[LWN Logo]
[LWN.net]

Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise news for all interests


Sections:
 Main page
 Security
 Kernel
 Distributions
 On the Desktop
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

Other LWN stuff:
 Daily Updates
 Calendar
 Linux Stocks Page
 Book reviews
 Penguin Gallery

 Archives/search
 Use LWN headlines
 Advertise here
 Contact us

Recent features:
- RMS Interview
- 2001 Timeline
- O'Reilly Open Source Conference
- OLS 2001
- Gaël Duval
- Kernel Summit
- Singapore Linux Conference
- djbdns

Here is the permanent site for this page.

See also: last week's LWN.

Leading items and editorials


Who really is the leading distributor? This week SuSE put out a press release on the latest PC Data report. SuSE certainly has reason to brag: according to this report, SuSE now has 48% of the U.S. retail Linux market. That's a full 20% above the nearest competitor. Not bad for a company which recently shut down most of its U.S. presence.

Of course, many of us here in the U.S. find that figure a little hard to credit. The high quality of SuSE's product is well known, and the distribution does seem to be gaining mindshare here. But SuSE does not, in any long-term sense, own half the U.S. market. What's going on here, of course, is that these figures are for the month of February, when SuSE released version 7.1 of its distribution. New releases will always cause a spike in sales, and the fact that this release was the first by a major distributor to include the 2.4 kernel must have helped.

Time for some perspective. Here's results from some market share surveys that have come out over the last year or so:

Distribution March 2000 April 2000 December, 2000 February, 2001
Caldera 3% 4.6% - 0.5%
Corel 19.3% 8.7% - 1.2%
Linux-Mandrake 19.6% 31.1% 28% 20.8%
Red Hat 40.4% 35.5% - 28.9%
SuSE 7.1% 8.6% - 48.3%
Turbolinux 4.1% 8.7% - 0.2%

Back in December, MandrakeSoft claimed the top spot as Linux-Mandrake 7.2 made the rounds. Not too much before that, Red Hat fancied itself the top distributor. Who, exactly, is it really?

The answer, of course, is that nobody really knows. The various surveys track retail sales, which is a useful number. But there is little correlation between the number of boxes sold and the number of installed systems. And the number of boxes sold appears to be highly volatile, depending on each distributor's release cycle.

Since Linux is free software, there is no way to really know how many installed systems there are. There are no licenses to buy, after all. And Linux users are, to a great extent, unlikely to cooperate with any scheme that tries to track installed systems. It's nice that you can use Linux without having to tell anybody who you are.

The above table leads to some conclusions, though. The news for Caldera, Corel, and Turbolinux, at least in the U.S., looks a little grim. Corel, especially, is in trouble, since retail sales were exactly what the company was hoping to make money on. But we knew that already. Caldera and Turbolinux have revenue models that go beyond box set sales, at least.

The big three for retail sales in the U.S. seem to be Linux-Mandrake, Red Hat, and SuSE - though SuSE's long-term staying power remains to be seen. Of those three, any can probably top the charts on any given month when they release a new version.

These charts, thus, don't really tell us who the top distributor is. Instead, they should be seen as similar to the movie box office listings. We can see who is doing the best at the moment, but the actual information content is limited. It just tells us who produced the current hit.

There is good news here, though. One thing that can be concluded is that the U.S. distribution market is still not dominated by any one company. That is important: diversity and choice are part of what makes Linux great.

What software is running inside your TV? In June, 2000, LWN disagreed (lightly) with Richard Stallman regarding this quote:

I'm less concerned with what happens with embedded systems than I am with real computers. The real reason for this is the moral issues about software freedom are much more significant for computers that users see as a computer. And so I'm not really concerned with what's running inside my microwave oven.

Our claim was that embedded systems will increasingly impact our lives, and that the freedom to decide what runs on those systems is important.

So it was interesting to encounter this note from RMS on the Politech list. Therein, he expresses concern about interactive television, as described on the Spy TV web site. Fancy interactive TV systems can do all kinds of profiling, and can engage in many types of manipulative behavior, even if they report no information back to a central system. Says RMS:

A lesson can be drawn from this which I think the site itself does not draw: that any non-free program that you allow into your life, if it is in a position to receive complex instructions from the Internet, is a potential agent to manipulate or interfere with you, and cannot be trusted.

Now, an interactive television does differ somewhat from a microwave oven in terms of its ability to "manipulate or interfere," but it is true that neither is seen, by most people, as a computer.

This is an issue that will present itself increasingly often in the coming years as computers disappear into the devices we use all day long. An awareness of the issue, and of the importance of software freedom, will be always more important. The capabilities and assumptions built into our devices are going to have a growing influence over our freedom in general.

Embedded Linux has the potential to help, since the base software is available. But embedded Linux does not require that the applications that run on it be open, or, for that matter, that there be any way to examine or modify the software running in a particular device. Hardware running embedded Linux can be just as closed as any other system. Even if Linux succeeds in domination of the embedded world, we're going to have some interesting fights on our hands.

CLIQ closes in.  The Colorado Linux Info Quest is set to take place in just over a week in the plains along the eastern slope of the Rocky Mountains. CLIQ 2001 will be held in the Denver Marriott Tech Center hotel on March 30th and includes speakers such as David L. Sifry of Linuxcare, Scott Draeker of Loki Entertainment, Rick Lehrbaum of LinuxDevices.com, Havoc Pennington of Red Hat and the GNOME Foundation, Kurt Granroth of SuSE and KDE, Bdale Garbee of Debian, David A. Desrosiers of Linuxcare, Paul Everitt of Digital Creations, author Jon Lasser, Darryl Strauss of VA Linux and the XFree86 project, and Patrick Lannigan of NuSphere. LWN.net is proud to be a 2nd year sponsor of this show. Other Sponsors and exhibitors this year include tummy.com, SGI, Compaq, Hewlett Packard, IBM, Xi Graphics, and Monta Vista Software.

Note that online registration closes on Friday, March 23nd, so be sure to register early and join us at the premiere Linux event of the Rocky Mountain region.

Inside this week's Linux Weekly News:

  • Security: Honeynet Forensic Challenge results; a bug in PGP?; FTP server denial of service problem.
  • Kernel: The memory map semaphore; finding bugs with global static analysis.
  • Distributions: Linux Distribution quiz; Progeny Debian; K12Linux - LTSP.
  • On the Desktop: PocketLinux takes on all handhelds, Applix sells out, and Nautilus comes but does Eazel go?
  • Development: ALSA sound, Paranoid Backup, LSB-OS test suite, KDE-women, Objective Caml.
  • Commerce: Clusters and cluster management sytems; more new products including Nautilus and Playstation 2 Tools for Linux by Metrowerks.
  • History: Four years ago, the first Atlanta Linux Showcase was announced; Two years ago, CeBIT '99 was the leading event of the week.
  • Letters: What is Linux?, XFree86, Uncle Harlan, Politics.
...plus the usual array of reports, updates, and announcements.

This Week's LWN was brought to you by:


March 22, 2001

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 On the Desktop
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Security page.

Security


News and Editorials

Honeynet Forensic Challenge results posted. The Honeynet Project Forensic Challenge contest was launched on January 15. The purpose of the challenge was to allow security investigators to show off their forensic skills, to help publish useful forensic techniques, and to show just how difficult and expensive responding to security events really is. Contestants were given a set of disk images taken from a compromised system; their task was to figure out how the system was broken, where the attack came from, and what changes had been made to the system. Anybody who has ever had to go through this process knows how little fun it really is.

The contest is now over, and an announcement has gone out with the results. Thirteen submissions came in and were judged, and three of them were considered good enough to win - the winners will get a T-shirt and a book for their efforts.

That's a pretty small payback, given that the participants spent 34 hours each on this project. That is one of the big points that this challenge was designed to make: recovering from this sort of incident takes, generally, a week of a professional's time. Security incidents, in other words, are expensive, even if no real damage is done by the perpetrator.

Recovery is also not a sure thing - nearly every participant in the challenge found at least one thing that was passed over by the other teams. Modern computing systems are complicated things; it's not easy to find every single change made by a hostile intruder. It's hard enough, after all, to get a handle on what the person in the next cubicle has done.

Much security-related effort goes into prevention techniques - passwords, encryption, firewalls, etc. There is an increase in interest in intrusion detection technologies as well. Counterpane is pushing insurance policies (see next item). But recovery from compromises receives a relatively small amount of attention. We would not like to hazard a guess as to what percentage of system administrators will be faced with a recovery task at some point in their careers, but one would presume it would be high. The Honeynet Project is doing a great service by focusing some attention on that aspect of the problem. After all, many of us are going to have a mess to clean up, sooner or later.

A bug in PGP? A company called ICZ has put out a press release claiming that a serious bug has been found in PGP. Essentially, a flaw in the format used by PGP makes it possible, in some conditions, to decrypt a message without knowing the recipients private key.

This sounds scary, but this is a very hard vulnerability to exploit. It requires that the attacker be able to modify the file containing the victim's private key. Somebody with that level of access can probably come up with more straightforward ways to get the desired information. Still, it could be a useful technique for some sorts of "black bag" jobs perpetrated by well-funded, inquisitive agencies.

So, it's worth fixing, but most PGP users need not panic.

March CRYPTO-GRAM newsletter. Bruce Schneier's CRYPTO-GRAM newsletter for March is out. It has, if anything, more than the usual amount of interesting news from the security area, including discussions of the "security patch treadmill," how network security will be an insurance company issue in the future, the new crypto scheme out of Harvard, the TCP/IP sequence number problem, and more.

On insurance:

What will happen when the CFO looks at his premium and realizes that it will go down 50% if he gets rid of all his insecure Windows operating systems and replaces them with a secure version of Linux? The choice of which operating system to use will no longer be 100% technical. Microsoft, and other companies with shoddy security, will start losing sales because companies don't want to pay the insurance premiums.

Those who prefer it can also read this issue on the Counterpane site. (Thanks to Jose Nazario).

Passive analysis attacks on ssh. Here's a bit of a disturbing item: Solar Designer has posted a lengthy writeup on a number of "passive analysis" attacks on the ssh protocols which can make it much easier to break users' passwords. It's amazing how hard it can be to get these things right. Most ssh users need not panic at the moment, but it is good to know that these problems exist. Patches for a number of the vulnerabilities are included with the report.

XFree86 4.0.3 - time to dump version 3.x. Here's a note from Andrew van der Stock on XFree86 4.0.3, and, in particular, on the various security bugs that have been fixed in that release. The list of fixes is growing, to the point that it is really getting to be time to upgrade any systems still using XFree86 3.x.

Security Reports

Denial-of-service vulnerability in FTP server implementations. A report went out this week on a method to confuse a number of FTP server. Essentially, it just takes a line like:
ftp> ls */../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*
The server will then go off for a very long time trying to expand this wildcard filename.

FTP servers known to be vulnerable include ProFTPd, NetBSD FTP, PureFTPd (to some variants on this attack), BeroFTPD, and FreeBSD FTP. Known not vulnerable are wu-ftpd and publicfile.

This bug was publicly posted with essentially no notice to the maintainers of the various FTP daemon maintainers, which annoyed a number of people. The poster is also the author of PureFTPd, so it was with some relish that others pointed out that PureFTPd, too, was vulnerable to a form of this attack.

An advisory for ProFTPd has gone out. There is not, however, a patch available at this time; the advisory simply suggests a configuration change to minimize vulnerability to the problem.

It has been noted that the real problem could be said to lie elsewhere - simply typing the above "ls" command at a shell prompt will cause, at best, a long delay and a lot of disk rattling. But the problem gets worse, of course, when it is made available to anonymous remote users.

Format string vulnerability in mutt. The mutt mailer contains a format string vulnerability which may be remotely exploited by a hostile IMAP server. Updates seen so far include:

licq URL checking problem. MandrakeSoft has issued a security update to licq fixing what appears to be a new problem in that package. It seems that URLs passed to licq are passed on to the web browser with no sanity checking; the result is that an attacker can send commands to be executed on the victim's system. This, needless to say, is not good. Those with licq running on their systems are encouraged to upgrade.

RPM building races? Ian Lynagh noticed that a number of RPM "spec" files use /tmp in an unsafe way. A clever attacker could, conceivably, make use of this problem to change system files. In this case, the race is very difficult to exploit; it depends, among other things, on knowing when somebody will decide to rebuild a package from the RPM source file.

