Other LWN stuff:
 Daily Updates
 Calendar
 Linux Stocks Page
 Book reviews
 Penguin Gallery

 Archives/search
 Use LWN headlines
 Advertise here
 Contact us

Recent features:
- RMS Interview
- 2001 Timeline
- O'Reilly Open Source Conference
- OLS 2001
- Gaël Duval
- Kernel Summit
- Singapore Linux Conference
- djbdns

Here is the permanent site for this page.

See also: last week's LWN.

Leading items and editorials

The two companies have evidently not seen eye to eye for some time, but, until recently, the dispute has been handled quietly. No more. NuSphere has filed suit against MySQL AB for "breach of contract, tortious interference with third party contracts and relationships and unfair competition." The legal proceedings did not set off MySQL AB, however, as much as NuSphere's launch of MySQL.org. That site, intended by NuSphere as a community resource independent of MySQL AB, hit the MySQL folks a little too close to home. They greeted the site with a strongly-worded press release entitled MYSQL COMMUNITY THREATENED BY OBSCURE .ORG WEBSITE:

Marten Mickos, newly appointed CEO of MySQL AB, commented "We consider operating the mysql.ORG site illegal activity and we are taking steps to enforce our trademark and other rights."

Nusphere's response, in the form of a press release announcing MySQL.org, was not a whole lot better:

MySQL.org is designed to more clearly separate church and state for the MySQL community. Developers will not encounter licensing demands or sales calls with MySQL.org, as they may with the MySQL.com Web site,' said Britt Johnston, chief technology officer, NuSphere.

Mr. Johnston was not able to provide us with any examples of "licensing demands or sales calls" resulting from use of the MySQL.com site.

MySQL.org, however, is just the tip of an iceberg of disputes that includes:

• Trademark ownership. NuSphere seems to believe that it obtained the right to use the MySQL trademark as part of its agreement with MySQL AB; the latter company clearly disagrees - and claims to have terminated the agreement.

• Ownership and delivery of code. MySQL AB has claimed that NuSphere has contributed no code to the system. NuSphere disagrees, but claims that there have been problems over MySQL AB's policy of requiring transfer of ownership of contributed code.

• GPL violations. NuSphere has been shipping its "Gemini" enhancements with MySQL while not making the source available; that is a clear violation of the GPL. Since the fuss began, NuSphere has released Gemini via MySQL.org, so that problem, for the moment, should be resolved. NuSphere claims, though, that MySQL's interpretation of the GPL violates that license as well.

The trademark issue has the look of something that could become a perennial problem for the free software community. Is a piece of software truly free if its name is not? This issue has come up before (i.e. ssh), and will again. The desire of software authors and companies to control the names they use is understandable, but an excess of trademarks could make a minefield for the free software community in the same way as software patents. This is an important and unresolved problem.

The GPL issues are also relevant. Violations of the GPL are always a problem, and it is good that NuSphere has, for now, moved back into compliance. But what about NuSphere's charge against MySQL AB? According to NuSphere CTO Britt Johnston, the company's complaint centers around the following requirement, as seen on the MySQL AB policy page:

A [commercial] license is required if... You have a commercial application that ONLY works with MySQL and ships the application with the MySQL server. This is because we view this as linking even if it is done over the network

This is the old boundary issue in a new form: what, exactly, distinguishes "linking" from "aggregation"? That question, too, will return to haunt us, and it may have to be resolved in court. That, of course, would be unfortunate; judges are not necessarily well qualified to make that kind of determination.

The real problem for MySQL users, though, could well be that people see this dispute and decide to use a different free database system (i.e. PostgreSQL or InterBase) instead. After all, if the developers are busy fighting each other instead of hacking and claims of licensing violations are flying, why not use another (entirely capable) system where life appears calmer? This dispute, if it continues, could result in a fork of the MySQL code, slowed development, and a reduced user community. None of that would be good.

So it is encouraging to see some attempts being made to defuse the situation. MySQL AB has published an open invitation to NuSphere to talk about and resolve the problems. NuSphere's response is (mostly) positive, and the two companies are apparently scheduled to talk on July 20. With luck, they will manage to bring an end to a fight that can not do either of them, or the free software community, any good.

The DMCA strikes again. Dmitry Sklyarov came over to "the land of the free" from Russia to speak at Defcon in Las Vegas. He was probably a little surprised to find himself arrested by the FBI and facing charges that could land him in prison for the next five years. The U.S. Attorney's Office was so pleased with itself that it issued a press release proclaiming the arrest. The crime Mr. Sklyarov is charged with is heinous indeed: he worked on a Russian commercial software product which allows people to copy and read files in the proprietary Adobe "eBook" format.

The eBook format allows for highly restrictive control of copyrighted materials. It can only be processed by an Adobe eBook reader, and only on one computer. It can not be copied, printed, or excerpted. Many of the activities commonly seen as "fair use" are disallowed by this format. One could argue that the "Advanced eBook Processor" simply allows eBook customers to exercise their fair use rights. Adobe, of course, argues that it is a "circumvention device" which must be suppressed.

The nature of the Digital Millennium Copyright Act does not get much clearer than this: write a program that interprets a proprietary file format, and you'll go to jail. For years. It is a serious threat to free software, and to civil liberties in the U.S. in general. Or even outside the U.S.: Mr. Sklyarov wrote his code for a Russian company - and the code is legal there.

Like the DVD case, this prosecution will be an important one for the future of fair use and programming rights in the U.S. We'll be keeping an eye on it. Meanwhile, for further information, see:

• The text of the complaint against Mr. Sklyarov, in PDF format.
• A list of media coverage on the Planet eBook site.
• Elcomsoft's Advanced eBook Processor page.

There is also a Free Sklyarov mailing list, set up by Seth David Schoen, for those interested in following this situation.

Conferences next week. The O'Reilly Open Source Convention starts in San Diego on July 23. Numerous prominent free software developers will be there. We'll also get to hear from Microsoft's Craig Mundie on the joys of "shared source." It may not be the friendliest reception he's ever encountered...

Meanwhile, the Ottawa Linux Symposium starts up in, strangely enough, Ottawa on July 25. OLS is a smaller, development-oriented conference limited to 500 attendees. If past events are any guide, neither highly technical talk nor beer will be lacking.

LWN will be present at both events; watch our pages for information from the show floors.

Followup on .NET alternatives. Of course, the article last week on .NET alternatives did not manage to get them all. We're a little embarrassed at what got left out, actually. Here's a few other projects to look at, for those who are interested in what is happening in this space.

• The e-Speak system has been under development for a couple of years, under heavy sponsorship from HP. e-Speak aims to bring on "Chapter 2 of the Internet" by providing a set of protocols and APIs for networked services to find and deal with each other.

• Piper, "a peer-to-peer (P2P) distributed workflow system," was discussed briefly in LWN back in September, 2000. The project has kept a low profile since then, but development continues. Among other things, it now has a PiperNet Standards Organization, and a developers meeting will be happening shortly in Denmark.

• Much of the work being done with Java over the years has had a very similar set of goals. A look at the standards being defined on the Java Community Process site (and elsewhere) shows a great deal of activity.

• The inclusion of the XML-RPC library in the Python 2.2 alpha release (see this week's Development page) is also aimed at and motivated by setting and influencing standards in this area.

No doubt there are others worthy of a mention. Suffice to say the community is not standing still and letting the new net pass it by. It remains to be seen, however, whether any of these efforts will succeed in establishing itself as a standard. Doing that requires more than just a set of good technical ideas.

Inside this LWN.net weekly edition:

• Security: NIST ICAT database, Bruce Schneier's congressional testimony, Snort.
• Kernel: Bouncing processes; smarter memory freeing; journaling filesystems can be faster.
• Distributions: Lots and lots of new distributions ...
• On the Desktop: A better cup o' Java, KDE at LinuxTag and guidelines to a Linux desktop.
• Development: PDAs as embedded controllers, Kawada humanoid robot, threading Java, Python 2.2a1, Jython 2.1a2, neural networks.
• Commerce: Clustering solutions from Lineo and Scyld; GNUPro Design Tools.
• History: Oracle announced support for Linux; Red Hat community stock offering; Miguel de Icaza sez "Unix sucks".
• Letters: .NET alternatives; MySQL vs. NuSphere.

This Week's LWN was brought to you by:

• Jonathan Corbet, Executive Editor
• Elizabeth O. Coolbaugh, Managing Editor
• Michael J. Hammel, Senior Editor

See also: last week's Security page.

Security

News and Editorials

NIST gives away vulnerability database. The National Institute for Standards Technology announced this week that they are giving away their vulnerability database, free for public use. The data is being provided on a royalty-free basis, for inclusion in both proprietary and free products. Check the ICAT home-page for more details.

Note that the data is provided as a Microsoft Access 2000 file. Hopefully someone will massage it into a more friendly, open format in the near future.

Snort: Planning IDS for Your Enterprise (Linux Journal). The Snort Intrusion Detection System gets a look in this Linux Journal article. "Snort is often referred to as a lightweight intrusion detection system. Snort is labeled lightweight because it is designed primarily for small network segments. Snort is very flexible due to its rule-based architecture. The designers of Snort have made it very easy to insert and expand upon rules as new security threats are detected".

This month's CRYPTO-GRAM newsletter. Bruce Schneier's CRYPTO-GRAM Newsletter for July is out. The main topics of interest this month are Internet-based telephony (and the associated security risks) and security monitoring.

Also from Bruce this month is a a copy of his written testimony provided for the Senate Subcommittee on E-consumer Science, Technology and Space. The favorite quote of the week is, of course, this one:

What will happen when the CFO looks at his premium and realizes that it will go down 50 percent if he gets rid of all his insecure Windows operating systems and replaces them with a secure version of Linux? The choice of which operating system to use will no longer be 100 percent technical.

In addition, however, many of his other comments are also worth reviewing, including his belief that the Internet will never be secure, but will, in fact, grow less secure. He emphasizes that automatic security will always be flawed and human intervention required.

Which Is More Secure? -- Open Source Vs. Proprietary (Interactive Week). Jeremy Allison provides the open source argument in this two-sided story on Security from Interactive Week. "Most often, a security alert is issued for a proprietary software package once a cracker has created and published an exploit to take advantage of a problem. Most open source security alerts are issued because of third-party audits, not published exploits, and an alert is published in the spirit of openness to notify any users of the broken software about upgrades."

PortSentry (Linux Journal). Linux Journal looks at PortSentry and LogCheck, two tools in the arsenal of security. "Once a host is targeted by an attacker, a port scan is almost always performed. The port scan is done to expose all services available on the target host and to provide a starting point for break-in attempts. PortSentry detects such scans by monitoring the unused ports on the host. "

Security Reports

Linux init default umask vulnerability. Linux kernel versions 2.4.3 through 2.4.6 create the init process with a default umask of 0000. If a specific Linux distribution does not explicitly change this umask, this vulnerability can be exploited locally to gain root privileges. Check BugTraq ID 3031 for more details.

Adding 'umask 022' to the beginning of the rc.sysinit file will resolve the problem, which has been fixed as of 2.4.7pre7.

CERT security advisory for LDAP. CERT has issued a security advisory describing denial of service and remote compromise vulnerabilities in numerous LDAP servers, including OpenLDAP. CERT does not normally get into the picture until problems are being actively exploited, so, if you're running LDAP, it's probably worth taking a look and doing a quick update.

