---------------------------------------------------------------------------
Gentoo Weekly Newsletter
http://www.gentoo.org/news/en/gwn/current.xml
This is the Gentoo Weekly Newsletter for the week of 13 December 2004.
---------------------------------------------------------------------------
==============
1. Gentoo News
==============
New Chinese Gentoo Forum
------------------------
A long-standing request has finally been fulfilled: The official Gentoo
Forums, according to our user survey the single most popular support
platform, now have a shiny new Chinese language forum[1]. Requests for
this language to be supported at the Forums had been brought forward for a
very long time already, but were growing substantially over the past few
weeks.
1. http://forums.gentoo.org/viewtopic.php?t=265378
Enabling Chinese turned out to be trickier than anticipated. The language
packs for phpBB, the software that powers the Gentoo Forums, are normally
available in separate encodings, which would have mandated two forums for
traditional (i.e. the Taiwanese and Hong Kong user base) and simplified
(mainland) Chinese characters. Splitting the forum into two was out of the
question for the Forum administrators, but thanks to Christian Hartmann
(ian![2]) who finally set out to implement a recommendation from Chinese
users, the language packages and headers were patched, and all files
transcoded into UTF-8. ian! then released his changes on a few testers
first, since being unable to read Chinese himself, he had to rely entirely
on user feedback. Testing this way is similar to mooring an oil tanker
using your ears only, but nevertheless it appears to work, didn't bring
the ceiling crashing down or the Forum hardware to falter, and the two
initial moderators are now eagerly waiting for the massive influx of
Chinese users to put the platform under yet some more endurance tests.
2. http://forums.gentoo.org/profile.php?mode=viewprofile&u=15031
The encoding to be used is UTF-8, which allows for both simplified and
traditional Chinese in postings to the new forum. EricHsu[3] and akar[4],
will be the inaugural moderators to deal with the first wave of Chinese
users to join the Gentoo Forums starting from today. Many Chinese
Gentooists have been frequenting the Linuxsir.org[5] forums, but are
expected to adopt the new, officially Gentoo-driven platform, too. The
freshly appointed moderators are able to read both character sets, but
EricHsu is operating in GB2312 (simplified) and akar in Big5 (traditional
Chinese) on their own PCs, and will share the supervision of forum posts
accordingly.
3. http://forums.gentoo.org/profile.php?mode=viewprofile&u=54601
4. http://forums.gentoo.org/profile.php?mode=viewprofile&u=82443
5. http://www.linuxsir.org/bbs/forumdisplay.php?forumid=59
Figure 1.1: Chinese Gentoo Forum editing window, with encoding set to
UTF-8 and autodetection to Chinese
http://www.gentoo.org/images/gwn/20041213-chinese.png
Note: While the content of the forum can be posted in either Big5 or
GB2312, the board languages, e.g. the interface, the menu items and
messages, can be set to each of the styles the user prefers: Both
traditional and simplified Chinese are available as board languages now,
too.
==============
2. Future zone
==============
Linux virtualization techniques
-------------------------------
For some types of applications (development, service separations,
simulated environments) it is preferrable to "hide" parts of the hardware
or the operating system behind a virtualized machine. There are three
major approaches to achieve this:
* Hardware Emulators: These programs emulate the complete hardware
step-by-step. Bochs, PearPC, coLinux and QEMU belong to this group.
* Hardware Virtualization: VMWare, UML, plex86 and XEN do this. They only
emulate certain system calls and Interrupts.
* Limited Virtualization: vServers only hide parts of the OS. Only one
kernel is running, but system calls are intercepted and modified according
to access privileges etc.
All these techniques have their advantages and shortcomings, as hardware
emulators for example are platform independent and just make-believe in
parts or subsystems, but are extremely slow compared to hardware
virtualizers. The latter are also mostly OS-independent, but limited to
specific hardware (VMWare only runs on x86), and their performance isn't
quite optimal yet. The limited virtualizers are optimized for speed and
low overhead, and are perfectly integrated into the operating system, but
of course completely dependent on it, and not all functions can be
expected to work as usual.
Today's future zone looks at some of the candidates for virtual machines
and emulations, and sheds a little light on their availability and status
in Gentoo Linux:
XEN[6]
6. http://www.cl.cam.ac.uk/Research/SRG/netos/xen/
This program is developed at the University of Cambridge. Guest operating
systems need some changes applied, but XEN in return offers extremely high
performance compared to other solutions.
Gentoo integration: There are experimental ebuilds at Gentoo's bugzilla[7]
available.
7. http://bugs.gentoo.org/show_bug.cgi?id=70161
UML - User Mode Linux[8]
8. http://user-mode-linux.sourceforge.net/
This is a Linux-specific virtualization. It uses a patched kernel for the
guest OS, and needs a patched host for better performance. Some versions
also support nested UMLs, e.g. booting a UML instance in another UML
instance. It is completely encapsulated from the host OS and usually uses
files for its "virtual harddisks". Therefore performance tends to be lower
than XEN, but since it emulates a whole kernel, its uses tend to be
different, for example honeynets, network testing, distributed computing
testing.
Gentoo integration: The patched kernel is available as usermode-sources in
Portage. A Howto exists at the Gentoo website[9].
