[LWN Logo]

Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise news for all interests

 Main page
 On the Desktop
 Linux in the news
 Linux History

Other LWN stuff:
 Daily Updates
 Linux Stocks Page
 Book reviews
 Penguin Gallery

 Use LWN headlines
 Advertise here
 Contact us

Recent features:
- RMS Interview
- 2001 Timeline
- O'Reilly Open Source Conference
- OLS 2001
- Gaël Duval
- Kernel Summit
- Singapore Linux Conference
- djbdns

Here is the permanent site for this page.

See also: last week's LWN.

Leading items and editorials

Wind River Systems buys into free software. Wind River Systems is well known as the largest vendor of proprietary software for embedded systems. It has been clear for a while that embedded Linux is a serious threat to this company's business; many have wondered just how Wind River would respond. Now we know. The company has announced the acquisition of all the "software assets" from BSDi, a long-time seller of BSD-based systems, and the current home of the FreeBSD project.

With this deal, Wind River gets the commercial BSDi system. It also gets the FreeBSD.org server, and, importantly, the services of FreeBSD hacker Jordan Hubbard. Wind River is also picking up Mike Karels and Kirk McKusick for good measure. The company thus has managed to create an impressive BSD-oriented staff in a major hurry.

Why BSD? Given the business climate, Wind River likely could have found an embedded Linux company that was willing to talk deals. Part of the explanation, certainly, is Wind River's distrust of the GPL. From the press release:

We believe that BSD's business-friendly license will allow our customers to take advantage of a widely tested and deployed infrastructure OS while protecting their intellectual property as they make modifications to the BSD source code or extend the functionality of the kernel. Offering BSD technology allows our customers to continue differentiating themselves in a very competitive marketplace.

Companies that modify and distribute an embedded Linux kernel must make their changes available in source form; BSD has no such constraint. Of course, applications running over the kernel can be purely proprietary with either system. But Wind River seems to think that this licensing difference will be enough to allow it to compete effectively against embedded Linux.

What may thus be developing here is the first full-scale commercial confrontation between Linux and BSD. The two systems compete in other areas as well, of course, but they don't often go directly against each other. It will be interesting to see how this one turns out. The fun part, of course, is that free software may well win either way.

[LSB] The Linux Standard Base needs you. The May 28, 1998 LWN carried this proposal for the creation of a "Linux Standard Base." It was signed by an impressive list of Linux luminaries, and had these plans:

The Linux Standard Base project will provide a vendor-neutral standard, backed by source code, upon which to build Linux distributions, much as the Linux kernel project provides a single kernel that is shared by all distributions. This standard base will be distributed as a reference platform from which Linux distributions may be derived and which application producers may use for testing, but it will _never_ be targeted to be an end-user solution in itself, as that is the role of the Linux distributions that incorporate the standard.

The purpose, in short, was to encourage the development of Linux applications by ensuring that these applications could easily run on all (LSB-compliant) Linux systems. Conversely, it was hoped that the LSB would help to maintain the diversity of Linux distributions by preventing situations where users had to buy a particular distribution to run the applications they needed.

That was almost three years ago. Since then, progress on the LSB - at least, to outside observers - has seemed painfully slow. The Filesystem Hierarchy Standard has helped to move the distributions toward standard file layouts, but the full LSB has not been forthcoming.

The wait is almost over. The LSB project now has a whole set of offerings, and is looking to the Linux community to look it all over and provide feedback. With luck and some help, the 1.0 LSB release will happen by the end of this year.

Here's what's available:

  • Version 0.7.5 of the LSB specification is available for review. It's a lengthy document, but it is the core of the LSB. It's ready for a wider crew of debuggers; please consider having a look. There is a review page available which makes it easy to provide comments on the specification.

  • The lsbdev package is available for download. This package currently provides two utilities. lsbappchk will check an application for LSB compliance; it makes sure that the application only uses standard libraries, functions, etc. lsblibchk, instead, checks a distribution to be sure that it is offering all the libraries and associated facilities that the LSB requires. Both utilities are in need of review; check out your applications and systems. If the checkers produce bogus information, the LSB review page can be used to report problems.

  • Finally, there is even a reference implementation of an LSB-compliant system which is available for download and review. It is based on the public beta of Caldera OpenLinux Workstation 3.1, so you first have to get that. Then an add-on package is available from the LSB download site. Put the two together, and you'll have an LSB system. Once again, testing and feedback are needed.

We need a good LSB. It is the standard that will help us to maintain a free operating system that is rich in both applications and distributions. With enough eyeballs, with LSB 1.0 release will be both solid and timely. Taking a look at the LSB is a good way to help the World Domination cause; please consider taking some time and giving the project a hand.

The Linux 2.5 kernel hackers summit was held on March 30 and 31 in San Jose, California. It was an intensive two days of [Kernel summit] presentations and discussions on the directions that 2.5 development might take. LWN editor Jonathan Corbet, by virtue of being a kernel hacker wannabe (and the co-author of the second edition of Linux Device Drivers, which is due out from O'Reilly this (northern-hemisphere) summer) was able to be present at this event; please have a look at LWN.net's Kernel Summit Report for a description of what transpired.

See also the annotated group picture from the summit; we've attached names to the faces and made the result available in a single, 400KB image.

The summit sessions were taped, and will be made available on the web in the near future; we'll put out a note when that happens.

Things that upgrade in the night. Well-known human-computer interaction expert Bruce Tognazzini recently posted this rant about an automatic "upgrade" to his Replay TV box that, for him, downgraded the value of the system. Bruce thus joins the growing crowd of people who realize that it is important to have control over the computers in our lives:

Unless people are protected from purposeful and involuntary downgrades in the usability of already-purchased products, we will see a deterioration of consumer rights unimagined before. 'Buyer Beware!' is one thing, but how can you beware of what the manufacturer will do to damage or degrade your product years after you bought and paid for it?

Another midnight upgrade story can be found via the RISKS Forum. It seems that an automatic upgrade for MSN users resulted in many of them unknowingly calling long-distance numbers to connect to the service. They only found out when their phone bills arrived.

Both cases are examples of a remote corporation empowering itself to change the operation of equipment that does not belong to it. This sort of behavior is a threat to freedom. The ability to add undesirable "features" has been documented in the two postings mentioned above, and in many other places. There are also, of course, some serious security issues. The ability to drop software changes into other people's computers is guaranteed to attract the attention of unpleasant people. Given the industry's inability to protect its internal systems, or the credit card numbers of its customers, it would be a mistake to expect them to do better with their automatic upgrade facilities. Expect to see a major crack along these lines sooner or later.

Of course, we Linux users need not fear this sort of problem. The source is open, and we have control over our systems. We'll never get nailed by an automatic upgrade from outside.

Right? Well, maybe not. Let's ignore the problem of embedded systems (LWN has harped on that problem before) and take a look at plain old Linux computers.

Consider all the businesses out there that have chosen update services as one of the growth areas of the near future. Acrylis, Aduva, Eazel, Red Hat, Ximian, and others are all pushing offerings in this area. And the Debian distribution, ahead of its time as usual, has had this capability for years. The services offered by these companies can be configured to automatically fetch and apply updates. In the middle of the night, of course.

Many LWN readers would never enable this sort of automatic update on their systems. But as the adoption of Linux grows, there will be an increasing number of Linux administrators with relatively low technical skills; many of them will be happy to accept this sort of service. And perhaps they should; none of the recent batch of Linux worms would have gotten very far had the widely-available security updates been applied everywhere. Automatic updates could, perhaps, increase the security of the net as a whole.

But, as we have seen, automatic updates also bring risks. The Linux community is not immune to the problems that these services bring, and could even turn out to be more vulnerable than many others. There is a real potential for trouble here.

Microsoft's Passport License. Many pixels have been expended on the terms of use for Microsoft's Passport service, which would appear to give Microsoft a free license to use any material or ideas that pass through the service. People have expressed fears that, for example, GPL code which is mailed through Hotmail could end up with a dual license that would allow Microsoft to use it in a non-GPL way. There have been loud protests, and some sites are beginning to block mail from Hotmail as a form of protest.

LWN doesn't have much to add to what has been said already. For those who are curious about this situation, we recommend a look at the Microsoft Passport License Dangers page on the TroubleShooters.com site.

Inside this week's Linux Weekly News:

  • Security: "Adore, a worm", Engarde Secure Linux, No backdoor in the Linux kernel, new vulnerabilities in BEA Weblogic and Tomcat, FreeS/WAN 1.9, Alamo, an "antidote" to Knark.
  • Kernel: Is 2.4 ready for prime time?; fixing the scheduler; the new kbuild system.
  • Distributions: A man page for every command, transitions for the Debian project, Rock Linux distribution survey, Engarde Secure Linux, and more.
  • On the Desktop: Printers galore, GNOME 1.4, and the KDE core (release, that is).
  • Development: Perl6 design, state of embedded Linux, streaming media, FreePM.
  • Commerce: Atipa sells hardware division to Microtech; Norwegian State Consulting coordinating agency recommends use of Linux.
  • History: Three years ago, Mozilla is all the rage; One year ago, Microsoft is a monopoly says the court.
  • Letters: Mozilla at 3; ideological differences.
...plus the usual array of reports, updates, and announcements.

This Week's LWN was brought to you by:

April 5, 2001


 Main page
 On the Desktop
 Linux in the news
 Linux History

See also: last week's Security page.

New Security Reports
BEA/Tomcat JSP

OpenSSH 2.5.2p2
VIM statusline
Kerberos libkrb4
Multiple FTPd DOS

FreeS/WAN 1.9



News and Editorials

New Linux worm Adore. A new variant of the Ramen and Lion worms emerged this week, with the first effects of the worm showing up in the form of reports of larger and larger numbers of lpd scans showing up on the Incidents list. Initially, it was called the "Red" worm, but the final name chosen (by whatever method these names get chosen) appeared to be "Adore".

Adore exploits existing vulnerabilities in LPRng and lpr (BugTraq ID 1712), wu-ftpd (BugTraq ID 1387), bind (BugTraq ID 2302) and NFS/rpc.statd (BugTraq ID 1480).

The oldest of these vulnerabilities dates back to June of 2000. Fixes for all of them have been widely distributed and can be found through the links above. If your systems are up-to-date, then this worm is not a problem. If they are not up-to-date, the chances they will be found and cracked are growing larger and larger.

Alfred Huger posted this description of the worm on the Incidents list, which includes some statistics from the ARIS Analyzer service, illustrating the worm's progress across different IP networks and various nations. It also serves as a reminder that those of us whose systems are not vulnerable to the worm are still affected, as our systems are pummeled with scans and the network is pummeled with worm-related traffic.

The SANS Institute also posted an advisory for Adore, which includes tools for detection and removal of the worm.

Engarde Secure Linux. A new entrant into the "Secured Linux Distributions" category this week is Engarde Secure Linux. The announcement for Engarde indicates that it includes the Linux Intrusion Detection (LIDS) system, Tripwire, Openwall, snort and more.

Linux Kernel: No Back Door. An April Fool's joke, which described a non-existent back door in the Linux kernel, was published in the latest release of "Linux-Magazin", a monthly German magazine. As a result, SuSE got a flood of user-support questions about the "problem". They issued this statement as a result. "None of the claims are correct, which makes a kernel update unnecessary for this particular problem".