Vulnerable versions of OpenLDAP include 1.x prior to 1.2.12 and 2.x prior to 2.0.8. Note that OpenLDAP was only found to be vulnerable to denial-of-service attacks; no remote compromise vulnerabilities were found. Check also BugTraq ID

AllCommerce temporary file creation vulnerability. AllCommerce, a Perl and SQL92-based e-commerce application, has been reported to contain a temporary file creation vulnerability. Check also BugTraq ID 3016.

• Engarde

Engarde Secure Linux-specific sudo vulnerability. The default configuration of Engarde can lead to elevated privileges for accounts included in the admin group. They have issued an advisory and recommended workarounds. Check also BugTraq ID 3019.

vipw insecure file permissions vulnerability. Red Hat has issued an advisory for vipw in Red Hat 7.1. If vipw is used to edit the /etc/shadow file, the modified file will be saved with improper permissions. Check also BugTraq ID 3036.

Slackware /var/man permissions vulnerability. Slackware 8.0 and earlier has been reported to contain a vulnerability due to the permissions shipped by default on the /var/man/cat* directories. These directories are shipped with permissions "1777", allowing world-write access. Using symlinks, this access can be exploited to overwrite files owned by the person running the man command. In particular, if man is run by root, this can be exploited locally to gain root privileges. Modifying the permissions on the directories will close the vulnerability. BugTraq ID 3054.

Opera malformed header vulnerabilty. The Opera web browser version 5.0 for Linux has been reported to have difficulties handling malformed headers. As a result, this can be exploited by malicious webmasters to cause the browser to crash. No response from Opera has been seen so far.

web scripts. The following web scripts were reported to contain vulnerabilities:

• Docview, a set of CGI scripts from Caldera Systems, is reported to contain an argument validation problem. This can allow a local attacker to gain access to the 'httpd' account. Docview 1.0-15 fixes this problem. Caldera has provided updated docview packages for OpenLinux Server 3.1 and OpenLinux Workstation 3.1. BugTraq ID 3052.

• Interactive Story 1.3, a perl-based freeware application, contains a directory transversal vulnerability. This has been fixed in version 1.4.

• Adcycle Adlogin.pm, one of a set of scripts to handle ad banner rotation, has been reported to contain an administrator authentication bypass vulnerability. An upgrade to Adcycle 1.16 should resolve the problem.

Proprietary products. The following proprietary products were reported to contain vulnerabilities:

• Cisco IOS PPTP (Point to Point Tunneling Protocol) has been reported to contain a vulnerability that can crash the router if it receives a malformed or crafted PPTP packet. No workaround is available, but updated software is. Check also BugTraq ID 3022.

Updates

OpenSSL Pseudo-random number generator weakness. Check the July 12th LWN Security Summary for the original report or BugTraq ID 3004.

This week's updates:

• Red Hat

• Engarde (July 12th)
• Trustix (July 12th)

cfingerd buffer overflow and format string vulnerabilities. Check the June 28th LWN Security Summary for the original report or BugTraq ID 2914. These vulnerabilities can be exploited locally to gain elevated privileges, possibly including root access.

This week's updates:

• Debian

fetchmail buffer overflow. Check the June 21st LWN Security Summary for the original report. This is remotely exploitable and could lead to root access if fetchmail is run by root. An upgrade to fetchmail 5.8.6 will resolve the problem.

This week's updates:

• SuSE, patch available but no advisory released

• Caldera (June 28th)
• Engarde (June 28th)
• Immunix (June 21st)
• Debian (June 21st)
• Conectiva (June 21st)
• Slackware, June 18th Changelog
• MandrakeSoft (July 12th)

Horde IMP Message Attachment symbolic link vulnerability. Check the June 7th, 2001 LWN Security Summary for the initial report (or BugTraq ID 2805). Horde Imp versions prior to 2.2.5 contain this vulnerability, which stems from the use of the PHP tempnam function for creating temporary files. Upgrading to Imp 2.2.5 and PHP 4.0.5 is recommended.

This week's updates:

• Caldera

elm alternate folder buffer overflow. Check the March 1st LWN Security Summary for the initial report. Elm 2.5 PL3 was impacted. The problem was fixed in elm 2.5.4. Updated versions of elm are available. Check BugTraq ID 2403 for more details.

This week's updates:

• Red Hat (already included in RH 7.1/Alpha)

Multiple buffer overflows in tcpdump. Multiple buffer overflows in tcpdump were reported in our November 2nd, 2000 edition. Check also BugTraq ID 1870

This week's updates:

• FreeBSD, 4.X

• FreeBSD (November 2nd, 2000
• SuSE (November 16th, 2000
• Debian (November 23rd, 2000)
• SuSE (November 23rd, 2000)
• Turbolinux (June 14th)
• Linux-Mandrake (June 14th)

Events

10th Usenix Security Symposium. The 10th Usenix Security Symposium is scheduled for August 13th through the 17th in Washington, D.C. Richard M. Smith, CTO of the Privacy Foundation, will be giving the keynote. Edward W. Felten, Princeton University, and his research team will be presenting a refereed paper on "Reading Between the Lines: Lessons from the SDMI Challenge".

Upcoming Security Events.

Date	Event	Location
August 6 - 10, 2001	CERT Conference 2001	Omaha, NE, USA.
August 7, 2001	CIBC World Markets First Annual Security & Privacy Conference	New York, NY, USA.
August 10 - 12, 2001	Hackers at Large 2001(HAL2001)	Enschede, Netherlands
August 13 - 17, 2001	10th USENIX Security Symposium 2001 Conference	Washington, D.C.
September 11 - 13, 2001	New Security Paradigms Workshop 2001(NSPW)	Cloudcroft, New Mexico, USA

For additional security-related events, included training courses (which we don't list above) and events further in the future, check out Security Focus' calendar, one of the primary resources we use for building the above list. To submit an event directly to us, please send a plain-text message to lwn@lwn.net.

Section Editor: Liz Coolbaugh

LWN Resources


Secured Distributions:
Astaro Security
Castle
Engarde Secure Linux
Immunix
Kaladix Linux
NSA Security Enhanced
Openwall GNU/Linux
Trustix

Security Projects
Bastille
Linux Security Audit Project
Linux Security Module
OpenSSH

Security List Archives
Bugtraq Archive
Firewall Wizards Archive
ISN Archive

Distribution-specific links
Caldera Advisories
Conectiva Updates
Debian Alerts
Kondara Advisories
Esware Alerts
LinuxPPC Security Updates
Mandrake Updates
Red Hat Errata
SuSE Announcements
Turbolinux
Yellow Dog Errata

BSD-specific links
BSDi
FreeBSD
NetBSD
OpenBSD

Security mailing lists
Caldera
Cobalt
Conectiva
Debian
Esware
FreeBSD
Kondara
LASER5
Linux From Scratch
Linux-Mandrake
NetBSD
OpenBSD
Red Hat
Slackware
Stampede
SuSE
Trustix
turboLinux
Yellow Dog

Security Software Archives
munitions
ZedZ.net (formerly replay.com)

Miscellaneous Resources
CERT
CIAC
Comp Sec News Daily
Crypto-GRAM
LinuxLock.org
LinuxSecurity.com
Security Focus
SecurityPortal

See also: last week's Kernel page.

Kernel development

The current kernel release is still 2.4.6. Linus's 2.4.7 prepatch is up to 2.4.7pre7, with no word on when a real 2.4.7 release will happen (to say nothing of the much-awaited 2.5.0). Alan Cox, meanwhile, is at 2.4.6ac5.

Keeping your processes from wandering. In an ideal world, all processors on an SMP system would be identical, and it would not matter where any particular process runs. Life is different, of course, in the real world. Here, not all processors are the same from a process's point of view.

The bottleneck between the processor and memory forces the use of multiple layers of cache memory within each processor itself. By keeping frequently-accessed memory close to the processor, the cache has a major accelerating effect on performance. Often the best performance optimizations don't involve squeezing out instructions or unrolling loops; instead, the best results often come from changing data access patterns to work better with the processor cache.

Foremost among those optimizations, certainly, is to avoid trashing the cache completely. But that is what happens when a process moves from one CPU to another. The cache which has been built up in the old CPU does not follow the process to its new home. As a result, the process runs slowly for some time as it fills the cache on the new processor, perhaps forcing out another process's data while it's at it.

For this reason, the Linux scheduler tries hard to avoid moving processes between CPUs. Normally it works reasonably well; if two jobs are running on a two-processor system, one would expect each job to stick to one processor. So a group of kernel hackers were surprised when they found a case where processes would continually cycle through all of the processors on a system. Another user reported similar behavior; he found that running a single, compute-intensive process on a two-processor system would actually go faster if he fired up "setiathome" to keep one of the processors occupied.

What appears to be happening is this: one CPU is happily running a process (we'll call it "p1") when it does something that makes another process ("p2") runnable. The scheduler decides that p2 should execute on a different CPU, so it sends an "inter-processor interrupt" to force the other CPU to go into the scheduler and pick up the new task. All appears to have been properly arranged, and the scheduler on the original CPU returns to the original process (p1) that was running there.

That process, however, quickly hits a stopping point, forcing a new scheduling decision. Because inter-processor interrupts take a while, p2 still has not started running on its intended CPU. Instead, the first CPU sees p2 ready to go, and starts running it. When p1 again becomes runnable, it will find that p2 has taken its place; it's p1 that gets booted out of its processor and has to move to a new home with a cold, unwelcoming cache.

With the right kind of load, that sequence of events can happen over and over, causing processes to move frequently through the system. The result is poor performance, bad benchmark results, and an increase in "Linux sucks" posts on the net.

The fix, as posted by Hubertus Franke, is to mark a process when it is decided that said process will run on a different CPU. Other processors will not attempt to run a process marked in this way, while the target processor will make a point of running it. The fix removes the race condition between the two processors, and restores a bit of stability in this particular case. Of course, being a scheduler change, it may well make things worse for some other type of load, but nobody has identified that load yet...

Journaling filesystems are slower? While nobody disputes the benefits provided by journaling filesystems, the generally-accepted wisdom seems to be that journaling necessarily slows things down. After all, a journaling filesystem adds the overhead of maintaining the journal and very carefully serializing operations to preserve the integrity of the filesystem at all times. That extra work costs.

It turns out, however, that there is an important class of applications for which a journaling filesystem can be faster. Certain applications need to know when data written to the disk is actually committed to the platter; usually they are working with explicit data ordering constraints of their own. Such applications will use one of the synchronous write operations in the filesystem to enforce these constraints. Database systems can operate in this mode. The NFS protocol also requires that a (strictly conforming) NFS server also perform synchronous writes.

A synchronous write operation can cause several disk head seeks, as the data and associated metadata are updated. And that, of course, can take a while. When journaling is in use, however, the story is different. Once all of the relevant data is in the journal, the filesystem can report a synchronous write as being complete; the full writeback can then happen at leisure, since the data is safe in the journal.

And the journal, of course, is laid out on a contiguous piece of the disk. Journaling, thus, removes the head seeks from synchronous writes and eliminates much of the latency from those operations. With some preliminary tests using ext3 and knfsd, performance was reported to be 1.5 times better. Journaling is not only safer; it may even be faster.

Cleaning out the right zones. Marcelo Tosatti has been working on a patch which provides detailed information on how the memory management system is working in the 2.4 kernel. After all, the various efforts to improve memory management can only be helped by having a view of what is actually going on. One of the first results that Marcelo has found is that the code that tries to free up pages in response to memory shortages is often not looking in the right place.

Linux divides physical memory into multiple "zones," each of which has different physical characteristics; for example, the DMA zone contains memory that may be used for DMA operations to ISA devices. (See the June 7 kernel page for a more detailed discussion of zones.) Memory allocation can be requested from one or more zones in particular. Often, only a specific zone will do for a particular request.