9. http://www.gentoo.org/doc/en/uml.xml
VMWare[10]
10. http://www.vmware.com/
This commercial program allows to run any x86 OS "in a window" on Linux
and Windows. It is quite mature, and reasonably fast. Even stacked
instances are possible, such as Linux in VMWare on Windows in VMWare on
Linux, for example. The hardware emulation presents a S3 graphics card, so
some special applications like Windows DirectX games will be unable to
run. Different versions of VMWare are available, ESX Server targeted for
large server installations, and VMWare Workstation for desktop use.
Gentoo integration: app-emulation/vmware-workstation is a 30-day demo
version. It can be upgraded to the full version by aquiring a key from
VMWare.
MOL - Mac-on-Linux[11]
11. http://maconlinux.org/
The PowerPC equivalent of VMWare, but non-commercial and free. Near-native
performance, runs Mac OS > 7.5, Mac OS X and Linux in windows or
full-screen modes. Its only drawback is the inability to operate on the
new G5 64-bit CPU Macintosh, but it does work on PegasosPPC, for example,
even with Mac OS X.
Gentoo integration:MOL is available in Portage.
BOCHS[12]
12. http://bochs.sourceforge.net/
BOCHS is one of the oldest emulators available. It is an x86 CPU-emulator
written in C++, thus completely portable. Compared to virtualization, the
performance is extremely low, but it still has its moments - or do you
know any other program that allows you to boot FreeDOS on an UltraSPARC?
Gentoo integration:BOCHS is available in Portage. Disk images for booting
can be found on the BOCHS website.
PearPC[13]
13. http://pearpc.sourceforge.net/
The newcomer among the emulators. It is still in rapid development, but
already allows to boot a virtual MacOS X on any supported platform
(including Win32!). The speed is about 1/500th of a real processor, but
the coolness factor of running bochs in pearpc in vmware is hard to beat.
Gentoo integration: PearPC is available in Portage.
Plex86[14]
14. http://savannah.nongnu.org/projects/plex86
Plex86 wants to be seen as the Open Source alternative to VMWare. It is
x86 only, but offers acceptable performance. The project seems to have
little activity at the moment. A fork with slightly different goals can be
found here[15] but this is a Linux only virtualization.
15. http://plex86.sourceforge.net/
Gentoo integration: Plex86 is available in Portage.
coLinux[16]
16. http://www.colinux.org/
Cooperative Linux is the first working free method for running Linux on
Microsoft Windows natively. It can boot any Linux loopback filesystem, and
even has limited network support through the TUN/TAP driver. It is not a
replacement for Cygwin (which itself isn't a virtualizer, only an API
translator), but offers the full bandwidth of Linux applications in
Windows.
Gentoo integration:A Gentoo boot image can be downloaded from the project
homepage.
QEMU[17]
17. http://fabrice.bellard.free.fr/qemu/
This nice program is not one, but many emulators. It can emulate different
architectures on a wide range of hardware, thus giving it the edge in
flexibility. It is supposed to be much faster than other emulators, but
the real performance will still be quite low.
Gentoo integration:QEMU is available in portage.
==================
3. Gentoo security
==================
PDFlib: Multiple overflows in the included TIFF library
-------------------------------------------------------
PDFlib is vulnerable to multiple overflows, which can potentially lead to
the execution of arbitrary code.
For more information, please see the GLSA Announcement[18]
18. http://www.gentoo.org/security/en/glsa/glsa-200412-02.xml
imlib: Buffer overflows in image decoding
-----------------------------------------
Multiple overflows have been found in the imlib library image decoding
routines, potentially allowing execution of arbitrary code.
For more information, please see the GLSA Announcement[19]
19. http://www.gentoo.org/security/en/glsa/glsa-200412-03.xml
Perl: Insecure temporary file creation
--------------------------------------
Perl is vulnerable to symlink attacks, potentially allowing a local user
to overwrite arbitrary files.
For more information, please see the GLSA Announcement[20]
20. http://www.gentoo.org/security/en/glsa/glsa-200412-04.xml
mirrorselect: Insecure temporary file creation
----------------------------------------------
mirrorselect is vulnerable to symlink attacks, potentially allowing a
local user to overwrite arbitrary files.
For more information, please see the GLSA Announcement[21]
21. http://www.gentoo.org/security/en/glsa/glsa-200412-05.xml
PHProjekt: setup.php vulnerability
----------------------------------
PHProjekt contains a vulnerability in the setup procedure allowing remote
users without admin rights to change the configuration.
For more information, please see the GLSA Announcement[22]
22. http://www.gentoo.org/security/en/glsa/glsa-200412-06.xml
=========================
4. Heard in the community
=========================
gentoo-dev
----------
Too many mailing lists?
Are there too many (low traffic) Gentoo mailinglists? How do you get all
relevant info without subscribing to a dozen mailinglists? And finally, is
there a better solution? Find out what other Gentooists have to say to
those questions.
* Too many mailing lists[23]
23. http://thread.gmane.org/gmane.linux.gentoo.devel/23341
Small notes on developer policy
Mike Frysinger[24] posted two reminders on how to do things the right way:
1) Only apply patches arch-specific if absolutely neccessary, and 2) don't
dump your bugs in gcc-porting (or some of the other defenseless bugzilla
aliases). He suggests that if everyone sticks to some basic rules,
bugfixing and updating will be easier and more efficient. And, if bugs are
assigned to the right people, they might even get fixed ...