The timing of this joke happened to be particularly bad, since there are perfectly valid reports of security problems in the 2.2.18 kernel. None of them are remotely exploitable and none of them are "back-doors".

Red Hat modifies directory structure on ftp sites. Red Hat's ftp sites, including ftp.redhat.com and updates.redhat.com, now have modified directory structures. The changes are fairly clear and understandable. The old structure has been modified in order to allow for support of the various language-specific versions of Red Hat. (Thanks to Christof Damian).

However, if you've got bookmarks, or, more importantly, update programs with encoded URLs, you'll need to change them to accomodate the new structure.

The security implications of open source software (IBM developerWorks). This IBM developerWorks article looks at free software and security. It includes discussions with Eric Raymond, Michael Warfield, and Theo de Raadt. "Another perk of open source is that the software actually evolves and gets more secure over time. Subject to constant peer review, the number of new vulnerabilities discovered in the software will decrease over time when compared to similar closed source software. But as more crackers seek and find the better-hidden flaws in opaque programs, closed source software gets less secure as time passes."

Whodunnit? (Economist). The Economist looks at computer forensics. "The most ambitious public example of this is the Honeynet Project, a network of honeypot computers that was set up a couple of years ago by Lance Spitzer of Sun Microsystems. Last week, the Honeynet Project reached the conclusion of its "Forensic Challenge", a sort of digital version of the game "Cluedo" ("Clue", to Americans), which attempts to discover that, for example, "Miss Hackwell" did it to the Linux with the Ramen worm. The challenge showed that analysing traces of an attack by malicious hackers is not as easy as it sounds. "

Minor format change. Please note the links provided in the left column of this week's edition. They provide a quick way to jump to the discussion of a new vulnerability, an update to an old vulnerability or other sections of this page. We know the Security Summary gets long sometimes (this week is unusually light), so please let us know if you find the new links of help or not. If you like the links, they were suggested by Stuart Moore. If you don't like them, they are all our fault.

Security Reports

BEA Weblogic and Apache Group's Tomcat JSP vulnerability. Both BEA Weblogic and Apache Group's Tomcat 4.0 have been reported vulnerable to a URL JSP request source-code disclosure vulnerability. Essentially, a URL with specific characters appended to it can be used to return the source code of the JSP file. Tomcat 4.0 beta 3 is reported to fix the problem. No fix from BEA Weblogic is currently listed.

BEA Weblogic directory transversal vulnerability. BEA Systems Weblogic Server 6.0 has been reported to contain a directory transversal vulnerability which can be allowed to view files on the server that are outside the webserver's directory. BEA has released a fix for the problem.

Commercial products. The following commercial products were reported to contain vulnerabilities:

  • NetScreen ScreenOS contains a vulnerability that can allow the firewall policy to be bypassed. Fixes for this problem are available from the vendor. NetScreen ScreenOS is used on a line of internet security products from NetScreen Technologies.

  • Cisco issued an updated version of their advisory mentioned last week addressing a vulnerability in Cisco VPN 3000 series concentrators. The only change between the two advisories was the title of the advisory.


ptrace/execve/procfs race condition in the Linux kernel 2.2.18. Exploits were released last week for a ptrace/execve/procfs race condition in the Linux kernel 2.2.18. As a result, an upgrade to Linux 2.2.19 is recommended.

This week, Alan Cox put up the Linux 2.2.19 release notes, finally giving the specifics on all the security-related fixes in 2.2.19 (all thirteen of them!) and giving credit to the Openwall project and Chris Evans, for the majority of the third-party testing and auditing work that turned up these bugs. Fixes for the same bugs have also been ported forward into the 2.4.X kernel series.

This week's updates:

  • Caldera, 2.2.19 security fixes backported to 2.2.10 and 2.2.14, the kernels used in various Caldera products
Previous updates:

OpenSSH 2.5.2p2 released. OpenSSH 2.5.2p2 was announced last week. It contains a number of fixes (including improvements in the defenses against the passive analysis attacks discussed in the March 22nd LWN security page) and quite a few new features as well.

This week's updates:

  • Trustix
  • Red Hat, links updated as a result of a directory restructure on the update site
  • Slackware changelog notice
Previous updates:

VIM statusline Text-Embedded Command Execution Vulnerability. A security problem was reported in VIM last week where VIM codes could be maliciously embedded in files and then executed in vim-enhanced or vim-X11.

This week's updates:

Previous updates:

Kerberos libkrb4 race condition. A race condition in libkrb4 that can be exploited to overwrite the contents of any file on the system was reported last week by Red Hat.

This week's updates:

Previous updates:

Denial-of-service vulnerability in FTP server implementations. Check the March 22nd LWN Security Summary for the original report. Affected FTP daemons include ProFTPd, NetBSD FTP, PureFTPd (to some variants of this attack), BeroFTPD, and FreeBSD FTP.

This week's updates:

Previous updates:
  • ProFTPd (workaround only) (March 22nd)


FreeS/WAN 1.9 kernel support. Last week, FreeS/WAN 1.9 was released, primarily providing compatibility with the new 2.4.x kernels (2.4.2 is specifically mentioned), though additional bugfixes and features are also included. Note that 1.9 was released just before Linux kernel 2.2.19 was and, you guessed it, another minor update is needed to work with that kernel.

Check the FreeS/WAN home page for more information on this project, which brings IPSEC and IKE support to Linux.

Rackspace announces an 'antidote' to 'knark'. Rackspace has issued a press release about a program it has released to deal with the root toolkit "Knark". For more information on Knark, check this analysis of Knark by Toby Miller.

The interesting point of Knark is its use of a kernel module to hide evidence of the toolkit. Alamo is another kernel module, "shamelessly ripped off" of Knark that simply tries to undo what Knark does, exposing the rootkit. It is based on the 2.2.14 kernel, but should work for most 2.2.X kernels.

WARNING! APRIL FOOL'S JOKE!. Well, if you're going to mention an April Fool's joke on any day except April 1st (and even then!), you have to be careful that people don't take it seriously. That warning given, check out the announcement for a new BSD variant, ThomasBSD. "ThomasBSD is based on OpenBSD, thus it is OpenBSD PLUS MORE, mathematically making it (NetBSD PLUS MORE) PLUS MORE.

The epoch of ThomasBSD will be moved back from January 1st, 1970 to January 1st, 1960. Whenever a security problem is found and fixed in OpenBSD, this little shift will enable me to also correct the issue in ThomasBSD and then send mail to security-related mailing lists stating that 'this was fixed in ThomasBSD about ten years ago'".


Internet Security Conference 2001. A reminder went out this week for the upcoming Internet Security Conference 2001, being held the first week of June in Los Angeles, CA, USA. "TISC is an educational forum for security professionals and practitioners".

Upcoming security events.
Date Event Location
April 6-8, 2001. Rubi Con 2001 Detroit, MI, USA.
April 8-12, 2001. RSA Conference 2001 San Francisco, CA, USA.
April 17-18, 2001. E-Security Conference New York City, NY, USA.
April 20-22, 2001. First annual iC0N security conference Cleveland, Ohio, USA.
April 22-25, 2001. Techno-Security 2001 Myrtle Beach, SC, USA.
April 24-26, 2001. Infosecurity Europe 2001 London, Britain, UK.
May 13-16, 2001. 2001 IEEE Symposium on Security Oakland, CA, USA.
May 13-16, 2001. CHES 2001 Paris, France.
May 29, 2001. Security of Mobile Multiagent Systems (SEMAS-2001) Montreal, Canada.
May 31-June 1, 2001. The first European Electronic Signatures Summit London, England, UK.
June 1-3, 2001. Summercon 2001 Amsterdam, Netherlands.
June 4-8, 2001. TISC 2001 Los Angeles, CA, USA.
June 5-6, 2001. 2nd Annual IEEE Systems, Man, and Cybernetics Information Assurance Workshop United States Military Academy, Westpoint, New York, USA.

For additional security-related events, included training courses (which we don't list above) and events further in the future, check out Security Focus' calendar, one of the primary resources we use for building the above list. To submit an event directly to us, please send a plain-text message to lwn@lwn.net.

Section Editor: Liz Coolbaugh

April 5, 2001

LWN Resources

Secured Distributions:
Astaro Security
Engarde Secure Linux
Kaladix Linux
NSA Security Enhanced
Openwall GNU/Linux

Security Projects
Linux Security Audit Project
Linux Security Module

Security List Archives
Bugtraq Archive
Firewall Wizards Archive
ISN Archive

Distribution-specific links
Caldera Advisories
Conectiva Updates
Debian Alerts
Kondara Advisories
Esware Alerts
LinuxPPC Security Updates
Mandrake Updates
Red Hat Errata
SuSE Announcements
Yellow Dog Errata

BSD-specific links

Security mailing lists
Linux From Scratch
Red Hat
Yellow Dog

Security Software Archives
ZedZ.net (formerly replay.com)

Miscellaneous Resources
Comp Sec News Daily
Security Focus


 Main page
 On the Desktop
 Linux in the news
 Linux History

See also: last week's Kernel page.

Kernel development

The current kernel release is 2.4.3, which was released during the kernel summit. Here's the changelog describing the fixes that have gone into this version; among other things, it includes the much-awaited loopback mount fix. Alan Cox remains busy, and has released 2.4.3ac3 containing his additional fixes.

The 2.2.19 release notes are also now available.

How stable is 2.4, anyway? Alan Cox's brief response to a frustrated 2.4 user was a bit worrying:

Then install 2.2.19. 2.4.x isnt stable yet. If you have the time then oopses and debugging data are wonderful if not then 2.2 is stable.

The 2.4.3 release, in particular, has drawn a few complaints. Most have to do with processes locking up, a problem which is still unsolved as of this writing. Is 2.4 ready for prime time?

For most people, of course, it is working just fine. There do appear to be some problems, however, for those who run systems under very high load. Alan has detailed some of those problems in his diary (scroll to April 3 if necessary). Some aic7xxx SCSI driver users have also run into surprises - your editor encountered a few with the 2.4.3 prepatches, though the final 2.4.3 seems OK. The SCSI scanning order has changed, though, for some users with multiple adaptors, leading to an unwelcome renaming of the SCSI devices on the system.

The 2.4.0 kernel was about as stable as it could have been, really. The last set of problems takes a wider community of users to find; that's what "dot-zero" releases are for. Every stable kernel series has taken a few releases to truly stabilize, and 2.4 is no exception. Some rough edges remain, but it's getting there.

Fixing the scheduler. It all started with a posting from Fabio Riccardi regarding some performance problems he has been having. It seems he's working on some improvements to Apache, and he has found that system performance drops badly when he starts running over 1000 processes. Wouldn't it be nice if things could work a little better?

The nature of the problem is quite well known. The Linux kernel maintains a single queue of all the processes that would like to be running in the CPU at any time. Of course, only one of those processes can actually be running - at least, only one per installed processor. So the scheduler must occasionally decide who actually gets to go. When the time comes to choose the new lucky winner, the entire run queue must be scanned to determine which process is the most deserving. If the queue is quite long, that scan can take quite some time. To make matters worse, the global runqueue_lock is held during this scan; that means that if another processor on the system is also trying to run the scheduler, it will "spin" in a busy loop waiting for the scan to complete (so it can start the scan itself).

