerging markets fueled by the rapid expansion of the Web and the increasing demand for graphics-rich visual communication." It does say that the Linux division will be sold off, eventually, and that Corel will continue to sell Linux versions of its products.

Announcing....Linux Weekly?. A company called "SYS-CON Media" has put out an announcement for a new publication called "Linux Weekly." It is to be a print publication, and the first issue is due out in March. There will be a version ("Linux Woche") for German-speaking Europe as well.

We do hope there will not be confusion with LWN.net (also known as "Linux Weekly News") which has been using that name for three years.

Linux Stock Index for January 18 to January 24, 2001

LSI at closing on January 18, 2001 41.38
LSI at closing on January 24, 2001 42.08

The high for the week was 42.08
The low for the week was 41.38

Press Releases:

Open Source Products

• Endeavors Technology Inc. (IRVINE, Calif. & READING, England) announced open source peer-to-peer (P2P) infrastructure software for Compaq's iPAQ Pocket PC.

• Objectivity Inc. (MOUNTAIN VIEW, Calif.) announced the availability of the Objectivity XML Interface Tool.

• VelociGen Inc. (SAN DIEGO) announced plans to make its software package, VeloMeter Pro!, available on a free open-source basis. VeloMeter Pro! is used to test the capabilities of Web applications such as e-commerce transaction performance.

Distributions and Servers

• SuSE Linux and Lotus (Nuremberg, Germany) announced the SuSE Linux Groupware Server. The new server combines the the Domino Messaging and Web Application Server with SuSE Linux.

• QLogic Corp. (ALISO VIEJO, Calif.) announced that its QLA2200 Series Fibre Channel host bus adapter (HBA) will be used in Compaq Computer Corporation's ProLiant Linux servers with connections to Compaq StorageWorks systems.

• VA Linux Systems (FREMONT, Calif.) introduced a new series of 1U servers for deployment in large-scale web farms for applications such as web serving, firewalls, DNS or load-balancing. The VA Linux 1120 server and the VA Linux 1220 server.

Proprietary Products for Linux

• IBackup (WOODLAND HILLS, Calif.) released standards-based Content Management Server IBCM 1.0, based on the IBackup storage architecture.

• Merlin Software Technologies International Inc. (BURNABY, British Columbia) announced the release of PerfectBACKUP+ 7.0.

• New Planet Software (Los Angeles, Calif.) announced the beta release of its Code Crusader and Code Medic developer's software. Code Crusader is a Linux development environment with a graphical user interface and Code Medic is a graphical debugger for Linux. These beta versions are free for testing.

• Plesk Inc. (CHANTILLY, Va.) announced its release of Plesk Server Administrator 1.3.1 (PSA) software. Developed for RedHat 7.x and FreeBSD 4.x operating systems.

• PlugSys International (SAN LEANDRO, CA) announced its new Max Server Pages (MSP) product, which gives Xbase developers a reliable, economical way to migrate to Linux. This product is in the final phase of beta testing.

• Silicom Ltd. (KFAR SAVA, Israel) announced that it has developed proprietary drivers for its USB Ethernet products, which target the Broadband Internet Access, Multi-Tenant Unit, and Home Networking markets. The new drivers support the 2.4 kernel.

Products and Services Using Linux

• eOn Communications Corporation (ATLANTA) announced the availability of browser-based Web chat for its eQueue and eNterprise communications systems. The Linux-based Web chat software, Agent WebSpace, is part of the WebCenter suite of customer interaction management (CIM) solutions.

• LAND-5 Corporation (SAN DIEGO, CA) announced that its Linux-based iceNAS software is now available for OEM licensing. iceNAS software provides a browser-based GUI for managing network attached RAID storage.

• Linuxcare (SAN FRANCISCO) unveiled a set of professional services that help accelerate development and deployment of Linux-based network storage and printing appliances in Windows NT/mixed environments.

• Lineo, Inc. (Lindon, Utah) Embedix announcements:
  • Lineo and Metrowerks announced plans to preview a total solution of Embedix SDK integrated with CodeWarrior for Embedix, preflashed on Motorola's MPC8260 processor board in a convenient and ready-to-run development system.
  • Embedix RM, industrial shared memory software for Linux, is now available.
  • Embedix SDK 1.2-J, the next release of the Japanese software development kit for embedded developers and device manufacturers, is now available.

• REDSonic, Inc. (Orange County, California) announcements:
  • RED-Builder, a target system image creator for embedded systems.
  • RED-Kit, a software and hardware platform for embedded system developers.

• Total Impact (CAMARILLO, California) announced the briQ; a PowerPC based network appliance computer running Linux.

Cross-platform Products

• Robert Roebling (Freiburg, Germany ) announced the release of wxDesigner 2.0, a RAD tool for cross-platform, cross-language GUI development.

• Virtual Access Networks, Inc. announced a strategic relationship with SuSE to deliver a Windows to Linux migration tool known as The Van.

• VMware, Inc. (PALO ALTO, Calif.) announced that it has concluded its GSX Server beta program and the product is now available for sale.

Products with Linux Versions

• Adax (BERKELEY, Calif.) announces the addition of the Red Hat Linux 6.2 operating system to its portfolio of supported platforms. The product will be the MTP-2 Protocol Software which operates with the APC7-cPCI/PCI, SS7 controller.