The problem is that, while the kernel allocates memory from specific zones, it does not take zones into account when freeing memory. Instead, it blindly passes through memory freeing anything that looks useful. As a result, the kernel could be freeing memory (i.e. taking it from processes that could use it) that belongs to a zone that already has plenty of free memory and does not need any more. Meanwhile, another zone could be under tremendous pressure which is not helped in any way by freeing memory from the first zone.

This sort of behavior has been suspected in the past, but Marcelo's instrumentation has shown that it really happens. So what is to be done but make a new patch which causes the kernel to go after pages belonging to the specific zones that are feeling pressure? Evidently some sorts of deadlock problems have already been solved by this patch. It will see some reworking (Linus had some quibbles with the implementation), but this one looks destined for a 2.4 kernel sometime soon. (See also: Dave McCracken's patch for a silly swapping bug that would prevent the use of high memory for swap reads; this one, too, could be responsible for a lot of problems.)

Other patches and updates released this week include:

• The Stanford Checker is back. The latest results include code which uses memory that has been freed (10 instances), and unsafe use of user-supplied values (52 instances), which can lead to nasty security bugs.

• IBM has released version 2.2.0 of the Dynamic Probes kernel debugging tool.

• Keith Owens has released a new version of the 2.5 kernel build system which has the "implicit dependency" problem solved.

• Justin Gibbs has announced a beta release of version 6.2.0 of the aic7xxx SCSI driver. Among other things, it includes high addressing support.

• The example driver code from the second edition of Linux Device Drivers is now available for download from the O'Reilly web site. The full release of the book source will take a little longer, however.

Section Editor: Jonathan Corbet

For other kernel news, see:

• Kernel traffic
• Kernel Newsflash
• Kernel Trap
• 2.5 Status

Other resources:

• L-K mailing list FAQ
• Linux-MM
• Linux Scalability Effort
• Kernel Newbies
• Linux Device Drivers

See also: last week's Distributions page.

Lists of Distributions
distrowatch
ibiblio
Kernelnotes
Linux.com
LinuxLinks
Woven Goods

Embedded Distributions:
3ilinux
Bifrost

BluePoint Embedded
Compact Linux
Coollinux
DSPLinux
ELinOS
ELKS
Embedded Debian
Embedix
Etlinux
FlightLinux
Hard Hat Linux
Jailbait
Linux/Coldfire
LEM
Midori
NeoLinux
OnCore Systems
PeeWeeLinux
RedBlue Linux
RedIce-Linux
Royal Linux
RTLinux
Tynux
uClinux
White Dwarf Linux

Handhelds/PDAs
Agenda-VR
Familiar (iPAQ)
Intimate (iPAQ)
Linux DA
PocketLinux
PsiLinux

Secured Distributions:
Astaro Security
Castle
Engarde Secure Linux
Immunix
Kaladix Linux
NSA Security Enhanced
Openwall GNU/Linux
Trustix

Special Purpose/Mini
2-Disk Xwindow System
Mindi Linux
SmoothWall

Floppy-based
Brutalware
BYLD
Coyote Linux
DLX
Fd Linux
Fli4l (Floppy ISDN/DSL)
floppyfw
Floppix
FREESCO
Linux in a Pillbox (LIAP)
Linux Router Project
LOAF
muLinux
Nuclinux
Proxyfloppy
ShareTheNet
Small Linux
Tomsrtbt
Viralinux_II

CD-based
BasicLinux
BBLCD Toolkit
CDLinux
Crash Recovery Kit
DemoLinux
Devil-Linux
Finnix
Gibraltar
innominate Bootable Business Card
Linuxcare Bootable Business Card
LNX-BBC
MkCDrec
RunOnCD
Sentry Firewall
SuperRescue
Timo's Rescue CD
Ututo
Virtual Linux

Zip disk-based
NBROK
ZipSlack

Small Disk
hal91
MicroLinux
--> Peanut Linux
PKLinux
Relax Linux
TA-Linux
Tomukas
ttylinux
VectorLinux

Wireless
Bambi Linux
Flying Linux

Hardware-specific
(ARM)
ARM Linux
(Beowulf)
Scyld Beowulf
(IBM)
Think Blue Linux
(Oracle's NIC)
NIC Linux
(PA-RISC)
PA-RISC Linux
(Playstation)
Runix
(PowerPC)
Black Lab Linux
LinuxPPC
MkLinux
Yellow Dog
(Sparc)
Splack
UltraLinux
(Older Intel)
ClarkConnect
Monkey Linux
TINY

DOS/Windows install
Armed Linux
DragonLinux
Phat Linux

Diskless Terminal
GNU/Linux TerminalServer for Schools
K12LTSP
LTSP
Pygmy
Xdenu

Distributions

News and Editorials

New Distributions

• COSIX Linux from China.

• Linux-TLE, a.k.a. the Linux-Thai Language Extension, from the Thai Linux Working Group.

• Finnix, a Red Hat-based distribution designed as a rescue or "system maintenance" disk. This project appears to have gone on hiatus for about a year, but is now back and even available for purchase from Cheapbytes (found on ibiblio).

• Crash Recovery Kit (CRK) for Linux is also based on Red Hat. Both floppy and ISO images are available. As its name suggests, this is also designed as a rescue disk.

• Dualix, a mini-distribution designed as a portable network client. This has gone onto our historical list, since the latest version found dates back to 1999.

• Giotto, last updated in April of 2000, was also added to our historical list. It is apparently similar to, but not derived from, the Linux Router Project and is *not* a rescue disk.

• Linux in a Pillbox (LIAP), is a floppy-based distribution with an unusual slant: different portions of the project are named after different pharmaceutical drugs, Lecithin, Vitamin, Insulin, Caffeine, Quinine, and Morphine, each containing different properties, such as a varied filesystem support, networking support or applications. Choose the pill right for you and get better quickly. Author Luke Komsta is, as you might have guessed, currently studying pharmacy ...

Distribution News

Red Hat News. We mentioned last week that Red Hat 7.1 for the Itanium was released. Along with that, we failed to provide a pointer to the release notes and to both mirrors and a Red Hat/IA64-specific mailing list.

Judging by the conversations this past week on the Red Hat Seawolf mailing list, the "more secure" defaults of Red Hat 7.1 have ruffled a few favors. In this case, sendmail users should note that although a default sendmail.cf file is provided in Red Hat 7.1, it will look only at the loopback device. This is apparently documented in the Release Notes, but is easy to miss.

If you're planning on upgrading to Red Hat 7.1 anytime in the near future, particularly via a fresh, full install, start walking through the release notes now to watch out for similar pitfalls. We sympathize, but a more secure default installation is the right way to go.

Linux-Mandrake News. The July 9th issue of the Linux-Mandrake Community Newsletter announces the availability of Mandrake Linux 8.0 ProSuite Edition, a version of Linux-Mandrake designed specifically for small and medium-sized businesses. In addition, the PPC Beta mailing list has a new web archive.

Their business case of the week takes a look at the Hotel Jan II Sobieski in Poland, which we covered in February of 2000 in this article, originally published in Linux Plus and translated to English by Pawel Moszumanski.

Also announced this month was the new MandrakeExpert of the Month contest. As per the name, they will be rewarding the best voluntary expert from MandrakeExpert.com. Hardware prizes will be awarded and winners may be authorized to receive payments for their responses.

Debian News. This week's Debian Weekly News reports plans to add capabilities support to Debian by default. It also covers the status of release-critical bugs that need to be fixed as part of the current Debian freeze.

Check it out also for the latest debian art, BugSquash party reports and Debian Day at LinuxTag 2001.

Meanwhile, on the Hurd front, the Kernel Cousin Debian Hurd for July 17th reports some good bug fixes, progress on the F3 CDs, raising the Hurd profile and why the HURD will be POSIX-compliant but not always UNIX API-compliant. Don't expect it to be LSB-compliant either, folks ...

Slackware News. Although the Intel Changelog for Slackware has been quiescent since Slackware 8.0 was announced on June 30th, the Alpha Changelog finally started registering new modifications on July 17th, the first activity there since May 31st. Presumably, after a well-earned vacation, the Slackware team is back to finish off the non-Intel ports of Slackware 8.0. In this case, e2fsprogs was upgraded to 1.22, procinfo was upgraded to -18, psmisc was upgraded to -20.1 and bugfixes went into gpm, procps, in.comsat, and netconfig.color. Also seeing upgrades this past week were man-pages, vim, automake, mutt and wget. Unmaintained postscript docs were removed.

No activity has been posted for the Sparc port since June 1st.

EnGarde Secure Linux News. The first edition of the EnGarde Secure Linux Newsbrief is out. The Newsbrief is intended to be a monthly newsletter describing EnGarde development, news, tips, etc. It's even available in Italian, Spanish, Chinese, and Croatian.

We're again pleased to see another distribution stepping forward to keep their customers better informed (it makes our job easier, too ...). Unfortunately, the inaugural issue had more generalities than specifics. The next full release of Engarde Secure Linux will be coming "this fall" and readers are directed to the mailing lists and IRC groups to dig up their own specifics.

Scyld Beowulf News. Scyld Computing Corporation has announced the release of Scyld Beowulf Professional Edition. This version includes a great many new features, including increased hardware support, a batch queue system, and automatic node addition. "New enhancements on the latest Professional Version include, full Alpha support including simplified installation tools, full Myrinet and Gigabit Ethernet support, the Scyld Beowulf Batch Queue system (BBQ), automatic node addition, web based administration and job monitoring, advanced hardware health and status monitoring, Parallel Virtual File System (PVFS), NFSv3, and ROMIO file systems, library, and much more".

Yellow Dog Linux News. The Terra Soft Team will be bringing Camp Yellow Dog to MacWorld this year and they are inviting people to come enjoy a bit of the Colorado Rockies with the team that produces and maintains Yellow Dog Linux. "Terra Soft's booth #1342 will feature a tent, camping chairs, a mountain backdrop, the Terra Soft team in hiking boots, and live acoustic guitar played by the designer of the famed YDL logo. ... 'If you find that your feet are tired and you would enjoy some conversation, we'll have a chair for you at the camp fire,' states Kai Staats, co-founder & CEO of Terra Soft Solutions, Inc."

Minor Distribution updates

• Astaro Security Linux 1.822 (PC) was released on July 16th and contains "major bug fixes".

• GNU/Linux TerminalServer for Schools 0.1 was released on Sunday, July 15th. This is a Debian-based project with similar goals to the K12LTSP project.

• Mindi Linux 0.30 was released on July 16th and contains minor bugfixes. Mindi is floppy-based mini-distribution.

• MSC.Linux June 2001 was released on July 15th. This release contains both the Linux 2.4 and 2.2 kernels, recommending the 2.4 kernel for Pentium III (or compatible) systems and the 2.2 kernel for Pentium II (or compatible) systems, as well as for laptops.

• ttylinux 1.8 was released on July 14th. It contains the latest versions of busybox and util-linux, among other upgrades. ttylinux is a mini-distribution that can fit into as little as 4MB of space.

Distribution Reviews

Yellow Dog Linux 2.0. The Duke of URL reviews Yellow Dog Linux 2.0. "Linux is making huge strides on the PowerPC architecture, especially since its supported machines list is much more extensive than OS X's own list. It has a quick interface and all the UNIX tools any user could ever need and want. In addition to this, with OS X being pushed, Apple users seem to be warming up to the *NIXes out there, and just might be more ready for Linux than some Windows users."

Section Editor: Liz Coolbaugh

Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed.