The kernel developers are, for the most part, not tremendously interested in fixing this problem; see Ingo Molnar's post on the subject for a representative viewpoint. The reasons for not "fixing" the scheduler include:

  • An application which needs to run hundreds or thousands of competing processes is considered broken by design. It will never run particularly efficiently due to scheduling overhead, even in a scheduler which is optimized for this case. And, even without scheduler overhead, the cache performance of such an application will be poor.

  • Changes to the scheduler which optimize the many-processes case will almost certainly make the "small number of processes" case worse. The small case, of course, is far more common. A constant theme in kernel development has been that it is wrong to optimize rare situations at the expense of everyday use. As long as proposed scheduler changes cause reduced performance for normal use, they will not make it into the kernel.

  • The current scheduler code is general and flexible. Most proposed changes risk reducing that generality, making it harder to adjust in the future.

That said, there are a couple of scheduler-related projects out there. The Linux Scalability Effort is looking at the scalability of the kernel in general, with schedulers being one aspect of their work. This project has a couple of scheduler patches available, written by Mike Kravetz and Hubertus Franke at IBM's Linux Technology Center. One implements a priority-ordered run queue; the other splits the current run queue into multiple queues, one for each CPU in the system. The multiple queues reduce cross-CPU contention, and reduce the number of processes that must be scanned on any one CPU.

The Linux plug-in scheduler page at HP offers a patch that allows new scheduling policies to be added to the system via loadable modules. There is also a multiqueue scheduler available there.

Mr. Riccardi ran some tests with the HP multiqueue patch, and found a significant performance increase for his application. At the same time, he ran some two-process tests and noted no performance degradation at all. These results would seem to warrant another look at alternative schedulers. Perhaps 2.5 will see some activity in that area.

The new kbuild system, was, of course, a major topic of conversation at the Kernel Summit in San Jose. Our coverage of that event talked about the motivations behind this work and some of the issues involved, but didn't look that hard at the new code itself. That turns out to have been fortuitous; we're not going to have to do that research because Keith Owens nicely posted all the relevant information for us.

There are two major components to the new system. One is CML2, the new configuration metalanguage designed and implemented by Eric Raymond; LWN has been tracking CML2 for a while, and took a more detailed look at it back in November, so we'll not get into the details of it here.

The other aspect is the actual building system itself - the makefiles and associated support code. The 2.5 version of kbuild introduces some massive changes in this area that are worth a look.

With the 2.4 kernel, each subdirectory has a relatively small makefile defining the objects to be built. It relies on a large and complicated global Rules.make file for most of the build instructions; it is also highly dependent on the command line options passed to the make command from the global makefile. It can thus be hard to tell what the makefile will do by looking at it; the best approach is often the empirical one: run a big, global make and see what happens.

2.5 makefiles should be clearer, thanks to the new mechanism. The global Rules.make file is gone; instead, each directory's makefile will be able to stand alone. Makefiles will be automatically generated from each directory's Makefile.in file, which is written in a special preprocessor language created by the kbuild team. So, for example, if the object file foo.o should be built only if the CONFIG_BAR configuration option has been selected, a single line in Makefile.in:

	select(CONFIG_BAR foo.o)
would make it so.

The new kbuild system also gives a lot of flexibility to just how the kernel image is built. It is now possible, for example, to build with a read-only source tree, putting the object files in a different directory tree. In this way, different kernels can be built by using different configuration options against the same source tree. Of course the standard "build it in place" mechanism is still supported as the default way of doing things.

Perhaps even nicer is the "shadow tree" concept. It's not all that uncommon for people to apply patches to a stock kernel before building it. These patches can include add-on components (the kdb debugger, ALSA, etc.), external tweaks (your editor uses one which enables S/PDIF I/O on SB Live! cards), or one's own patches. Building with external patches means applying each patch to each kernel that you build; the resulting work can make it very hard to, say, keep up with Alan Cox as he cranks out "ac" releases.

With shadow trees, you keep your patches in one or more separate directory trees, away from the standard kernel source. The build process will then magically merge them all together before compilation. When a new kernel comes along, it can just be built against the same shadow trees. Of course, the build process can't ensure that the patches actually work with a new kernel, but they can take a lot of the work out of trying.

So when will all this stuff be available? Keith and company worked out a schedule with Linus at the summit. The 2.5.0 and 2.5.1 kernels will still have the old kbuild (as will 2.4, perhaps forever); Linus will use those releases to get the new series started and to launch a surprise or two of his own. If the plan holds, the 2.5.2 release will be dedicated to switching over to kbuild 2.5 and CML2.

Among other things, Linus has apparently said that he has no problem with CML2's Python implementation. That decision means that CML2 can go in as-is, but that there will likely be another round of grumbling among those who don't wish to install Python on their systems.

The kbuild developers, of course, would be happiest if the new system works flawlessly when 2.5.2 (or whatever) is released. So Keith has released the latest version for those who are interested in testing it, or, even better, dealing with some of the remaining issues. The announcement doesn't say where to actually get the new kbuild code, though: it's on the kbuild SourceForge site.

Other patches and updates released this week include:

  • Al Viro has posted a new version of his namespaces patch, which is, he says, "pretty close to final."

  • Karim Yaghmour has released version 0.9.5pre1 of the Linux Trace Toolkit.

  • JFS 0.2.2 has been released by IBM.

  • The Linux USB project has put out a press release describing the USB implementation in the 2.4 kernel.

  • Bharata B. Rao has posted an RFC and associated patch for a mechanism providing global allocation and control of the system's debug registers. Its primary purpose is to allow different kernel debugging mechanisms to play well together.

  • La Monte Yarrow has posted his notes from the Kernel Summit networking BOF.

Section Editor: Jonathan Corbet

April 5, 2001

For other kernel news, see:

Other resources:


 Main page
 On the Desktop
 Linux in the news
 Linux History

See also: last week's Distributions page.

Lists of Distributions
Woven Goods

Embedded Distributions:

BluePoint Embedded
Compact Linux
Embedded Debian
Hard Hat Linux
OnCore Systems
RedBlue Linux
Royal Linux
White Dwarf Linux

Familiar (iPAQ)
Intimate (iPAQ)
Linux DA

Secured Distributions:
Astaro Security
Engarde Secure Linux
Kaladix Linux
NSA Security Enhanced
Openwall GNU/Linux

Special Purpose/Mini
2-Disk Xwindow System
Mindi Linux

Coyote Linux
Fd Linux
Fli4l (Floppy ISDN/DSL)
Linux in a Pillbox (LIAP)
Linux Router Project
Small Linux

BBLCD Toolkit
Crash Recovery Kit
innominate Bootable Business Card
Linuxcare Bootable Business Card
Sentry Firewall
Timo's Rescue CD
Virtual Linux

Zip disk-based

Small Disk
--> Peanut Linux
Relax Linux

Bambi Linux
Flying Linux

ARM Linux
Scyld Beowulf
Think Blue Linux
(Oracle's NIC)
NIC Linux
Black Lab Linux
Yellow Dog
(Older Intel)
Monkey Linux

DOS/Windows install
Armed Linux
Phat Linux

Diskless Terminal
GNU/Linux TerminalServer for Schools


Please note that security updates from the various distributions are covered in the security section.

News and Editorials

Debian Man Pages - a Call for Volunteers. The Debian Project, having made a commitment in their policy to provide a man page for every executable file, is now looking for volunteers to help create man pages for over 600 binaries that do not currently have them.

The lack of man pages for many Linux commands stems back many years. While providing an excellent quick reference guide for the experienced user, man pages lack a lot in terms of providing a good format for comprehensive documentation. Alternate formats, including "Info", texinfo, DocBook and more, have provided ample fodder for debate on the "best" solution. As a result, the documentation for any given Linux command is not necessarily easy to find.

For the newcomer, the lack of a consistent source for command documentation has been a sore spot. Since a man page can easily direct the user to the appropriate full documentation source, having at least a minimal man page available would improve the current situation many-fold.

However, previous efforts to provide man pages for each Linux command have, up until now, failed. Will the Debian effort succeed? It has two points in its favor. First, the actual package author does not have to be convinced to spend the time to develop the man page, or even to accept it into the default package if they do not so choose. So political issues should not derail the project.

Second, important for the volunteers doing the work, if they create a man page, it will get used, at least by Debian. That guarantees a forum for their effort.

Still, it cannot succeed unless enough people are willing to donate their time.

We hope the project succeeds. Other distributions can easily choose to package man pages developed for Debian. We would like to see every Linux distribution provide a man page for every executable command. That will make the introduction of the Linux command-line to new users much simpler. Of course, from the man page, they may end up using a variety of documentation sources. But the journey can't begin until that first step is taken.

Debian Transitions. The Debian leader election is over, and Ben Collins has been declared the winner. For the curious, here is Ben Collins' platform, also entitled, "My little self-pumping/ego-trip/self-righteous speech :)". Ben's major development foci in Debian have been the SPARC port and glibc (among many). Two important traits he felt a good Debian Project Leader would need to have included "visibility", the ability to be a spokesperson for the project, and leadership skills, including knowing when the project leader's involvement is unnecessary, stepping in quickly when it is needed and planning for the future, including handling future growth.

Specific areas he plans to work on include bringing more structure to Debian, in order to handle the growing number of Debian developers and maintainers, addressing the problem of Debian's rising bug count and improving Debian's security efforts.

Congratulations, Ben, and best of luck.

At the same time Debian is moving forward with its leadership transition, in the smoothest manner we've seen to-date, the project is also dealing again with the loss of a project member as the result of death. The Debian Project issued this statement mourning the recent deaths of project members Chris Rutter and Fabrizio Polacco. "The Debian Project honors their good work and strong dedication to Debian and Free Software. The contributions of both Chris and Fabrizio will not be forgotten, and other developers will step forward to continue their work."

Rock Linux Distribution Survey. Clifford Wolf, founding developer for the Rock Linux distribution, took the time this past week to fill out a Distributions Survey for Rock Linux (thanks also to Jocelyn Yeo). We've talked about Rock Linux in the past and have been covering its development since October, 1999. This survey, though, provides more comprehensive information about Rock Linux.

Unlike many distributions we cover nowadays, Rock Linux is not derived from any other base. Rock Linux packages are .tar.bz2 files that contain the source code for the packages, administrative files and package meta information. Rock Linux is support on the Intel, Alpha and Sparc platforms.

The unique feature of Rock Linux is its auto-build system, which allows the end-user to quickly and easily build the entire distribution from scratch, optimized for the hardware on which it will run. It supports a variety of mini-distributions based on Rock Linux, including Rock Router Linux and Rock Read-Only Linux. As such, it is probably most similar to Slackware and also dates its development back to 1997, originally under the name "GNUX" and later, in 1998, under the name "Rock Linux".

For more information, check out the Rock Linux Guide.

New Distributions

Floppy ISDN/DSL for Linux (fli4l). Another entrant into the group of distributions tailored for use as floppy-based routers, fli4l is German-based. A new version of fli4l, version 1.6, with minor feature improvements, was announced this past week. It contains some nice features (least-cost routing, display/calculation of connection times and costs, etc.). Note, however, that the documentation is still available only in German.