Updates

CUPS buffer overflow and temporary file creation problems. Check the March 1st LWN Security Summary for the initial report.

This week's updates:

Previous updates: Icecast buffer overflows, first covered in the March 15, 2001 LWN.

This week's updates:

Previous updates:

imap buffer overflows, as discussed in last week's LWN security page.

This week's update:

Previous updates:

sgml-tools temporary file vulnerability. See the March 15th LWN security page for the initial report.

This week's updates:

Previous updates:

slrn buffer overflow. (First reported in March 15, 2001 LWN).

This week's updates:

Previous updates:

Resources

Events

New security paradigms workshop - time is running out. The call for papers for the New Security Paradigms Workshop has a deadline of March 30 - in other words, soon. Since attendance requires the submission of an interesting paper, those who don't get something in before the deadline won't be at the workshop. If you were thinking of going, now is the time to get that abstract together.

Upcoming security events.
Date Event Location
March 26-29, 2001. Distributed Object Computing Security Workshop Annapolis, Maryland, USA.
March 27-28, 2001. eSecurity Boston, MA, USA.
March 28-30, 2001. CanSecWest/core01 Network Security Training Conference Vancouver, British Columbia, Canada.
March 29, 2001. Security of e-Finance and e-Commerce Forum Series Manhattan, New York, USA.
March 30-April 1, 2001. @LANta.CON Doraville, GA, USA.
April 6-8, 2001. Rubi Con 2001 Detroit, MI, USA.
April 8-12, 2001. RSA Conference 2001 San Francisco, CA, USA.
April 20-22, 2001. First annual iC0N security conference Cleveland, Ohio, USA.
April 22-25, 2001. Techno-Security 2001 Myrtle Beach, SC, USA.
April 24-26, 2001. Infosecurity Europe 2001 London, Britain, UK.
May 13-16, 2001. 2001 IEEE Symposium on Security Oakland, CA, USA.
May 13-16, 2001. CHES 2001 Paris, France.

For additional security-related events, included training courses (which we don't list above) and events further in the future, check out Security Focus' calendar, one of the primary resources we use for building the above list. To submit an event directly to us, please send a plain-text message to lwn@lwn.net.

Section Editor: Liz Coolbaugh


March 22, 2001

LWN Resources


Secured Distributions:
Astaro Security
Castle
Engarde Secure Linux
Immunix
Kaladix Linux
NSA Security Enhanced
Openwall GNU/Linux
Trustix

Security Projects
Bastille
Linux Security Audit Project
Linux Security Module
OpenSSH

Security List Archives
Bugtraq Archive
Firewall Wizards Archive
ISN Archive

Distribution-specific links
Caldera Advisories
Conectiva Updates
Debian Alerts
Kondara Advisories
Esware Alerts
LinuxPPC Security Updates
Mandrake Updates
Red Hat Errata
SuSE Announcements
Turbolinux
Yellow Dog Errata

BSD-specific links
BSDi
FreeBSD
NetBSD
OpenBSD

Security mailing lists
Caldera
Cobalt
Conectiva
Debian
Esware
FreeBSD
Kondara
LASER5
Linux From Scratch
Linux-Mandrake
NetBSD
OpenBSD
Red Hat
Slackware
Stampede
SuSE
Trustix
turboLinux
Yellow Dog

Security Software Archives
munitions
ZedZ.net (formerly replay.com)

Miscellaneous Resources
CERT
CIAC
Comp Sec News Daily
Crypto-GRAM
LinuxLock.org
LinuxSecurity.com
Security Focus
SecurityPortal

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 On the Desktop
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Kernel page.

Kernel development


The current kernel release is still 2.4.2. The current prepatch is 2.4.3pre6, released early in the morning on March 21. The patch log file is, as of this writing, only updated to 2.4.3pre5, however.

No 2.2.19 prepatches have been released this week.

Changing the memory map semaphore. One of the changes that is now in the 2.4.3 prepatch is a new memory map locking scheme implemented by Rik van Riel. The memory map semaphore controls access to the various virtual memory areas and page tables used by a process; it is intended to keep concurrent activities, such as page faults, memory map changes, and informational queries from stepping on each other. It is a fundamental part of how the virtual memory system works.

It also, seemingly, is a performance problem. For example programs that use the /proc interface to get process information can find themselves blocked for long periods of time. Page faults, too, can be slowed down, even when they occur in different places and should not conflict with each other. Multi-threaded programs, such as the MySQL server or Apache 2.0, are restricted to handling just one page fault at a time across the whole set of threads. In some cases, this restriction can lead to very poor performance.

Rik's change is to turn the memory map semaphore into a variant known as a reader-writer semaphore (or R/W semaphore). These semaphores allow multiple threads to access a common data structure simultaneously, as long as none of them make any changes. Once somebody needs to change things, it must wait until all of the readers have finished their business, then lock them out for the duration of the change.

An R/W semaphore suits this situation well, since both the /proc and page fault cases do not actually need to change the memory map. With the change applied, the system can do more things simultaneously. Even on uniprocessor systems, things will work better, since work need not wait for the resolution of a page fault, which can involve disk activity.

It's also a relatively fundamental and scary change for a stable kernel release. Even Linus, while accepting the change, is a little nervous about it:

I'm applying this to my tree - I'm not exactly comfortable with this during the 2.4.x timeframe, but at the same time I'm even less comfortable with the current alternative, which is to make the regular semaphores fairer (we tried it once, and the implementation had problems, I'm not going to try that again during 2.4.x).

The patch also, as of 2.4.3pre5, "has only been tested on i386 without PAE, and is known to break other architectures." There have been some good reports, though, on the performance effects of this patch. But it may mean that the real 2.4.3 will not be out for a while yet, since Linus will want to give it some time to stabilize and prove that everything works.

Global kernel analysis. Dawson Engler, at Stanford, has put together an extension to the gcc compiler which allows it to perform detailed, global analysis of a body of code and point out a number of possible bugs. Over the last week, he and his students have been posting the results of this work. They have found some impressive things, including:

  • Places where pointers are interpreted as user-space addresses (i.e. they are passed to a function like copy_to_user), but where the same pointer is also dereferenced directly (nine cases). Kernel code running in process context can generally get away with that sort of reference, but it's risky for a few reasons. The user-space address may not be valid (or the page could have been swapped out since the kernel last checked), and there are security implications as well.

  • Large variables on the kernel stack (22 cases, plus a few more when devfs is used). The kernel stack is limited in size, and putting large variables there risks overflowing the allocated space.

  • Various locking bugs (16 cases). These include paths that could take out a lock and forget to unlock it, and potential misuse of the processor state flags.

  • Places where kernel memory is used after it has been freed 14 cases.

  • Inconsistent treatment of interrupts (28 cases). Code that sometimes runs with interrupts enabled and other times not is likely to be buggy; functions which sometimes forget to reenable interrupts certainly are.

  • Places where a pointer returned by a function that can fail is not checked (120 cases).

  • Calls to functions that can block while interrupts are disabled or spinlocks are held (163 cases). Kernel code, of course, should not block in either case, or serious performance problems (or deadlocks) can result.

The response from the kernel hackers has been quite positive, for one simple reason: quite a few new bugs have been found. Many of the things being tested for are the sort of subtle bug that can be very easy to create and hard to track down.

The tool that is doing this work is called "MC" ("meta-level compilation"); it was created by a team headed by Mr. Engler and sponsored by DARPA grant MDA904-98-C-A933. MC defines an extension language for gcc called "metal," which can be used to program specific checks to be applied to the code. Here, for example, is a piece of code which looks for errors in enabling and disabling interrupts:

{ #include "linux-includes.h" }
sm check_interrupts {
  // Variables used in patterns
  decl { unsigned } flags;

  // Patterns to specify enable/disable functions
  pat enable = { sti(); }
             | { restore_flags(flags); };
  pat disable = { cli(); };

  // States
  // The first state is the initial state
  is_enabled: disable ==> is_disabled
     | enable ==> { err("double enable"); };
  is_disabled: enable ==> is_enabled
     | disable ==> { err("double disable"); }
     // Special pattern that matches when the SM
     // hits the end of any path in this state
     | $end_of_path$ ==> { err("exiting w/intr disabled!"); };
}

Those who are interested in MC should check out Mr. Engler's paper "Checking system rules using system-specific, programmer-written compiler extensions," which is available on the net in PostScript format. The code fragment above was taken from that paper. Please don't bug Mr. Engler about obtaining the code, however; the system is still under development and has not yet been generally released. In time, however, it should become part of the standard kernel hacker's toolkit.

JFFS2 released. The folks at Red Hat have announced the release of the JFFS2 filesystem. It's a complete reimplementation of Axis Communications' Journaling Flash Filesystem, with a number of improvements. It's available via CVS, and only works with the 2.4 kernel. An iPAQ kernel with JFFS2 built in is available as well.

Help out the kernel manual pages. Andries Brouwer has released man-pages-1.35. In the announcement, he notes:

David Mosberger expressed his worry that especially man page Section 2 is out-dated and x86 specific, with no indication that other architectures even exist. No doubt he is right.

So the request has gone out: please point out the man pages that are wrong, and, if possible, supply fixes while you're at it. This is a good way for people to help out without having to actually hack on the kernel code.

FSM's kernel patch. Kernel patches do not normally come with press releases, or, at least, they didn't. This week, FSMLabs (the RTLinux company) announced that it had released a memory management patch. It seems that a memory management change in 2.4 creates some difficulties for RTLinux, so they went and developed a fix. And announced it to the world.

The patch itself is quite small, especially considering that the one real chunk of code there is lifted the MIPS version of <asm/pgalloc.h>. It adds a couple of big kernel lock invocations, and a function which propagates page directory changes across processes and CPUs. That's evidently enough to restore low latency on a reliable basis for real-time tasks.

Other patches and updates released this week include:

Section Editor: Jonathan Corbet


March 22, 2001

For other kernel news, see:

Other resources:

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 On the Desktop
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Distributions page.

Lists of Distributions
distrowatch
ibiblio
Kernelnotes
Linux.com
LinuxLinks
Woven Goods

Embedded Distributions:
3ilinux
Bifrost

BluePoint Embedded
Compact Linux
Coollinux
DSPLinux
ELinOS
ELKS
Embedded Debian
Embedix
Etlinux
FlightLinux
Hard Hat Linux
Jailbait
Linux/Coldfire
LEM
Midori
NeoLinux
OnCore Systems
PeeWeeLinux
RedBlue Linux
RedIce-Linux
Royal Linux
RTLinux
Tynux
uClinux
White Dwarf Linux

Handhelds/PDAs
Agenda-VR
Familiar (iPAQ)
Intimate (iPAQ)
Linux DA
PocketLinux
PsiLinux

Secured Distributions:
Astaro Security
Castle
Engarde Secure Linux
Immunix
Kaladix Linux
NSA Security Enhanced
Openwall GNU/Linux
Trustix

Special Purpose/Mini
2-Disk Xwindow System
Mindi Linux
SmoothWall

Floppy-based
Brutalware
BYLD
Coyote Linux
DLX
Fd Linux
Fli4l (Floppy ISDN/DSL)
floppyfw
Floppix
FREESCO
Linux in a Pillbox (LIAP)
Linux Router Project
LOAF
muLinux
Nuclinux
Proxyfloppy
ShareTheNet
Small Linux
Tomsrtbt
Viralinux_II

CD-based
BasicLinux
BBLCD Toolkit
CDLinux
Crash Recovery Kit
DemoLinux
Devil-Linux
Finnix
Gibraltar
innominate Bootable Business Card
Linuxcare Bootable Business Card
LNX-BBC
MkCDrec
RunOnCD
Sentry Firewall
SuperRescue
Timo's Rescue CD
Ututo
Virtual Linux

Zip disk-based
NBROK
ZipSlack

Small Disk
hal91
MicroLinux
--> Peanut Linux
PKLinux
Relax Linux
TA-Linux
Tomukas
ttylinux
VectorLinux

Wireless
Bambi Linux
Flying Linux

Hardware-specific
(ARM)
ARM Linux
(Beowulf)
Scyld Beowulf
(IBM)
Think Blue Linux
(Oracle's NIC)
NIC Linux
(PA-RISC)
PA-RISC Linux
(Playstation)
Runix
(PowerPC)
Black Lab Linux
LinuxPPC
MkLinux
Yellow Dog
(Sparc)
Splack
UltraLinux
(Older Intel)
ClarkConnect
Monkey Linux
TINY

DOS/Windows install
Armed Linux
DragonLinux
Phat Linux

Diskless Terminal
GNU/Linux TerminalServer for Schools
K12LTSP
LTSP
Pygmy
Xdenu

Distributions


Please note that security updates from the various distributions are covered in the security section.