24. vapier@gentoo.org
* arch-apecific patches[25]
* a note about gcc-porting team[26]
25. http://thread.gmane.org/gmane.linux.gentoo.devel/23340
26. http://thread.gmane.org/gmane.linux.gentoo.devel/23314
=======================
5. Gentoo International
=======================
Japan: Gentoo Bonenkai in Tokyo
--------------------------------
GentooJP developer-at-large Masatomo Nakano, currently based in London, is
coming back to Japan for a few days around New Year's Eve. As on previous
occasions, this serves as the perfect excuse for the Japanese Gentooists
to hold a Bonenkai, the usually raucous Japanese year-end party. Check the
Japanese user mailing list[27] for details on the exact location, so far
the plan is to meet in Tokyo's Shibuya district on 28 December 2004, at
around 18:00.
27. http://ml.gentoo.gr.jp/users/
Germany: Christmas party photos
-------------------------------
The Christmas bowling event on Friday 10 December, organized by and for
Germany's most weathered Gentooists in the Ruhr region that we announced
two weeks ago, appears to have gone down quite well, and in perfect
harmony, according to the impressive photo gallery[28] available at the
German Gentoo website. Depicted are some of the finest developers around,
but frankly, their bowling skills are not on the same level. The
scorecards aren't much to write home about, but on the upside of things no
harm was done to the inventory.
28. http://www.gentoo.de/pub/pics/gum/ob/20041210/
======================
6. Gentoo in the press
======================
Heise online (7 December 2004)
------------------------------
Germany's leading IT magazine reports about the upcoming 21c3 conference
in Berlin, in an article titled "More than the usual suspects."[29] Based
on an interview with Gentoo developer and Chaos Computer Club spokesman
Lars Weiler[30], the article specially mentions the Gentoo developer
conference to be held during the 21c3.
29. http://www.heise.de/newsticker/meldung/54008
30. pylon@gentoo.org
===========
7. Bugzilla
===========
Summary
-------
* Statistics
* Closed bug ranking
* New bug rankings
Statistics
----------
The Gentoo community uses Bugzilla (bugs.gentoo.org[31]) to record and
track bugs, notifications, suggestions and other interactions with the
development team. Between 05 December 2004 and 12 December 2004, activity
on the site has resulted in:
31. http://bugs.gentoo.org
* 742 new bugs during this period
* 443 bugs closed or resolved during this period
* 31 previously closed bugs were reopened this period
Of the 7590 currently open bugs: 126 are labeled 'blocker', 237 are
labeled 'critical', and 548 are labeled 'major'.
Closed bug rankings
-------------------
The developers and teams who have closed the most bugs during this period
are:
* Gentoo Games[32], with 36 closed bugs[33]
* Portage Utitilities Team[34], with 22 closed bugs[35]
* Gentoo Linux Gnome Desktop Team[36], with 19 closed bugs[37]
* Gentoo's Team for Core System packages[38], with 17 closed bugs[39]
* AMD64 Porting Team[40], with 16 closed bugs[41]
* PPC Porters[42], with 14 closed bugs[43]
* SpanKY[44], with 13 closed bugs[45]
* Gentoo KDE team[46], with 13 closed bugs[47]
32. games@gentoo.org
33.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2004-12-05&chfieldto=2004-12-12&resolution=FIXED&assigned_to=games@gentoo.org
34. tools-portage@gentoo.org
35.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2004-12-05&chfieldto=2004-12-12&resolution=FIXED&assigned_to=tools-portage@gentoo.org
36. gnome@gentoo.org
37.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2004-12-05&chfieldto=2004-12-12&resolution=FIXED&assigned_to=gnome@gentoo.org
38. base-system@gentoo.org
39.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2004-12-05&chfieldto=2004-12-12&resolution=FIXED&assigned_to=base-system@gentoo.org
40. amd64@gentoo.org
41.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2004-12-05&chfieldto=2004-12-12&resolution=FIXED&assigned_to=amd64@gentoo.org
42. ppc@gentoo.org
43.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2004-12-05&chfieldto=2004-12-12&resolution=FIXED&assigned_to=ppc@gentoo.org
44. vapier@gentoo.org
45.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2004-12-05&chfieldto=2004-12-12&resolution=FIXED&assigned_to=vapier@gentoo.org
46. kde@gentoo.org
47.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2004-12-05&chfieldto=2004-12-12&resolution=FIXED&assigned_to=kde@gentoo.org
New bug rankings
----------------
The developers and teams who have been assigned the most new bugs during
this period are:
* AMD64 Porting Team[48], with 23 new bugs[49]
* Perl Devs @ Gentoo[50], with 15 new bugs[51]
* Gentoo's Team for Core System packages[52], with 11 new bugs[53]
* Gentoo Sound Team[54], with 9 new bugs[55]
* Net-Mail Packages[56], with 8 new bugs[57]
* Mozilla Gentoo Team[58], with 8 new bugs[59]
* Text-Markup Team[60], with 7 new bugs[61]
* PHP Bugs[62], with 7 new bugs[63]
48. amd64@gentoo.org
49.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2004-12-05&chfieldto=2004-12-12&assigned_to=amd64@gentoo.org
50. perl@gentoo.org
51.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2004-12-05&chfieldto=2004-12-12&assigned_to=perl@gentoo.org
52. base-system@gentoo.org
53.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2004-12-05&chfieldto=2004-12-12&assigned_to=base-system@gentoo.org
54. sound@gentoo.org
55.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2004-12-05&chfieldto=2004-12-12&assigned_to=sound@gentoo.org
56. net-mail@gentoo.org
57.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2004-12-05&chfieldto=2004-12-12&assigned_to=net-mail@gentoo.org
58. mozilla@gentoo.org
59.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2004-12-05&chfieldto=2004-12-12&assigned_to=mozilla@gentoo.org
60. text-markup@gentoo.org
61.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2004-12-05&chfieldto=2004-12-12&assigned_to=text-markup@gentoo.org
62. php-bugs@gentoo.org
63.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2004-12-05&chfieldto=2004-12-12&assigned_to=php-bugs@gentoo.org
==================
8. Tips and Tricks
==================
Fresh USE flag and profile editors
----------------------------------
ufed has served its purpose of providing an overview and editing USE flag
settings in Gentoo systems for quite a while. Its ncurses-based interface
wasn't exactly pretty, and it hasn't seen much development over the past
few months.