• Ariel Corp. (CRANBURY, N.J.) announced a 48-port version of the RS4200, a high-density 56K/ISDN PCI two-card solution for Windows NT- and Linux-based network access systems.

• ATG (Art Technology Group, Inc.) (CAMBRIDGE, Mass.) announced the availability of ATG Dynamo version 5.1. The new version of ATG Dynamo offers expanded platform (including Linux), database and Chinese language support.

• BindView Corporation (HOUSTON) announced the bv-Control Security Management Suite, an enterprise-class security and policy enforcement solution. Unix versions include Sun Solaris and Red Hat Linux.

• Hewlett-Packard Company (PALO ALTO, Calif.) announced storage capacity-on-demand for service providers available through HP e-utilica.

• IBM (ARMONK, NY) announced IBM Director, a highly-integrated systems management software solution, which includes an advanced self-healing computing feature called Software Rejuvenation, which will automatically reduce server downtime by predicting and repairing software failures before they happen.

• The MathWorks, Inc. (NATICK, Mass.) announced the availability of MATLAB Student Version Release 12 for U.S. and international distribution.

• SupportWizard (REDWOOD CITY, CA) announced the release of SupportWizard Enterprise Edition version 4.0, which fully integrates all web-based, e-mail, fax, and telephone communications with customers into a single system.

• Sybase, Inc. (EMERYVILLE, Calif.) made available the beta version of Sybase Adaptive Server Enterprise (ASE), the e-Business Database.

Java Products

• NewMonics, Inc. (LISLE, Ill.) is now shipping PERC 3.1. The PERC software platform is a suite of development tools and run-time modules built on a clean-room implementation of a Java Virtual Machine.

Books and Training

• K Computing and the RTC Group (Mountain View, CA) have teamed up to provide hands-on Embedded Linux training. The training will be held at the Silicon Valley Conference Center, in San Jose, California from January 29 through February 1st (4 days).

• No Starch Press (San Francisco, CA) announced THE BLENDER BOOK. Blender is a free 3D graphics and animation tool. THE BLENDER BOOK offers clear, step-by-step tutorials that teach users all aspects of this often tricky and non-intuitive program.

Partnerships

• Linuxcare, Inc. (SAN FRANCISCO) announced strategic services deals with Maxtor Corp., Network Appliance Inc. and Silicon Graphics, Inc. to help each vendor bring innovative storage products to market.

• NetSilicon, Inc. (WALTHAM, Mass.) announced a partnership with Microtask, an Italian embedded solutions distributor. With the agreement, Microtask becomes an authorized distributor of NetSilicon's NET+Works product family throughout Italy. The NET+Works product line includes NET+OS an integrated solution with real-time operating system, and an open source offering, NET+Lx, running uClinux.

• MontaVista Software, Inc. (SUNNYVALE, Calif. & TOKYO) announced an alliance with ACCESS, Co., Ltd., provider of embedded browsers, to pursue joint development and marketing activities.

• SteelEye Technology, Inc.(MOUNTAIN VIEW, Calif. and SALT LAKE CITY) announced a strategic OEM agreement with Linux NetworX, Inc.. Linux NetworX will offer SteelEye's LifeKeeper for Linux Next Generation Enterprise Reliability platform with its clustering products.

• Technauts (CARY, N.C.) announced an agreement with Coventive Technologies to develop application-hosting software solutions integrating Technauts' eServer products and Coventive's embedded Linux technology.

• Zengine, Inc. (FREMONT, Calif.) announced it will join Intel's e-Business Service Provider (eBSP) Program, a Web integrator-focused channel initiative that provides corporations with a source for standardized e-Business solutions.

Financial Results

• Sun Microsystems, Inc. (PALO ALTO, Calif.) reported revenues for the second quarter were $5.115 billion, up 44 percent compared with the second quarter of fiscal 2000.

• Transmeta reported 4th quarter revenues of $12.4 million for the quarter and $16.2 million for the year, with a net loss of $97.7 million. While revenues tripled for the year, the net loss more than doubled.

Personnel

• Aduva Inc. (PALO ALTO, Calif.), provider of network-based technology to automate administrative management of the Linux operating system, announced the appointment of Azi Cohen as the company's chief executive officer.

• Lineo, Inc. (LINDON, Utah) announced the appointment of Ryan Tibbitts as General Counsel for Lineo. He will be responsible Lineo's legal department, part of the company's executive staff and will report directly to company COO Matt Harris.

• Merlin Software Technologies (BURNABY, British Columbia) named Kevin O'Reilly to the position Vice President Marketing.

• Penguin Computing Inc. (San Francisco, Calif.) announced that Agilent Technologies veteran John P. Page has joined the company as chief financial officer.

• RidgeRun, Inc. (Boise, Idaho), provider of embedded Linux software for products employing digital signal processing (DSP) components, announced expansion into the European market with the opening of offices in Dublin, Ireland and the appointment of Mr. Tullio Venturini as Client Support Manager.

Other

• More law firms participating in VA Linux lawsuit:
  • Spector, Roseman & Kodroff, P.C. (PHILADELPHIA)
  • Wechsler Harwood Halebian & Feffer LLP. (NEW YORK).
  • Weiss & Yourman (New York).