News and Editorials

Linux Distribution Quiz. BBspot is running this Linux distribution quiz. The page lists 15 possible distribution names and asks if they are real or fake. Of course we know that our usual Distributions editor Liz Coolbaugh would get a perfect score, but she's in Singapore. This LWN editor managed to score 11 out of 15. So test your knowledge, no fair peeking at the sidebars. Later on I'll introduce the two very real Linux distributions that I thought were fake. (Thanks to Lenz Grimmer)

Progeny Debian Release Candidate 1. The first release candidate version of Progeny Debian is out. See the announcement for a list of what this distribution includes; it looks like they may have made some substantial progress in improving the famously difficult Debian installation process. The official release is scheduled for the end of this month, with a boxed version available in April. Progeny's Bruce Byfield described Progeny Debian as "the foundation of Progeny's other development work, including Linux NOW, a revolutionary new tool that will make a network of Linux workstations appear as a single system for administration and general use. However, Progeny also perceived the need for a mediator between Debian and the general community of users that could provide an easier install and an extra testing cycle that could produce more timely releases."

A developer's perspective on Transmeta's Midori Linux (LinuxDevices). Jerry Epplin wrote this developer's view of Midori Linux. "Transmeta produces a line of low-power x86-compatible processors for notebook computers and embedded devices. These processors have an interesting and controversial design which, in combination with Transmeta's smart marketing move of hiring Linus Torvalds (the creator of Linux), has resulted in press attention far out of proportion to the company's small size. Thus, an old embedded system curmudgeon might be forgiven for expecting that the release of Midori Linux would be little more than a public relations move."

SuSE points all guns at Red Hat (LinuxToday.au). SuSE appears to have a market lead in the US, if you believe all the reports of late. This decidedly pro-SuSE article suggests that market share change could reach Australia too. "In the next few months, Linux professionals in Australia might expect to see Australian businesses following their US counterparts and trying Suse Linux. Australia has always typically followed the United States in terms of server popularity, and Linux really has been no exception."

Debian project at German CeBIT exhibition. Look for the Debian staff at CeBIT. There will be a Debian project sub-booth at the Linuxland stand (Hall 6, Booth F10/D08), staffed by Ingo Saitz and Michael Bramer.

Distribution News

Caldera OpenLinux Workstation enters open beta. Caldera Systems has announced that its "OpenLinux Workstation 3.1" product will go into an open beta test period starting March 22. It includes the obligatory 2.4 kernel and other new stuff. There's no explanation of where the name comes from - the previous version was "OpenLinux eDesktop 2.4."

Libranet Linux 1.9.0 released. Libranet 1.9.0 has been announced. This version of this (Debian-derived) distribution includes a number of new goodies, including the 2.4.2 kernel and KDE 2.1.

K12Linux - LTSP. The first public release of K12Linux is out now. K12Linux - LTSP is a terminal server distribution designed for classroom use. The Linux Terminal Server Project (LTSP) created a set of easy-to-use packages for K12Linux.

MandrakeSoft launches MandrakeFreq. MandrakeFreq is a new program that allows users to test the new features of the Linux-Mandrake distribution in between each official release. These are releases from the stable tree, not the "Cooker" experimental distribution, but they are beta versions.

SuSE Linux 7.1 ftp-version. This announcement in English and German contains the ftp sites, and mirror sites for downloading SuSE Linux 7.1.

Second Bug-Squashing Party results. The second Debian bug-squashing party was a great success. Bug squash number 3 should be coming up in a few weeks.

New Distributions

ChainSaw and Antarctic Linux. As promised, here are two distributions found through the BBspot quiz. Both have been around for a while, but they are new to LWN.

ChainSaw Linux was developed to run bleeding edge kernels. More recently a separate version of ChainSaw has focused on video editing.

While Antarctica Linux does seem to be a real distribution, its web site seems to be down. Google lists Antarctica as "a Linux operating system distribution designed for ease of use and simple installation."

Minor Distribution updates

Red Hat updates to rpm and db3. Red Hat has issued this update to rpm for all versions of its distribution from 5.2 on. Installing this update will be a big change, especially for users of versions 5.x and 6.x (who will also need to install the db3 update to make things work). Going backward to older versions of rpm will not be easy if the new rpm does not work out. Read the advisory carefully before proceeding. Even if Linus says that backups are for wimps, we suggest that you back up your data first.

Distribution Reviews

An interview with Midori Linux project leader Dan Quinlan (LinuxDevices). Rick Lehrbaum interviews Midori Linux project leader Dan Quinlan. When asked why Transmeta would want to create a new distribution Quinlan replied, "Although to date Crusoe sales have mostly been in the notebook computer space, Midori is not meant for notebook computers. We expect standard Linux distributions to be used in notebooks, with perhaps a few minor additions to better support Crusoe's power management features such as "LongRun". Instead, the focus of Midori is on small devices like Web pads, rather than notebook computers, where system resources such as RAM and Flash memory tend to be very limited, where you don't have hundreds of megs of RAM or disk space."

Uncovering the secrets of SE Linux: Part 2 (IBM developerWorks). In part 2 of this article, the US National Security Agency's security enhanced version of Linux is examined more closely, dissecting how the security_av is computed and examining how other SE Linux security features are invoked. There's also a new release of the NSA's Security-Enhanced Linux out that is based on the 2.4.2 kernel.

SuSE Linux Professional 7.1 (C|Net). C|Net awards the latest release of SuSE Linux Professional its Editors Choice, saying its ease of use rivals Linux-Mandrake. "Power users will like the option of installing two kernels, 2.4 and 2.2.18. With both installed, you'll be able to select the kernel you want to boot, using SuSE's graphical LILO--a neat feature, and one that only SuSE offers."

Icepack Linux (ZDNet). ZDNet reviews Icepack Linux. "We recommend Icepack Linux as a fine distribution for Windows users, especially beginners, but we end with one significant caveat. It supports only fixed IP addresses, not dynamic IP, for Ethernet LANs. This will disadvantage networks designed to share a single cable/DSL Internet connection through DHCP -- a very curious design decision."

Section Editor: Rebecca Sobol


March 22, 2001

Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed.


Leading
Caldera OpenLinux
Debian GNU/Linux
Linux-Mandrake
Red Hat
Slackware
SuSE
TurboLinux

Also well-known
ASPLinux
Best Linux
Conectiva Linux
e-smith

Progeny
Rock Linux

Non-technical desktop
easyLinux
Icepack Linux
Independence
LibraNet
Redmond Linux
WinSlack

Education
Boston University
kmLinux
LinuxFromScratch
OpenClassroom
Red Escolar

General Purpose
Alzza Linux
aXon Linux
Bad Penguin Linux
BearOps
Black Cat Linux
BluePoint Linux
BYO Linux
CAEN Linux
Cafe Linux
ChainSaw Linux
Circle MUDLinux
cLIeNUX
Complete Linux
Console Linux
Corel Linux
CRUX
Darkstar Linux
DLite
easyLinux
Elfstone Linux
ESware Linux
Eurielec Linux
eXecutive Linux
Fried Chicken
FTOSX
FullPliant
Gentoo
Go!Linux
HA Linux
Halloween Linux
HispaFuentes
IceLinux
Ivrix
ix86 Linux
J-LINUX
JBLinux
Jurix
KRUD
KSI-Linux
Lanthan Linux
Laonux
LASER5
Leetnux
Linpus Linux
Linux Cyrillic Edition
Linux MLD
LinuxOne OS
LinuxPPP
Linux Pro Plus
Linux-SIS
LNX System
LoopLinux
LSD
Lute Linux
MageNet
Mastodon
MaxOS
minilinux
MSC.Linux

NoMad Linux
Omoikane GNU/Linux
PingOO Linux
Plamo Linux
PLD
Project Ballantain
PROSA
Rabid Squirrel
Repairlix
Root Linux
Scrudgeware
Serial Terminal
Sorcerer
spyLinux
Stampede
Stataboware
TechLinux
TimeSys Linux/RT
Tom Linux
Trinux
Turkuaz
Ute-Linux
VA-enhanced Red Hat
Vine Linux
Virtual Linux
WholeLinux
WinLinux 2000
XTeamLinux
ZipSpeak

Country-specific
Argentina
GNU/Linux Ututo
Britain
Definite Linux
Eridani
China
COSIX
Red Flag
France
Linux/MNIS
Italy
LinuxEspresso
Madeinlinux
Vedova
Spain
Linux Esware
Thailand
Kaiwal Linux
Thai Linux Extension

Related Projects
Chinese Linux Extension

Historical (Non-active)
Dualix
Gentus
Giotto
MCC Interim Linux
OS2000
Storm Linux


   

Sections:
 Main page
 Security
 Kernel
 Distributions
 On the Desktop
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's On the Desktop page.


Note: An asterisk (*) denotes a proprietary product, (w) denotes WINE based tools.

Office Suites
Ability (*)(w)
Anywhere Desktop (*)
(formerly "Applixware")
GNOME Office
HancomOffice
KOffice
StarOffice / OpenOffice
Siag Office
WordPerfect Office 2000 (*)(w)

Java / Web Office Suites
ThinkFree Office (*)
Teamware Office (*)
Cybozu Office (*)

Desktop Publishing
AbiWord
iceSculptor (*)
Impress
Maxwell Word Processor
Mediascape Artstream (*)
Scribus

Web Browsers
Mozilla
Netscape (*)
Opera (*)
Konqueror
Galeon

Handheld Tools
KPilot
JPilot
Palm Pilot Resources
Pilot Link
SynCal

On The Desktop


Make the PDA Web-Centric and the world will beat a path to your Pocket(Linux)

PocketLinux CEO Tim Wilkinson says Java and XML are the right choices for the handheld market, and his company is out to prove it.

[Tim Wilkinson, CEO, Transvirtual Technologies]
New York - Tim Wilkinson, CEO and Chairman of PocketLinux maker Transvirtual Technologies, never expected to have fun being a business man. "I'm a technology guy. Up until our announcement at LinuxWorld in San Jose in 2000 we were all engineers. When we went public the inquiries started pouring in. Then I knew that there were things that I had to do or they wouldn't get done. We'd lose that business. But it has been a truly educational experience, and a truly enjoyable one, which I wouldn't have thought." Not profitable now, though they were before taking in their first round of funding. They'll be taking another round of funding this year.

PocketLinux began as a small company founded by Wilkinson and Peter Mehlitz in 1997. Up to that point Wilkinson had been working on open source Java implementation while living in Stockholm.

"In the winter it was -17 degrees, with 3 hours of daylight," noted the energetic CEO. "I was working for Ericsson doing a very boring job. If I'd had any sense I'd have been dating Swedish women, but instead I started working on my own Java virtual machine (JVM) for FreeBSD." This, of course, is the now famous Kaffe implementation.

Tim then moved on to work on a Java smart card for Schlumberger working with Scott Guthrie where they continued work on Wilkinson's JVM. While working on that project he realized there was demand for Java in a number of different markets. They moved to California to form Transvirtual to commercialize Kaffe. At the end of 1999, while working on the Itsy project with Compaq, they started to put the Ice Web browser on a PDA under Java. This proof of concept showed how putting applications on a PDA using Web technology instead of using C++ or some other programming language made for a more meaningful design.

"Most applications tend to be point and click anyway, and that's what the Web is." It was this model that Transvirtual decided was the right way to handle PDAs. They went out to raise money on their own, started talking to hardware vendors, and started work on PocketLinux.

"PocketLinux is a stripped down version of the Linux kernel and Kaffe, the Java virtual machine we wrote. We then added an application framework for writing applications in XML - all the data is XML, all the visuals are XML, all the communications is XML. The initial debut was at LinuxWorld San Jose in 2000."