Leading
Caldera OpenLinux
Debian GNU/Linux
Linux-Mandrake
Red Hat
Slackware
SuSE
TurboLinux

Also well-known
ASPLinux
Best Linux
Conectiva Linux
e-smith

Progeny
Rock Linux

Non-technical desktop
easyLinux
Icepack Linux
Independence
LibraNet
Redmond Linux
WinSlack

Education
Boston University
kmLinux
LinuxFromScratch
OpenClassroom
Red Escolar

General Purpose
Alzza Linux
aXon Linux
Bad Penguin Linux
BearOps
Black Cat Linux
BluePoint Linux
BYO Linux
CAEN Linux
Cafe Linux
ChainSaw Linux
Circle MUDLinux
cLIeNUX
Complete Linux
Console Linux
Corel Linux
CRUX
Darkstar Linux
DLite
easyLinux
Elfstone Linux
ESware Linux
Eurielec Linux
eXecutive Linux
Fried Chicken
FTOSX
FullPliant
Gentoo
Go!Linux
HA Linux
Halloween Linux
HispaFuentes
IceLinux
Ivrix
ix86 Linux
J-LINUX
JBLinux
Jurix
KRUD
KSI-Linux
Lanthan Linux
Laonux
LASER5
Leetnux
Linpus Linux
Linux Cyrillic Edition
Linux MLD
LinuxOne OS
LinuxPPP
Linux Pro Plus
Linux-SIS
LNX System
LoopLinux
LSD
Lute Linux
MageNet
Mastodon
MaxOS
minilinux
MSC.Linux

NoMad Linux
Omoikane GNU/Linux
PingOO Linux
Plamo Linux
PLD
Project Ballantain
PROSA
Rabid Squirrel
Repairlix
Root Linux
Scrudgeware
Serial Terminal
Sorcerer
spyLinux
Stampede
Stataboware
TechLinux
TimeSys Linux/RT
Tom Linux
Trinux
Turkuaz
Ute-Linux
VA-enhanced Red Hat
Vine Linux
Virtual Linux
WholeLinux
WinLinux 2000
XTeamLinux
ZipSpeak

Country-specific
Argentina
GNU/Linux Ututo
Britain
Definite Linux
Eridani
China
COSIX
Red Flag
France
Linux/MNIS
Italy
LinuxEspresso
Madeinlinux
Vedova
Spain
Linux Esware
Thailand
Kaiwal Linux
Thai Linux Extension

Related Projects
Chinese Linux Extension

Historical (Non-active)
Dualix
Gentus
Giotto
MCC Interim Linux
OS2000
Storm Linux

See also: last week's On the Desktop page.

Note: An asterisk (*) denotes a proprietary product, (w) denotes WINE based tools.

Office Suites
Ability (*)(w)
Anywhere Desktop (*)
(formerly "Applixware")
GNOME Office
HancomOffice
KOffice
StarOffice / OpenOffice
Siag Office
WordPerfect Office 2000 (*)(w)

Java / Web Office Suites
ThinkFree Office (*)
Teamware Office (*)
Cybozu Office (*)

Desktop Publishing
AbiWord
iceSculptor (*)
Impress
Maxwell Word Processor
Mediascape Artstream (*)
Scribus

Web Browsers
Mozilla
Netscape (*)
Opera (*)
Konqueror
Galeon

Handheld Tools
KPilot
JPilot
Palm Pilot Resources
Pilot Link
SynCal

On The Desktop

Fortunately, starting with Netscape 4.0, users have had the ability to use alternative Java RE plugins with their browser. These plugins replace the existing Java RE in Netscape, hopefully providing more stability. Newer browser alternatives including Mozilla and Konqueror also allow for using alternative Java environments.

Earlier this month the Blackdown team released a new version of the Java 2 RE Standard Edition, a complete runtime environment that can be used for standalone Java applications which also includes a browser plugin. The Java 1.3.1 FCS release notes say that the package is available in bzip2, Debian and RPM formats but the status page says only the first two are actually available. A search of archives on the mirrors page turns up no RPM packages.

Blackdown's Java kits are available via their mirrors page. Project status and release notes are also available.

The installation from the bzipped package is very straightforward: unpack the archive in the directory of choice and make sure the "bin" directory created during this process is included in your PATH if you'll be running Java applications directly (this step is not needed if you're just going to be running the plugin). The plugin can then installed by making a symbolic link from the javaplugin.so file under your installation directory to your

$HOME/.netscape/plugins

Performance for the new plugin is hard to measure but overall the stability seems to be improved in the short time we've had to run with the new plugin. LWN.net examines many web sites each week and crashes with Netscape are common. With the new Java plugin installed those crashes have been noticeably reduced.

Blackdown, however, is not the only source for Java environments on Linux. IBM has a freely downloadable Java 2 environment as well. Installation instructions are available for this release. Registration is required in order to download the software and you need to agree to certain terms if you plan on redistributing the runtime environment with any software you sell or distribute.

Installation using the RPM puts the plugin under /opt (the Blackdown distribution, because it is a simple compressed tar archive, can be placed anywhere). After installing the RPM, you need to install the plugin, just as you did with the Blackdown version:

  ln -s /opt/IBMJava2-13/jre/bin/javaplugin.so \
        $HOME/.netscape/plugins/

Testing  We tested both plugins with some of the applets found on Sun's Applet Resource site. In the following, a "yes" note reflects a successful test, a "no" means the applet didn't work.

Applets from The Java Tutorial:
FontSelection	yes		Starry	yes
SwingShapeMover	no		CardLayout Demo	yes
MovingLabels	yes

Other applets:
ColorWheel	yes		Space Debris	no		BouncingHeads	yes
Bubbles	yes		Bullets	yes		ImageTest	yes
TumblingDuke	yes		Dining Philosophers	no		Escher	no
LED	yes		Neon Sign	yes		Nuclear Plant	no
Pythagoras	yes		Star Field	no

The tests showed that both plugins worked exactly the same, though checking the version of each shows they may come from different code bases:

For IBM's Java:

  mjhammel(tty0)$ ./java -version
  java version "1.3.0"
  Java(TM) 2 Runtime Environment, Standard 
  Edition (build 1.3.0)
  Classic VM (build 1.3.0, J2RE 1.3.0 IBM 
  build cx130-20010626 (JIT enabled: jitc))

  mjhammel(tty0)$ ./java -version
  java version "1.3.1"
  Java(TM) 2 Runtime Environment, Standard 
  Edition (build Blackdown-1.3.1-FCS)
  Java HotSpot(TM) Client VM 
  (build Blackdown-1.3.1-FCS, mixed mode)

Interestingly, some tests with the IBM Java RE were run on a Red Hat Linux 7.1 system initially (until we could get them properly installed on the Red Hat Linux 6.1 system where Blackdown had been installed). Here, ImageTest failed on a Red Hat Linux 7.1 system with the IBM Java RE plugin when the rotating Tumbling Duke caused Duke to disappear. This didn't happen on the Red Hat Linux 6.1 box. Something wasn't quite right on 7.1 with IBM Java's image processing features.

KDE Report: LinuxTag 2001. KDE Dot News carried a report from LinuxTag this week covering that projects presence at the show. "The well decorated and overcrowded 24 square meter KDE booth and its crew enjoyed the feedback and interest of several thousand visitors, among which remarkably many stopped by to talk to the KDE women team."

Desktop Environments

KDE 2.2 Release Schedule Update. A new schedule for KDE 2.2 was published this past week. The updates push the release out another 2 weeks to address stability and security issues.

Konqueror Gets Text-to-Speech Synthesis. A text-to-speech system is being added to Konqueror, the KDE web and file browser, with the first trial version submitted to CVS. In this first version the new system requires manual selection of text and then manually running the speech synthesis tool. Later these steps will be more automated.

Kernel Cousin KDE #17. The benefits of a backported QRichText object from Qt3 into Qt2 has resulted in discussion of a new library for KDE to handle text, tentatively called libkofficetext. This and more are covered in the expanded Kernel Cousin KDE this week.

KDE Print framework. Michael Goffioul, author of the new print subsystem in KDE, has posted his slides on the subject which he presented at LinuxTag in Germany. The slides are now available in HTML format.

Minutes of the GNOME Board meeting. This week's GNOME Board meeting highlight was the formal agreement on job description, salary, and benefits for the executive director of the GNOME Foundation. The director has apparently been hired, though a name has yet to be released.

Office Applications

AbiWord weekly news #52. There were various bug fixes noted in this week's AbiWord Weekly News and the mailing lists noted the availability of an english-only thesaurus package along with an attempt at a source tree closing in preparation for the next release, but that attempt met with resistance due to a number of show stopping bugs still to be resolved.

Open-source OpenOffice for OS X faces uphill battle (ZDNet). OpenOffice's OS X port is in search of a project lead, according to this ZDNet report. "Hutinger said, it's not as though he's starting from scratch. ``Sun, Patrick Luby [a senior engineer at Sun and former manager for the Mac OS X port who is now working on the Solaris and Linux ports of OpenOffice] and his team have done a lot of the ground work, or should I say all the hard work. They have fixed all the problems with the current tool chain Apple is using.''"

Desktop Applications

KIllustrator name change. Seeking to resolve the issue with Adobe, KIllustrator's author has reportedly changed the name of the package to Kontour. According to a report from Heise Online (German language, with a BabelFish translation), Adobe won't try to prevent KIllustrator from being distributed as long as that project does change its name.

And in other news...

A Linux desktop is on the way (ZDNet). This ZDNet commentary provides a set of requirements for the Linux desktop, ranging from better configuration and application installation tools to more productivity tools and even Windows support, that are necessary in order for it to become viable in the marketplace. "While Kmail is nice, and pine will get you by in a pinch, we need a true tool on par with Outlook/Notes. No matter how much I love Linux, I still like Outlook for its integration. And while I have tried Evolution, Magellen and its offspring, none are ready for primetime. Evolution is getting close, but there is still a ways to go. And these tools need a backend server for Mail, Calendar, Address Book, and Collaboration. Until these ripen, a lot of people will never come over." Despite this particular quote, this is mostly a positive piece about the Linux desktop.

Libart API documentation. The libart library API has been documented. The documentation includes an example program under GTK+, however some parts of libart are currently missing such as micro tile arrays.

CFP: Unix and the desktop. The Netherlands Unix User's Group (NLUUG) is inviting submissions for talks on end user experiences and new developments related to the Unix desktop and multimedia applications.

Section Editor: Michael J. Hammel

Note: An asterisk (*) denotes a proprietary product, (w) denotes WINE based tools.

Desktop Environments
GNOME
GNUstep
KDE
XFce

Window Managers (WM's)
Afterstep
Enlightenment
FVMW2
IceWM
Sawfish
WindowMaker

Minimalist Environments
Blackbox

Widget Sets
GTK+
Qt

Desktop Graphics
CorelDRAW (*)(w)
GIMP
Kontour
Photogenics (*)
Sketch

Windows on Linux
WINE
Win4Lin
VMWare

Kids S/W
Linux For Kids

Send link submissions to lwn@lwn.net

See also: last week's Development page.

Development projects

News and Editorials

The Linux powered PDA has been getting a lot of attention lately. The Linux-PDA and PDA-Linux Quick Reference Guide on the LinuxDevices site lists nine different hardware platforms that currently run Linux and more will certainly show up in time.

Normal uses for PDAs include numerous desktop applications such as calendars, memo pads, browsers, games, and the like. Embedded computing would be a natural extension for a palm device.