EnGarde Secure Linux released. Guardian Digital has announced the release of EnGarde Secure Linux. It is a new distribution which "incorporates intrusion alert capabilities, a complete suite of e-business applications using AllCommerce, improved authentication and access control, strong cryptography, and complete SSL secure Web-based administration capabilities."

Distribution News

SmoothWall News. SmoothWall 0.9.8 was announced this week. The new version includes automatic probing and set-up for popular ISDN devices, handles multiple ethernet devices, adds IPSEC and VPN capabilities and now supports ADSL and Cable users.

SmoothWall is a GPL Linux distribution specifically designed to be a router and a firewall. SmoothWall is based on VA Linux 6.2.1 "which is an optimised RedHat 6.2 build customized in the labs at VA Linux". Note that SmoothWall is not a VA product, just based on one.

Red Hat News. Red Hat's ftp sites, including ftp.redhat.com and updates.redhat.com, now have modified directory structures. The changes are fairly clear and understandable. The old structure has been modified in order to allow for support of the various language-specific versions of Red Hat. (Thanks to Christof Damian).

However, if you've got bookmarks, or, more importantly, update programs with encoded URLs, you'll need to change them to accomodate the new structure.

As a result, new versions of several recent advisories or update notices have been sent out, including these advisories for ucd-snmp and kerberos.

SuSE News. SuSE 7.1 for SPARC, though no availability of a boxed product has been announced, is available for download as ISO images and has been since early March. A boxed product for SPARC is still promised someday. (Thanks to Joshua Uziel).

Slackware News. Upgrades to KDE 2.1.1, openssh 2.5.2pl2 and the Linux kernel 2.2.19 were made across all platforms.

On the Intel platform, the Java(TM) 2 SDK, Standard Edition, Version 1.3.0_02 from Sun was added (with thanks to Sun for allowing them to use it).

On the Alpha platform, the MySQL security patch mentioned last week went in. In addition, Will Woods' aboot 0.8pre-alpha patch was included to fix ISO9660 filesystem code and allow booting from Slackware-style CDs.

On the SPARC platform, 1.44MB root disk images now available. If you plan on using these, check the SPARC changelog for a related note. epic 4-1.0 was added, per user request. The latest amateur radio packages from Arno Verhoeven have been added. There is now a network supplemental disk for SPARC (same as Intel). Last, but not least, the Java(TM) 2, Runtime Environment, Version 1.2.2 rc4 was added. This is the Blackdown port of Sun's Java(TM) 2 SDK, so it looks like Slackware will be using both the Sun and the Blackdown Java ports for Linux, depending on which platform you are using.

Linux-Mandrake News. The third beta of Linux Mandrake 8.0 was released on Monday. This won't be the last beta, though, since the announcement of the release of Gnome 1.4 means that Linux-Mandrake 8.0 will probably include the full Gnome 1.4 release.

Meanwhile beta versions of the upcoming Linux-Mandrake 8.0 Tutorials are now on-line.

More Debian News. This week's edition of the Debian Weekly News is possibly also the last one, though that has not yet been decided for sure. Other Debian news sources have come on-line since DWN started publishing in early January, 1999. They include the Kernel Cousin Debian (summarizing debian-devel), the Debian Planet (a ticker-style news site with frequent updates) and of course, this section of LWN.net. Still, the Debian Weekly News gave an important perspective to Debian events that will be missed, if editor Joey Hess decides not to continue (certainly, we will have to work harder again!).

Speaking of this week's Kernel Cousin Debian, issues of handling packages containing cryptography came up again. Debian, unlike OpenBSD and FreeS/WAN, allows US maintainers to work with cryptographic packages, but requires that a copy of the software be mailed to crypt@bxa.doc.gov before it is uploaded by the maintainer.

Problems mixing and matching Debian GNOME and Ximian GNOME packages were also noted.

Also published last week was the Kernel Cousin Debian Hurd, with the latest news on the Debian GNU/Hurd development.

Distribution Reviews

Ah KRUD. (evil3d.net). Kevin's Red Hat Uber Distribution (KRUD) got its first official review this week. "Obviously, KRUD is based on the ever popular Red Hat distribution with a couple of twists thrown in. Twist number one is that KRUD is a subscription based distribution. Unlike other big boys, KRUD subscribers get a monthly KRUD update mailed to them".

Peanut and Vector get a review. In a nice change of diet from the usual reviews of one of the leading distributions, Michael P. Deignan has put out a comparison of Peanut Linux and VectorLinux, two distributions that aim to provide small, streamlined versions of Linux that fit onto a disk without requiring Gigabytes of space. (Thanks to Cesar A. K. Grossman).

"Both Peanut and Vector Linux are good if you want to get your feet wet in the Linux waters but aren't able (or willing) to devote a great deal of computing resources to the process. Their compact download sizes make them attractive alternatives, but each appeals to a very different audience, judging from each package's bundled applications. Peanut Linux's abundance of desktop apps and lack of development tools make it suitable if you want a functional Linux workstation but don't plan to install any additional programs. Vector Linux is a good choice for those who want to explore the application development aspect of Linux, but who also need a functional X environment to access the Internet."

Section Editor: Liz Coolbaugh

April 5, 2001

Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed.

Caldera OpenLinux
Debian GNU/Linux
Red Hat

Also well-known
Best Linux
Conectiva Linux

Rock Linux

Non-technical desktop
Icepack Linux
Redmond Linux

Boston University
Red Escolar

General Purpose
Alzza Linux
aXon Linux
Bad Penguin Linux
Black Cat Linux
BluePoint Linux
BYO Linux
CAEN Linux
Cafe Linux
ChainSaw Linux
Circle MUDLinux
Complete Linux
Console Linux
Corel Linux
Darkstar Linux
Elfstone Linux
ESware Linux
Eurielec Linux
eXecutive Linux
Fried Chicken
HA Linux
Halloween Linux
ix86 Linux
Lanthan Linux
Linpus Linux
Linux Cyrillic Edition
Linux MLD
LinuxOne OS
Linux Pro Plus
LNX System
Lute Linux

NoMad Linux
Omoikane GNU/Linux
PingOO Linux
Plamo Linux
Project Ballantain
Rabid Squirrel
Root Linux
Serial Terminal
TimeSys Linux/RT
Tom Linux
VA-enhanced Red Hat
Vine Linux
Virtual Linux
WinLinux 2000

GNU/Linux Ututo
Definite Linux
Red Flag
Linux Esware
Kaiwal Linux
Thai Linux Extension

Related Projects
Chinese Linux Extension

Historical (Non-active)
MCC Interim Linux
Storm Linux


 Main page
 On the Desktop
 Linux in the news
 Linux History

See also: last week's On the Desktop page.

Note: An asterisk (*) denotes a proprietary product, (w) denotes WINE based tools.

Office Suites
Ability (*)(w)
Anywhere Desktop (*)
(formerly "Applixware")
GNOME Office
StarOffice / OpenOffice
Siag Office
WordPerfect Office 2000 (*)(w)

Java / Web Office Suites
ThinkFree Office (*)
Teamware Office (*)
Cybozu Office (*)

Desktop Publishing
iceSculptor (*)
Maxwell Word Processor
Mediascape Artstream (*)

Web Browsers
Netscape (*)
Opera (*)

Handheld Tools
Palm Pilot Resources
Pilot Link

On The Desktop

Time and Space:  Having just returned to my Houston home from Colorado where I chaired the Colorado Linux Info Quest for the 2nd year, I'm swamped with ideas on what to write this week while left with little time to do real research. So while I lacked the time to find the news, I still have the space to fill, as always.

We received word this week regarding Hewlett Packard's announcement that drivers for their Deskjet series of inkjet printers would be available for use in the Ghostscript package.

These drivers aren't quite free software, but they're pretty close. The major restriction is that the code can only be used with HP products.

(Thanks to Andrea Fogazzi for this note.)

This is welcome news in the desktop world of Linux, since printing still remains a bit of a mystical function. HP isn't the first to offer drivers en masse, however. Oki Data and IBM announced printer drivers back in February for Oki's line of impact printers. Theses drivers were also created in support of the Ghostscript package.

Another printer maker with good Linux support is Lexmark, who announced support for their inkjet printers last year. Their web site does a reasonable job making those drivers available, as long as you include "Linux" along with your printer model when you search for your driver.

Printer driver support is a first step towards better printing on Linux desktops, but without a strong frontend, users will be stuck with the configuration nightmare that is Ghostscript. Fortunately, most distributions are providing Ghostscript (and other) drivers ready to go and applications making use of CUPS, such as the GIMP Print Plug-In will take printing to the level end users are demanding.

And my new desktop will be... (ZDNet). The author of this opinion piece from ZDNet News thinks Linux (or Unix in general) makes for a bad desktop choice. "The simple truth is that Linux, and the rest of the Unix family, simply aren't popular for desktop systems. Corel, the company that tried the hardest to bring out a commercially successful desktop version of Linux, fell flat on its face despite a pretty darned good package."

I don't agree with the authors sentiment here. First, Corel made a terrible effort at bringing WordPerfect to Linux. They spent more effort on fixing WINE than it would have taken to pull the guts from WordPerfect and stick it inside a native X interface such as GTK+ or Qt. Second, it assumed that the failure of Corel, who's success in the Windows world was marginal at best anyway, was a measure of how popular Linux would be as a desktop system. Perhaps Corel just did a bad job of making a product for an emerging market.

Linux doesn't have as many users as Windows or even (perhaps) Apple. But its growth rate is much higher than these two established players, and not all of those new users are running their boxes as servers. The Linux desktop is just emerging from its techy childhood. In time, it will mature to a system that even your grandmother will love.

High speed hotels  One final note before I get into the weekly news of note. This past two months I've done a lot of traveling, attempting on at least three occasions to use the high speed access provided by the big name hotels where I stayed. Unfortunately, not all high speed access is created equal. Both Hilton and Marriott hotels in Denver use the STSN (stsn.com) service. In both cases it took numerous calls to the support line to find out I needed a static IP number and hard coded DNS services. Rumors have it that DHCP from a Linux box was crashing the STSN servers located at the hotel. On one occasion the STSN support told me that the entire hotel was down - and it took 24 hours to bring it back up. Even then, I had to route mail through my own co-located server. AmeriSuites, on the other hand, uses a service from CAIS (cais.com) which requires simple DHCP configuration and a login to their web site to get started.

The moral of the story: if you travel with your Linux laptop, be prepared to set up static IP routing and have a backup mail relay available.

Desktop Environments

There was plenty of news from the GNOME front this week, including the release of the next major version of the complete GNOME environment, while KDE made it's splash, through the enthusiastic presentation of Kurt Granroth, at the Colorado Linux Info Quest.

GNOME 1.4 Released. The much ballyhooed release of GNOME 1.4 was made official this past week. Along with the much anticipated inclusion of Nautilus, the GNOME file manager from Eazel, GNOME 1.4 has added better support and interoperability with KDE and legacy X applications and made the Sawfish window manager a standard part of GNOME. Medusa, the search and indexing tool, was dropped from this release though the press release says it is included.