Response has been strong, and not just from PDA vendors. "We have PocketLinux running on a TV back at the office, we've talked to companies about doing it on cell phones and car navigation systems." According to Wilkinson, in Japan Java-enabled applications are big on cell phones. "We're trying to set up a Japanese office to work with the device manufacturers over there." Wilkinson has actually talked to a number of people, but he couldn't elaborate. "We have a bunch of things in motion, but we can't disclose them yet. They're all in Asia, however. All the interesting device makers are in Asia - the Sonys of the world."

Transvirtual is trying to build a ubiquitous platform, one that doesn't care if it's running on StrongARM or MIPS or x86, one that is Web based and Java based and, in time, Javascript enabled. Users don't care about the processors and developers don't want to care. "This stuff will work on all of these devices unchanged. This makes multimedia possible because the hardware is faster but the abstractions make it cheap."

"We chose XML to make it easier to sync between devices." While Linux didn't help much in that area, it did provide an easier way to get Kaffe running on the devices of interest. "It saved us a lot of man hours to get up and running."

But with all this abstraction of applications in XML and Java, multimedia could potentially suffer. Graphics applications are always happier when they're closer to the hardware. Wilkinson says "You can embed video the same way the Web does now, by embedding frames that use the frame buffer to get direct access to the hardware. You don't have to use the XHTML abstraction. You can structure it as shared library or a separate entity. The video demonstration we have is done like that. It's a completely separate process. We just say 'here is your screen space, now draw to it however you like'."

While Wilkinson doesn't want to take Kaffe to other platforms, it would be possible. "The problem is our customers are the hardware device manufacturers and right now their pissed with WindowsCE in general, partly because of performance and partly because of the closed nature of that platform. It's both cultural and technological. They're looking for alternatives."

Right now Transvirtual's biggest problem is hiring really good low level Linux hackers. "We have a couple of guys but could use another 10," he says. But at LinuxWorld New York this year, the focus was still on getting the word out to developers. The company was actually showing PocketLinux 2.0, an unreleased version of the system (version 1.0 is available from the PocketLinux web site).

While the Compaq iPAQ was the display model of choice for demonstrations (along with a few other models), there are a whole slew of new devices running some version of Linux on the way or already here. And with so many available platforms, PocketLinux is bound to find its niche.

Desktop Environments

GNOME 1.4 Release Candidate 1 available. GNOME 1.4 got one step closer to reality this week as Release Candidate 1 was made available for download. Along with this, the GNOME Foundation also released some additional tools. "Also available at this time is the GNOME Fifth Toe 1.4 RC 1 release, which is a collection of additional packages that are not part of the core desktop but are designed to work well with gnome."

Eazel announces launch of Nautilus 1.0. While GNOME 1.4 got closer, Nautilus 1.0 got real. Here is the press release from Eazel which made the launch of Nautilus 1.0 official. The company also announced this past week a new version of its software catalog service.

Nautilus: here today. Eazel: gone tomorrow? (ZDNet). Immediately after the Nautilus release, Eazel announced the layoffs of half of its staff. ZDNet examined what the future might hold for Nautilus, with or without Eazel. "How can Nautilus look forward to a rosy future while parent company Eazel gasps for venture capital? Simple: the GPL. The GPL ensures developers and users alike that the code will have a life of its own, apart from the economic health of any associated commercial vendors."

Evolution 0.9 released. Not to be denied a spot on the release train, the folks at Ximian released Evolution 0.9, the latest pre-release of the GNOME mail, calendar and address book application. This was a bug fix release with a few new features and a few features pulled out that won't be ready for the 1.0 release, scheduled for some time in the near future. contains a number of new features and bug fixes, and appears to be rapidly heading toward its 1.0 release.

Kernel Cousin KDE Issue #2 is Out. This week's KC KDE has 14 topics covering RealPlayer 8 and KDE2 integration, HTML form completion in Konqueror, the new KDE2 scanner library and GUI, SDI vs MDI, kISDN and kppp integration, and more.

KOffice.org relaunched. The only other news this week on the KDE front came from the relaunch of the KDE Office web site. No word on if there was any real reason for the changes.

GNUStep. While the GNUStep Weekly Update offers information only a developer could love, LinuxFocus provided a little more useful information for end users in their article on GNUStep environment. If you aren't familiar with GNUStep, you should known that it A) is based on the well designed but often forgotten NeXT platform's OpenStep environment and b) it requires the Window Maker window manager to provide the front end interface. "NeXT decided to port the [GUI] framework to different OSes such as Sun, for instance. This API was called OpenStep. From there, GNU started a big project, GNUStep, to build a free OpenStep implementation."

Office Applications

Applix sells VistaSource. Not much news on the office application front this week. The big news probably had to be the announcement that Applix has agreed the sale of VistaSource. The new owner will be Parallax Capital Partners; evidently no layoffs are planned.

Take a Letter, Rex! Applixware is Coming to System/390 Linux (Enterprise Linux Today). This story from Enterprise Linux Today suggests that the VistaSource acquisition by Parallax Capital Partners is unlikely to be the death of ApplixWare. "Zimmer says VistaSource hasn't set a release date for the S/390 port yet, and that "many things have yet to be determined" about product announcements after the acquisition. This doesn't mean, however, that the S/390 product is vaporware. In fact, Applixware Words and Applixware Spreadsheets are already running in the development environment, with the other components of Applixware Office following close behind."

Gnumeric 0.64. While still not to 1.0, the GNOME spreadsheet is starting to look and act more like a professional tool. Gnumeric 0.64 was released this past week. This is a release candidate for GNOME 1.4, though it's anyones guess if that means we'll jump to a 1.0 Gnumeric with GNOME 1.4.

Desktop Applications

Opera 5, Beta 7 for Linux. Noted this week: Opera released another beta version of its Opera 5 browser for Linux. While the "days left" dialog has been removed, an advertising banner has been added in the upper left. I guess you have to pay the bills somehow.

KuickShow for KDE 2.1. KuickShow, an image viewer based on Rasterman's Imlib and known for its "blazing speed", has a new version for KDE 2.1. KDE Dot News reports: "You won't be disappointed by the latest release for KDE 2.1 -- I was blown away. It's even noticeably faster than the venerable XV".

Paul Nolan Software Launches Photogenics 5.0 for Linux. With GIMP 1.2 firmly in the hands of the worshiping masses, it can be easy to overlook alternative graphics applications. One interesting (proprietary) tool comes from independent developer Paul Nolan. This week he released Photogenics 5.0 for Linux through the new Photogenics eStore. With features like Paint Layer Technology, which allows you to paint out mistakes (instead of using levels of undo as in GIMP), Photogenics offers a unique alternative for the Linux artist.

Other Desktop News

.comment: A Whole New Desktop with Anti-Aliasing (LinuxPlanet). This week LinuxPlanet ran a lengthy article on using antialiased fonts with KDE. "As you have probably heard, Keith Packard's Xft extension, which had been available hacked into versions of QT since 2.2.3, took up permanent and official residence there with last week's release of QT-2.3.0. This means that if you build QT with the -xft compile option (or obtain a binary that has it compiled in), and you do a few more things I'll discuss in a moment, you'll have anti-aliased screen fonts. They are a joy."

Fiorina sees darkness on tech horizon (News.com). As the lead in story for this week's On the Desktop notes, there are a slew of Linux handheld options available these days. While Carly Fiorina was escorting the Tech Reaper in this C|Net article, the interested reader would have noticed it also mentions, near the bottom, Sharp's jump into the Linux handheld market. Previously, Sharp had been using their own proprietary operating system on its handhelds.

Section Editor: Michael J. Hammel


March 22, 2001


Note: An asterisk (*) denotes a proprietary product, (w) denotes WINE based tools.

Desktop Environments
GNOME
GNUstep
KDE
XFce

Window Managers (WM's)
Afterstep
Enlightenment
FVMW2
IceWM
Sawfish
WindowMaker

Minimalist Environments
Blackbox

Widget Sets
GTK+
Qt

Desktop Graphics
CorelDRAW (*)(w)
GIMP
Kontour
Photogenics (*)
Sketch

Windows on Linux
WINE
Win4Lin
VMWare

Kids S/W
Linux For Kids

Send link submissions to lwn@lwn.net

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 On the Desktop
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Development page.

Development projects


News and Editorials

The ALSA (Advanced Linux Sound Architecture) sound driver provides an alternative to the older and more common OSS/Free driver. The ALSA project has been around since early 1998 and has achieved a level of stability that makes it worthy as a substitute for OSS/Free. The project is currently working toward the 0.9 stable release; the third 0.9 beta release came out on March 20. The question that comes up is: why use ALSA?

[ALSA] The ALSA Introduction sheds some light on the question. The goals of the ALSA project include maintaining backwards compatibility with the OSS/Free API while providing a more capable Library API for ALSA based systems. This allows a large number of existing OSS/Free based applications to run with the ALSA driver. The OSS compatibility is provided via an optional set of loadable modules, so those who do not require backwards compatibility need not expend unnecessary system resources on it. In addition to being able to run OSS applications, the ALSA driver has a number of native applications that use the ALSA Library API.

One of the more obvious differences between ALSA and OSS/Free is that a working ALSA based system uses a number of small loadable modules, whereas OSS comes in the form of one large module. If MIDI support is not required, the module need not be loaded. This makes ALSA a good candidate for embedded Linux applications.

The ALSA sequencer code is designed to give better response times for MIDI sequencer functions, making an ALSA based system suitable for a wider variety of uses than just simple playback. The goal of this part of the project is to be able to run real-time MIDI functions on Linux that compare with older Macintosh and Atari ST systems, a non-trivial feat on a multitasking OS like Linux.

The ALSA API is more fully featured than the OSS/Free API and utilizes more of the features found on modern sound cards. It may be necessary to switch to ALSA in order to utilize all of the features of newer sound chips, such as the digital audio input on the nifty CMI8738/PCI chip, which supports true 44.1Khz digital audio input without noisy resampling. The OSS/Free API closely mirrors the hardware design of older SoundBlaster sound cards, but that is a design that is becoming increasingly outdated. Since they have started from the beginning, the ALSA developers have, presumably, been able to study the shortcomings of the older drivers and work on those weaknesses.

ALSA is not currently supported by all of the major Linux distributions, for instance, it is included with SuSE, but not with Red Hat. Installation on a Red Hat system requires removal of the OSS driver and addition of the ALSA modules in the /etc/modules.conf file. This process is detailed in the the ALSA documentation, but is nonetheless a non-trivial job that would likely scare off those who are new to Linux. The SuSE distribution makes the ALSA driver installation fairly easy. ALSA will likely be included in the Linux 2.5 series kernels natively, if that happens, it will probably show up as an option in more Linux distributions. Give ALSA a try, it works rather nicely.

Richard Stallman on Savannah. Last week's LWN development page looked at project hosting sites including Savannah, the GNU project's SourceForge-based project hosting site. Richard Stallman wrote a letter to LWN that clarifies some of the issues that we reported on. Among other things, Savannah is currently only open to GNU projects. We also made the mistake of grouping Savannah with "open source" hosting sites; it should be listed as a "free software project" hosting site.

Backup Software

Announcing Paranoid Backup. A new Perl based backup system, Paranoid Backup, has been announced. "Paranoid Backup is designed to work with cheap tape drives and cheap tapes without shoeshining or losing data; to never overwrite old backups; and to use as few tapes as possible."

Clusters

New stable release of heartbeat. Heartbeat 0.4.9, a new stable version of the heartbeat clustering code, has been announced. It is the first version tested by the automated Cluster Test System (CTS) which allows it to be hammered with tens of thousands of failovers. "This is a significant milestone for the project, and contains a great many new features and bug fixes from many contributors, new and old".

Databases

An Introduction to MySQL. The MySQL site has started a new articles section; An introduction to MySQL is the first feature article.

PostgreSQL Non-FAQ Documentation. A new set of PostgreSQL documents has been published by Justin Clift. Included are quick reference materials, bug workarounds, performance tips, and more.

Documentation

LDP Weekly News, March 20th, 2001. Changes at the Linux Documentation Project this week include updates to the NVidia Configuration guide and the modem howto, along with a new document on how to write HOWTO documents using LinuxDoc.

Here, also, is the Linux Documentation Project Weekly News for March 13, 2001, which managed to escape mention in last week's LWN. It covers the new Bugzilla guide, an ambitious Malay translation project, and updates to several documents.

Education

SEUL/edu Linux in Education Report. The SEUL/edu Linux in Education Report for March 19, 2001 is out. This issue features discussions of teaching systems administration to students, using Linux for teaching English as a second language, and more.