Enter the alternatives: Damien Krotkine[64] has just brought his new
"Profuse" up to speed and into Portage. It is meant to be particularly
good at dealing with cascading profiles, has a GTK+-2 interface that's
generally pleasing to the eye, and is easily available by simply emerging
it.
64. dams@gentoo.org
---------------------------------------------------------------------------
| Code Listing 8.1: |
|Emerge |
profuse--------------------------------------------------------------------
-----
| |
|# echo "app-portage/profuse ~x86" >> /etc/portage/package.keywords (if |
necessary)
|# emerge profuse |
| |
---------------------------------------------------------------------------
Figure 8.1: Damien Krotkine's profuse, the profile and USE editor
http://www.gentoo.org/images/gwn/20041213-profuse.jpg
profuse defaults to whatever is linked to /etc/make.profile, but it can
already work on cascading profiles, too, with the profile editing GUI
currently still under development:
---------------------------------------------------------------------------
| Code Listing 8.2: |
|Invoke profuse with a cascading |
profile--------------------------------------------------------------------
-----
| |
|# profuse --profile-dir=/usr/portage/profiles/default-linux/ppc/2004.3 |
| |
---------------------------------------------------------------------------
For Gentoo on Mac OS X users, Michael Hanselmann[65] has created
app-portage/portage-prefpane that works as a plugin to the standard System
Preferences application of Mac OS X. It serves as an editor for the
make.conf file and can manipulate USE-flags, features and mirrors.
Additionally, it provides an interface to edit all variables in make.conf.
It runs only on Mac OS X, of course:
65. hansmi@gentoo.org
Figure 8.2: Portage-prefpane fully integrated into Mac OS X System
Preferences
http://www.gentoo.org/images/gwn/20041213-prefpane.png
===========================
9. Moves, adds, and changes
===========================
Moves
-----
The following developers recently left the Gentoo team:
* Michael Boman
Adds
----
The following developers recently joined the Gentoo Linux team:
* Torsten Veller (tove) - net-mail, net-dialup
* Aaron Kulbe (SuperLag) - net-mail
Changes
-------
The following developers recently changed roles within the Gentoo Linux
project:
* None this week
=====================
10. Contribute to GWN
=====================
Interested in contributing to the Gentoo Weekly Newsletter? Send us an
email[66].
66. gwn-feedback@gentoo.org
================
11. GWN feedback
================
Please send us your feedback[67] and help make the GWN better.
67. gwn-feedback@gentoo.org
================================
12. GWN subscription information
================================
To subscribe to the Gentoo Weekly Newsletter, send a blank email to
gentoo-gwn-subscribe@gentoo.org.
To unsubscribe to the Gentoo Weekly Newsletter, send a blank email to
gentoo-gwn-unsubscribe@gentoo.org from the email address you are
subscribed under.
===================
13. Other languages
===================
The Gentoo Weekly Newsletter is also available in the following languages:
* Danish[68]
* Dutch[69]
* English[70]
* German[71]
* French[72]
* Japanese[73]
* Italian[74]
* Polish[75]
* Portuguese (Brazil)[76]
* Portuguese (Portugal)[77]
* Russian[78]
* Spanish[79]
* Turkish[80]
68. http://www.gentoo.org/news/da/gwn/gwn.xml
69. http://www.gentoo.org/news/be/gwn/gwn.xml
70. http://www.gentoo.org/news/en/gwn/gwn.xml
71. http://www.gentoo.org/news/de/gwn/gwn.xml
72. http://www.gentoo.org/news/fr/gwn/gwn.xml
73. http://www.gentoo.org/news/ja/gwn/gwn.xml
74. http://www.gentoo.org/news/it/gwn/gwn.xml
75. http://www.gentoo.org/news/pl/gwn/gwn.xml
76. http://www.gentoo.org/news/br/gwn/gwn.xml
77. http://www.gentoo.org/news/pt/gwn/gwn.xml
78. http://www.gentoo.org/news/ru/gwn/gwn.xml
79. http://www.gentoo.org/news/es/gwn/gwn.xml
80. http://www.gentoo.org/news/tr/gwn/gwn.xml
Ulrich Plate <plate@gentoo.org> - Editor
Michael Hanselmann <hansmi@gentoo.org> - Author
Damien Krotkine <dams@gentoo.org> - Author
Patrick Lauer <patrick@gentoo.org> - Author
Lars Weiler <pylon@gentoo.org> - Author
--
gentoo-gwn@gentoo.org mailing list
Gentoo Weekly Newsletter
http://www.gentoo.org/news/en/gwn/current.xml
This is the Gentoo Weekly Newsletter for the week of 13 December 2004.