New version of GNOME desktop set to go (ZDNet). Wasting little time after the public release, ZDNet took an in depth look at the new GNOME 1.4. 'Not included in this release, but coming out in the next few months, is the Evolution mail client, currently in beta. "It also has much of the functionality of Microsoft's Outlook, like calendaring and scheduling," [GNOME release coordinator Maciej] Stachowiak said. "Other things you'll see are a lot more fit-and-finish and polish and usability features throughout the desktop."'

Eazel making its way forward in a sea of change (LinuxPower). While GNOME 1.4 became available this past week, Eazel kept a much lower profile, hoping to downplay criticisms of the 1.0 launch of Nautilus. Eazel's ups and downs are the subject of this LinuxPower interview with Eazel's Bart Decrem, Darin Adler, Ken Kocienda and Maciej Stachowiak. Decrem commented on the recent hiring of John Harper, the main author of Sawfish. "We hired John because we were really impressed with his work on Sawfish but also because we are very interested in the applications that affect the core desktop, and obviously the window manager is an important part of that. Having John on our team means that we don't have to worry about the file manager and the window manager fighting over who gets to draw the desktop, for example."

Digital baroque (Economist). And speaking of Nautilus, The Economist posted a story comparing the upcoming Windows XP and Mac OS X interfaces. While these two "baroque cathedrals" maintain strong user shares, the Economist thinks that Nautilus might be a better solution when it comes to handling upgrades. The only question is whether Eazel can establish and maintain a working business model for open source. "Nautilus is a snazzy graphical desktop environment for Linux, the free operating system developed by programmers collaborating over the Internet. Eazel, the Silicon Valley firm behind the software, hopes to make Linux easier to use than the Mac OS or Windows, and thus to boost Linux?s share of the desktop market above its current 1%. Eazel is giving away Nautilus, but hopes to make money by charging users for services such as online storage, regular backups and--cleverest of all--automated software upgrades."

KDE 2.2 Release Plan (Revised). Waldo Bastian, release manager for KDE 2.2, posted a revised schedule for the KDE 2.2 core applications. The first Beta release is due May 14th, to be followed by a June 18th Beta 2. Final release for 2.2 is set for July 16, but that is very dependent on the success of the beta releases.

Office Applications

KOffice 1.1 release schedule. The KOffice web site has posted its own partial plans for the version 1.1 release schedule. The first beta set for April 12th and the second for May 21st, though the schedule doesn't go past that as of now.

Corel adds tips for WordPerfect on Linux. Corel has added a few tips for using WordPerfect on Linux to their web site.

Desktop Applications

Parallax concludes purchase of VistaSource from Applix. A press release posted to the Applix web site states that VistaSource, the makers of the ApplixWare office suite, is now officially a Parallax company. No details were given on the future of the ApplixWare office suite. Email sent to the listed company and public relations contacts asking for clarification provided no responses. We'll just have to wait and see.

Aethera 0.9.1 for KDE. While no formal press release has been published, Apps.KDE.com noted the release of Aethera 0.9.1 from theKompany.com. According to theKompany's web site, this release includes IMAP and MBOX support as well as a number of UI and back end bug fixes.

Kapital Finance Manager for KDE updated. Similarly, theKompany posted an updated version of Kapital to their website. Kapital is a finance manage for KDE.

GIMP-Perl Tutorial updated (GIMP News). Alex Hartford, author of "GIMP Essential Reference", has updated his online tutorial for writing Perl scripts for GIMP.

GTK+ based Sketch 0.7.8 released. After a modestly long (as these things go) development process, Sketch author Bernhard Herzog has announced the first development release of Sketch running under GTK+. While we look forward to the GTK+ version, it wasn't too happy compiling under the same Python environment the 0.6 version worked under.

Talking about the desktop...

.comment: The Developers Haven't Heard (LinuxPlanet). Right before GNOME 1.4 hit the streets, LinuxPlanet took a closer look at KDE. Their opinion: KDE is just the right tool for the average user, even if distributions are only targeting businesses. "The printing issue is being addressed in what looks to be a very robust fashion through a new printing architecture contributed by Michael Goffioul. The Kprinter class seems to effectively replace Qprinter. It's based on plugins and is accompanied by a printer management tool. The library itself is split into core and management parts. It is very CUPS-friendly (indeed, CUPS was the first system to receive full plugin support, and CUPS is good enough, and freely available, so an obvious solution for many if not all users is simply to get and install it), but the hooks are there for any other print engine, spooler, or system one wants and is willing to hack his or her way toward."

Section Editor: Michael J. Hammel

April 5, 2001

Note: An asterisk (*) denotes a proprietary product, (w) denotes WINE based tools.

Desktop Environments

Window Managers (WM's)

Minimalist Environments

Widget Sets

Desktop Graphics
CorelDRAW (*)(w)
Photogenics (*)

Windows on Linux

Kids S/W
Linux For Kids

Send link submissions to lwn@lwn.net


 Main page
 On the Desktop
 Linux in the news
 Linux History

See also: last week's Development page.

Development projects

News and Editorials

Larry Wall on the design of Perl 6

Larry Wall has posted a column entitled Apocalypse 1: The Ugly, the Bad, and the Good describing where the Perl 6 language definition process stands: "What I will be revealing in these columns will be the design of Perl 6. Or more accurately, the beginnings of that design, since the design process will certainly continue after I've had my initial say in the matter. I'm not omniscient, rumors to the contrary notwithstanding. This job of playing God is a little too big for me. Nevertheless, someone has to do it, so I'll try my best to fake it. And I'll expect all of you to help me out with the process of creating history. We all have to do our bit with free will."

The Perl 6 design process became stalled for a while due to the complexity of the task: "I couldn't get enough of the problem into my head at once to make good progress, and I'm not actually very good at subdividing problems. My forte is synthesis, not analysis."

After pondering the difficulty of organizing RFCs, Larry came up with the following strategy: "it occurred to me (finally!) that the proper order to think about things was, more or less, the order of the chapters in the Camel Book."

And that naturally lead to: "I intend to produce one Apocalypse for each Chapter, so Apocalypse 1 corresponds to Chapter 1: An Overview of Perl." The RFCs were organized along the lines of the Camel Book chapters and were rated with Problem, Solution, and Acceptance levels. The following RFCs were selected for coverage in Apocalypse 1:

  • RFC 141: This Is The Last Major Revision
  • RFC 28: Perl should stay Perl
  • RFC 16: Keep default Perl free of constraints such as warnings and strict
  • RFC 73: All Perl core functions should return objects
  • RFC 26: Named operators versus functions

Larry's comments about RFC 141 cause a bit of concern: "First, Perl will support multiple syntaxes that map onto a single semantic model. Second, that single semantic model will in turn map to multiple platforms.
Multiple syntaxes sound like an evil thing, but they're really necessary for the evolution of the language. To some extent we already have a multi-syntax model in Perl 5; every time you use a pragma or module, you are warping the language you're using. As long as it's clear from the declarations at the top of the module which version of the language you're using, this causes little problem.

This idea certainly violates the Simpler is Better principle. Perl is already well known for trying to be everything to everyone. That is, no doubt, a factor that has made the language popular, but we wonder if the idea is being carried too far. Time will tell whether this proves to be a good idea or an addition that will forever more confuse Perl programmers.

Another point of view on the Perl 6 design process comes from Perl developer Damian Conway, who talks about his contributions to Perl 5+i: "One thing that is becoming apparent, though, is that Larry is targeting Perl 6 as a meta-language, as well as a programming language in its own right. It seems likely that a large number of other languages will be built in-, with-, and over- Perl 6".

We sincerely hope that the Perl 6 design process will stay on course and guide the ship of Perl through the rocky channels ahead. A well designed Perl 6 could provide the many Perl programmers with smooth sailing for years to come.


LDP Weekly News, April 4, 2001. The latest updates for the LDP have been posted, including updates for the NetMeeting, Plug-n-Play, Modem, DSL and DocBook HOWTO's, plus a new document describing the SGML document type definition linuxdoc.


SEUL/Edu report for April 2, 2001. The April 2, 2001 edition of the SEUL/Edu report is out. Topics include Open Source software in UK education, the IT4Schools project, and 8 new educational programs released since the last report. One interesting new programs is Papyrus, a Java based multi-platform library management software tool.

Embedded Systems

The State of Embedded Linux (LinuxDevices.com). Rick Lehrbaum has published the slides from his talk on The state of Embedded Linux from last week's CLIQ conference.


Streaming Media With Linux Resources Page (O'Reilly). The O'Reilly Linux DevCenter has published a new Resource Page that contains numerous links to Linux streaming media tools and sites.

Network Management

OpenNMS Update, Vol 2., Issue 14, April 3, 2001. This week's update for the OpenNMS project includes notes on preparing for the 0.7.2 release, SCM changes and more detailed information on the changes to the event subsystem planned for 0.7.2.


Why FreePM? (Linux Med News). Linux Med News looks at FreePM, an open source medical Practice Management application. [FreePM] "A key reason for using opensource is the security of knowing that there will never come a time when your business is forced to change or upgrade applications because of market forces outside of your control. As long as you have the complete source code, are permitted by license to modify it and it is written in a reasonably popular programming language you will be able to maintain it."

Web-site Development

Zope Weekly News. The increasingly misnamed Zope Weekly News has come out with a new issue. Amusingly, it's dated December 6, but, since it covers things like the Zope 2.3.1 release, we're not buying that.

Zope 2.3.1 released. Zope 2.3.1 is out; see the announcement for details. Among other things, it includes some security fixes, an IA-64 binary distribution, and a number of catalog changes.

Improving mod_perl Driven Site's Performance (ApacheToday). Stas Bekman discusses mod_perl optimizations, in part 6 of a series on ApacheToday. "It's desirable to avoid forking under mod_perl. Since when you do, you are forking the entire Apache server, lock, stock and barrel. Not only is your Perl code and Perl interpreter being duplicated, but so is mod_ssl, mod_rewrite, mod_log, mod_proxy, mod_speling (it's not a typo!) or whatever modules you have used in your server, all the core routines, etc."

Window Systems

GTK, GLib 1.3.3 released. GTK 1.3.3 and GLib 1.3.3 have been released. Both versions are considered developers releases intended for programmers working on porting to the upcoming 2.0 libraries. The release of these two versions of the popular GTK+ set of libraries is intended as a tentative API-freeze release, meaning major API changes (aside from those listed as open 2.0 bugs) are unlikely to occur before GTK+-2.0 is released.

ICS adds themes to Motif. According to this press release, ICS has started a project to add theme support to Motif, including planned support for existing GNOME and KDE themes.

Gnocl version 0.0.1 released. The first release of gnocl, a Tcl extension which implements gtk and gnome widgets, has been announced. Gnocl is released with a BSD license.

Section Editor: Forrest Cook

April 5, 2001

Application Links
High Availability

Open Source Code Collections
Le Serveur Libre



Programming Languages


Caml Weekly News for March 30, 2001. The March 30, 2001 edition of the Caml Weekly News is available. News this week centers on the first release of CDK, the Camel Development Kit.


IRC bot dreams (IBM developerWorks). David Seager shows how to write a Java based IRC bot in an IBM developerWorks article. "On a basic level, a bot is just a program that simulates an IRC client. It listens for messages and chat it recognises, and it performs useful functions and sends messages to users. The bot I've detailed in this article can respond to private messages from IRC users and can be easily extended to handle different commands, as well as perform other tasks."