Embedded Systems

BusyBox 0.50 released. A new version of BusyBox has been released. BusyBox provides a number of common command line utilities in a single binary file.. "This release adds several new applets including ifconfig, route, pivot_root, stty, and tftp, and also fixes tons of bugs. Tab completion in the shell is now working very well, and the shell's environment variable expansion was fixed. Tons of other things were fixed or made smaller."

Peer to Peer

The practice of peer-to-peer computing: Introduction and history (IBM developerWorks). Todd Sundsted discusses peer-to-peer computing in an IBM developerWorks article. "In spite of the hype, P2P computing is important, and it's beginning to look like the paradigm with a large enough slice of mindshare to move a number of promising technologies from the wings into the limelight. Therefore, it's important to understand where P2P computing fits into the broader technological landscape."

Standards

Linux standard deviation impedes developers (ZDNet). Examining the flipside to the advantage of Linux distribution diversity, ZDNet looks at the issues applications developers face with so many choices. "There are many reasons you don't see a lot of commercial application software for Linux, but I have to put the lack of a single porting standard near the top. In my view, it even impedes the progress of open source software. The effort spent porting code and packages to multiple distributions is effort that could -- and should -- be spent making the packages themselves better."

LSB-OS test suite beta. LSB-OS 0.7beta has hit the wires. This is an additional test set that gives further API coverage in support of the Linux Standard Base.

Window Systems

KDE-Women launches. [Katie] A new site at women.kde.org has hit the net. As stated in the introduction: "We want to build an international KDE forum for women by providing a place where women can present what they already contribute to KDE and where women, who want to contribute, find a starting point."

GtkFB: GTK+ for the Linux Framebuffer (LinuxDevices). LinuxDevices has run an article by Red Hat's Alexander Larsson on using GTK+ without the X Window System. "In the upcoming GTK+2.0 release, GTK+ will support rendering directly to the framebuffer instead of using the X Window System. This is good for embedded systems such as PDAs and other systems with very limited resources, because they are able to run without the overhead of an X server while still taking advantage of the power of GTK+ and the large base of existing programs."

Web application servers

Zope 2.3.1 beta 3. The third beta release of Zope 2.3.1 has been announced. See the changelog for a full list of what has gone into this release - it is almost entirely bug fixes.

Section Editor: Forrest Cook


March 22, 2001


Application Links
GIMP
Mozilla
Galeon
High Availability
ht://Dig
mnoGoSearch
MagicPoint
Wine
Worldforge
Zope

Open Source Code Collections
Berlios
Freshmeat
OpenSourceDirectory
Savannah
Le Serveur Libre
SourceForge
Sweetcode

   

 

Programming Languages


Caml

Objective Caml 3.01 released. A new release of Objective Caml has been released. "Caml is a strongly-typed functional programming language from the ML family." (Thanks to David Mentre)

Haskell

Why People Aren't Using Haskell. Dejan Jelovi discusses the slow rise of the Haskell language. "The fact that Perl, Python and Ruby have become popular while Haskell has stayed a marginal language is a failure of the Haskell community. The Haskell community has failed to build a useful distribution [of] Haskell, and it has failed to position the language as something that people can use to solve their problems." An interesting read.

Java

Using Tomcat (O'Reilly). James Goodwill writes about Apache's Jakarta-Tomcat server in an O'Reilly OnJava.com article. "The Tomcat server is a Java-based Web Application container that was created to run Servlet and JavaServer Page web applications. It has become the reference implementation for both the Servlet and JSP specifications. The purpose of this first article is to give you a basic understanding of web applications."

Lisp

Gnu CLISP 2.25 released. A new version of Gnu CLISP is available. This release features non-blocking binary i/o, support for IA-64 under Linux, and better ANSI compliance among other things.

Perl

Perl 5 Porters for March 19, 2001. The March 19, 2001 edition of Perl 5 Porters is out. This week's topics include Perl 5.6.1-TRIAL3, goto, the reset bug, the distributive arrow operator, and more.

The Perl You Need to Know Part 22: Warts and All (Web Developer's virtual library). Aaron Weiss discusses Perl features and gotchas in an article on Web Developer's virtual library. "This month we get negative, putting a big mirror up to the camel that is Perl, and taking stock of its lumps. It's only fair. As a Perl developer, you benefit from knowing not only the strengths and capabilities of a programming language, but also its limitations."

Perl/Tk binary available. New RPM source and binary packages for Perl/Tk have been made available.

PHP

PHP Weekly Summary for March 19, 2001. The March 19, 2001 edition of the PHP Weekly Summary is available. This edition covers PHP 4.0.5 RC1, extensions for YP/NIS+, ClibPDF, IMAP and DBX, and a PHP FastCGI version of PHP.

Python

This week's Python-URL. Dr. Dobb's Python-URL for March 19, 2001 is out with the usual collection of interesting stuff from the Python community.

Python-dev newsletter for March 14. Michael Hudson's Python-dev summary for March 14, 2001 by is out. It covers "a quiet fortnight" in Python development, including a bunch of work on new approaches to numbers and numeric types.

Python 9 conference notes (Python Journal). The Python Journal features notes from the Python 9 conference, recently held in Long Beach, California. Read about Python on the Palm Pilot, PSF projects, big applications, language design, and more.

Using Mix-ins with Python (Linux Journal). Chuck Esterbrook discusses Python mix-ins in a Linux Journal article. "Mix-in programming is a style of software development where units of functionality are created in a class and then mixed in with other classes. This might sound like simple inheritance at first, but a mix-in differs from a traditional class in one or more of the following ways. Often a mix-in is not the ``primary'' superclass of any given class, does not care what class it is used with, is used with many classes scattered throughout the class hierarchy and is introduced dynamically at runtime."

Python creator: Perl users are moving to Python (EnterpriseLinux). Enterprise Linux interviews Guido van Rossum, creator of Python. "if all you need to do is simple text processing, you might use Perl. Python, much more than Perl, encourages clean coding habits to make it easy for other people to follow what you are doing. I've seen a lot of people who were developing in Perl moving to Python because it's easier to use. Where Python wins is when you have users who are not very sophisticated but have to write some code."

gdchart-py 0.6 available. Version 0.6 of gdchart-py has been released. "gdchart-py is a Python interface to GDChart, a library for creating charts and graphs in PNG, JPEG, and GIF format."

Tcl/Tk

Wave Surfer 1.0 released. Version 1.0 of Wave Surfer has been released. "WaveSurfer is a tool for recording, playing, editing, viewing, printing, and labelling audio data. WaveSurfer is suited for a wide range of tasks in speech research and education."

Section Editor: Forrest Cook

 
Language Links
Caml
Caml Hump
Tiny COBOL
Erlang
g95 Fortran
Gnu Compiler Collection (GCC)
Gnu Compiler for the Java Language (GCJ)
Guile
Haskell
IBM Java Zone
Jython
Free the X3J Thirteen (Lisp)
Use Perl
O'Reilly's perl.com
Dr. Dobbs' Perl
PHP
PHP Weekly Summary
Daily Python-URL
Python.org
Python.faqts
Python Eggs
Ruby
Ruby Garden
MIT Scheme
Schemers
Squeak
Smalltalk
Why Smalltalk
Tcl Developer Xchange
Tcl-tk.net
O'Reilly's XML.com
Regular Expressions
   

Sections:
 Main page
 Security
 Kernel
 Distributions
 On the Desktop
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Commerce page.

Linux and Business


Mostly Clusters - IBM, Linux NetworX and VA Linux

IBM eServer Software Drives Infrastructure Expansion. IBM introduced IBM eServer cluster in Linux and UNIX flavors. These systems can tie together a company's entire IT infrastructure, from Web servers to vital back-end workloads like Enterprise Resource Planning and Customer Relationship Management applications. But are they as energy efficient as the z900?

IBM on the energy-saving advantage of z900 Linux. IBM has put out a press release on how a single z900 mainframe, running Linux, uses only 5% of the energy used by "a typical configuration of 750 Sun servers" doing the same thing.

EBIZ to acquire Linux NetworX. EBIZ Enterprises has announced that it will be acquiring Linux NetworX. EBIZ has been on an acquisition spree for a while, picking up companies like LinuxMall.com and Jones Business Systems; this latest move will give it a presence in the cluster arena as well. Linux NetworX will maintain its current research and development operation and sales team in Salt Lake City and will broaden their manufacturing and corporate functions with resources available in the EBIZ Technology Center in Houston.

VA Linux Debuts Powerful Remote Management Solution for Ultradense Servers; VA Linux 100 Manages 1U Server Farms with VACM. VA Linux Systems, Inc. introduced the VA Linux 100, a remote management solution for 1U server farms. VACM, VA's cluster management software allows the VA Linux 100 to turn racks of VA Linux 1120 and 1220 1U servers into unified server arrays and enables systems administrators to manage them securely from anywhere in the world.

More New Products

Metrowerks releases Playstation 2 Tools for Linux. Metrowerks unveiled new development tools technology this week for game developers at the Game Developers Conference (GDC). Metrowerks announced the availability of a new Analysis Tools Kit (ATtaCK) and demonstrated a Linux version of its CodeWarrior for PlayStation2 tools.

Digital Creations Announces Zope-Based Content Management Framework. Digital Creations announced the release of its new Zope-based Content Management Framework (CMF). CMF enables the secure distribution of content to those responsible for maintenance and updates. Templates, role-based permissions, version tracking and rollback features are also part of the CMF.

FSMLabs releases RTLinux box set. RTLinux is now available in a box. FSMLabs has announced the availability of the RTLinux v3.0 CD, an i386 distribution based on Red Hat 6.2. It comes with printed documentation and a set of example programs; it sells for $150.

LynuxWorks, Neomagic to provide Bluecat Linux for handhelds. LynuxWorks, Inc. and NeoMagic Corporation announced they are using LynuxWorks' embedded BlueCat Linux for the NeoMagic System-on-Chip platform for smart handheld devices.

Other

ATI bids $10 million for SONICblue's graphics unit. Graphics chip maker ATI Technologies Inc. announced that it has bid up to $10 million to buy SONICblue Inc.'s graphics division. ATI said it will acquire the SONICblue's FGL Graphics business, which develops Fire GL brand graphics accelerators for the NT and Linux workstation markets.

FreeDevelopers.net 'The Company is the Community' structure. The folks at FreeDevelopers.net have come out with their proposed corporate structure, which, they think, will allow them to put together a truly free, cooperatively-owned software development company.

LinuxWorld.com migrates content, forums to ITworld.com. Here's an impressive bit of spin. IDG's press release on the shutdown of LinuxWorld.com presents the situation this way: "In a move reflecting the rapid adoption of Linux across the enterprise, ITworld.com, the premier Web resource for enterprise IT professionals, today announced it is migrating LinuxWorld.com into ITworld.com beginning next month. This move enables LinuxWorld.com visitors to take advantage of the unique navigation structure of ITworld.com and access a broader base of related content, and allows LinuxWorld.com to reach a wider audience of enterprise IT professionals."

More Linuxgruven. The St. Louis Post-Dispatch has more details on Linuxgruven, their training program and the impact on people who paid for their classes.

This updated statement from Linuxgruven confirms rumors of lay-offs. They are also offering refunds for those in the middle of classes.

See last week's Commerce page for additional Linuxgruven coverage.

LPI-News for the month of March 2001. Topics covered in this issue:

  1. New resource - http://www.lpicert.com
  2. NEC bulk purchases
  3. Sydney Australia - Comdex Show
  4. Chicago Volunteers
  5. Chicago Drawing
  6. JASS
  7. Statistics
  8. International Issues
  9. CeBit in Hannover, Germany

Turbolinux, backed by Dell, Intel, pulls $60 mln IPO. Reuters reports that Turbolinux has withdrawn its proposed initial public offering. The withdrawal letter is also available for those who are interested. The reason, of course, is "current market conditions."

Linux Stock Index for March 15 to March 21, 2001.
LSI at closing on March 15, 2001 ... 30.06
LSI at closing on March 21, 2001 ... 28.69

The high for the week was 30.19
The low for the week was 28.69

Press Releases:

Open source products

Proprietary Products for Linux

Products and Services Using Linux

Products With Linux Versions

Books & Training

Partnerships

Personnel

Financial Results

Linux At Work

Other

Section Editor: Rebecca Sobol.