Consider that a typical PDA is an inexpensive, mass produced computer with a graphical display for output and a touch pad or keyboard for input. Most PDAs also include one or more I/O channels for communicating with the outside world. PDAs usually contain a fair amount of RAM as well as flash memory for permanent data storage. PDAs are optimized for low power consumption, making them natural candidates for portable use. Many embedded applications require exactly this set of features.

If one were to assemble parts to make an embedded computer with all of the features found in a typical palm device, the hardware price and size would be much larger than the typical $200 to $300 price tag of a palm device. A large amount of hardware engineering talent would be required to reproduce such a platform, making it only practical for high volume projects. Palm devices have the advantage of already being mass-produced for sale to a wide market. Starting and embedded project with mature user interface software is also a big step ahead when compared to a custom designed system.

So, instead of assembling a lot of special purpose components into an embedded system, a palm device could be used for the bulk of the system. Special purpose I/O would be the only place where custom hardware and software was required.

The list of peripheral ports available on the current palm devices is fairly long. Currently, it is possible to purchase Linux based PDAs with PCMCIA, CompactFlash, RS-232, IrDA, USB, and Bluetooth interfaces. Modem ports are also common PDA peripherals. Interfaces that are not so common are IDE ports, Ethernet adapters, high resolution audio I/O, and cameras. Some of these limitations could be worked around by purchasing or designing adapters for the existing busses, although I/O bandwidth is always a consideration in such designs.

Example uses for a palm based embedded system include solar powered remote data loggers, industrial controllers, remote cameras, robotic controllers, wired and wireless data entry terminals, and user interface/controllers for a variety of devices which can be controlled digitally.

Disadvantages of palm devices include reliance on another vendor for a critical part, and a fixed form-factor that may not work for some applications. It would be difficult to use a palm device as an MP3 car audio player, for example. The palm device may be too fragile for some applications, but since it is easily replaced, that may not be a big concern.

The ability to run Linux is an obvious advantage, all of the power of the device can be accessed by the developer. Mature networking software and a widely understood development platform are also obvious pluses. Of course, no mention of embedded Linux would be complete without mentioning the lack of license fees.

Maybe it's about time to consider what your palm device is capable of doing besides playing games and storing phone numbers.

Documentation

Linux Documentation Project Updates. The Linux Documentation Project has updated a number of existing documents. Take a look for all of the latest documentation.

Embedded Systems

A Linux-powered humanoid robot. Kawada Industries and the University of Tokyo have produced a humanoid robot powered by a couple of Pentium processors and RTLinux. It can walk, handle stairs, carry items, and recognize faces. Some of the technical details can be found on this page, but it's all in Japanese. A look at the university laboratory's home page (English) shows a number of other robot projects, including a robotic penguin. (Thanks to Maya Tamiya).

Linux In The Palm Of Your Hand (TechWeb). This fairly detailed article on Linux PDAs and the embedded market says that Linux on handhelds is a good idea, but standards need to be developed for things like graphical interfaces. "The ELPS currently is available only to consortium members as a draft specification. It will be based in part on the Linux Standard Base, a standard for the Linux desktop and server markets that hasn't been released yet. While the Linux Standard Base nominally specifies X-Windows as the graphical user interface for desktop and server versions of Linux, it's not clear yet how the consortium will handle GUIs for PDAs."

Embedded Linux Newsletter for July 12, 2001 (LinuxDevices). This week's Embedded Linux Newsletter includes stories on Java technology for the embedded Linux market, tiny widgets for Nano-X, and the .Net stories of the week.

Interoperability

Wine Weekly News number 24. Issue 24 of the Wine Weekly News is out. Topics include accessing serial port dongles, compatibility issues between the win16 and win32 APIs, Wine and sym links, and more.

Samba 2.2.1a released. A minor bugfix release of Samba is now available. Version 2.2.1a fixes a Samba PDC bug. This is not a security related release.

Network Management

OpenNMS Update, July 17, 2001. The weekly update for the OpenNMS project is out. This edition includes project status, some extra help for installing OpenNMS 0.8.0, and more.

Printing Systems

LPRng 3.7.5. A new version of LPRng, dated June 22, 2001, is available for download. The LPRng web site contains no announcement for this release, but those wishing to play with the latest and greatest version may want to give it a try.

System Administration

Automating UNIX system administration with Perl (IBM developerWorks). This article from IBM's developerWorks explains how to use Perl and cfengine to automate systems administration tasks for any Linux, BSD or Sun-based system. "Even though you can do with Perl all the things that cfengine does, why would you want to reinvent the wheel? Editing files, for instance, can be a simple one-liner if you want to replace one word with another. When you start allowing for system subtypes, logical system divisions, and all the other miscellaneous factors, your one-liner could end up being 300 lines. Why not do it in cfengine, and produce 100 lines of readable configuration code?"

Web-site Development

Processing WSDL in Python -- an open-source library (IBM developerWorks). This tutorial from IBM developerWorks (subscription required) explains how to use Python for WSDL, the Web Services Description Language.

FastIndex search engine. The FastIndex search engine has been released as open source software under the LGPL license.

Miscellaneous

DotGNU press release. The DotGNU Project (covered in last week's LWN.net Weekly Edition) has issued a press release describing the project and what it plans to accomplish.

Section Editor: Forrest Cook

Application Links
GIMP
Mozilla
Galeon
High Availability
ht://Dig
mnoGoSearch
MagicPoint
Wine
Worldforge
Zope

Open Source Code Collections
Berlios
Freshmeat
OpenSourceDirectory
Savannah
Le Serveur Libre
SourceForge
Sweetcode

Programming Languages

Caml

Caml Weekly News for July 10 to 18, 2001. The latest Caml Weekly News is available. Topics include regexp matching, the partial order library, the O'Caml runtime environment, and more.

Java

Pondering our Linux/Java future (Linux Devices). Jason Briggs discusses possibilities for embedded Java in a Linux Devices guest editorial. "Using your Linux/Java PDA, you bring up a house-controller application which shows a small map of the rooms in your home. You click on the lounge and kitchen areas, then click on the heating icon, then enter a start time. The house-controller app connects to your home services gateway, sending the necessary instructions. The gateway calls the heater in the lounge (a 'model 2' heater) and sets the time it should switch on. The heater in the kitchen is a 'model 1' however, so it only has a simple on/off switch; therefore the gateway will wait until the specified time to send an 'on' signal. "

Threading Lightly: Synchronization is not the enemy (IBM developerWorks). Brian Goetz discusses Java thread synchronization in an IBM developerWorks article. "Unlike many other programming languages, the Java Language Specification included explicit support for threading and concurrency. While having language support for concurrency makes it easier to specify and manage constraints on shared data and the timing of operations across threads, it doesn't make the complexities of concurrent programming any easier to understand. This three-part series aims to help programmers understand some of the major issues behind multithreaded programming in the Java language, and in particular to understand the impact of thread safety on Java program performance."

Lisp

Comp.lang.lisp FAQ project. A new project is underway to update the comp.language.lisp FAQ. Lend a hand if you can.

Perl

Perl News (use Perl). The latest news from use Perl includes the following:
Jarkko Hietaniemi has released Perl 5.7.2 (a development release, not for production use).
Simon Cozens has released the first tutorial on Perl 5 internals.
Selections for the lightning talks session at O'Reilly's TPC 2001 have been made, and a tentative schedule has been posted.

Perl 5 Porters for July 16, 2001. The July 16, 2001 edition of Perl 5 Porters is out. This issue covers Perl 5.7.2, a debate on SUPER::, and more.

Symmetric Cryptography in Perl (O'Reilly). Abhijit Menon-Sen talks about writing cryptography code with Perl in an O'Reilly perl.com article.

PHP

PHP Weekly Summary for July 16, 2001. The July 16, 2001 edition of the PHP Weekly Summary is out. Topics include the XML-RPC error code patch, talk of splitting PHP development into multiple working groups, a discussion on application servers, and the availability of new functions for parsing arguments.

A PHP-Nuke project fork. The PHP-Nuke project, a weblog system built on PHP, has undergone a fork because of a difference of opinion on how development should be done. The new project is Post-Nuke , or "the fallout release." See this page for a description of the rationale behind the fork.

PHP Review 0.9.0 rc1 available. A new beta version of the PHP Review book review project is available. The WHATSNEW file documents the numerous improvements and bug fixes.

Python

Dr. Dobb's Python-URL!. Another weekly edition of the Dr. Dobb's Python-URL! is now available. This week saw the release of 2.1.1c1, a discussion on working on Python itself, and a new release of wxPython, among other things.

Python 2.2a1 released. The first alpha release of Python 2.2 is out. It includes a number of new features, including iterators and generators, the client-side XML-RPC library, and some significant changes to the way builtin types and classes are handled. That last change may break things, and the developers are looking for feedback on whether the feature should be included in the final 2.2 release or not. If you make heavy use of Python, giving this release a test run might be a good idea.

See also: Andrew Kuchling's "What's New in Python 2.2" document.

Jython 2.1 alpha 2 released. Version 2.1 alpha 2 of Jython, the Java language implementation of Python has been released. The release notes detail the changes which include a new ReadlineConsole class, zlib, gzip and zipfile modules, a Display Hook for Interactive Use, and numerouse bug fixes.

Python News in Spanish. A new web site has been created with all of the latest Python news in Spanish.

Pychecker 0.7 released. Pychecker 0.7, a Python language bug checker has been released. This version contains a number of new checks as well as bug fixes.

SCons, a Python replacement for Make. Active development of SCons, a software building tool has been announced. "SCons is implemented as a Python script around a central set of Python build-engine modules. SCons configuration files are actually executed as Python scripts, allowing you to use full Python functionality to control your build. You use Python functions and methods in the configuration files to tell the central build engine about your input and output files."

Tcl/Tk

This Week's Tcl-URL. Dr. Dobb's Tcl-URL for July 16, 2001 is out, with the latest from the Tcl/Tk development community. Topics covered include troubles with the Tcl Wiki, using linear algebra, availability of a new multicolumn listbox, negative clock clicks, and more.

Miscellaneous

An introduction to neural networks (IBM developerWorks). Andrew Blais and David Mertz discuss the application of neural networks in an IBM developerWorks article. "Neural nets may be the future of computing. A good way to understand them is with a puzzle that neural nets can be used to solve. Suppose that you are given 500 characters of code that you know to be C, C++, Java, or Python. Now, construct a program that identifies the code's language. One solution is to construct a neural net that learns to identify these languages. This article discusses the basic features of neural nets and approaches to constructing them so you can apply them in your own coding. "

Section Editor: Forrest Cook

See also: last week's Commerce page.

Linux and Business

New Clustering Products - Beowulf Professional Edition from Scyld; Lineo Availix Vertical Clustering 1.0. Clustering, joining computers together to make a more powerful and more reliable system, is increasingly common. As these systems become more prevalent, so too are products designed to ease to way. Here are two such products.

Beowulf clusters can be defined as a series of Linux-based computers tied together to create a supercomputer. The Beowulf Professional Edition from Scyld Computing Corporation strives to make supercomputing as easy (and as economical) as possible. This product provides all the software required to create the system (on all computers) and allows control of all computers from a single interface. This version of Scyld's Beowulf product features increased hardware support, a batch queue system, automatic node addition, and more.

Lineo's clustering solution high availability product. The Availix Vertical Clustering (Availix VC) architecture consists of interconnected CompactPCI clusters (called Horizontal clusters) and data storage devices over a storage area network. Availix Vertical Clustering 1.0 features a second level of high availability load balancing, monitoring for fail over management, secured shared data, and much more.