New CMU Common Lisp Documentation. A new release of the EncyCMUCLopedia collection of Common Lisp documents has been made available.


Perl 5 Porters for April 1, 2001. The April 1 edition of Perl 5 Porters is out. Topics this week include Perl and HTML::Parser, Autoloading Errno, Math::Big*, pack, unpack, and Taint testing.


This week's Python-URL. Here is Dr. Dobb's Python-URL for April 2, 2001, covering Guido's April Fool joke, the Parrot language, and some serious stuff too.

Python-Dev summary for March 28. Here is the Python-Dev summary for March 28. Topics discussed include the 2.0.1 release, generator implementation, and portable filesystem information modules.

Extreme Python (O'Reilly). Stephen Figgins writes about the use of Extreme Programming techniques in developing Python code. "Extreme Programming (or XP) is a set of 12 programming practices for rapid application development for small development teams. The rapid nature of the development has a natural appeal to Python programmers."

Shell Scripts

Common threads: Awk by example, Part 3 (IBM developerWorks). Daniel Robbins digs into the mysteries of AWK in the third article on IBM's developerWorks. For the full story, check out Part 1 and Part 2 in the series.


This week's Tcl-URL. Dr. Dobb's Tcl-URL for April 2 is out, with the usual collection of news from the Tcl/Tk development community.


PHP Weekly News for April 2, 2001. The April 2, 2001 edition of the PHP Weekly News is out. Topics include the XML-RPC extension, problems with Midgard, a PHP-GTK user Web site, and more.


Spinning your XML for screens of all sizes (IBM developerWorks). Alan Booth and Kathryn Heninger Briton discuss the use of HTML as an intermediate language for displaying XML on a variety of screen sizes.

Section Editor: Forrest Cook

Language Links
Caml Hump
g95 Fortran
Gnu Compiler Collection (GCC)
Gnu Compiler for the Java Language (GCJ)
IBM Java Zone
Free the X3J Thirteen (Lisp)
Use Perl
O'Reilly's perl.com
Dr. Dobbs' Perl
PHP Weekly Summary
Daily Python-URL
Python Eggs
Ruby Garden
MIT Scheme
Why Smalltalk
Tcl Developer Xchange
O'Reilly's XML.com
Regular Expressions

 Main page
 On the Desktop
 Linux in the news
 Linux History

See also: last week's Commerce page.

Linux and Business

Atipa sells hardware division to Microtech. Atipa Corporation has announced that its hardware division has been sold to Microtech Computers. Atipa is now purely in the software and support business, with its efforts centered around the OpenNMS package and the products (such as the BRU backup tool) obtained in the acquisition of Enhanced Software Technologies in February 2000. Atipa acquired a company called PlatformWorks in October 2000 and acquired the OpenNMS platform at the same time.

This seems like a real change of focus for the company which has always carried Linux-based firewall appliances and Beowulf clusters. In July 1999 Atipa and Alpha Processor, Inc. (API) formed a partnership to provide "more powerful, affordable and reliable Linux solutions to the enterprise marketplace" and almost a year ago, in April 2000 the company beefed up its hardware division with the acquisition of DCG Computer Corp.

Norwegian State Consulting coordinating agency recommends use of Linux. Statkonsult, the directorate responsible for overall efficiency within state and public organizations in Norway has recommended the use of Linux within the public sector. Ulf Larsen brought the news to our attention and also provided a partial English translation.

Books:'The Joy of Linux' and 'Linux Cookbook'. Prima Tech has announced the publication of "The Joy of Linux, A Gourmet Guide to Open Source," by Brian Proffitt and Michael Hall. "With chapters such as 'The Penguin on Top,' 'The Joy of Toys,' and 'The Linux Sutra: Resources,' and cartoons by Nitrozac and Snaggy, readers will be entertained and treated to useful information."

No Starch Press announced a new Linux Journal Press offering "The Linux Cookbook: Tips and Techniques for Everyday Use".

IBM's New Ready, Set, Linux! Program is Available Across the U.S.. IBM is launching the Ready, Set, Linux! initiative for Business Partners interested in supporting e-business on Linux. IBM's Ready, Set, Linux! program is an educational series that will be available in cities across the United States.

Reports and surveys. IBM's glossy annual report includes a page about Linux, written by Irving Wladawsky-Berger. "We think that, at the end of the day, the operating system that provides the most flexibility to customers is the one that is going to end up winning. We're voting with our customers on this one. We're betting a big part of IBM's future on Linux." (Thanks to Walt Smith).

"Linux: You Get What You Pay For? is the title of a report from AllNetResearch. In the report is a detailing what Linux needs to do "to appeal to the Internet professionals who have yet to adopt Linux in their organizations". For $195 you can have the full report emailed to you in a pdf format.

Evans Data Corporation has issued a press release on a study which asked "Linux developers" which distribution they would use to set up a web server; 77% of them evidently answered "Red Hat."

NeTraverse Announces the Release Of Win4Lin 3.0. NeTraverse Inc. announced the release of Win4Lin Desktop Edition version 3.0. Win4Lin allows Linux users to run Windows programs without additional hardware or the need to dual boot.

Great Bridge releases PostgreSQL for Solaris. Great Bridge LLC released a pre-packaged PostgreSQL database on Sun Microsystems' Solaris operating system. The "PgSol" packages are in beta release and are freely available at www.greatbridge.org/project/pgsol.

MainConcept releases video editing toolkit. MainConcept, makers of the MainActor video editing system for Linux, has released a commercial video editing toolkit for Linux, known as VideoEngine.

Handheld Device on Linux/Java Platform Will Debut with Amiga-developed Software. Amiga Incorporated announced a long-term partnership with Sharp Corporation in which Amiga will develop content for next-generation Sharp handheld computing devices. (Thanks to Daniel Petzén)

Linux Stock Index for March 29 to April 04, 2001.

LSI at closing on March 29, 2001 ... 29.32
LSI at closing on April 04, 2001 ... 25.88

The high for the week was 30.03
The low for the week was 25.88

Press Releases:

Open source products

Proprietary Products for Linux

Servers and Bundled Products

Products and Services Using Linux

Products With Linux Versions

Java Products


Investments and Acquisitions

Personnel and New Offices

Financial Results

Linux At Work


Section Editor: Rebecca Sobol.

April 5, 2001


 Main page
 On the Desktop
 Linux in the news
 Linux History

See also: last week's Linux in the news page.

Linux in the news

Recommended Reading

Telsa Gwynne LCA Report: Why KDE Works (KDE dot News). Telsa Gwynne has written a report on Sirtaj Singh Kang's talk at Linux.Conf.Au 2001. "One huge thing that helped KDE and would probably benefit other very big projects was that KDE had the KDE Summit which was sponsored by Trolltech. When you get all the people in same place, then magic happens."

Thai Government Urged To Support Free Software (NewsBytes). Newsbytes covers a talk by Richard Stallman in Thailand. "'By using free software, Thailand can save paying currency to a few rich Americans. It is stupid to recognize foreign copyrights,' he claimed, adding that free software may also turn users away from the Windows operating system."


Peace, Love, Linux and IBM (IT Director). IT Director looks at IBM's Linux strategy. "This is completely unprecedented. A company launching an aggressive marketing campaign for a product that it has no claim over and for which it cannot obtain even one cent in direct revenues."

Red Hat sued over IPO (News.com). Lawyers thrive on down markets, apparently. C|Net is reporting that a New York firm has filed suit against Red Hat executives and Credit Suisse regarding full disclosure of information surrounding Red Hat's 1999 IPO.


New friendships in the open-source world (News.com). C|Net reports on the growing trend of partnering in the open source business environment. Alliances such as that between Great Bridge and Zend make sense when companies want to augment their products but don't have a lot of money to spend on programming, documentation and other expenses, IDC's Kusnetzky said. "The open-source people for the most part don't have a lot of cash sitting around," he said.


New Linux Kernel Boosts Server Power, Desktop Compatibility (ZDNet). ZDNet is running an article by Bill Machrone that takes a look at the Linux 2.4 kernel. "The ABM (Anything But Microsoft) market is vibrant and growing, but its mainstay operating system, Linux, has been falling behind the times."

Linux Reborn: Kernel 2.4 (ZDNet). Another 2.4 review, this time looking at some of the benefits of expanded memory and USB/FireWire support. "For the desktop, what does the new kernel offer the user? The new kernel has a number of new options for connecting to peripherals. With USB and IEEE 1394 support, Linux will have more reach into cameras, scanners, and even MP3 players. (The source code also describes connecting the new Linux kernel to new Bluetooth devices.)"


Interview: Guido van Rossum (Dr. Dobb's). Dr. Dobb's Journal has posted an interview with Guido van Rossum in RealPlayer format. It's about 13 minutes long.


Old PCs Made New (Times of India). The Times of India interviewed Atul Chitnis about Linux in India. "I am happy with the growth of Linux in India, but I am far from being satisfied. Linux has great potential for getting computing to the masses, to those who cannot afford or justify the latest and greatest computing equipment and commercial applications. However, we have seen little progress in this department - Linux is basically invading the turf of existing computer users, but has still not reached the people who would most benefit from it - schools and villages, areas of little commercial interest to vendors of commercial operating systems and applications."

Section Editor: Forrest Cook

April 5, 2001


 Main page
 On the Desktop
 Linux in the news
 Linux History

See also: last week's Announcements page.



Linux Gazette issue #65, April 2001. The Linux Gazette issue #65 is available. This month's issue contains articles on Internet printing, parallel processing, web portals and much more.

Tip Of The Week: What's the diff?. Linuxlookup looks at 'diff'. "Files change. Stuff happens. Sometimes you'll forget what changed (and why!)."

BeOS Buyer's Guide #2 (Duke of URL). This Buyer's Guide focuses on how to get the components to build your own BeBox.


Embedded Systems Conference Exhibit Floor. This press release from CMP Media describes the exhibits at the upcoming Embedded Systems Conference. April 10-12 at the Moscone Center in San Francisco.

ASPIC 2001 Informations. Here's some further information (in French) on ASPIC (Annual Symposium on Pliant Implementation and Concepts) 2001. The conference will be held in Paris, 20 April 2001. See the ASPIC website for more information.

Open Group conference on real-time and embedded systems. The Open Group has announced a conference on real-time and embedded systems, to be held April 25 in Berlin, Germany.