March 22, 2001

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 On the Desktop
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Linux in the news page.

Linux in the news


Recommended Reading

A Thorn in the MPAA's Side (Wired). Wired News talks with Dave Touretzky, the creator of the Gallery of CSS Descramblers. "'Even if we get this (DeCSS) code distributed everywhere, it's just going to strengthen the hand of the content companies to argue that people can't be trusted to have control of their own computers and the government must enforce controls over computers,' Touretzky said."

Freenet: Will It Smash Copyright Law? (NewsBytes). NewsBytes looks at the FreeNet project. "[FreeNet developer Ian Clarke] thinks that copyrights in general have lost their place in the digital age. 'In my view,' he said, 'copyright has been a failure, in addition to being based on something that simply isn't true: namely, that information is property.'"

Virus plague causes charity to consider Linux (Register). According to The Register, the charity "ActionAid" has gotten fed up with viruses, and is considering a switch to Linux in order to be rid of the problem. "As well as promising 'virus free' computing, adopting the open source operating system might also save the charity much needed funds particularly with the increasing cost of Microsoft's software." (Thanks to Richard Jones).

Open Source Is Alive and Well in Arizona (AZtechBiz.com). Arizona Cooperative Power is managing a Linux project called the MyLinux Pocket Linux Workstation (PLW) Project, which AZtechBiz says is reaching critical mass. "The Hitachi SuperH 32-bit RISC Engine designed into the MyLinux architecture is ideally suited for low-power, high-performance portable applications. It is an advanced processor technology that inspires software and hardware engineers among many others including vendors of components. Epson, Micron Technology, Sharp, Xilinx and Hitachi are among the many MyLinux PLW Project contributors of code, resources, design assistance, support and components. Because of the high-end quality of these components used in the MyLinux PLW, engineers of all types are drawn to the project as excitement and word about it travel the globe via the Internet."

Linux standardization efforts move ahead (News.com). Here is a brief CNET article on the recent progress over at the Free Standards Group. "On Monday, developers released version 1.1 of the Linux Development Platform Specification, said Scott McNeil of the Free Standards Group. ... In addition, on Wednesday the consortium released for public review version 2.2 of its Filesystem Hierarchy Standard, which governs the location of key files used by Linux and Unix".

Companies

Red Hat Drops Anonymous up2date Services, Introduces Service Fees (LinuxToday). Red Hat is dropping its free update services and going to a fee based model. According to this LinuxToday article, that move fits well with Red Hat's partnership with Nautilus maker, Eazel. "Marshall, however, says Red Hat's model will fly based on the fact that Red Hat and Eazel are partnering around Red Hat's deployment of Nautilus as the default file manager on Red Hat distributions in a deal with undisclosed financial elements that will involve the companies sharing revenues from the use of Nautilus as a conduit for Red Hat's update services."

Take a Letter, Rex! Applixware is Coming to System/390 Linux (Enterprise Linux Today). This story from Enterprise Linux Today suggests that the VistaSource acquisition by Parallax Capital Partners is unlikely to be the death of ApplixWare. "Zimmer says VistaSource hasn't set a release date for the S/390 port yet, and that "many things have yet to be determined" about product announcements after the acquisition. This doesn't mean, however, that the S/390 product is vaporware. In fact, Applixware Words and Applixware Spreadsheets are already running in the development environment, with the other components of Applixware Office following close behind."

IBM steps up storage support for Linux (ZDNet). ZDNet reports on IBM's move to put Linux into external storage. "One IBM hardware product that will support Linux is the Enterprise Storage Server, code-named Shark, which IT managers can connect to an IBM z900 or S/390 mainframe."

Rigging For Tech (ZDNet). Schlumberger, the oil drilling giant, makes its foray into open source with the launch of MetaDot. "The start-up will provide custom open source-based Web software and systems integration services to small and midsized companies, selling software to link multiple facets of a company's operations to a Web-based interface."

Embedded Linux vendors assess the impact of Midori (LinuxDevices). Looking at industry reaction to Transmeta's Midori Linux project, LinuxDevices speaks with Bryan Sparks of Lineo, Michael Tiemann of Red Hat, and Kevin Morgan of MontaVista. "Sparks: With Transmeta technology being open source, we believe the Linux community and all companies that utilize embedded Linux technologies will gain advantages from [Transmeta's] research and development efforts, especially in the area of enhanced power management."

IBM recovering from Sun blindness (News.com). Here's a News.com article on IBM's server business. "Perhaps more important, Linux has changed IBM's popularity among programmers and has raised the company's profile in a very similar way to what Sun accomplished with its Java software."

Economies of Scale: IBM And Sun Vie for the Glass House (Internet.com). Linux on big iron is a cost saving measure, according to this article on Enterprise Linux Today. "Mainframe hardware is not cheap, and neither is the software that controls it. While Linux itself is free or (in a commercial package) nearly so, the underlying VM operating system that allows hundreds or thousands of Linux instances to coexist is considered a costly line item even in mainframe circles. Administering System/390 Linux itself is very similar to administering Linux on other platforms, but getting the underlying mainframe systems up and running requires some specific talent that might not exist in an otherwise-Linux-only shop."

IBM to expand Linux storage products (Upside). Here is a short article from Upside which covers IBM's recent commitments to Linux for its storage product lines. "But today, the company said it will Linux-enable linear-tape backup products, its modular storage servers on Intel-based and Alpha platforms and its FAStT200 and FAStT500 storage servers for disk storage".

Compaq invests in Linux company SuSE (News.com). News.com looks at events at SuSE, including an investment from Compaq. "In addition, SuSE has replaced Volker Wiegand, the former president of North American operations. SuSE Chief Technology Officer Dirk Hohndel has taken over, while Wiegand is returning to Germany as part of SuSE's professional services group, the company said."

Business

China invests in Linux revolution (News.com). The Chinese government is investing in Red Flag Linux, hoping to curb Microsoft's control of the the Chinese software market. "Red Flag will have more commercial opportunities and enjoy more favorable policies than other software makers with support from the government and technology help from the Academy of Science, said Wang Bo, chief financial controller at Red Flag."

Linux slips slowly into the enterprise realm (NetworkWorldFusion). Another look into the way Linux is making its way into the enterprise market, this article examines the cost of real world open source installations. "'They build it once and then chop it up and distribute it,' [IDC analyst] Kuznetsky says. 'If you were doing this for 2,000 sites using SCO UnixWare at $4,500 per license, it would cost $9 million for just the system software.' He says Windows would cost $8 million, but with Linux a user can get off for $180 if they buy Red Hat Linux. And they can replicate it as many times as they want. "

Resources

Embedding Linux in a DiskOnChip (ZDNet). ZDNet's John Lombardo discusses the installation of Linux on the DiskOnChip module in a tutorial article. "Sometimes you can't justify the time and expense of developing a dedicated hardware platform for your embedded application. Perhaps the quantities are too small or the market is unproven. However, even under these circumstances you still don't want to ship a big klunky box with a hard drive. Hard drives wear out over time, they draw lots of power and get very hot. Besides, customers know a PC when they see one."

Reviews

IBM's Linux Wristwatch (FreeOS.com). FreeOS.com examines IBM's Linux Wristwatch. "The wristwatch runs the Linux 2.2.1 kernel with the ARM patch from Ben Williamson. According to IBM, there are certain issues regarding the non-availability of this patch in the latest stable kernel release. The ARM processor that powers the watch runs at 19MHz, is RISC based and which according to estimates is almost equivalent to a 100 Mhz Pentium. The motherboard for the watch was fabricated at IBM's Japan research center. The kernel, which required some massive hacking including the shell that the watch runs, was `tweaked' at Big Blue's research center at Bangalore."

.comment: A Whole New Desktop with Anti-Aliasing (LinuxPlanet). LinuxPlanet is running a lengthy article on using antialiased fonts with KDE. "As you have probably heard, Keith Packard's Xft extension, which had been available hacked into versions of QT since 2.2.3, took up permanent and official residence there with last week's release of QT-2.3.0. This means that if you build QT with the -xft compile option (or obtain a binary that has it compiled in), and you do a few more things I'll discuss in a moment, you'll have anti-aliased screen fonts. They are a joy."

Interviews

An interview with Ericsson's "blip" project R&D manager (LinuxDevices.com). LinuxDevices.com interviews Kjell Svenson, R&D manager for the uClinux driven BLIP project at Ericsson. "All code generated to support the BLIP board (including its BSP) will be openly available through the Developerszone program. Beyond this, since the stock uClinux userland collection contains so much useful stuff, we have not yet really needed to implement any more generically useful software that would be worth releasing as open source. "

The Berlin Project: An interview with lead developer Stefan Seefeld (LinuxPower). LinuxPower interviews Berlin hacker Stefan Seefeld. "In the mozilla sources, you won't find many templates, exceptions, namespaces, or similar recent things. This is the price you pay for being portable. Berlin, on the other hand, is designed for tomorrow. Since we are not compatible with anything else anyway, we better use that fact to our advantage. This keeps the code clean and makes maintenance relatively easy. By the time Berlin is usable at large, the platforms will have evolved sufficiently to make portability easy."

Miscellaneous

The status of the Linux ACPI support (LinuxDevices). LinuxDevices.com looks at Advanced Configuration and Power Interface (ACPI) support within the Linux kernel. "The big deal is that Linux is not a plug-and-play OS and ACPI assumes one. In Linux 2.5, there will be major changes to the OS initialization sequence to support ACPI. In addition, the Linux driver model needs to change to support both power management and plug and play. This is required before a system can successfully sleep and wake using ACPI mechanisms."

Bridging the digital divide for inner-city residents (MARstar). Members of the D.C. area Linux user group helped put together a Linux network to help inner city residents. "This software is superior to the vendor-provided software and it's cheaper," John said. "The `digital divide' is a very real problem in neighborhoods like this one. People are not getting the knowledge they need and are locked out of society."

A Flower's Family Tree (NCSA). J. William Bell writes about genetic research on plants that was performed using a Linux supercomputing cluster. "Using the 512-processor LosLobos Linux Pentium III supercomputing cluster at the Albuquerque High Performance Computing Center, the team has created a phylogeny reconstruction-or evolutionary history of 12 bluebell species, predicting all of the steps that take these species back to a single common ancestor."

Section Editor: Forrest Cook


March 22, 2001

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 On the Desktop
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Announcements page.

Announcements


Resources

Tip Of The Week: Converting Data with dd. LinuxLookup comes up with several uses for dd.

Events

CLIQ 2001 adds online registrations. CLIQ 2001 has opened up online registration thanks to corporate sponsor tummy.com. Note: LWN.net is a proud sponsor of CLIQ 2001.

COMDEX Chicago 2001. Here's a press release from Key3Media Group, Inc., organizers of COMDEX. The Chicago COMDEX (and co-located Linux Business Expo) runs April 2 - April 5, 2001.

ELXI Spring Implementation Conference. Enterprise Linux Institute (ELXI) and co-sponser Linux International will hold the Spring Implementation conference in San Jose, CA from May 13 - 17, 2001. Delegates will have the opportunity to enroll in educational Linux courses, listen to keynote addresses from Linux experts such as Jon "Maddog" Hall and Miguel de Icaza, attend panelist debates, developer workshops and technical briefings and walk through an exhibit floor featuring Linux International and top Linux vendors from around the world. Early Bird Deadline is March 30th.

Embedded Internet Conference News. The EIC [August 14 - 16, 2001 at the Santa Clara Convention Center] is still looking for people. Here's a bulletin and an updated schedule so you can see where people are most needed.

LinuxWorld Conference & Expo to Shatter All Previous Exhibitor and Attendance Records. IDG World Expo announced that it expects to shatter all previous exhibitor and attendance records at the upcoming LinuxWorld Conference & Expo, slated for August 27 - 30, 2001 at The Moscone Center in San Francisco, California.