Red Hat's new GNUPro Design Tools, Subscription Support Offerings. Red Hat announced the availability of the latest version of the Red Hat GNUPro Toolkit and Support. The latest version of the GNUPro compiler/debugger along with added subscription support options and development platform ports.

Linux for the Palm III. Empower Technologies has announced the availability of "Linux DA O/S DB v1.0," otherwise known as a Linux distribution for Palm IIIx and IIIxe handhelds. A "demo" version is available for download now; the full product appears to include proprietary applications and will not be freely distributable.

Lineo Processor Support Approaches Century Milestone. Lineo, Inc. announced support for more than 90 processors through the Lineo family of embedded system software.

Korean Air deploys Linux on the eServer. IBM and Korean Air have issued a press release describing Korean Air's deployment of Linux on an eServer system. The flight schedule inquiry system and daily revenue accounting will be running on the Linux system.

Transvirtual gets $4.0M, launches XOE device platform (LinuxDevices). Transvirtual Technologies, founded by the makers of the Kaffe Java Virtual Machine, unveiled new offices, a new round of funding and a new appliance platform. "In addition to providing an application environment and other services, Transvirtual's XOE package also includes a suite of mobile computing applications -- things like schedule, notepad, addresses, calculator, browser, and so on."

Red Hat filing 10-Q (Quarterly Report). For those interested in the details, Red Hat's report for the quarter ending May 31 is now available online.

EBIZ letter to shareholders. EBIZ Enterprises, operator of LinuxMall.com, among other things, has posted a letter to its shareholders on the fall in its stock price, which is a bit scary even by current standards. "Simply put, more working capital needs to be invested in the company immediately. Without additional working capital the company is not viable as it is currently structured."

Linux Stock Index for July 12 to July 18, 2001.

LSI at closing on July 12, 2001 ... 28.75
LSI at closing on July 18, 2001 ... 27.99

The high for the week was 29.17
The low for the week was 27.99

Press Releases:

Open source products

• Nutzwerk (Germany): Nutzwerk delivers menu controlled automatic time setting under LINUX.. Licensed under the GNU GPL.

• Rackspace Managed Hosting (SAN ANTONIO): Rackspace and PostgreSQL, Inc. Announce Offering for Hosted Open Source Database Solutions.

• RidgeRun, Inc. (Boise, ID): RidgeRun Delivers Board Support Package for TI TMS320DSC21.

• Stratabase (ABBOTSFORD, British Columbia): Stratabase CRM Software to Support Massive Handheld Device Market.

Distributions and bundled products

• Terra Soft Solutions, Inc. (Macworld, NY): Terra Soft Solutions & Total Impact Offer Integrated Solutions. Total Impact's briQ to be bundled with Terra Soft's Yellow Dog and Black Lab Linux operating systems.

Proprietary Products for Linux

• ImageStream Internet Solutions (): Enterprise Linux 2.3 for ImageStream routers available.

• LinuxWizardry Systems, Inc. (BOCA RATON, Fla.): LinuxWizardry Systems, Inc. Announces New Magic Passage VPN.

• MPI Software Technology Inc. (STARKVILLE, Miss.): MPI Software Technology, Inc. Releases VSI/Pro for Linux PPC.

• Rolland Virtual Business Systems Ltd. (MONTREAL): RVBS Launches e-Commerce-in-the-box.

Hardware and bundled products

• ArialSoft (CODY, Wyo.): ArialSoft Launches Linux-Based Rack-Mountable SMTP Mail Server: Delivers 100,000 E-mails Per Hour.

• Compaq Computer Corporation (HOUSTON): Compaq Announces Major Enhancements to Tru64 UNIX; Ships AlphaServer Systems With Industry's First 64-bit, 1 GHz Processor. The AlphaServer DS Series systems also support Linux and a Linux ADK (Advanced Developers Kit) is available for the GS Series systems.

• Dell (AUSTIN, Texas): Dell Announces Factory Installation of Red Hat Linux 7.1.

Products and Services Using Linux

• Adomo, Inc. (CUPERTINO, Calif.): Adomo to Include SpeechWorks OpenSpeech Recognizer 1.0 in New Category of Communication Servers that Speech-Enables Access to Microsoft Exchange Services. The AdomoMCS is a Linux-based server appliance.

• IBM Corporation (HAWTHORNE, N.Y.): IBM Research Demonstrates Industry's First Auditing Tool For Wireless Network Security.

• NeTraverse Inc. (AUSTIN, Texas): NeTraverse Delivers Break-Through Thin-Client Computing Solution.

• OfficeDomain (AUSTIN, Texas): OfficeDomain Adds 'Black Hat' Linux Messaging to Its Client List; MessageASAP Delivers All e-Mail, Voice & Fax Messages Regardless of Platform or Device.

• OfficeDomain Inc. (Unknown): ADVISORY/OfficeDomain Adds 'Black Hat' Linux Messaging to its Client List.

• Panasonic and Lineo, Inc. (MILPITAS, Calif. and LINDON, Utah): Panasonic DVD-RAM Drive Receives Linux Operating System Image Support from Lineo.

• TUXIA (AUGSBURG, Germany): TUXIA Releases New Version of Synthesis Environment to Enable Faster Time-to-Market for Information Appliances.

Products With Linux Versions

• Advanced Visual Systems (WALTHAM, Mass.): Gsharp Data Visualization Software by AVS Offers Linux Redhat Support, Major Enhancements for Windows Users.

• Blue Nomad (REDWOOD CITY, Calif.): Blue Nomad Releases 'WordSmith 2.0'; Latest Edition of the Word Processor for the Palm Organizer Features FineType Font Technology, Full Bookmark Support and More. Comes with a command-line document converter for Linux/Intel users.

• Blue World Communications, Inc. (BELLEVUE, Wash.): Blue World Lasso 5 Product Line to Provide Tight Integration With Leading Operating System, Database, Web Server and Web Authoring Products.

• Boulder Instruments (Longmont, Colorado): StreamStor exceeds 1.6 Terabytes of sustained recording & playback.

• Broadcom Corporation (IRVINE, Calif.): Broadcom Delivers 64-Bit MIPS-Based, Multi-Processor Solution for Broadband Networking. An evaluation board platform is available using Linux 2.4 running in 32-bit mode with full SMP support.

• Bull Infrastructure & Systems (PARIS): Bull to Create and Drive the Intel Itanium-Based Server Market With New Escala IL Servers.

• Kaspersky Labs (Moscow, Russia): Kaspersky Labs Completes the Latest Breakthrough for Unix/Linux Anti-Virus Defense.

• Kurant Corporation (SAN FRANCISCO): Kurant Partners With Dialtone Internet to Deliver E-business Solutions to Global Customer Network.

• LaCie (HILLSBORO, Ore.): LaCie Sweetens Offer on First 24x10x40x CD-RW with USB and FireWire Convenience.

• OpenPath Products (ANNAPOLIS, Md.): OpenPath Products launches DataBow a Rapid Wireless Application Development Tool and Server.

• Procom Technology (IRVINE, Calif.): NetFORCE Wins Top 'Deploy' Rating in InfoWorld Review.

• theKompany.com (Rancho Santa Margarita, Calif.): Qt Based ERD Tool for Database Administrators Now Available for Linux/Windows.

Books & Training

• O'Reilly (Sebastopol, CA): Dreamweaver 4 Missing Manual released.

• O'Reilly (Sebastopol, CA): "Managing NFS and NIS" Second Edition Released by O'Reilly.

• O'Reilly (Sebastopol, CA): O'Reilly Releases "Exim: The Mail Transfer Agent".

• Software Magazine (FRAMINGHAM, Mass.): Software Magazine Publishes Annual Software 500 Special Edition; Industry's Most Comprehensive Look at Software Providers Available Now.

Partnerships

• Guardian Digital, Inc. (Upper Saddle River, NJ): Guardian Digital Announces Corporate Partnership Program. Provides network solutions utilizing EnGarde Secure Linux and the Guardian Digital Linux Lockbox secure turnkey server appliance.

• REDSonic, Inc. and Red Flag Software Co., Ltd. (SANTA ANA, Calif.): REDSonic Forms Strategic Partnership With Red Flag, Bringing Real-Time Linux Technology Into China.

• TUXIA (TORONTO & AUGSBURG, Germany): MGI & TUXIA Announce Strategic Partnership to Provide Multimedia and TV Functionality for Entertainment Devices.

Investments and Acquisitions

• GraphOn Corporation (MORGAN HILL, Calif. & TEL AVIV, Israel): GraphOn Acquires Exclusive Rights to Menta Software's Technology to Expand Web Services Offerings.

• GraphOn Corporation (MORGAN HILL, Calif. & TEL AVIV, Israel): GraphOn Licenses Patent to Menta Software.

Personnel & New Offices

• Open Country (SANTA CLARA, Calif.): Open Country Names Olivier Miranda Vice President of Engineering; Company Expands Product Development Initiative and Reinforces Strategic Direction.

• Turbolinux, Inc. (SAN FRANCISCO): Turbolinux Names Ly-Huong Pham Chief Executive Officer.

Linux/Open Source At Work

• bayMountain (RICHMOND, Va.): Caldera's Volution Online Benefits from bayMountain Managed Infrastructure Services.

• MPI Software Technology Inc. (STARKVILLE, Miss.): Mississippi State University's New Supercluster Is Powered By MPI/Pro on Red Hat Linux.

• SGI (MOUNTAIN VIEW, Calif.): Tippett Studio Taps the Power of SGI Systems For 'Evolution' and 'Cats & Dogs'.

• Tridia Corporation (ATLANTA): Zhone Technologies Successfully Implements TridiaVNC eSupport.

Section Editor: Rebecca Sobol.

See also: last week's Linux in the news page.

Linux in the news

Recommended Reading

Security expert: Tighter measures needed (CNN). Bruce Schneier told a Senate subcommittee that companies will start to make security decisions based on insurance premiums - and the result will be a move to Linux. "What will happen when the CFO looks at his premium and realizes that it will go down 50 percent if he gets rid of all his insecure Windows operating systems and replaces them with a secure version of Linux? The choice of which operating system to use will no longer be 100 percent technical."

Free Software: Nothing is more appropriate for India (The Hindu). The Hindu covers Free Software in conjunction with Richard Stallman's visit to India. "It is clearly time for India to join the Free Software movement. Urged by this firm belief and commitment, a group of Free Software practitioners and enthusiasts in India have been successful in persuading Richard Stallman to establish an Indian Chapter of FSF. The Free Software Foundation of India (FSF-I) will be inaugurated by Stallman on July 20 in Trivandrum at the Freedom First! conference." (Thanks to Tony Stanco)

So long and thanks for all the fish! (VarLinux.org). VarLinux.org is running Paul Ferris's goodbye letter to LinuxToday. "I wish I'd had some more time to fix some more bugs in the code I've written for internet.com, but alas, that's the way things go. In addition to my new job, I've been asked to do some community service of another kind, so I'm sure you will see me around. Look for an announcement in the coming weeks."

Win an Earthlink embedded-Linux telematics system (LinuxDevices). Earthlink is sponsoring a contest for Linux, XML, Java, wireless, and Web application developers. The contest seeks creative application ideas for a prototype open-standards "Automotive Vehicle Location" (AVL) telematics platform that was created by EarthLink's R&D team.

Maddog's MS Justice (ZDNet). Linux International Director Jon "maddog" Hall speaks out on the MS Appeals Court case. "I (and various Linux International members) feel that the officers of Microsoft--both current and former--should be punished for their actions. They broke the law. They forced good companies out of business. They stifled--not encouraged--innovation."