April/May events.
Date Event Location
April 4 - April 6, 2001. ApacheCon 2001 Santa Clara, California.
April 6 - April 8, 2001. GNOME Users And Developers European Conference (GUADEC) 2001 Copenhagen, Denmark.
April 8 - April 11, 2001. XML DevCon Spring 2001 New York Marriott Marquis, New York City.
April 9 - April 11, 2001. Smalltalk Solutions 2001 Conference Stephens Convention Center, Rosemont, IL (Near Chicago O'Hare)
April 9 - April 13, 2001. Embedded Systems Conference San Francisco, California.
April 12, 2001. 2001 Twin Cities Linux Solutions Conference - A Real Time Perspective Radisson South, Bloomington MN.
April 20, 2001. 2nd Annual Symposium on Pliant Implementation and Concepts (ASPIC 2001) Paris, France.
April 23 - April 27, 2001. Linux Expo Road Show Eastern Europe.
April 24 - April 26, 2001. Linux Africa Kyalami Exhibition & Conference Centre, Johannesburg, South Africa
April 25, 2001. Real-time and Embedded Systems Forum Conference Berlin, Germany
May 8, 2001. Linux@work Copenhagen, Denmark.
May 9, 2001. Linux@work Oslo, Norway.
May 9 - May 10, 2001. Linux Expo Brazil São Paulo - Anhembi - Palácio das Convenções.
May 10, 2001. Linux@work Stockholm, Sweden.
May 11, 2001. Linux@work Helsinki, Finland.
May 13 - May 17, 2001. Spring 2001 Enterprise Linux Implementation Conference Doubletree Hotel, San Jose, CA.
May 14 - May 17, 2001. The 2001 Applied Computing Conference Santa Clara, CA.
May 15, 2001. Linux@work Frankfurt, Germany.
May 15 - May 18, 2001. Linux Expo China Shanghai Mart, Shanghai, China.
May 16, 2001. Linux@work Zurich, Switzerland.
May 17, 2001. Linux@work Milan, Italy.
May 18, 2001. Linux@work Vienna, Austria.
May 20 - May 23, 2001. eXtreme Programming - XP2001 Villasimius, Cagliari, Sardinia, Italy.

Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn@lwn.net in a plain text format.

Employment Opportunities

Embedded Linux Software Developer, UK. Jobs are available in the UK for an Embedded Linux Software Developer and for Software Engineers.

User Group News

Rusty Russell Comes to Sheffield, England. Rusty Russell, best known as packet filter maintainer for the Linux Kernel, is flying in from Oz to give a talk on the 2.4 kernel code and related issues at the next ShefLUG meeting on April 14, 2001.

LUG Events: April 5 - April 19, 2001.
Date Event Location
April 5, 2001. Linux User Support Team, Taegu (LUST-T) Taegu, Korea.
April 5, 2001. St. Louis Area Computer Club Linux workshop Thornhill Branch Library, Creve Coeur, Missouri.
April 5, 2001. Edinburgh Linux Users Group (EDLUG) Holyrood Tavern, Edinburgh, Scotland.
April 7, 2001. Greater London Linux User Group (GLLUG) CFC Preview Theatre, London, UK.
April 7, 2001. Twin Cities Linux Users Group (TCLUG) Minneapolis, MN.
April 10, 2001. Long Island Linux Users Group (LILUG) SUNY Farmingdale, NY.
April 10, 2001. Victoria Linux Users Group(VLUG) University of Victoria, Victoria, British Columbia, Canada.
April 11, 2001. Columbia Area Linux Users Group (CALUG) Capita Technologies Training Center, Columbia, MD.
April 11, 2001. Silicon Corridor LINUX Users Group (SCLUG) Back of Beyond pub in Kings Road, Reading.
April 11, 2001. Toledo Area Linux Users Group (TALUG) University of Toledo, Toledo, OH.
April 12, 2001. East Side Phoenix Linux Users Group (PLUG) Sequoia Charter School, Mesa, AZ.
April 12, 2001. Boulder Linux Users Group (BLUG) NIST Radio Building, Boulder, CO.
April 14, 2001. Sheffield LUG with Rusty Russel(ShefLUG) University of Sheffield, UK
April 14, 2001. Consortium of All Bay Area Linux (CABAL) Menlo Park, California.
April 14, 2001. Route 66 Linux Users Group La Verne, California.
April 15, 2001. Linux Users' Group of Davis and the UC Davis Computer Club Installfest Davis, CA.
April 15, 2001. Beachside Linux User Group Conway, South Carolina.
April 16, 2001. Linux Users' Group of Davis (LUGOD) Z-World, Davis, CA.
April 17, 2001. Kansas City LUG Installfest Kansas City Public Library, Kansas City, MO.
April 17, 2001. Bay Area Linux User Group (BALUG) Four Seas Restaurant, Chinatown, San Francisco.
April 17, 2001. Linux Stammtisch Bandersnatch Brew Pub, Tempe, AZ.
April 18, 2001. Arizona State University Linux Users Group (ASULUG) Tempe, AZ.
April 18, 2001. Linux User Group of Groningen Groningen, Netherlands.
April 18, 2001. Central Iowa Linux Users Group (CIALUG) West Des Moines, IA.
April 19, 2001. St. Louis LUG (SLLUG) St. Louis County Library, Indian Trails Branch, St. Louis, Missouri.
April 19, 2001. South Mississippi Linux Users Group (SMLUG) Barnes & Noble, Gulfport, Mississippi.
April 19, 2001. Rice Linux User Group (RLUG) Rice University, Houston, TX

Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn@lwn.net in a plain text format.

April 5, 2001



Software Announcements

Here are this week's Freshmeat software announcements. Freshmeat now offers the announcements sorted in two different ways:

The Alphabetical List and Sorted by license


Our software announcements are provided courtesy of FreshMeat


 Main page
 On the Desktop
 Linux in the news
 Linux History

See also: last week's Linux History page.

This week in Linux history

Three years ago (April 9, 1998 LWN): All Things Considered, a premier news program on the United States' publicly funded National Public Radio (NPR), broadcast a report on Linux, Wednesday, April 8th. The program spotlighted Linus Torvalds and the work he's done. It also touched on the Beowulf clusters at NASA and spoke with Richard Stallman. Overall, the piece was very positive and as technically correct as any newspiece trying to explain Linux to a mass audience is likely to be. It did indicate that Linux was primarily for highly technical people, "for now".

Many leaders of the free software movement met on April 7th at a free software summit sponsored by O'Reilly. Participants included Linus Torvalds, Eric Allman, Phil Zimmerman, Guido Van Rossum, Paul Vixie, and others.

A number of articles resulted from Mark Andreessen's claim that Mozilla+Linux will be the platform that defeats Microsoft. ZDNet ran one titled The next battleground: Linux vs. Windows? and an opinion column as well. C|Net said Linux is a top priority for Netscape, talks about challenges to NT, but raises the old support issues.

"Linux is great, but what kind of support is there?" asked Joel Graves, director of client solutions at the biopharmaceutical division of Chiron. "It makes managers nervous when there's no 1-800 number to call."

There was also an article in TechWeb News.

Andreessen outlined a scenario in which Mozilla, as the Communicator code is called, becomes the GUI that runs on top of a Linux operating system.

Within 15 hours of the release of the source code for Netscape 5.0, the Mozilla Crypto Group made available "cryptozilla", a mozilla (free netscape) with SSL enabled. A Wired News article on this work can still be found here.

The XFree86 project announced that it would not follow The Open Group in its attempt to impose a more restrictive license on X11R6.4. XFree86 won - The Open Group backed down.

The announcement of the 2.1 feature freeze brought a number of proposed additions out of the woodwork. Some of the things that people wanted to see included before 2.2 were: Plug and Play support, compression in the ext2 filesystem, and a BSD-like securelevel capability.

There were also a few people that requested that the 2.3 development cycle be rather shorter than 2.1 had been. There seemed to be universal consensus on that point; Linus stated that he would try for a shorter period ("half the length or less") before 2.4 comes out.

Debian leader Ian Jackson officially appointed Brian Bassett as Project Secretary, who was assigned the task of counting exact number of Debian developers. Brian numbered them at 313, using the Debian PGP keyring.

Linux Focus got its own domain: linuxfocus.org. This site still produces a high-quality, multi-lingual Linux magazine.

Two years ago (April 8, 1999 LWN): Mozilla's one-year anniversary celebration was marred by the resignation of Jamie Zawinski from the project. For Jamie, the fact that Netscape 5.0 had not shipped after an entire year meant that the project had failed.

Dell made an investment in Red Hat, announced new (Red Hat) Linux-installed systems and announced that they would deliver 1250 (Red Hat) Linux-installed systems to the Burlington Coat Factory for deployment in their stores. Dell's Linux offerings are still difficult to find from the company's main web site. People who want to buy factory installed Linux systems from Dell need to go to www.dell.com/linux/ instead.

Al Gore's presidential campaign staff announced that his web site was "open source".

Cygnus announced an open source Java compiler, complete with a set of class libraries.

Salon Magazine reworked itself as Salon.com. In their press release they announced that their new setup was running on Linux.

"...Linux will provide a solid technical backbone to support Salon's move from a magazine-based model to a network of web sites. The site redesign needs the versatility and power of Linux to keep pace with its growing business and e-commerce needs."

A publication called "Windows NT Systems" published an article on Linux. They didn't like it.

"The problem with Linux is that it is just another unadulterated version of Unix. Your choices of graphical user interfaces are the Unix command shell or X Window, a primitive windowing system designed more than 15 years ago."

April foolery brought us the Tuxissa Virus Report. It's still good for a chuckle or two.

For more foolery, LinuxWorld gathered up all the Linux-related April Fool's Day pranks that they could find.

One year ago (April 6, 2000 LWN): LWN was acquired by Tucows.com, Inc. For those who didn't see it, here's our announcement.

The United States District Court for the District of Columbia ruled that Microsoft had violated the Sherman act.

Miguel de Icaza made this statement on the Microsoft ruling.

"Microsoft has held a proprietary grip on the software industry both economically and developmentally. As a result every 18 months hardware doubles in speed and drops in price while the complete opposite is true of the software that runs on top of it. Very simply, consumers will always lose with proprietary software."

Cryptographic freedom scored some good news when the United States Court of Appeals for the Sixth Circuit published their decision regarding Peter Junger's challenge to the Export Administration Regulations.

"Because computer source code is an expressive means for the exchange of information and ideas about computer programming, we hold that it is protected by the First Amendment."

Wichert Akkerman took over as Debian Project Leader. For those of you who like gory details, here are the final election results.

Linux-Mandrake for Alpha was announced. This was the 7.0 distribution for the Alpha processor. The port was "not intended for production use yet."

Red Hat 6.2 received a glowing review from Tucows and somewhat less glowing one from LinuxPlanet.

Slackware had just added its Support section to the website.

In the April Fool's Day tradition, Yellow Dog Linux announced "Yellow Dog Linux adds Klingon support".

Netscape 6 preview release 1 was announced.

"Netscape 6 reverses the trend of continuously increasing the size of software with new releases. The new Netscape Navigator browser is a light 5.5MB download, about half the size of Navigator 4.08. Also, because Netscape 6 is based on Netscape Gecko, which speeds up the browsing experience for users, tables display much faster, pages resize instantly, and text information appears more quickly so users can start reading content on the page sooner."

Mozilla had just turned two, so MozillaZine posted a Mozilla timeline, complete with screenshots and photos.

The Linux Professional Institute announced the completion of the development of exam 102, the second of two exams required to obtain Level 1 certification.

Pliant - release 34 was announced. One year later, the 2nd Annual Symposium on Pliant Implementation and Concepts is coming up on 20 April, 2001.

Rackspace.com had filed for an initial public offering of stock. Rackspace is still a large-scale web hosting provider. They provide a dedicated box for every customer and most of those boxes run Linux. However Rackspace withdrew its registration statement for IPO on March 19, 2001, citing: "current unfavorable conditions in the public equity market."