---------------------------------------------------------------------------
==============
1. Gentoo News
==============
New Chinese Gentoo Forum
------------------------
A long-standing request has finally been fulfilled: The official Gentoo
Forums, according to our user survey the single most popular support
platform, now have a shiny new Chinese language forum[1]. Requests for
this language to be supported at the Forums had been brought forward for a
very long time already, but were growing substantially over the past few
weeks.
1. http://forums.gentoo.org/viewtopic.php?t=265378
Enabling Chinese turned out to be trickier than anticipated. The language
packs for phpBB, the software that powers the Gentoo Forums, are normally
available in separate encodings, which would have mandated two forums for
traditional (i.e. the Taiwanese and Hong Kong user base) and simplified
(mainland) Chinese characters. Splitting the forum into two was out of the
question for the Forum administrators, but thanks to Christian Hartmann
(ian![2]) who finally set out to implement a recommendation from Chinese
users, the language packages and headers were patched, and all files
transcoded into UTF-8. ian! then released his changes on a few testers
first, since being unable to read Chinese himself, he had to rely entirely
on user feedback. Testing this way is similar to mooring an oil tanker
using your ears only, but nevertheless it appears to work, didn't bring
the ceiling crashing down or the Forum hardware to falter, and the two
initial moderators are now eagerly waiting for the massive influx of
Chinese users to put the platform under yet some more endurance tests.
2. http://forums.gentoo.org/profile.php?mode=viewprofile&u=15031
The encoding to be used is UTF-8, which allows for both simplified and
traditional Chinese in postings to the new forum. EricHsu[3] and akar[4],
will be the inaugural moderators to deal with the first wave of Chinese
users to join the Gentoo Forums starting from today. Many Chinese
Gentooists have been frequenting the Linuxsir.org[5] forums, but are
expected to adopt the new, officially Gentoo-driven platform, too. The
freshly appointed moderators are able to read both character sets, but
EricHsu is operating in GB2312 (simplified) and akar in Big5 (traditional
Chinese) on their own PCs, and will share the supervision of forum posts
accordingly.
3. http://forums.gentoo.org/profile.php?mode=viewprofile&u=54601
4. http://forums.gentoo.org/profile.php?mode=viewprofile&u=82443
5. http://www.linuxsir.org/bbs/forumdisplay.php?forumid=59
Figure 1.1: Chinese Gentoo Forum editing window, with encoding set to
UTF-8 and autodetection to Chinese
http://www.gentoo.org/images/gwn/20041213-chinese.png
Note: While the content of the forum can be posted in either Big5 or
GB2312, the board languages, e.g. the interface, the menu items and
messages, can be set to each of the styles the user prefers: Both
traditional and simplified Chinese are available as board languages now,
too.
==============
2. Future zone
==============
Linux virtualization techniques
-------------------------------
For some types of applications (development, service separations,
simulated environments) it is preferrable to "hide" parts of the hardware
or the operating system behind a virtualized machine. There are three
major approaches to achieve this:
* Hardware Emulators: These programs emulate the complete hardware
step-by-step. Bochs, PearPC, coLinux and QEMU belong to this group.
* Hardware Virtualization: VMWare, UML, plex86 and XEN do this. They only
emulate certain system calls and Interrupts.
* Limited Virtualization: vServers only hide parts of the OS. Only one
kernel is running, but system calls are intercepted and modified according
to access privileges etc.
All these techniques have their advantages and shortcomings, as hardware
emulators for example are platform independent and just make-believe in
parts or subsystems, but are extremely slow compared to hardware
virtualizers. The latter are also mostly OS-independent, but limited to
specific hardware (VMWare only runs on x86), and their performance isn't
quite optimal yet. The limited virtualizers are optimized for speed and
low overhead, and are perfectly integrated into the operating system, but
of course completely dependent on it, and not all functions can be
expected to work as usual.
Today's future zone looks at some of the candidates for virtual machines
and emulations, and sheds a little light on their availability and status
in Gentoo Linux:
XEN[6]
6. http://www.cl.cam.ac.uk/Research/SRG/netos/xen/
This program is developed at the University of Cambridge. Guest operating
systems need some changes applied, but XEN in return offers extremely high
performance compared to other solutions.
Gentoo integration: There are experimental ebuilds at Gentoo's bugzilla[7]
available.
7. http://bugs.gentoo.org/show_bug.cgi?id=70161
UML - User Mode Linux[8]
8. http://user-mode-linux.sourceforge.net/
This is a Linux-specific virtualization. It uses a patched kernel for the
guest OS, and needs a patched host for better performance. Some versions
also support nested UMLs, e.g. booting a UML instance in another UML
instance. It is completely encapsulated from the host OS and usually uses
files for its "virtual harddisks". Therefore performance tends to be lower
than XEN, but since it emulates a whole kernel, its uses tend to be
different, for example honeynets, network testing, distributed computing
testing.
Gentoo integration: The patched kernel is available as usermode-sources in
Portage. A Howto exists at the Gentoo website[9].