March/April/May events.
Date Event Location
March 21 - March 24, 2001. Singapore Linux Conference / LinuxWorld 2001 Singapore.
March 22 - March 23, 2001. Linux Accessibility Conference Los Angeles, California.
March 22 - March 28, 2001. CeBIT 2001 Hannover, Germany
March 26 - March 29, 2001. O'Reilly Conference on Enterprise Java Westin Hotel, Santa Clara, California.
March 28 - March 29, 2001. LinuxBazaar 2001 Czech Republic.
March 30, 2001. Colorado Linux Info Quest Denver Marriott Tech Center, Denver, Colorado.
April 2 - April 5, 2001. COMDEX Chicago McCormick Place, Chicago, Illinois.
April 4 - April 5, 2001. Linux Expo Madrid Palacio de Congresos, Madrid, Spain.
April 4 - April 6, 2001. ApacheCon 2001 Santa Clara, California.
April 6 - April 8, 2001. GNOME Users And Developers European Conference (GUADEC) 2001 Copenhagen, Denmark.
April 8 - April 11, 2001. XML DevCon Spring 2001 New York Marriott Marquis, New York City.
April 9 - April 11, 2001. Smalltalk Solutions 2001 Conference Stephens Convention Center, Rosemont, IL (Near Chicago O'Hare)
April 9 - April 13, 2001. Embedded Systems Conference San Francisco, California.
April 12, 2001. 2001 Twin Cities Linux Solutions Conference - A Real Time Perspective Radisson South, Bloomington MN.
April 20, 2001. 2nd Annual Symposium on Pliant Implementation and Concepts (ASPIC 2001) Paris, France.
April 23 - April 27, 2001. Linux Expo Road Show Eastern Europe.
April 24 - April 26, 2001. Linux Africa Kyalami Exhibition & Conference Centre, Johannesburg, South Africa
May 8, 2001. Linux@work Copenhagen, Denmark.
May 9, 2001. Linux@work Oslo, Norway.
May 9 - May 10, 2001. Linux Expo Brazil São Paulo - Anhembi - Palácio das Convenções.
May 10, 2001. Linux@work Stockholm, Sweden.
May 11, 2001. Linux@work Helsinki, Finland.
May 15, 2001. Linux@work Frankfurt, Germany.
May 15 - May 18, 2001. Linux Expo China Shanghai Mart, Shanghai, China.
May 16, 2001. Linux@work Zurich, Switzerland.
May 17, 2001. Linux@work Milan, Italy.
May 18, 2001. Linux@work Vienna, Austria.
May 20 - May 23, 2001. eXtreme Programming - XP2001 Villasimius, Cagliari, Sardinia, Italy.

Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn@lwn.net in a plain text format.

Web sites

Looking for a few good clusters. The team which has compiled the TOP500 list of global supercomputing sites is working on a similar list to rank the world's top 100 cluster computing systems. More background information, access to all collected data, and interfaces for submitting information about new cluster systems can be found at http://clusters.top500.org/.

The Famous Chabelo Finds a New Host. Dialtone Internet, a provider of Linux dedicated hosting and colocation solutions, announced that its Mexico Data Center Dialtone Internet de Mexico is the new Internet home of Chabelo.com. "One of the most celebrated children's sites in Mexico, Chabelo.com is also one of Mexico's busiest sites, with over 2 million visitors a month."

User Group News

GRASS User Group (GAV) formed in Germany. GRASS is a free GIS project released under the GNU General Public License (GPL). GRASS Anwender-Vereinigung e.V (GAV) is a new user group for German speaking GRASS users.

LUG Events: March 22 - April 3, 2001.
Date Event Location
March 22, 2001. Hazelwood LUG Installfest planning Prairie Commons Branch Library, Hazelwood, Missouri.
March 23, 2001. Rock River Linux Users Group (RRLUG) Rockford College, Rockford, Illinois.
March 24, 2001. St. Louis LUG Installfest Westchase Park, St. Louis, MO.
March 24, 2001. Consortium of All Bay Area Linux (CABAL) Menlo Park, California.
March 27, 2001. West Side Phoenix Linux Users Group (PLUG) Glendale Community College, Glendale, AZ.
March 27, 2001. Hazelwood Linux User Group (HZLUG) Prairie Commons Branch Library, Hazelwood, Missouri.
March 28, 2001. Linux User Group of Assen Assen, Netherlands.
March 29, 2001. Bergen Linux User Group (BLUG) Bergen, Norway.
March 30, 2001. New Jersey Linux User's Group (NJLUG) New Brunswick, NJ
March 31, 2000. Central Ohio Linux User Group (COLUG) Columbus, Ohio.
April 2, 2001. Baton Rouge Linux User Group (BRLUG) The Bluebonnet Library, Baton Rouge, LA.
April 3, 2001. Missouri Open Source LUG (MOSLUG) Culpeppers Restaurant, Kirkwood, Missouri.
April 3, 2001. NorthWest Chicagoland Linux User Group (NWCLUG) Harper College, Palatine, Illinois.
April 3, 2001. Linux Users' Group of Davis (LUGOD) Z-World, Davis, CA.

Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn@lwn.net in a plain text format.


March 22, 2001

   

 

Software Announcements


Here are this week's Freshmeat software announcements. Freshmeat now offers the announcements sorted in two different ways:

The Alphabetical List and Sorted by license

 

Our software announcements are provided courtesy of FreshMeat

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 On the Desktop
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Linux History page.

This week in Linux history


Four years ago: The first Atlanta Linux Showcase was announced.

Three years ago (March 26, 1998 LWN): John Kirch's paper, Microsoft Windows NT Server 4.0 versus UNIX, was first published. This paper, written by a Microsoft-certified engineer, calmly and persuasively argued that Unix-based systems, and Linux in particular, were a far superior solution for many businesses. We all knew that, of course, but this paper reached a wide audience; it certainly deserves some of the credit for the explosion of interest in Linux in 1998.

The first draft of the Debian constitution was posted by Ian Jackson.

Why should a person who has never gotten beyond a GUI interface care about source code? Eric Kidd ran a survey of uses people have made of source code. You can find some interesting results here.

The current development kernel release was 2.1.90, with a big pre-patch for 2.1.91 adding things like BSD process accounting, a number of obscure file systems (including Solaris x86), and an unbelievable number of fixes.

Two years ago (March 25, 1999 LWN): CeBIT '99 was the leading event of the week. CeBIT is a massive tradeshow held in Hannover, Germany. KDE and the Linux community both won awards at the show, KDE receiving Ziff-Davis' "Software Innovation of the Year Award for 1998/99" (see their announcement), and the Linux Community receiving the CeBIT "Highlight" award for Software, one of four categories of their Highlight awards. This year's CeBIT runs March 22 - March 28, 2001.

LWN was the subject of a feature in the Daily Camera, our hometown (Boulder, CO USA) newspaper.

ZDNet took exception to Red Hat's business practices:

But some critics contend that Red Hat's business practices, under CEO Robert Young, are becoming heavy-handed and bad for the open-source industry. Most controversial, perhaps, is the company's decision to kick-start a Red Hat-specific Linux training and certification program, while community-developed efforts are growing in the hopper. Further flustering the hornet's nest is Red Hat's unenthusiastic reception of Linux standards, including a Linux Standard Base (LSB) project designed to keep various open-source flavors from diverging.

Kernel version 2.2.4 was released.

"Starbuck" was the code name for the not-quite-stable test version of Red Hat's 6.0 platform. Slackware 4.0.0-pre-beta was released.

Georg Greve's Brave GNU World column was launched.

The first (and last) annual ExtremeLinux track was announced for the Linux Expo in May 1999.

One year ago (March 23, 2000 LWN): Caldera Systems went public, with its shares doubling in price (to $29) on the first day. At the same time, VA Linux dropped below $80 and Red Hat below $60 - prices that looked relatively low at the time.

Despite the performance differences, Caldera plans to follow in the footsteps of other publicly traded Linux companies that have used their high stock valuations to acquire other firms in an effort to expand as quickly as possible...
-- News.com.

Clusters were the news of the week. IBM announced the installation of a cluster, claimed to be the world's largest, at the University of New Mexico. LWN, meanwhile, got a look at the Jet cluster installed at the NOAA Forecast Systems Laboratory in Boulder.

MaxOS Linux was mentioned for the first time in LWN. It rated a feature article, MaxOS: A New Linux Distribution from the Ground Up.

Pavel Machek posted a note to BugTraq about possible process hiding in the 2.3.X development kernel series. Meanwhile a Technocrat posting raised fears that 2.4.0 would be a "brown paper bag" release.

However, major packages won't compile on it. UDF has serious bugs, causing kernel hangs. In the 2.3.99 stage, the entire filesystem directory tree and initialisation code is being heavily re-written. The kernel configuration code is being re-organised. That is NOT where a program needs to be, when it's just about to be released as a stable package.

Little did Technocrat know that the 2.4 release was still rather distant; when it did come out, very few brown paper bags were needed...

As mentioned, the Red Hat 6.0 beta was code named Starbuck. This year people were playing around with 'piglet', Red Hat's 6.2 beta. Turbolinux, meanwhile, released the first version of its distribution for the IA-64 platform... which still is not available...

Upside profiled MandrakeSoft:

MandrakeSoft, the company Duval, Lemarois and a few other inside developers built up to take advantage of this phenomenon, has followed a similar trajectory, adding 50 employees in the less than a year. If anything, the company's quick ascent is a sobering indication that the Linux operating system market may be the easiest online marketplace to crash since amateur pornography.

The rumors were finally confirmed: Linux Expo was not going to happen in 2000. After many years as the premier Linux event, it had been overshadowed by the many other Linux conferences that had popped up. See Donnie Barnes' explanation for a good history of Linux Expo, and the reasons for its demise.


March 22, 2001

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 On the Desktop
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Letters page.

Letters to the editor


Letters to the editor should be sent to letters@lwn.net. Preference will be given to letters which are short, to the point, and well written. If you want your email address "anti-spammed" in some way please be sure to let us know. We do not have a policy against anonymous letters, but we will be reluctant to include them.

March 22, 2001

   
Date: Wed, 14 Mar 2001 19:02:56 -0800
From: bryanh@giraffe-data.com (Bryan Henderson)
To: letters@lwn.net
Subject: What is Linux?

You bring up the issue of just what is a Linux distribution.  You 
conclude that it's fuzzy, but seem sure of one thing:  It must have a 
Linux kernel.  I can't see a classification of operating systems that
include the Linux kernel as being very useful.  In fact, 90% of the
times I read "Linux," the statement is not at all dependent on the 
system running a Linux kernel.

Replacing the Linux kernel with Hurd or the Solaris kernel makes about
as much difference in the overall system as replacing the Apache web
server or KDE desktop (or X Window System).

I don't know why Linus allowed his name "Linux" to be used to refer to
entire operating systems, while at the same time also being the name
of the kernel he distributes, but by far the most widespread use of
the name now is for the class of systems, not the kernel.  If Linus
decides to limit the use of the name to systems that include a Linux
kernel, we should respect that (and in many cases will be legally
forced to), but then we should get a new term for the general class of
systems that we know today as "Linux."  I think Stallman would donate
something with "GNU" in the name.

-- 
Bryan Henderson                                    Phone 415-505-3367
San Jose, California

   
Date: Tue, 20 Mar 2001 10:21:40 -0600
From: John Palkovic <palkovic@pobox.com>
To: lwn@lwn.net
Subject: re: XFree86 4.0.3 - time to dump version 3.x ?

I run Debian GNU/Linux and xfree86 on powerpc hardware. Non i386
hardware is not well-supported. Does lwn.net assume that everyone
running linux is on intel hardware? We who are not have a different
perspective.

I tried upgrading to X 4.02 last week. I think I had to power-cycle my
machine 4 or 5 times. I lost count. It was locking up. I ended up
restoring /, /var, and /usr from a backup to get back to a stable
configuration. My linux box is sitting behind a firewall on a home
lan. So I'll stay with xf 3.3.6 for now, thanks. It works and my box
is nice and stable.

Sincerely,

-John Palkovic

-- 
"The whole problem with the world is that fools and fanatics are always so
certain of themselves, but wiser people so full of doubts."
-- Bertrand Russell

   
Date: Sat, 17 Mar 2001 12:59:18 -0500 (EST)
From: Joe Klemmer <klemmerj@webtrek.com>
To: <letters@lwn.net>
Subject: "Harlan Ellison vs. the right to code" and "Perl Literacy"


	I read this article with a bit of amusement.  A number of years
ago the Sci-Fi cable channel had a show "Sci-Fi Buzz" on which Harlan had
a 5 minute rant segment on which he would spew venom on whatever topic he
felt like, though usually with some kind of SF bent.  Half the time I
agreed with him and the other half I thought he was a total brick-head.
I remember one where he blasted every 'Net user as being completely devoid
of any intelligence or even habits of personal hygiene.  But I digress...