Section Editor: Rebecca Sobol.

See also: last week's Linux in the news page.

Linux in the news

Recommended Reading

Virus patches aren't being applied (ZDNet). An interesting piece on why applying security patches is something everyone has to worry about in the Internet age comes from ZDNet today. "Failing to responsibly patch computers led to 99 percent of the 5,823 Web site defacements last year, up 56 percent from the 3,746 Web sites defaced in 1999, according to security group Attrition.org."

IBM

'Linux Lou' and IBM (TechWeb). TechWeb looks at the growing alliance between the Big Blue Behemoth and the upstart Linux community. " Of course, Linux is getting something from its relationship with IBM. Many doors to the largest corporate data centers were locked to Linux, but now IBM is opening those doors. The value to the Linux community is a wider array of software and even more smart minds contributing to the greater good."

IBM is taking Linux -- and running (Upside). Gartner Group analyst George Weiss thinks IBM's push into Linux may give the impression IBM is pushing for control of the community. "Large competitors such as Hewlett-Packard (HWP) are still a few months behind IBM in demonstrating full commitment to the Linux market. As for smaller competitors such as VA Linux and Red Hat, these companies have their own obstacles. Given the investment community's continued displeasure with Linux-related companies, neither can rely on surging market capitalization."

Sun

Sun shines on Linux too! (FreeOS.com). Herb Hinstorff, heads of Sun's program office for Linux and Open Source, discusses Sun's position on Linux and why they feel Linux takes them back to their roots. "We are working with the Internationalization part of the Linux and organizations like the University of Michigan. We are contributing code back to Linux. We have contributed code to NFS (Network File System) version 4.0. We have also opened up the Internationalization framework in Solaris and are contributing to the X consortium." (Thanks to Trevor Warren)

Sun to lose key player in Web software push (News.com). Ex-StarDivision head and current open source ambassador for Sun Microsystems Marco Boerries is leaving that company effective January 26th. No word on the reason for his resignation or his plans for the future.

Are Boerries and Sun parting ways? (Upside). Upside examines the history of the relationship between StarDivision founder Marco Boerries and that companies eventual buyout parent, Sun Microsystems. " Boerries rejected early buyout offers from Sun, until the company's heated rivalry with Microsoft -- not to mention the growing industry interest in free software and software-compatible applications led Sun CEO McNealy to tender a rumored half-billion-dollar offer."

Sun invests $5 million in Tripwire (News.com). Sun's investment came with a host of other investors. "The new funding round was announced Tuesday. New investors besides Sun were Deutsche Banc Alex. Brown, ClearLight Partners and Riverside Management. Earlier investors Bessemer Venture Partners, Advanced Technology Ventures and Garage.com also contributed to the funding round, Tripwire said."

Corel

Corel paints rosier future (News.com). C|Net's News.com looks at Corel's change in direction. "Corel is close to finishing a deal with Linux Global Partners, a New York holding company that is expected to buy 80 percent of Corel's Linux business for $5 million and allow Corel to hold the remaining 20 percent, according to sources. Details of that deal are not expected to be announced for another month or so, sources said."

Corel to spin off part of its Linux business (ZDNet). Here's ZDNet's take on Corel's plan to sell its Linux division. "Linux suffered a blow today as Corel Corp. announced it plans to spin off part of its Linux division, effectively taking the company out of the market as a developer of Linux desktop operating system software." The article, however, is not clear on just how Corel's withdrawal has hurt Linux...

Companies

Linuxcare follows Red Hat with online support service (News.com). C|Net's News.com reports on the opening of Linuxcare's managed services, providing customers with remote administration. "Linuxcare itself won't sell the services to prospective customers but instead will rely on the sales forces of business partners Digital Island, Consonus and others to come."

VA Linux -- Easy Come, Easy Go (San Francisco Chronicle). The San Francisco Chronicle talks of VA's cope with reality, and how at least inside the company, reality has been in plain sight all along. "Vice President John Hall, whose net worth at the age of 27 has gone from nearly a billion dollars to tens of millions, still lives in the same apartment he and two college buddies have rented since graduating from Stanford in 1994."

Start-up to sell open-source Web software (News.com). C|Net's News.com reports on Zend's push into the commercial PHP market. "Zend isn't starting from scratch, though, a major advantage over some open-source companies. Zend can take advantage of the popularity of Apache, the No. 1 software package used to send Web pages out to Internet surfers, according to Netcraft."

MP3.com Open to Friends (Wired). Wired covers MP3.com's announcement to open its API to other sites. "[MP3.com CEO Michael] Robertson hopes that websites looking to drive traffic to their sites will incorporate the technology into their systems, which would radically drive up subscription sales for the company. MP3 would therefore get additional revenue from fees charged when users store more than 25 CDs."

Business

Open Source Lab to open this week (ZDNet). An announcement on the opening of the Open Source Lab is expected this week, according to this ZDnet story. "Ross Mauri, vice president of Unix software at IBM, has been appointed president of the lab's governing board, while Brian Behlendorf, chief technical officer of CollabNet and co-founder of Apache, is among the board appointees, the source said. IBM was not immediately available for comment."