9. http://www.gentoo.org/doc/en/uml.xml
VMWare[10]
10. http://www.vmware.com/
This commercial program allows to run any x86 OS "in a window" on Linux
and Windows. It is quite mature, and reasonably fast. Even stacked
instances are possible, such as Linux in VMWare on Windows in VMWare on
Linux, for example. The hardware emulation presents a S3 graphics card, so
some special applications like Windows DirectX games will be unable to
run. Different versions of VMWare are available, ESX Server targeted for
large server installations, and VMWare Workstation for desktop use.
Gentoo integration: app-emulation/vmware-workstation is a 30-day demo
version. It can be upgraded to the full version by aquiring a key from
VMWare.
MOL - Mac-on-Linux[11]
11. http://maconlinux.org/
The PowerPC equivalent of VMWare, but non-commercial and free. Near-native
performance, runs Mac OS > 7.5, Mac OS X and Linux in windows or
full-screen modes. Its only drawback is the inability to operate on the
new G5 64-bit CPU Macintosh, but it does work on PegasosPPC, for example,
even with Mac OS X.
Gentoo integration:MOL is available in Portage.
BOCHS[12]
12. http://bochs.sourceforge.net/
BOCHS is one of the oldest emulators available. It is an x86 CPU-emulator
written in C++, thus completely portable. Compared to virtualization, the
performance is extremely low, but it still has its moments - or do you
know any other program that allows you to boot FreeDOS on an UltraSPARC?
Gentoo integration:BOCHS is available in Portage. Disk images for booting
can be found on the BOCHS website.
PearPC[13]
13. http://pearpc.sourceforge.net/
The newcomer among the emulators. It is still in rapid development, but
already allows to boot a virtual MacOS X on any supported platform
(including Win32!). The speed is about 1/500th of a real processor, but
the coolness factor of running bochs in pearpc in vmware is hard to beat.
Gentoo integration: PearPC is available in Portage.
Plex86[14]
14. http://savannah.nongnu.org/projects/plex86
Plex86 wants to be seen as the Open Source alternative to VMWare. It is
x86 only, but offers acceptable performance. The project seems to have
little activity at the moment. A fork with slightly different goals can be
found here[15] but this is a Linux only virtualization.
15. http://plex86.sourceforge.net/
Gentoo integration: Plex86 is available in Portage.
coLinux[16]
16. http://www.colinux.org/
Cooperative Linux is the first working free method for running Linux on
Microsoft Windows natively. It can boot any Linux loopback filesystem, and
even has limited network support through the TUN/TAP driver. It is not a
replacement for Cygwin (which itself isn't a virtualizer, only an API
translator), but offers the full bandwidth of Linux applications in
Windows.
Gentoo integration:A Gentoo boot image can be downloaded from the project
homepage.
QEMU[17]
17. http://fabrice.bellard.free.fr/qemu/
This nice program is not one, but many emulators. It can emulate different
architectures on a wide range of hardware, thus giving it the edge in
flexibility. It is supposed to be much faster than other emulators, but
the real performance will still be quite low.
Gentoo integration:QEMU is available in portage.
==================
3. Gentoo security
==================
PDFlib: Multiple overflows in the included TIFF library
-------------------------------------------------------
PDFlib is vulnerable to multiple overflows, which can potentially lead to
the execution of arbitrary code.
For more information, please see the GLSA Announcement[18]
18. http://www.gentoo.org/security/en/glsa/glsa-200412-02.xml
imlib: Buffer overflows in image decoding
-----------------------------------------
Multiple overflows have been found in the imlib library image decoding
routines, potentially allowing execution of arbitrary code.
For more information, please see the GLSA Announcement[19]
19. http://www.gentoo.org/security/en/glsa/glsa-200412-03.xml
Perl: Insecure temporary file creation
--------------------------------------
Perl is vulnerable to symlink attacks, potentially allowing a local user
to overwrite arbitrary files.
For more information, please see the GLSA Announcement[20]
20. http://www.gentoo.org/security/en/glsa/glsa-200412-04.xml
mirrorselect: Insecure temporary file creation
----------------------------------------------
mirrorselect is vulnerable to symlink attacks, potentially allowing a
local user to overwrite arbitrary files.
For more information, please see the GLSA Announcement[21]
21. http://www.gentoo.org/security/en/glsa/glsa-200412-05.xml
PHProjekt: setup.php vulnerability
----------------------------------
PHProjekt contains a vulnerability in the setup procedure allowing remote
users without admin rights to change the configuration.
For more information, please see the GLSA Announcement[22]
22. http://www.gentoo.org/security/en/glsa/glsa-200412-06.xml
=========================
4. Heard in the community
=========================
gentoo-dev
----------
Too many mailing lists?
Are there too many (low traffic) Gentoo mailinglists? How do you get all
relevant info without subscribing to a dozen mailinglists? And finally, is
there a better solution? Find out what other Gentooists have to say to
those questions.
* Too many mailing lists[23]
23. http://thread.gmane.org/gmane.linux.gentoo.devel/23341
Small notes on developer policy
Mike Frysinger[24] posted two reminders on how to do things the right way:
1) Only apply patches arch-specific if absolutely neccessary, and 2) don't
dump your bugs in gcc-porting (or some of the other defenseless bugzilla
aliases). He suggests that if everyone sticks to some basic rules,
bugfixing and updating will be easier and more efficient. And, if bugs are
assigned to the right people, they might even get fixed ...