	The point of his statement "This presents interesting issues
regarding the responsibility for the release of software which effectively
pollutes the intellectual property environment" is one that we all should
take a good, hard look at.  Just the idea that software is in some way
different than any other tool for information distribution is one that
seems to becoming more prevalent of late.  Napster being the highest
profile case of this but there's more issues, like the DMCA and
IP/Copyrights, that need to be fought off.  The phone company is not
legally responsible for illegal acts done by users of their system (i.e.
threatening calls, drug sales, etc.).  Software developers should have no
less protection.

	On a smaller side issue; the little blurb about 99.99% of high
school seniors not being able to read perl was, IMO, not something worth
publishing.  Perl is a good thing and and all but not being fluent in it
is in no way going to make US high school seniors "painfully unprepared
for life after graduation."  In the grand scheme of things (and even in
the world of software development) perl is a very little blip on the
radar.  When it comes to software development C/C++ and COBOL are more
important programming languages to be fluent in for working on any new
software development project (I won't even mention the maintenance side of
things where COBOL has more code in existing systems than all other
languages combined).  Better that high school seniors be fluent in English
and software development fundamentals than any specific language.
Expecting high school seniors to be fluent in perl is on par with
expecting them to be fluent in Japanizes.

---
If I actually _could_ spell I'd have spelled it right in the first place.


   
From: mschwarz@alienmystery.planetmercury.net
Date: Thu, 15 Mar 2001 12:37:31 -0600 (CST)
To: letters@lwn.net
Subject: Ol' Uncle Harlan

I am a deep admirer of Harlan Ellison.  Anyone who can create as much art
(and good art too boot) and still find time to stir every hornet's nest he
can find (always in the name of the integrity of the creator's rights,
mind) is someone far more worthy of admiration than any pop star or sports
hero.

What LWN finds ominous, I find familiar.  We have been through this before
with copiers and VCRs.  Harlan is not to be denigrated for attacking
Gnutella.  He is availing himself of his legal rights to bring suit in
court.  The question to be settled is not the right to code, but the right
to steal creative works.  There can be no doubt that the copier and the
VCR can be used to facilitate theft of creative works.  The question that
was settled in those cases was that there were substantial legal uses of
those devices that outweighed the potential for criminal use.  That's why
you can still buy copiers and VCRs.  That doesn't make it legal to pirate
books or movies with them.

Harlan (and his lawyers and co-plaintiffs) is asking a court to decide the
same question of Gnutella.  Now, if you want to defend gnutella, I suggest
that you stop accusing Harlan Ellison of trying to gag programming, and
start making legal use of Gnutella to copy files you have a right to
copy.  Start using to set up web server mirrors and so forth, so there is
a body of legal use to point to in court.

If, as I suspect, the primary use Gnutella is criminal copyright
infringement, then Harlan and company have every right to use the courts
to block its use.  I think too many users of Free Software think it means
the disappearence of author's ownership and rights.  Nothing could be
further from the truth.  Free Software is a redfinition of how the author
is compensated for his or her creative effort.  He gets paid in kind with
the free use of others source code.  Harlan is quote right to draw a
distinction between this and, for example, fiction.  A work of art is sui
generis, and quite different from an algorithm.  Certainly a program may
be artfully expressed, but it is not a purely aesthetic construct.  It is,
at leat in part, a practical contrivance.  And the value the GPL places on
the author's work is the practical value.  It says "I'm giving you this
practical thing, and in return, I expect any new practical thing you make
from it to be available to me, and to anyone else."

I must agree with Harlan that this concept doesn't extend to the signle
solitary work of art.  The *ability* copy does not confer the *right* to
copy; neither should Stallman's invention of the GPL be construed as an
implicit right to the same priviledges with a non-GPL'ed piece of code.

Both Ellison and Stallman are arguing that it is the creator's rights that
must be respected.  The copying of copyrighted works of art is an attack
on the same social order that upholds the GPL.  Only a child thinks
everything is "Mine!  Mine!  Mine!"

--
Michael A. Schwarz
mschwarz@sherbtel.net



   
Date: Sat, 17 Mar 2001 23:36:15 +0000
From: Pete Birkinshaw <pete@binary-ape.org>
To: letters@lwn.net
Subject: ESR on Socialism 

I respect ESR a great deal for the marvelous work he has done for Open
Source Software, but his claim that

"Under socialism, if you do not choose to "cooperate", you will be
oppressed, imprisoned, and quite possibly killed."

is bizarre. Most of the developed world is frequently governed by
"Socialists", yet I can't remember them being any more oppressive to
their citizens than the USA is. Is he really grouping the governments of
Canada, Europe, Australia and so on with Stalinist states? If he is,
how?

Totalitarian, oppressive states are nasty whatever their political
alignment. Mr Raymond should try to see the difference between liberal,
christian-democratic parties and communist dictatorships.

In all fairness, Thomas Hood and Andrew Pimlott made the same basic
error, but they aren't as high profile. ESR's views on Open Source
Software deserve to be heard. If he continues to make silly, extremist
statements like that, then most people outside the USA will think he's
crazy, and that will hurt the OSS movement he works so hard to promote.

Is Linux "socialist"?  No. It's based on a gift economy. ESR's right
about that.


Pete Birkinshaw

   
From: Christian Hellon <xian@lisardcage.fsnet.co.uk>
Subject: free software and politics
To: letters@lwn.net
Date: Thu, 15 Mar 2001 13:24:17 +0000 (GMT+00:00)

Oh, dear, what a tizz about one little word. Thomas Hood
writes a letter offering an opinion on the political
character of a particular social movement - admittedly,
not a commonly-shared opinion - and suddenly half your
letters page is devoted to a mass apoplexia.

The usual suspects figure, of course; Eric Raymond libels
a goodly number of European states with his broad
statement:

   Under socialism, if you do not choose to
   "cooperate", you will be oppressed, imprisoned, and
   quite possibly killed.

Hmm. The USA is a capitalist democracy, and has the death
penalty. Sweden is a pretty good example of a socialist
democracy, and doesn't. Where is one more likely to be
"imprisoned and ... killed", exactly?

P James writes:

   But when you publicly defame someone, as Mr. Hood did,
   he ought to at least provide some proof of his opinion.

This gets to the heart of the matter. Over in the UK (in
fact, in most of Europe) socialism isn't a dirty word,
and any attempt to claim that saying someone is a
socialist is somehow defamatory would be laughed out of
most serious arenas (except possibly John Smith House,
but that's a minor detail). Not to mention that socialism, 
communism and anarchism are all very distinct, with quite
separate historical roots and very little sympathy for
each other.

But this confusion over where in the political spectrum
the whole free software movement lies would appear to
indicate that we seem to have something genuinely
revolutionary on our hands, which indeed we do - as Eric
Raymond points out in CatB, we've rectified the tragedy of 
the commons; a commonwealth of software now exists, and
rather than being taken from, every time it is used it is
added to. More than this, we've created an entirely free
market; it's capitalism without the capital. Every player
can compete on equal entry terms, for there is no scope
for monopolisation of any kind. The only determinant to
how well you do is how good you are. Isn't this what Ayn
Rand was on about for pretty much the entirety of "Atlas
Shrugged"?

And yet, there are some distinctly anti-capitalistic
overtones to the whole business. As capital (also known as 
property) has effectively ceased to exist, so the concept
of "ownership" has been undermined. Everyone knows Linus
is "the guy who wrote Linux", but which of us would be
brave enough to claim that he, or Alan Cox, or any of the
other developers "own" their code? Certainly in this
society, ownership dictates a certain level of rights, but 
adopting the GPL as a licence amounts to a voluntary
rescindment of many, if not all of those. The right to
future control over the product, for example - Linus can't 
withdraw his code from the GPL, only his continued
efforts. Nobody can. So we end up with a protected
commonwealth - a deeply left-wing ideal, whichever hue you 
prefer. And since we've managed it without state support
(one could even say "despite state opposition", given what 
copyright law was intended to do), it could be argued that 
it's closer to anarchism than to anything else.

Hence all the ideological arguments - it's a genuinely
confusing position. I come off well from it, because it
reflects my own confusion. :-) But at the end of the day,
it's just software; it makes computers work better, but it 
doesn't solve any pressing social concerns. Could someone
please figure out a way to apply it to growing wheat?
-- 
the desk lisard is at reply@lisardcage.fsnet.co.uk
"i don't know why i'm crying, am i suspended in gaffa?"



____________________________________________________________
Freeserve - get your free ISP service including web-mail at:
www.freeserve.co.uk





   
Date: Sat, 17 Mar 2001 17:14:59 +0000 (GMT)
From: Jonathan Riddell <jr050@jriddell.org>
To: letters@lwn.net
Subject: Eric Raymond's LTE

I would like to thank Thomas Hood for his recent letter on free software
and socialism.  He made some good and reasoned arguments.  What he didn't
do was accuse his targets of being murderers, as Eric Raymond did in his
reply - a more shallow and un-thought out argument would be hard to find.  

Clearly American schools are doing a poor job of teaching a balanced
criticism of all political ideologies.  If you can't "cooperate" under
pure capitalism then you'll struggle to survive. A person who is, say,
physically disabled in a socialist country will receive fair state help.

As for Eric Raymond, he has lost all my support for anything "open
source", from now on it's free software all the way for me.

Jonathan Riddell
Bridge of Allan, Scotland
jr@jriddell.org
http://www.jriddell.org


________________________________________________________
1 Allanvale Road   |   jr@jriddell.org
Bridge of Allan    |   http://www.jriddell.org
FK9 4NU Scotland   |   01786833048


   
Date: Thu, 15 Mar 2001 16:20:13 -0500
From: "Steve Mercer" <mercer@nortelnetworks.com>
To: metanews@metagroup.com
Subject: re: Commentary: Microsoft co-opts open source approach

>From http://news.cnet.com/news/0-1003-201-5067896-0.html
Some comments...

>However, the agreement does not allow customers to modify or customize the
>code, and Microsoft anticipates that problems or bugs that customers may
>find in Windows will be reported to Microsoft for resolution through normal
>support channels. 

[snip]
>The advantage of providing Windows source code is that Microsoft enlists tens

>of thousands of software professionals in 1,000 or more of its biggest
>and best customers to help it test its key operating systems in their unique
>environments. This will create a flood of bug fixes, improvements and
>extensions that will flow back to Microsoft to improve those products.
How can bug fixes be developed, when the code is legally read only? Personally, I'd be hard pressed to accept any bug fixes provided to me that were, legally, untestable by the writer. Further, there's more to bug fixing than simply perusing code. Whole classes of bugs, such as store tramplers and race conditions, are almost impossible to see via perusal only. >In our opinion, the Windows source code will inevitably end up on >the Web--within six months or less--where thousands more hackers will start
>working on it, exposing weaknesses. This will help Microsoft improve its
>products further until they are bulletproof.
The motivations - and ability - to create these fixes goes down drastically when the source of the code is a black hole for fixes, and the code is illegal to modify. Sun has tried opening code through limited NDAs, and it seems to have fizzled into obscurity as a model upon which to cornerstone technology development. It's much like how openness works in crypto circles. No one will bother with cryptanalysis of a cipher that is developed in secret, because it can't be systematically analyzed for weakness. The benefits to cracking a particular cipher challenge contribute nothing in terms of verifying the cipher's strength, thus, to the cryptanalyst, there is little worth in doing the work. Similarly, offering read only access to code, and preventing programmers from making thier own improvements to the code, essentially removes any incentive for a programmer to peruse the software at all, as, like cryptanalysts analyze ciphers, programmers want to write code. There's little benefit to a programmer to find a bug, only to send a report to Microsoft. They could be doing other projects that will allow them to write the fixes here and now. So that thousands might be scores, maybe hundreds, and that flow of bug fixes might be a trickle, and none of which would really be worthwhile to Microsoft. It is my suspicion that Microsoft will, in future, see that this model is not as benefical to the code quality as expected, and cite this as a failure of the open source concept, and not its own implementation of it. Which is sad, as they already have Sun's example to work from. -- Stephen Mercer <mercer@nortelnetworks.com>, Optical Design (613) 765-3214
   
Eklektix, Inc. Linux powered! Copyright © 2001 Eklektix, Inc., all rights reserved
Linux ® is a registered trademark of Linus Torvalds