Banrisul to replace DOS with Linux in Brazilian ATM's. Linux.org interviews two key members of the Banrisul Bank in Brazil about that bank's move from DOS to Linux in all of their 2000 ATM's. "We were using MS-DOS, an operating system which could no longer fulfill our needs. An option was MS-Windows, but this would have forced us to re-write a good part of our existing programs - not to mention the cost of licenses for MS-Windows in each of the two thousand ATMs. MS-Windows requires more frequent CPU upgrades than Linux does. This is due to Linux's greater efficiency compared with other 32 bit operating systems." (Thanks to Jay R. Ashworth)

Open minds on open source (Federal Computer Week). NASA's Marshall Space Flight Center has switched to the open sourced MySQL database server from Oracle for their NAIS system. NAIS sends e-mail notifications to users based on specified interests and enables users to query the Web site. (Thanks to Ronald van der Lee)

Linux Lovers Launch Large Lab (Wired). Wired covers the opening of the OSDL in Oregon and tells us what the first two projects will entail. "The second project is being conducted by Jabber an open-source instant-messaging company, and is focused on increasing Linux TCP/IP concurrent connection support from the current 20,000 to greater than 64,000." (Thanks to Jay Ashworth)

Agere to roll Linux chip set (TechWeb). Agere Systems, the former Lucent Technologies Microelectronics Group, has selected Linux as the operating system to be used with a new asymmetric digital subscriber line (ADSL) chip set for residential gateway, home networking and personal computer equipment.

AMD chips power new supercomputer (News.com). AMD Athlon's are being used in a new supercomputer for the University of Delaware. "The 128-processor computer is constructed from a series of nodes. Each node is like a standalone PC in that it has its own processor, memory and a high-end networking card. Communication between nodes is accomplished via a network and is directed by a host node."

Linux rides out the bears (HeraldSun.com). Despite the outflow of investors, Linux companies are sticking to their plans for growth and income, according to this HeraldSun article. "Red Hat continues to move toward the goal it set in June to become profitable in 2001. The company posted a net loss from its ongoing business of $900,000 or 1 cent per share for the quarter that ended Nov. 30. Revenue grew 21 percent over the previous quarter to $22.4 million."

Reviews

An In-Depth Look at Reiserfs (Linux Planet). Linux Planet has put up, well, an in-depth look at ReiserFS, which will appear in the 2.4.1 kernel release. "Performance gains under Reiserfs can be substantial, or can be miniscule, depending on what you are doing. I have found that Reiserfs is extremely responsive for most of my work, and I wouldn't want to live without it. Compiling source code, something that typically opens hundreds or thousands of files in rapid succession, really zooms."

Making Linux Work In The Workplace: KWord (LinuxOrbit). KWord lacks some stability according to this review in LinuxOrbit. "One of the biggest selling points in any Linux pitch is the rock-solid uptime and performance, which is why I found KWord's stability (or lack thereof) surprising. While trying out the various features of KWord (which there are plenty), I experienced no less than a dozen crashes. KWord seemed to be rock solid as a regular word processor, but when working with frames it became as tipsy as a drunken toddler."

Matrox G400/G450 Review (LinuxLookup). The Matrox G400/G500 series of video cards can provide multiple monitor support for Linux systems using drivers from Matrox, according to this article at LinuxLookup.

Review: Zend Cache (ReviewBoard.com). Zend Cache, the caching plug-in to Zend's ZendEngine PHP core system, is reviewed in this article from ReviewBoard.com. "It saves this compiled and optimized code in shared memory, which is shared and used by every web request. When the web process gets a request, it checks the ZendCache registry to see if the file has been loaded into the cache and if it has uses the compiled version of the script. This has huge performance benefits for high traffic sites"

Miscellaneous

Embedded, storage and 2.4 developments to rule LinuxWorld (searchEnterpriseLinux). In the first of what is likely to be a large number of stories to come from New York next week, searchEnterpriseLinux looks at what we might expect from the exhibit floor. "BigStorage is one of many vendors announcing new storage and server products at the show. Rounding out the storage field will be new product announcements from Enhanced Software Technologies Overland Data,and API NetWorks. Phoenix, Ariz.-based EST will spotlight its new BRU-Pro, an enterprise Linux backup product, while San Diego's Overland will showcase its line of automated storage backup solutions."

Libraries are dead, long live meta-libraries! (ZDNet). ZDNet's Michael C. Daconta says meta-libraries are the "think globally, act locally" solution to the world's cross platform language woes. "A meta-library is a library stretches globally to span diverse systems (thinks globally) and repackages them to appear the same as local libraries and objects (acts locally). If implemented in the Java Virtual Machine, meta-libraries would allow you to instantiate Python objects or invoke .Net services in a way comfortable (and transparent) to Java programmers."

Section Editor: Rebecca Sobol

See also: last week's Announcements page.

Announcements

Resources

Online Resource Features Linux Oriented Embedded Single Board Computers. LinuxDevices.com announced the addition of The Linux-friendly Embedded SBCs Quick Reference Guide to its growing list of guides.

LinuxDevices.com also launched a supported Embedded and Real-time Linux Technical Q&A Forum.

Full text to Australian/British/American hacker book. Suelette Dreyfus and Julian Assange, along with publisher Random House, have released the complete and unabridged electronic text to their book ``Underground: tales of hacking, madness and obsession on the electronic frontier''. The site for the book has been heavily loaded since the announcement, and mirrors are now available.