24. vapier@gentoo.org
* arch-apecific patches[25]
* a note about gcc-porting team[26]
25. http://thread.gmane.org/gmane.linux.gentoo.devel/23340
26. http://thread.gmane.org/gmane.linux.gentoo.devel/23314
=======================
5. Gentoo International
=======================
Japan: Gentoo Bonenkai in Tokyo
--------------------------------
GentooJP developer-at-large Masatomo Nakano, currently based in London, is
coming back to Japan for a few days around New Year's Eve. As on previous
occasions, this serves as the perfect excuse for the Japanese Gentooists
to hold a Bonenkai, the usually raucous Japanese year-end party. Check the
Japanese user mailing list[27] for details on the exact location, so far
the plan is to meet in Tokyo's Shibuya district on 28 December 2004, at
around 18:00.
27. http://ml.gentoo.gr.jp/users/
Germany: Christmas party photos
-------------------------------
The Christmas bowling event on Friday 10 December, organized by and for
Germany's most weathered Gentooists in the Ruhr region that we announced
two weeks ago, appears to have gone down quite well, and in perfect
harmony, according to the impressive photo gallery[28] available at the
German Gentoo website. Depicted are some of the finest developers around,
but frankly, their bowling skills are not on the same level. The
scorecards aren't much to write home about, but on the upside of things no
harm was done to the inventory.
28. http://www.gentoo.de/pub/pics/gum/ob/20041210/
======================
6. Gentoo in the press
======================
Heise online (7 December 2004)
------------------------------
Germany's leading IT magazine reports about the upcoming 21c3 conference
in Berlin, in an article titled "More than the usual suspects."[29] Based
on an interview with Gentoo developer and Chaos Computer Club spokesman
Lars Weiler[30], the article specially mentions the Gentoo developer
conference to be held during the 21c3.
29. http://www.heise.de/newsticker/meldung/54008
30. pylon@gentoo.org
===========
7. Bugzilla
===========
Summary
-------
* Statistics
* Closed bug ranking
* New bug rankings
Statistics
----------
The Gentoo community uses Bugzilla (bugs.gentoo.org[31]) to record and
track bugs, notifications, suggestions and other interactions with the
development team. Between 05 December 2004 and 12 December 2004, activity
on the site has resulted in:
31. http://bugs.gentoo.org
* 742 new bugs during this period
* 443 bugs closed or resolved during this period
* 31 previously closed bugs were reopened this period
Of the 7590 currently open bugs: 126 are labeled 'blocker', 237 are
labeled 'critical', and 548 are labeled 'major'.
Closed bug rankings
-------------------
The developers and teams who have closed the most bugs during this period
are:
* Gentoo Games[32], with 36 closed bugs[33]
* Portage Utitilities Team[34], with 22 closed bugs[35]
* Gentoo Linux Gnome Desktop Team[36], with 19 closed bugs[37]
* Gentoo's Team for Core System packages[38], with 17 closed bugs[39]
* AMD64 Porting Team[40], with 16 closed bugs[41]
* PPC Porters[42], with 14 closed bugs[43]
* SpanKY[44], with 13 closed bugs[45]
* Gentoo KDE team[46], with 13 closed bugs[47]
32. games@gentoo.org
33.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2004-12-05&chfieldto=2004-12-12&resolution=FIXED&assigned_to=games@gentoo.org
34. tools-portage@gentoo.org
35.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2004-12-05&chfieldto=2004-12-12&resolution=FIXED&assigned_to=tools-portage@gentoo.org
36. gnome@gentoo.org
37.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2004-12-05&chfieldto=2004-12-12&resolution=FIXED&assigned_to=gnome@gentoo.org
38. base-system@gentoo.org
39.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2004-12-05&chfieldto=2004-12-12&resolution=FIXED&assigned_to=base-system@gentoo.org
40. amd64@gentoo.org
41.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2004-12-05&chfieldto=2004-12-12&resolution=FIXED&assigned_to=amd64@gentoo.org
42. ppc@gentoo.org
43.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2004-12-05&chfieldto=2004-12-12&resolution=FIXED&assigned_to=ppc@gentoo.org
44. vapier@gentoo.org
45.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2004-12-05&chfieldto=2004-12-12&resolution=FIXED&assigned_to=vapier@gentoo.org
46. kde@gentoo.org
47.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2004-12-05&chfieldto=2004-12-12&resolution=FIXED&assigned_to=kde@gentoo.org
New bug rankings
----------------
The developers and teams who have been assigned the most new bugs during
this period are:
* AMD64 Porting Team[48], with 23 new bugs[49]
* Perl Devs @ Gentoo[50], with 15 new bugs[51]
* Gentoo's Team for Core System packages[52], with 11 new bugs[53]
* Gentoo Sound Team[54], with 9 new bugs[55]
* Net-Mail Packages[56], with 8 new bugs[57]
* Mozilla Gentoo Team[58], with 8 new bugs[59]
* Text-Markup Team[60], with 7 new bugs[61]
* PHP Bugs[62], with 7 new bugs[63]
48. amd64@gentoo.org
49.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2004-12-05&chfieldto=2004-12-12&assigned_to=amd64@gentoo.org
50. perl@gentoo.org
51.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2004-12-05&chfieldto=2004-12-12&assigned_to=perl@gentoo.org
52. base-system@gentoo.org
53.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2004-12-05&chfieldto=2004-12-12&assigned_to=base-system@gentoo.org
54. sound@gentoo.org
55.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2004-12-05&chfieldto=2004-12-12&assigned_to=sound@gentoo.org
56. net-mail@gentoo.org
57.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2004-12-05&chfieldto=2004-12-12&assigned_to=net-mail@gentoo.org
58. mozilla@gentoo.org
59.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2004-12-05&chfieldto=2004-12-12&assigned_to=mozilla@gentoo.org
60. text-markup@gentoo.org
61.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2004-12-05&chfieldto=2004-12-12&assigned_to=text-markup@gentoo.org
62. php-bugs@gentoo.org
63.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2004-12-05&chfieldto=2004-12-12&assigned_to=php-bugs@gentoo.org
==================
8. Tips and Tricks
==================
Fresh USE flag and profile editors
----------------------------------
ufed has served its purpose of providing an overview and editing USE flag
settings in Gentoo systems for quite a while. Its ncurses-based interface
wasn't exactly pretty, and it hasn't seen much development over the past
few months.