Developing for the Linux desktop (NewsForge). This NewsForge article is aimed at the aspiring open source developer. "While simply asking about a project is not a "till death do us part" proposition, [KDE developer Andreas] Pour suggests that a better way to win friends in the developer's community is to submit a patch. A patch is an addition or enhancement to the application, like a bug fix, an additional dialog, or a driver. In other words, don't ask about helping, just do it."

Linux in a single PBGA IC package (plus 1 crystal) (LinuxDevices). Axis Communications is making Linux-based device designs even simpler by integrating over fifty components into a single 27mm x 27mm PBGA IC package. A review of the new ETRAX 100LX Multi Chip Module.

Scaling Supercomputers With Linux (TechWeb). Information Week explains how Linux is helping make scalable systems of low cost PCs. "``Lashing together tens or hundreds of thousands of processors isn't as easy as it appears when you apply it to real-world problems,'' says Gary Smaby, a supercomputing analyst and a principal of Quatris Fund, an investor in Unlimited Scale."

IBM develops wireless LAN security analyzer (CNN). IBM's Linux-based system detects wireless nodes that are vulnerable to attack. "The Wireless Security Auditor prototype presents detailed information for all access points on an 802.11 wireless network, including station and network name, address, location, and security state."

Use P2P, Go to Jail. Any Questions? (O'Reilly). According to this O'Reilly story, a systems administrator at a Georgia institute installed a screen saver that ran distributed processing and may face criminal charges - for using bandwidth at a rate of 59 cents a second. "Since most of the infringing time happened in December, when very few people were working at the school, this bandwidth usage occurred when the bandwidth was not otherwise being used. Assuming the school pays for bandwidth whether it's used or not, it's hard to understand the logic that says the school system was ripped off."

DeCSS Encryption Case Could Change Your IT Shop (TechWeb). In anticipation of an appeals court ruling sometime soon, TechWeb has posted a detailed history of the DVD case and an accompanying timeline. There won't be much new there for those who have followed the case closely, but it's a well-done piece. "Essentially, the DVD CCA alleged that the Linux hackers were pirates. It contended that if they continued to distribute DeCSS, it would lead to widespread illegal copying of DVD movies, thus injuring the profitability of the movie industry. The problem with that argument, though, is that the encryption only hinders playback. Anyone with the proper equipment can copy and reproduce DVDs without the benefit of DeCSS."

Open Source movement steps into .NET territory (IT-Director). IT-Director reports on the Mono project. "So far the war between Microsoft and Open Source has been fought between the operating systems with Linux starting to invade the commercial user base that was once the sole domain of Windows. With this latest move, the Open Source movement are recognising the commercial and technical importance of .NET, but are also keen to open up the competition before Microsoft establish their dominance."

New front opens in Web standards war (ZDNet). Standards proponents are turning from the browser makers to the authoring tools vendors in their fight to clean up the Web. "Now, however, some standards advocates are asking developers to do their part in convincing the technology laggards to upgrade--even at the risk of alienating un-savvy Web surfers who might be challenged or intimidated by the task of downloading and installing new software. That effort is causing some tension with Web developers, who insist they, too, are eager for a more fully standards-compliant Web."

UCITA running on empty (InfoWorld). InfoWorld looks at the current status of the UCITA "shrink-wrap software" bill, and is pleased to see that things are not going very far. "Anti-UCITA 'bomb-shelter' bills, which protect a state's consumers from having UCITA invoked against them, have generally met with better reception than has UCITA itself during this year's legislative sessions. Iowa renewed the one-year bomb-shelter law it enacted last year, and West Virginia passed a similar law. Other states that have bomb-shelter bills under consideration include New York, Oregon, and Ohio."

Companies

Great Bridge Seeks Investments, Partnerships (Virginian-Pilot). The (Norfolk) Virginian-Pilot has run an article about Great Bridge. "[CEO Robert] Gilbert said that Landmark had been approached by someone interested in investing in Great Bridge, and that Great Bridge is examining 'more than one' possible strategic investment by outsiders."

IBM Linux Technology Center Bulletin. The biweekly IBM Linux Technology Center Bulletin is out, detailing IBM's recent contributions to the community. Most of them are kernel-oriented, but there are exceptions (internationalization patches for bash, for example).

Quarrel Dogs Open Database Effort (ZDNet). ZDNet describes the rift formed between MySQL AB and NuSphere that led to, and follows after, the announcement of MySQL.org. "Since launching its product line, NuSphere sought to submit changes to the MySQL development community at MySQL, but was confronted with a requirement that it turn over ownership of the changes to the Swedish company."

Linux lends a hand to Sun engineers (CNN). CNN reports on Sun's internal handheld project for field engineers that uses a Red Hat tweaked embedded Linux operating system. "Engineers with Red Hat did most of the work tailoring the Linux kernel for the handheld, while Sun's engineers fine-tuned a JVM for Linux. Symbol Technologies adapted one of its existing wireless handhelds, which usually runs Palm OS or Microsoft PocketPC software, for Sun. The device incorporates a bar code scanner and a wireless modem."

Turbolinux gets new CEO (News.com). The new CEO of Turbolinux comes in with 13 years of developer experience at Wang and 5 years management of the Apple OS 8 project. "Turbolinux, though, has enough cash to reach profitability under its current plan without having to raise more investments, [new CEO Ly-Huong Pham] said. The company has fewer than 200 employees. ``I'm very comfortable with our financial status, our burn rate ... and our revenue,'' she said."

Business

Retailer Checks Out Linux (TechWeb). Burlington Coat Factory made headlines two years ago by installing a number of (Red Hat) Linux-based Dell workstations in its stores. Now the company has begun a two-year effort to switch over to Linux-based point-of-sale terminals, according to this TechWeb article. "The clothing retailer, which operates nearly 300 stores, will run Linux on all the terminals in its new stores, and expects to finish migrating older stores' terminals to Linux in the next couple of years. The company is replacing NCR registers that run on Intel 286 and 386 chips."

Resources

What is MP3? (LinuxDevices). LinuxDevices examines the technologies behind the MP3 compression system. "Fraunhofer (a member of MPEG) released their new audio-compression algorithm called MPEG-1 Audio layer-3 (MP3). The good news was that MP3 could compress audio signals such as music by a factor of 10 to 12, with almost no audible loss. This breakthrough meant that songs which previously required 40 Mbytes of storage space now could fit in just 3-4 Mbytes."

Reviews

Big-Time Management (TechWeb). TechWeb reviews Rebel.com's NetWinder 3100 Internet appliance. "The NetWinder runs BSD and Apache Web Server on a 533-MHz Transmeta Crusoe TM5400 processor with a 4-MB parallel boot flash that utilizes Code Morphing Software and the Linux 2.4 kernel. The 3100 we tested had a 10-GB hard drive and 128-MB PC133 CL3 SDRAM."

Section Editor: Forrest Cook

See also: last week's Announcements page.

Announcements

Resources

Handspring Visor and J-Pilot Guide (LinuxLookup). A quick reference guide for using the Handspring Visor with the Linux desktop through the J-Pilot interface has been posted to the LinuxLookup site.

When the going gets weird: Getting help in StarOffice (LinuxOrbit). This HOWTO on LinuxOrbit "will give you the steps to follow to resolve many of your Linux desktop problems. Because StarOffice, Sun Microsystems' open-source office suite, is a program that just about every Linux desktop user will encounter, we'll use it as an example. You should find that following these steps will help for many other programs as well."

HOWTO set up NVIDIA 3D drivers on Red Hat 7.1. Evil3D has posted a new HOWTO for setting up the NVIDIA 3D drivers. This HOWTO covers the Linux distro Red Hat 7.1, and the unique steps needed for both Intel and non-Intel motherboards.

Events

BOFs at O'Reilly Open Source Convention. There will be a number of Birds of a Feather Sessions (BOFs) at the O'Reilly Open Source Convention in San Diego, CA, July 23 - 27, 2001. Topics include (but are not limited to) Perl, Python, Java and FreeDOS.

Caldera International hosts Forum 2001. Caldera International Inc. announced that it will host Forum 2001, August 19 - 22, 2001 at the University of California at Santa Cruz, Calif. Forum 2001 will focus on development, deployment and management solutions for Linux and UNIX systems.

LinuxWorld San Francisco to Showcase Embedded Linux Solutions. IDG World Expo announced that the upcoming LinuxWorld Conference & Expo, to be held August 26 - 30, 2001 at San Francisco's Moscone Convention Center, will feature an Embedded Linux Pavilion sponsored by the Embedded Linux Consortium (ELC).

Also at LinuxWorld, a Job Fair.

Events: July 19 - September 13, 2001.

Date	Event	Location
July 19 - 25, 2001	Networking Event 2000(ne2000)	Nuenen, the Netherlands, South
July 19 - 21, 2001	The Open Group Quarterly Conference	Austin, Texas
July 19 - 20, 2001	The Open Group Real-time and Embedded Systems Forum	Austin, Texas
July 19 - 21, 2001	The IEEE PASC (POSIX) System Services Working Group meeting	Austin, Texas
July 19 - 20, 2001	MacWorld Conference & Expo	New York City
July 23 - 27, 2001	O'Reilly Open Source Software Convention	San Diego, California
July 25 - 28, 2001	The Ottawa Linux Symposium
July 28 - 29, 2001	Rocky Mountain Software Symposium 2001(RMSS 2001)	(FourPoints Sheraton in Cherry Creek)Denver, Colorado
July 31 - August 1, 2001	Open Innovation	Santa Clara, California
August 2 - 4, 2001	Yet Another Perl Conference Europe 2001(YAPC)	(Hogeschool Holland)Amsterdam, Netherlands
August 4 - 5, 2001	LinuxCertified Linux System Administration BootCamp	Cupertino, California
August 13 - 18, 2001	IPsec Interoperability Workshop (Bakeoff)	Espoo, Finland
August 14 - 16, 2001	Embedded Internet Conference 2001	Santa Clara, CA
August 14 - 16, 2001	LinuxWorld China	Beijing, China
August 19 - 22, 2001	Forum 2001	University of California at Santa Cruz, Calif.
August 20 - 24, 2001	HP World 2001	(McCormick Place)Chicago, IL, USA.
August 20 - 21, 2001	JabberCon 2001	Keystone, Colorado
August 23 - 25, 2001	LinuxWorld Hong Kong	Hong Kong
August 26 - 30, 2001	LinuxWorld Conference & Expo	San Francisco
September 2, 2001	Erlang Workshop - Firenze	Italy
September 4 - 7, 2001	Embedded Systems Conference	(Hynes Convention Center)Boston, MA
September 6 - 7, 2001	Open Source Health Care Alliance(OSHCA)	(The Posthouse Hotel Kensington)London, UK
September 12 - 13, 2001	Linux Expo	Birmingham, UK

Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn@lwn.net in a plain text format.

User Group News

Linux Users' Group of Davis. LUGOD, The Linux Users' Group of Davis, will be holding a Linux demonstration on Saturday July 21, 2001 at the Davis Food Co-Op, Davis, CA.

LUGOD's regular meeting on August 8, 2001 features "Automated Retrieval System (Robotic Cranes)", presented by Michael Egan, Sonoma State University.

CFP: Unix and the desktop. The Netherlands Unix User's Group (NLUUG) will hold its annual autumn conference November 8, 2001 in De Reehorst, Ede (Netherlands). The call for papers, inviting submissions for talks on end user experiences and new developments related to the Unix desktop and multimedia applications, remains open until August 24, 2001.

LUG Events: July 19 - August 2, 2001.