What's so good about open source and Linux -- in embedded? (LinuxDevices). Rick Lehrbaum takes a close look at some of the data gathered in last year's Embedded Linux Market Survey.

Embedded Linux Newsletter for Jan. 18, 2001 (LinuxDevices.com). The weekly Embedded Linux Newsletter for Jan. 18, 2001 has been published. This past week, LinuxDevices ran stories on their new single board computer (SBC) reference guide and a tutorial on installing Microwindows on the iPAQ.

Events

Call for nominations: 2001 US Big Brother Awards. Privacy International has put out a call for nominations for its 2001 U.S. Big Brother Awards. They are looking for those who have done the most to invade privacy in the U.S. over the last year. Certainly a few of the people and groups that have crossed purposes with the free software community may be deserving of this honor. There will also be a set of "Brandeis" awards for those who have made an outstanding contribution to the protection of privacy. If you have a good idea for a recipient of either award, it's time to go put your nomination in.

LinuxWorld Conference & Expo. LinuxWorld takes place January 30 - February 2, 2001, at the Jacob Javits Convention Center in New York City.

• VA Linux Systems' President and CEO, Dr. Larry M. Augustin, will deliver his keynote address on Thursday, February 1 from 1:00 PM to 2:00 PM.

• There will be a Golden Penguin Bowl.

• PolyServe, Inc. will present Data Replication and Management and the Future of the Internet Data Center on Wednesday, January 31 from 4:15 to 5:30.

OSDEM Schedule. The schedule for the Open Source Developers European Meeting has been posted. (Coming up Feb. 3 & 4.)

FOSE 2001 announces speakers. FOSE is a government information technology conference and showcase, held annually in Washington DC. This year's event will be at the Washington DC Convention Center on March 20 - 22, 2001 and Jon "maddog" Hall will be one of the speakers.

The GNOME Users And Developers European Conference 2001. GUADEC will take place in Copenhagen from April 6 - 8, 2001. Financial assistance may be available for GNOME hackers and all contributors who wish to attend but can't afford it are encouaged to apply.

LinuxTag 2001. This year's LinuxTag takes place July 5 - July 8, 2001 at the exhibition fair of Stuttgart, Germany.

European Conference Conflicts. Thierry Laronde wrote to LWN about the fact that LinuxTag in Germany and Libre Software Meeting in France (along with Debian Conference 1) are scheduled at about the same time. LSM runs July 4 through July 9, 2001.

ALS 2001. The name, city, and sponsoring group have changed, but the acronym remains the same. ALS 2001 has posted their new website and officially placed their call for papers. Formerly known as the Atlanta Linux Showcase, this event is the 5th Annual Linux Showcase & Conference. Sponsors this year are USENIX and the Atlanta Linux Showcase, Inc., in cooperation with Linux International. ALS 2001 will be held in Oakland, California, November 6 - November 10, 2001. Refereed paper abstracts and invited talk proposals are due June 5, 2001.

Call for Papers: 15th Systems Administration Conference (LISA 2001). LISA, the Systems Administration Conference sponsored by USENIX and SAGE, the Systems Adminstrations Guild, has published the first call for papers for their 2001 conference to be held in San Diego December 2nd through 7th.

January/February/March events.

Date	Event	Location
January 29, 2001.	New York Mozilla Developer Meeting	CollabNet office, New York, NY.
January 30 - February 2, 2001.	LinuxWorld Conference & Expo	Jacob Javits Convention Center, New York, NY.
January 31 - February 2, 2001.	Linux Expo Paris	Paris, France.
February 3 - February 4, 2001.	Open Source and Free Software Developers' European Meeting	Brussels.
February 6 - February 8, 2001.	Real-time and Embedded Systems Forum	Doubletree Hotel, San Jose, California.
February 14 - February 16, 2001.	O'Reilly Peer-to-Peer Conference	Westin St. Francis Hotel, San Francisco, California.
February 21 - February 23, 2001.	XML DevCon Europe 2001	Novotel London West Hotel and Convention Centre, London, England.
February 28 - March 2, 2001.	3rd German Perl Workshop	Sankt Augustin, Germany.
March 3, 2001.	LinuxForum 2001	Copenhagen, Denmark.
March 5 - March 8, 2001.	The 9th International Python Conference	Long Beach, California.
March 19 - March 22, 2001.	SGI Global Developer Conference	Burlingame, Califonia.
March 21 - March 24, 2001.	Singapore Linux Conference / LinuxWorld 2001	Singapore.
March 22 - March 23, 2001.	Linux Accessibility Conference	Los Angeles, California.
March 22 - March 23, 2001.	Linux Accessibility Conference	Los Angeles, California.
March 22 - March 23, 2001.	LinuxBazaar 2001	Èeské republice.
March 29 - March 30, 2001.	Colorado Linux Info Quest	Denver Marriott Tech Center, Denver, Colorado.

Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn@lwn.net in a plain text format.

Employment Oportunities

Web sites

New O'Reilly Site Covers the Fast-Moving World of Peer-to-Peer Technologies. O'Reilly Network's launched openp2p.com, with technical, analytical, and news coverage of Peer-to-Peer (P2P) technology.