Enter the alternatives: Damien Krotkine[64] has just brought his new
"Profuse" up to speed and into Portage. It is meant to be particularly
good at dealing with cascading profiles, has a GTK+-2 interface that's
generally pleasing to the eye, and is easily available by simply emerging
it.
64. dams@gentoo.org
---------------------------------------------------------------------------
| Code Listing 8.1: |
|Emerge |
profuse--------------------------------------------------------------------
-----
| |
|# echo "app-portage/profuse ~x86" >> /etc/portage/package.keywords (if |
necessary)
|# emerge profuse |
| |
---------------------------------------------------------------------------
Figure 8.1: Damien Krotkine's profuse, the profile and USE editor
http://www.gentoo.org/images/gwn/20041213-profuse.jpg
profuse defaults to whatever is linked to /etc/make.profile, but it can
already work on cascading profiles, too, with the profile editing GUI
currently still under development:
---------------------------------------------------------------------------
| Code Listing 8.2: |
|Invoke profuse with a cascading |
profile--------------------------------------------------------------------
-----
| |
|# profuse --profile-dir=/usr/portage/profiles/default-linux/ppc/2004.3 |
| |
---------------------------------------------------------------------------
For Gentoo on Mac OS X users, Michael Hanselmann[65] has created
app-portage/portage-prefpane that works as a plugin to the standard System
Preferences application of Mac OS X. It serves as an editor for the
make.conf file and can manipulate USE-flags, features and mirrors.
Additionally, it provides an interface to edit all variables in make.conf.
It runs only on Mac OS X, of course:
65. hansmi@gentoo.org
Figure 8.2: Portage-prefpane fully integrated into Mac OS X System
Preferences
http://www.gentoo.org/images/gwn/20041213-prefpane.png
===========================
9. Moves, adds, and changes
===========================
Moves
-----
The following developers recently left the Gentoo team:
* Michael Boman
Adds
----
The following developers recently joined the Gentoo Linux team:
* Torsten Veller (tove) - net-mail, net-dialup
* Aaron Kulbe (SuperLag) - net-mail
Changes
-------
The following developers recently changed roles within the Gentoo Linux
project:
* None this week
=====================
10. Contribute to GWN
=====================
Interested in contributing to the Gentoo Weekly Newsletter? Send us an
email[66].
66. gwn-feedback@gentoo.org
================
11. GWN feedback
================
Please send us your feedback[67] and help make the GWN better.
67. gwn-feedback@gentoo.org
================================
12. GWN subscription information
================================
To subscribe to the Gentoo Weekly Newsletter, send a blank email to
gentoo-gwn-subscribe@gentoo.org.
To unsubscribe to the Gentoo Weekly Newsletter, send a blank email to
gentoo-gwn-unsubscribe@gentoo.org from the email address you are
subscribed under.
===================
13. Other languages
===================
The Gentoo Weekly Newsletter is also available in the following languages:
* Danish[68]
* Dutch[69]
* English[70]
* German[71]
* French[72]
* Japanese[73]
* Italian[74]
* Polish[75]
* Portuguese (Brazil)[76]
* Portuguese (Portugal)[77]
* Russian[78]
* Spanish[79]
* Turkish[80]
68. http://www.gentoo.org/news/da/gwn/gwn.xml
69. http://www.gentoo.org/news/be/gwn/gwn.xml
70. http://www.gentoo.org/news/en/gwn/gwn.xml
71. http://www.gentoo.org/news/de/gwn/gwn.xml
72. http://www.gentoo.org/news/fr/gwn/gwn.xml
73. http://www.gentoo.org/news/ja/gwn/gwn.xml
74. http://www.gentoo.org/news/it/gwn/gwn.xml
75. http://www.gentoo.org/news/pl/gwn/gwn.xml
76. http://www.gentoo.org/news/br/gwn/gwn.xml
77. http://www.gentoo.org/news/pt/gwn/gwn.xml
78. http://www.gentoo.org/news/ru/gwn/gwn.xml
79. http://www.gentoo.org/news/es/gwn/gwn.xml
80. http://www.gentoo.org/news/tr/gwn/gwn.xml
Ulrich Plate <plate@gentoo.org> - Editor
Michael Hanselmann <hansmi@gentoo.org> - Author
Damien Krotkine <dams@gentoo.org> - Author
Patrick Lauer <patrick@gentoo.org> - Author
Lars Weiler <pylon@gentoo.org> - Author
--
gentoo-gwn@gentoo.org mailing list