Date	Event	Location
July 19, 2001	St. Louis LUG(SLLUG)	(St. Louis County Library, Indian Trails Branch)St. Louis, MO.
July 19, 2001	Omaha Linux User Group(OLUG)	Omaha, Nebraska
July 19, 2001	Linux User Support Team, Taegu(LUST-T)	Taegu, Korea
July 19, 2001	South Mississippi LUG(SMLUG)	(Barnes & Noble)Gulfport, Mississippi
July 19, 2001 August 2, 2001	Gallup Linux Users Group(GalLUG)	(Coyote Bookstore)Gallup, New Mexico
July 19, 2001	SSLUG: Hyggemøde på Niels Bohr Institute	Denmark
July 19, 2001	Belfast Linux Users Group(BLUG)	Belfast, Northern Ireland
July 19, 2001	Linux Enthusiasts And Professionals of Central Florida(LEAP-CF)	(DeVry Institute)Orlando, FL.
July 19, 2001	New Orleans Linux Users' Group(NOLUG)	(University of New Orleans (UNO) Mathematics Building)New Orleans, Louisiana
July 20, 2001	Rock River LUG(RRLUG)	(Rockford College)Rockford, Illinois
July 21, 2001	SVLUG Installfest	Silicon Valley, CA
July 21, 2001	LUGOD Linux Demo	Davis, CA
July 21, 2001	North Texas Linux Users Group(NTLUG)	(Nokia Centre)Irving, Texas
July 24, 2001	Hazelwood Linux User Group(HLUG)	(Prairie Commons Branch Library)Hazelwood, Missouri
July 24, 2001 July 31, 2001	Kalamazoo Linux Users Group(KLUG)	(Western Michigan University)Kalamazoo, Michigan
July 24, 2001	FLUG: DNS af Michael Nielsen	Denmark
July 27, 2001	The Nashua Chapter of the Greater New Hampshire LUG(GNHLUG)	(Martha's Exchange)Nashua, NH.
July 28, 2001	Consortium of All Bay Area Linux(CABAL)	Menlo Park, CA
July 28, 2001	Central Ohio LUG(COLUG)	Columbus, Ohio
August 1, 2001	Silicon Valley LUG(SVLUG)	San Jose, CA
August 1, 2001	Southeastern Indiana LUG(SEILUG)	(Madison/Jefferson County Public Library)Madison, IN
August 1, 2001	Kansas City LUG Demoday(KCLUG)	(Kansas City Public Library)KC, Missouri
August 2, 2001	Edinburgh LUG(EDLUG)	Edinburgh, Scotland
August 2, 2001	UNIX/Linux Special Interest Group of the Dayton Microcomputer Association	(DMA office at 119 Valley St)Dayton, OH, USA.
August 2, 2001	SSLUG: Hyggemöte på Malmö Högskola	Denmark

Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn-lug@lwn.net in a plain text format.

Section Editor: Rebecca Sobol.

Software Announcements

The Alphabetical List and Sorted by license

Our software announcements are provided courtesy of FreshMeat

See also: last week's Linux History page.

This week in Linux history

Three years ago (July 23, 1998 LWN): Oracle announced support for Linux. Computer Associates (Ingres) and Informix had announced Linux support earlier in the year. This ZDNet article echoed some common sentiments:

A Linux evangelist said a port of an enterprise-size database such as Oracle would help lend credibility to Linux in the eyes of business managers.

Linus made clear his position that 4MB machines would no longer be a development priority or interest for the 2.1.X development tree. Nowadays, finding a PC with only 4MB of memory might be difficult. Even projects such as TINY Linux, which is designed especially for old, recycled computers, requires at least 8MB (but still supports the i386 chip).

The release of perl 5.005 was imminent. Perl 5.7.2 has just been released.

Two years ago (July 22, 1999 LWN): The biggest news was Red Hat's announcement of a community stock offering. Some viewed it with suspicion; an effort to get more people to buy stock and drive up the price or maybe just spam from an unexpected source. In addition, the list of people Red Hat put together accidently left off a lot of important contributors.

Nonetheless, in the long run, a lot of people made a little bit of unexpected money as a result and the offering set a precedent for including the community that was later followed by the VA Linux and Caldera IPOs. None of them went perfectly or smoothly, but again, at least some people got an unexpected bonus for the work they had done gratis for so long.

On a slightly different note, Red Hat unveiled more of its IPO plans, including a major investment in developing their 'web portal'. Plans included the hiring of over 20 people, setting up their own news service and much more. Of course, nowadays that has gone by the wayside and Red Hat is looking in much different fields (such as embedded Linux) for new revenue models.

Caldera Thin Clients reinvented itself as Lineo.

One year ago (July 20, 2000 LWN): Miguel de Icaza gave his "Unix sucks" speech at the Ottawa Linux Symposium.

Sun announced that StarOffice would be released under the GPL.

SCO released flagging financial results, creating rumors of how Linux might save the failing UnixWare business. Forbes noted that SCO had been selling support services for Caldera and TurboLinux, but inaccurately predicted that the company would strike a deal with MandrakeSoft. This article in OSOpinion speculated:

The most likely scenario seems to have SCO spinning off Tarantella (probably as an immediate acquisition target), and looking for a Linux vendor to merge with the rest. If they could find some more VC cash, I think that TurboLinux could be a fairly straightforward candidate, as they could hone their focus in on Linux clustering, already their strongest point and a very promising market niche.

ZDNet had better inside information as this article accurately predicted:

Caldera Systems, a leading Linux distributor, is on the verge of buying SCO's Server--aka, Unix--division for a price expected to be north of $70 million in stock, according to multiple sources claiming familiarity with terms of the deal in progress.

Section Editor: Rebecca Sobol.

LWN Linux Timelines
1998 In Review
1999 In Review
2000 In Review
2001 In Review

See also: last week's Letters page.

Letters to the editor

From:	 Gerard Fernandes <gerry@vigorsoft.com>
To:	 "'lwn@lwn.net'" <lwn@lwn.net>
Subject: Free Software response to .NET
Date:	 Fri, 13 Jul 2001 17:12:43 +0530

What is the whole point of talking about innovation when we have come back
to square one - playing catch up to .NET and providing alternatives to the
same thing, old wine in a new bottle, per-se?
 
It would have been much better if the Free Software response took up Java as
the question to which .NET is an improper answer and continue to put in
efforts behind Java.
 
Java has already provided a broad infrastructure for networked,
cross-platform, and distributed applications. And it has been available (not
to mention, working) for quite some time. Why not put in the effort that is
senselessly going into developing an Open Source version of .NET (and in the
course of this, leaving the Open Source foundation liable to law suits),
into developing better and more competitive Application Servers (like JBoss)
and therefore anull the .NET attack in the first place? It (.NET) is a
half-baked attempt of Microsoft to get back some ground lost to Java. And
the Open Source community is inadvertently playing into Microsoft's hands by
packaging Microsoft Wine in the OpenSource bottle. Where is the innovation
that you were looking for? Is innovation nothing but aping the competition?
If not, then why is the Open source sommunity so intent on re-implementing
.NET?
 
This has been and seems to be continuing to be, the single biggest hurdle
that Open Source is going to be facing - an internally fragmented developer
community. This can be the only explanation why Open Source cannot see that
they already have a winner (albeit, provided by Sun) and is instead trying
to compete with what can actually give Open Source a huge lead in terms of
distributed computing development infrastructure.
 
To put it in a nutshell, the Open Source community is its own biggest enemy.
 
Until the Open source community grows up and acts more mature, we are going
to continue to have emotional outbursts of this kind. What else can one make
of an attempt like this? Do you really need to build a ship with a hole just
because Microsoft has done it again?
 
Think about it.
 
regards,
Gerard.

From:	 "Jay R. Ashworth" <jra@baylink.com>
To:	 press@mysql.com
Subject: Trademark infringement press release
Date:	 Fri, 13 Jul 2001 11:00:09 -0400
Cc:	 letters@lwn.net

<sigh>

I see you folks have drunk the Kool-Aid<tm> as well.

Please understand something: mere existence of a domain name which has
a trademark in it does *not* in any way violate the Lanham Act, and is
therefore not a trademark violation, at least in the United States
(although IANAL).  If the holder of such a domain name engages in
confusion, dilution, or disparagement, then perhaps you might have a
case.

But, at least from my point of view, this insecure, ranting reaction is
just one more reason for *me* to spec PostGreSQL instead of MySQL.

If your users are dumb enough to confuse mysql.org and mysql.com, then
maybe they, and you, deserve the results.

If that sounds elitist, so be it.  I'm getting tired, after 20 years,
of listening to whining.

Cheers,
-- jra
-- 
Jay R. Ashworth                                                jra@baylink.com
Member of the Technical Staff     Baylink                             RFC 2100
The Suncoast Freenet         The Things I Think
Tampa Bay, Florida        http://baylink.pitas.com             +1 727 804 5015

   OS X: Because making Unix user-friendly was easier than debugging Windows
     -- Simon Slavin in a.f.c

From:	 Nathan Myers <ncm@nospam.cantrip.org>
To:	 letters@lwn.net
Subject: MySQL and the GPL
Date:	 Wed, 18 Jul 2001 00:20:07 -0700

The MySQL AB vs. NuSphere dispute is turning out to be really
interesting, and not because of anything about their products.
(PostgreSQL is a lot more interesting, as a database.)  What's 
interesting is how it points up fun features of the GPL.  

Apparently NuSphere has been violating the GPL by shipping their 
proprietary Gemini library linked with MySQL, and keeping the
source code secret.  They have also been giving binaries out via 
the web, protected by a sign-up sheet.

One feature this highlights is that if they had offered their
sources (under the GPL) only to people they had given binaries
to, they wouldn't have had to offer them to anybody else.  Hence,
it wasn't clear whether they actually had violated the GPL, until 
I verified that even their customers don't get the source code.  
(Of course they would not be able to keep their customers from 
mirroring it.)  

Even the sign-up web page is OK under the GPL; if you haven't 
given somebody the code, you have no obligations to them.  Again, 
though, once you give them the code, you can't keep them from 
mirroring the source code once they get it, so a sign-up page 
for GPL'd code tends to become voluntary.  

More interesting is what happens next.  You see, even if NuSphere
goes ahead and GPLs their library and puts sources up for FTP, they 
are _still_ in violation of the GPL.  Once you've violated the GPL, 
you have lost _all_ your rights under it.  NuSphere can still post 
their own code, but they can't legally distribute binaries linked 
with it any more, or even use it in-house.  Before they will have 
any rights under the GPL again, they will need forgiveness from 
the copyright holders.  Yes, from MySQL AB -- the company they are 
engaged in lawsuits and public spats with.

Amusingly, if NuSphere does put Gemini under the GPL, users will be 
able to distribute MySQL+Gemini while NuSphere still can't, until 
they get forgiveness. 

The longer they continue violating the license, the worse trouble
they're in, and the more forgiveness they'll need from MySQL AB.

This isn't one of those corner cases where the GPL is considered a 
bit iffy.  This is square in the middle, where it's firmly backed by 
copyright law.  If NuSphere angers MySQL AB enough, and the lawyers 
don't back down, we may see a nice, clear court test of the GPL under 
near-ideal circumstances.  That the MySQL database is involved is 
unfortunate, but since it doesn't really affect users much, that's 
not so bad.  

The GPL is a lot like an alligator snout.  You can hold it shut with 
one hand, but if you stick your head in it bites like hell.

--
Disclaimer: I am not a lawyer, and the above should not be taken as
legal advice.  Some dogs know more than I do.

"Love is a snowmobile racing across the tundra.  Suddenly it flips
over, pinning you underneath.  At night, the ice weasels come."
                                        -- Matt Groening