Project Mayo becomes open source web site. Project Mayo, the international group of Internet and video technologists who are creating the next generation of the DivX(TM) video format, announced a new corporate identity called DivXNetworks. The Project Mayo site will become an open source DivX technology hosting site for Internet and video technology enthusiasts.

User Group News

LUG Events: January 25 - February 8, 2001.

Date	Event	Location
January 27, 2001.	Central Ohio Linux User Group	Columbus, Ohio.
January 27, 2001.	CABAL & BALUG Installfest	SF Cow Palace, Daly City, California.
January 30, 2001.	Hazelwood Linux User Group (HZLUG)	Prairie Commons Branch Library, Hazelwood, Missouri.
February 1, 2001.	Edinburgh Linux Users Group (EDLUG)	Holyrood Tavern, Edinburgh, Scotland.
February 5, 2001.	Baton Rouge Linux User Group (BRLUG)	The Bluebonnet Library, Baton Rouge, LA.
February 5, 2001.	Rice University Linux Users Group (RLUG)	Rice University, Houston, TX.
February 6, 2001.	Kansas City Linux Users Group (KCLUG)	Kansas City Public Library, Kansas City, MO.
February 6, 2001.	Linux Users' Group of Davis (LUGOD)	Z-World, Davis, CA.
February 7, 2001.	Southeastern Indiana Linux Users Group (SEILUG)	Madison/Jefferson County Public Library, Madison, IN.
February 8, 2001.	Phoenix Linux Users Group (PLUG)	Sequoia Charter School, Mesa, AZ.
February 8, 2001.	Boulder Linux Users Group (BLUG)	NIST Radio Building, Boulder, CO.

Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn@lwn.net in a plain text format.

Software Announcements

Sorted by section and Sorted by license

Our software announcements are provided courtesy of FreshMeat

See also: last week's Linux History page.

This week in Linux history

Red Hat also (in this message from "bob@redhat.com") announced its fancy new web site, that was even "SEARCHABLE!".

Four years ago: Ulrich Drepper released the first, experimental version of glibc 2.0. Thus began a long and sometimes painful (but worthwhile) transition.

Three years ago: in a brief note to comp.os.linux.announce, an ambitious, if not too smart, little company called Eklektix announced an online publication called the Linux Weekly News. The first issue hit the web on January 22, 1998, though we got a bit more serious with the January 29 issue.

Netscape announced that it would release the source for Communicator 5.0. At this distance, it can be hard to remember the impact that announcement had; at the time, it was a huge thing. It was the event that made a lot of people aware of free software. The pace of events picked up thereafter.

Of course, three years later, we are still waiting for that stable browser release. But, while we wait, projects like Galeon and others have made good use of Mozilla's work.

SunWorld introduces Linux:

One of the biggest drawbacks to Linux in business is old-fashioned FUD -- fear, uncertainty, and doubt generated by the Linux freely distributable model. To a lot of people "freely distributable" equates with "unsupported" and "hobby quality." In fact, Linux is neither.

...but they take care to point out that it isn't Solaris.

The Debian 2.0 release roadmap was posted, along with a set of 2.0 release requirements.

Two years ago (January 28, 1999 LWN): The long-awaited 2.2.0 kernel release hit the net on January 25. No formal announcement was made, other than this rather terse note on the kernel.org site. Linus did announce that 2.3.x was not going to happen anytime soon, and that it was not time to start sending in patches. One patch had to go in quickly, however, once Dan Burcaw pointed out an easy way for any user to crash a 2.2.0 system.

Linus also said that 32-bit Linux systems would never support 4GB of memory. Of course, 2.4.0 does exactly that... Perhaps his crystal ball isn't so infallible after all.

Both HP and SGI announced plans to support Linux on their hardware. Back in 1999, this sort of thing was still a big deal.

Somebody broke into ftp.win.tue.nl and replaced the source for the TCP wrappers package with a new version that contained a back door. The problem was found within hours, and, apparently, no sites were compromised as a result of this change. This episode pointed out a real vulnerability in free software, however, and helped motivate the use of signatures on source packages. It is probable, however, that few users check signatures even now, and a repeat of this sort of attack is almost certain at some point.

What happens when Windows programmers start to switch to Linux?

Barring a sudden, unforeseen bursting of the Linux bubble, we're about to see the nontechnical aspects of programming take center stage like never before, not even when the rise of the IBM PC brought mainframe programmers to the desktop, or even when the Y2K fiasco made legions of programmers learn (or relearn) Cobol. From the standpoint of individual programmers, this will look like yet another standards/mindset war, with coders once again serving as both foot soldiers and the short term prize. The difference is that this time there will be a distinct cultural aspect to the war, and if we're lucky, the outcome could be a significantly more competitive industry.
-- Lou Grinzo, Dr. Dobb's Journal.

One year ago (January 27, 2000 LWN): Caldera, Red Hat, and Turbolinux all announce that they will ship IBM's Java implementation with their distributions, leaving Sun out in the cold. Sun, instead, announced the availability of "free Solaris 8," complete with source code.

In a move aimed at Linux, Sun said it will announce Wednesday that it is making the source code for its new Solaris 8 operating system "open." Webster's has lots of definitions for the word, including "not sealed, fastened, or locked." But when you dig into the details of Sun's announcement, you'll find that what it is offering doesn't come close to meeting the dictionary's definition, let alone that of the open-source movement.
-- Lawrence Aragon, Red Herring.