Atipa Linux Solutions had just acquired DCG Computer Corp. At the time Atipa expected DCG to enhance Atipa's line with the addition of high-performance and clustered systems. Note that this week Atipa sold its hardware division (covered on the commerce page).

Apple released Darwin 1.0, the predecessor of Mac OS X. This release also included an open source version of its QuickTime streaming server software.

Alta Technology announced the founding of LinuxNetworX, a company which specializes in high performance, Linux-based systems.

The New York Times claimed Linux's Open-Door Policy Could Let Hackers Right In and they dug up some security experts to support the notion that security through obscurity is a better bet.

"'This is a double-edged sword,' says Scott Hissam, a member of Carnegie Mellon's Software Engineering Institute. 'The bad guys have access to the same code as the creators. They can use that information to exploit the code and make it do what they want it to do.'"

(Registration is required to access the article).

Internet Stock News reported on the recent downturn in Technology and Internet stocks.

"... a significant amount of money was taken out of the technology and Internet sector and placed back into the "old economy" stocks of the Dow."

The LWN Stock Page showed that our index had dropped below 100 for the first time since November, 1999. Of course, 100 looks pretty good now...

April 5, 2001


 Main page
 On the Desktop
 Linux in the news
 Linux History

See also: last week's Letters page.

Letters to the editor

Letters to the editor should be sent to letters@lwn.net. Preference will be given to letters which are short, to the point, and well written. If you want your email address "anti-spammed" in some way please be sure to let us know. We do not have a policy against anonymous letters, but we will be reluctant to include them.

April 5, 2001

From: "Leather, sean P" <Sean.Leather@MW.Boeing.com>
To: "'letters@lwn.net'" <letters@lwn.net>
Subject: Three years ... and still counting!
Date: Thu, 29 Mar 2001 09:12:00 -0600

Dear LWN,

I was very excited to see your article on Mozilla and how that project has
significantly improved.

In the weeks before this issue, I had researched Bugzilla (Mozilla's
web-based bug-tracking software) for use in a local setting. At first
download, I tested it out and, to my dismay, found an obvious bug.
Disappointed but not without hope (in the open-source philosophy), I logged
into the real Bugzilla to report my first bug.

As I was about to submit my report, a certain florescent light bulb went off
above me (i.e. the lights went out ... several times, but, fortunately, the
electricity stayed on): somebody else may have already sent in such a
report. So I queried. Somebody, actually several people, had already
reported it. Then I searched more and found a long discussion on the best
methods for squashing this particular insect-like problem.

It appeared as if three or four hackers had been submitting patches while
others conjectured about each. After each new patch was submitted, there
were less "I like this, but..." statements made. With this, I could read
through the steps of how a bug was fixed. I thought to myself: this is how
it should be, this is Open Source.

Cheesy though that thought is, my spirits were lifted (no, that does not
mean I was drinking). I realized that open-source software is where all the
action is (meaning inter-action). It also dawned on me that Mozilla has put
together a darn good collection of open-source projects that even facilitate
other open-source projects (Bugzilla, Bonsai, Tinderbox, etc.).

To say the least, I was impressed with not only Mozilla's software, but also
their methodology. Even though their programmers may not write the panacea
of programs or the code that solves every problem the first time (believe
me, I found several other bugs), they resolve their problems with expediency
unfound in most places.

Then I downloaded the latest "unstable" version and returned to my work.
Fortunately, it fixed all the bugs I had found and then some.

On a side note, if a user cannot have this kind of communication and
interaction with a developer, that person (who may see a solution right away
like I did) cannot propose the kind of answer or question that may be
needed. For example, a certain well-known large company that recently
announced the "release" of their source to other certain large companies
will not profit from the true benefits of open-source development.

The moral of the story is: "learn from the best, or die like the rest."

Yours truly,

   Sean Leather                    . . . . . . . . . . . . . . .
   Cooperative Education Employee  . Sean.P.Leather@Boeing.com .
   Simulation Networking R & D     .                           .
   The Boeing Company              . . . . . . . . . . . . . . .
From: Richard Kay <rich@copsewood.net>
Subject: Re: http://www.redpepper.org.uk/x-open-source.html
A World Without Microsoft
To: scott.redding@virgin.net
Date: Mon, 2 Apr 2001 14:49:46 +0100 (BST)

Thanks for this on-line article. Software network economics have more to
do with the "chaordic" form of organisation than anarchism. You will
find some relevant articles about this on http://www.chaordic.org/

While the "chaordic" term was coined relatively recently it covers
structures which are not entirely new. The shape of such an organisation 
is fractal and not heirarchical, where the information needed to replicate 
the entire organisation is present in small parts of it and it exists 
on many levels.  A chaordic entity is capable of refining information. 
Here the chaotic patterns and experiments of creative change are balanced 
against there being just sufficient order to enable the entity to 
function coherently without centralised control, other than through
the shared guiding principles which underpin the existence of the 

This chaordic form of organisation is present in natural languages,
traditional markets, the telephone system and more recently the VISA 
and Internet networks.

In the case of open-source/free software the unifying principle behind this
movement is the benefit gained from the sharing of computer source code.
Does it matter that this benefit is partly moral and political and partly 
practical ?

In your otherwise excellent and balanced article Heather Sharp writes:

"It is the opposition between the pragmatic and the idealistic/libertarian 
rationales which now threatens to split the movement." 

I must disagree, because you might as well talk about splitting
the Internet itself or the telephone network, because not everyone
who uses these things agrees with everyone else. These ideas are 
non-starters and seem based on fundamental misconceptions based on
a complete lack of technical understanding. 

Given that software once made available to the free software/open source
pool cannot be taken out of it, the benefit is greater than the loss if 2 
development groups go off and create competing programs or promotional 
initiatives, as they sometimes do, because no differences of
opinion on technical or ideological issues can prevent the best software
from migrating between these groups unless they deny to themselves the 
evolutionary advantages of wheel-reinvention avoidance and open public review 
and contribution which derives from code sharing in the first place. If 
one part or another of this movement denies to themselves these benefits 
they are no longer part of a movement which derives from no more than 
these benefits in the first place. Consequently a movement based on
this definition cannot be divided QED.  

If the free software/open source movement were a form of organisation which
required heirarchical relationships to function as such and were incapable of 
otherwise effectively coordinating activities led through the contribution
of many centres, organisations and individuals this kind of perspective 
difference might be capable of dividing rather than strengthening our 
movement. But if this were so we would be unable to offer any 
genuinely revolutionary perspective or possibilities in any case.

Richard Kay
Date: Tue, 3 Apr 2001 06:58:11 -0600 (MDT)
From: Richard Stallman <rms@gnu.org>
To: rich@copsewood.net
Subject: Re:  http://www.redpepper.org.uk/x-open-source.html
A World Without Microsoft

    In your otherwise excellent and balanced article Heather Sharp writes:

    "It is the opposition between the pragmatic and the idealistic/libertarian 
    rationales which now threatens to split the movement." 

The mistake is in the phrase "threaten to".  This is half wrong, and
half wrong.

Philosophically, the disagreements between views like mine and views
like Eric Raymond are so large that we should not be considered one
movement.  But these disagreements are nothing new--we have disagreed
in this way for 15 years or more.  It is too late for them to
"threaten" to cause a split; whatever splitting they are going to
cause has already happened.

At the same time, we remain one community, still working together much
of the time despite these philosophical disagreements.  I see no sign
that our disagreements threaten the community's overall state of
cooperation.  Of course, it is not perfect cooperation, but perfection
is too much to ask.

I have not seen the article you refer to, and I am not sure where it was
published.  Could you possibly mail me a copy, and perhaps tell me
how to send email to its author?

Date: Tue, 3 Apr 2001 09:18:46 -0400
From: "Eric S. Raymond" <esr@thyrsus.com>
To: Richard Stallman <rms@gnu.org>
Subject: Re: http://www.redpepper.org.uk/x-open-source.html
A World Without Microsoft

Richard, I wrote the following in response to the article.  I'm glad we
broadly agree on the extent to which the article exagerrates the divisions.

>Way too much of this article is breathless nonsense, beginning with
>the claim that "the community is cracking along its ideological
>faultlines".  The fatuity of this claim is demonstrated by the fact
>that even the most extreme partisans of both tendencies Ms. Sharp
>describes still share code and use each others' licenses, and show no
>signs that they will ever cease to do so.  
>Throughout the article, Ms. Sharp ascribes to hackers motivations that
>most of us would find either irrelevant or repugnant. Among us, the
>act and the the personal rewards of craftsmanship easily trump
>politics and other toxic social games.  Her proposal that we are "a
>living alternative to the individualism of the average big-buck
>business environment" is particularly ironic, since we generally
>regard ourselves and behave as individualists par excellence, and
>reject the corporate world precisely for its deliberate suppression of
>that quality.  Reflexive leftist cant has blinded her to what is
>actually going on here.
>Ms. Sharp's "there is a strand to the thinking of the more radical
>sections of the Open Source community which could be classed as
>libertarian" is an amusing instance of the same blindness.  One of the
>few points of agreement between libertarians like myself and
>anti-libertarians like Paulina Borsook (the author of "Cyber-Selfish")
>is that libertarian thinking and values are not merely a "strand" but
>all-pervasive in the hacker culture.  The issues hacker activism has
>themed itself on (privacy, free speech rights, access to strong
>cryptography, DeCSS) are libertarian/individualist at their core, and
>our behavior is far more simply explained by reference to libertarian
>ideals of individualism and autonomy than through Ms. Sharp's
>distorting lens of categories like "neo-colonialism".
>Political categories aside, in the last paragraph Ms. Sharp pulls a
>clever bit of ambiguity that confuses a major collision of world-views
>with a minor and relatively superficial factional dispute.  The gulf
>between the proprietary world and the open-source/free-software
>community is vastly more important to all parties involved than the
>relatively insignificant differences between the idealists and
>pragmatists within our community.  Indeed, by exaggerating the
>importance of the latter division, Ms. Sharp plays into the hands of
>Microsoft and the proprietary-softeware behemoths.
>Fortunately, Ms. Sharp's misconceptions matter very little.  However
>much theory and rhetoric may superficially divide the hacker culture,
>practice fundamentally unites us.  We may argue with each other about
>why we do what we do, but we'll keep doing it together nevertheless --
>and that propaganda of the deed, that ongoing and successful co-option
>of the infrastructure of 21st-century society, will be far more
>important in changing the world than any amount of rhetorical vaporing
>by Richard Stallman or myself or anybody else.
		<a href="http://www.tuxedo.org/~esr/">Eric S. Raymond</a>

"...The Bill of Rights is a literal and absolute document. The First
Amendment doesn't say you have a right to speak out unless the
government has a 'compelling interest' in censoring the Internet. The
Second Amendment doesn't say you have the right to keep and bear arms
until some madman plants a bomb. The Fourth Amendment doesn't say you
have the right to be secure from search and seizure unless some FBI
agent thinks you fit the profile of a terrorist. The government has no
right to interfere with any of these freedoms under any circumstances."
	-- Harry Browne, 1996 USA presidential candidate, Libertarian Party
Eklektix, Inc. Linux powered! Copyright © 2001 Eklektix, Inc., all rights reserved
Linux ® is a registered trademark of Linus Torvalds