SGI, meanwhile, released its OpenGL implementation under an open source license.

DeCSS hacker Jon Johansen was detained for questioning regarding his role in the cracking of the DVD encryption system.

Lineo shipped the 1.0 version of its Embedix embedded Linux distribution. The Debian project ran into a little snag when, halfway through the nomination period, nobody had stepped forward saying they wanted to be the next project leader.

The Journal of Linux Technology was announced by VA Linux Systems and O'Reilly & Associates. A year later, though, only two issues have been published, the latest being from April, 2000.

See also: last week's Letters page.

Letters to the editor

Date: Mon, 22 Jan 2001 14:16:20 -0700
From: Andrew Gilmore <andrewgilmore@my-deja.com>
To: lwn@lwn.net
Subject: Dell Linux Laptops

Your main page from last week mentions Dell's laptop page.
(http://www.dell.com/us/en/bsd/topics/segtopic_linux_001_linux_center.htm). 

This page is indeed about Dell Linux laptops, but all of the links to anywhere
on that page fail. I know that the Inspiron 7500 mentioned on that page is no
longer being built, I'm not sure about the Latitude CPx.

I'm not sure what to make of the linux laptop thing either. :(

Andrew

-- 
Hydraulic Engineer, Upper Colorado Region
US Bureau of Reclamation
125 S State St, Room 6107, UC-433
Salt Lake City, UT 84138-1147  PH: 801-524-3879 Fax: 801-524-3858

Date: Fri, 19 Jan 2001 07:42:39 +0800
From: Nick Urbanik <nicku@vtc.edu.hk>
To: letters@lwn.net
Subject: Pronunciation of Linux

I call Linux so it rhymes with "Linus" in the Peanuts comic strip, and
enjoy defending my right to say it that way.  Do I need to put on an
Seattle accent when I refer to Bill Gates?

Date: Thu, 18 Jan 2001 12:06:33 -0800
From: Gene Mosher <gene@viewtouch.com>
To: lwn@lwn.net
Subject: VA Linux

Hey, VA Linux is prohibited by Intel, which owns ten percent of it, from
selling AMD systems.  So, while everybody else is doing well, VA Linux
just keeps bleeding to death.  How can it fulfill its obligation to its
shareholders by refusing to sell AMD systems?  Obviously it can't.  If
you look at the Nasdaq, you'll see that Techs are having a VERY good
month, but not VA Linux, Red Hat, Caldera or Neoware.  The light at the
end of this tunnel is a train coming right at them.  Even the employees
are dumping all their shares while they still have any value at all.  $7
a share may be a lot higher than what the share price will be later this
year.  Just because the share price is two to three cents of what it was
a year ago doesn't mean that it can't go a LOT lower.  It could well
fall to nine cents per share.  Look at what happened to NCDI, for
instance.  Last summer people were bragging about how they were able to
scoop up NCD shares for $9.  Well, three weeks ago it fell to nine
cents.  Public companies which are losing money are not long for this
world.  Public companies which never have made money since their
inception as private companies OUGHT to be sued by shareholders.  It's
the only recourse which stockholders have against a company whose
officers took their money, which can't deliver shareholder value and who
think that they can ignore their lawful obligations to do their best to
do so.  VA Linux and Red Hat have followed pied pipers like Eric Raymond
right off the edge of the cliff, singlehandedly making it virtually
impossible for any Linux organization to get the benefit of public
financing, even if, unlike VA Linux and Red Hat, they have a VALID
business model.  Shame on them.  C'mon, give us some good journalism
about this, whydoncha?

Gene Mosher

Date: Thu, 18 Jan 2001 15:45:47 -0500
From: Derek Glidden <dglidden@illusionary.com>
To: letters@lwn.net
Subject: Linux, NFS and journaling filesystems


[I apologize in advance for the length of this letter, but I think some
of my recent, and past, experience might be of significant interest to
other Linux users out there.]

In your Jan 18th newsletter in the discussion on ReiserFS (huzzah for
ReiserFS making it into the 2.4.1 patch!) you say, "bear in mind that
NFS still can not serve files from a ReiserFS partition" and there is
extensive discussion on ReiserFS/NFS compatibility on the ReiserFS FAQ
section of the ReiserFS site at www.namesys.com.

However, despite all these reports to the contrary, I've successfully
run an NFS server with a 52GB exported volume utilizing ReiserFS on my
home network for several months now with no problems.  Initially the box
was RedHat 6.x based with 2.2.16 kernel and ReiserFS patches, and has
variously incarnated through several kernel revisions and a major distro
change to its most recent state of Debian 2.2 with kernel 2.4 and
ReiserFS patches.  

The main volume has been a 52GB "md"-driven RAID0 volume comprised of
two 26GB IDE drives, formatted ReiserFS, and it has served its files up
with knfsd straight off of whatever kernel/distro it happened to be
running at the time with only ReiserFS, mingo's RAID and hedrick's IDE
patches applied.  I've never had any problems with the three or four
client machines that may be accessing the box at any given time.  (Yeah,
I really have a home network with a huge fileserver and three or four
client machines that might be using it at any given time.  So I'm a big
geek.  :)

ReiserFS has served me well in both testing environments and
"real-world" situations; I can't think of any occasions where I've
experienced any sort of problems with the ReiserFS volume and never any
data loss.  Remount times after any sort of failure (even having a UPS
on the machine won't prevent someone from accidentally bumping the
"reset" switch while it's doing something...) have been great (i.e.
virtually nonexistent) compared to the hour-long fsck times I used to
have even with smaller ext2 filesystems.

With the recent release of the 2.4 kernel, however, I've started playing
with alternate configurations.  I've just this past week "retired" the
old fileserver and, with a couple of new hard drives, have rebuilt the
new primary fileserver using two 61GB IDE drives, integrated into a
single 120GB volume with LVM (http://www.sistina.com) formatted using
SGI's XFS filesystem (http://oss.sgi.com/projects/xfs/) and running the
2.4.0 kernel on Debian 2.2.

Instructions for those attempting this at home: check out SGI's CVS
version of the 2.4 kernel with the XFS mods already applied. Check out
the most recent CVS of LVM from Sistina - the LVM patch that (kind of
accidentally) went into 2.4 was not ready for real use and has a couple
of real showstopper bugs. Follow the LVM instructions for patching
against the 2.4 kernel using the checked out kernel source from SGI.
Configure, compile and install.  The toolchains for LVM and XFS should
both be in your CVS checkout trees ready for compiling and using.  If
you're running Debian 2.2 and want to run Kernel 2.4, you'll have to get
the latest modutils source from the unstable tree and build and install
it.

XFS is surprisingly well along its road to "release-quality" for a
project that the vast majority of the public thinks of as "still under
serious development."  Mount and check times with XFS are significantly
faster than  ReiserFS (which is really saying something if you've ever
been amazed at the zero-fsck mount times of ReiserFS) and I have
definitely noticed an improvement in NFS speed, although I can't
directly attribute this to either improvements in NFS code in the 2.4
kernel or moving away from ReiserFS as the base filesystem for the NFS
volume.  (Although I'd probably point a finger at ReiserFS for the
slowdown as I did run the machine with 2.4/ReiserFS for a few days and
didn't notice any significant difference in its behaviour during that
time.)

Over several days of "hardcore" testing, I've concluded that, for me
personally, XFS is stable enough to form the base for my newly-built
fileserver.  It has been very reliable in my
completely-and-utterly-scientific "rsync a big chunk of data onto the
volume while doing an rm -rf against a copy of the mozilla source tree
and running a perl script that writes, copies and deletes a bunch of
temp files and then pull the plug" tests, mounting nearly instantly on
restart and with the "xfs_check" tool reporting no problems with the
filesystem afterwards.

But why would I move away from a proven architecture to do something
crazy like this?  

LVM gives me the ability to add new physical volumes to the logical
volume on my fileserver without having to rebuild the volume, which is
something I've sorely missed as that machine has been upgraded several
times from its original 8GB filesystem and each time I've had to build a
"backup" server to migrate the data to temporarily while I rebuild the
new server.  Both XFS and ReiserFS include tools for growing an existing
filesystem to account for newly-available volume space and there are
tools available for doing this to an ext2 filesystem as well so any of
those filesystems will work with LVM without much hassle.  I had no
problems at all growing any of those three filesystems, with or without
data already on them, to account for newly-added space on an LVM volume
during my tests.

The choice to go with XFS over ReiserFS was partially based on the "geek
factor" of using XFS but also partially the fact that a larger set of
useful userspace tools comes with XFS than with ReiserFS, not the least
useful of which are the "xfsdump" and "xfsrestore" tools.  (And let's
not overlook the fact that XFS uses full 64-bit file offsets while
ReiserFS "only" supports 60-bit file offsets... :)  However, ReiserFS
has been very very reliable for me and we have been deploying ReiserFS
on machines at work for several months now without a single glitch.  

Other users interested in ReiserFS or XFS are encouraged to visit the
respective websites and do as much research as they feel necessary.  I
feel that at this point in their development, either one would make an
ideal base for a system that needs an extremely reliable filesystem with
little-to-no downtime.  With the important caveat:

*** Both ReiserFS and XFS (and any journaling filesystem on Linux at the
moment) will have problems dealing with software RAID5 volumes, but at
least as of now, behave properly with mirroring, striping and
concatenating RAID methods with either md or LVM drivers.  This is
likely to change in the future, and hardware RAID will not have any
impact on either of them as hardware RAID will look like a single device
to the Linux VFS layer, which is where the incompatibilities hide.

The Namesys website, as you mentioned, has an incredible amount of
information about ReiserFS, going well beyond its journaling
capabilities.  There is also an excellent article on ReiserFS by one of
its primary programmers in the most recent Linux Journal magazine that
not only points out some of the highlights of ReiserFS but also, very
honestly, some of its shortcomings.

The future of the 2,4 kernel series is looking bright indeed with
projects like ReiserFS, XFS and LVM coming over the horizon.

-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
With Microsoft products, failure is not           Derek Glidden
an option - it's a standard component.      http://3dlinux.org/
Choose your life.  Choose your            http://www.tbcpc.org/
future.  Choose Linux.              http://www.illusionary.com/