1 |
--------------------------------------------------------------------------- |
2 |
Gentoo Weekly Newsletter |
3 |
http://www.gentoo.org/news/en/gwn/current.xml |
4 |
This is the Gentoo Weekly Newsletter for the week of January 27th, 2003. |
5 |
--------------------------------------------------------------------------- |
6 |
|
7 |
============== |
8 |
1. Gentoo News |
9 |
============== |
10 |
|
11 |
Summary |
12 |
------- |
13 |
|
14 |
* Gentoo Linux at LinuxWorld Expo |
15 |
* GLSAs being integrated into Portage |
16 |
|
17 |
Gentoo Linux at LinuxWorld Expo |
18 |
------------------------------- |
19 |
|
20 |
Gentoo Linux had a strong showing at last week's LinuxWorld Expo. Showing |
21 |
off the recently-released Linux port of Unreal Tournament 2003, the Gentoo |
22 |
booth drew large crowds throughout the show. Many of the attendees were |
23 |
unfamiliar with Gentoo Linux, so this was a great opportunity to educate a |
24 |
highly-targeted audience about the many benefits of Gentoo. While we |
25 |
received inquiries from a wide range of people, there seemed to be a |
26 |
specific interest from the scientific community, with several attendees |
27 |
expressing an interest in using Gentoo Linux for their research projects. |
28 |
|
29 |
It was also a great opportunity for many of the developers and avid Gentoo |
30 |
users to finally meet face to face. All told, nearly a dozen developers |
31 |
showed up for part or all of the show. Amazingly, few people looked like |
32 |
they do on IRC. For those who were unable to attend LWE, we've included a |
33 |
few pictures with this week's issue. |
34 |
|
35 |
Figure 1.1: The Gentoo Linux booth at LinuxWorld Expo |
36 |
http://www.ibiblio.org/pub/Linux/distributions/gentoo/images/gwn/20030127_l |
37 |
we_booth.jpg |
38 |
Figure 1.2: Gerk spent much of his time burning CDs for attendees |
39 |
http://www.ibiblio.org/pub/Linux/distributions/gentoo/images/gwn/20030127_l |
40 |
we_gerk_burning.jpg |
41 |
Figure 1.3: Seemant Kulleen (left) and Daniel Robbins |
42 |
http://www.ibiblio.org/pub/Linux/distributions/gentoo/images/gwn/20030127_l |
43 |
we_seemant_drobbins.jpg |
44 |
|
45 |
GLSAs being integrated into Portage |
46 |
----------------------------------- |
47 |
|
48 |
Nick Jones announced his intention to integrate Gentoo Linux Security |
49 |
Announcements into Portage The proposed method is converting GLSAs to XML |
50 |
format to allow for easy integration into Portage, allowing users to only |
51 |
update packages that are affected by GLSAs. While the details still need |
52 |
to be worked out, this will certainly be a welcome feature by many Gentoo |
53 |
users and will make running Gentoo on servers where stability is paramount |
54 |
an easier task. |
55 |
|
56 |
================== |
57 |
2. Gentoo Security |
58 |
================== |
59 |
|
60 |
Summary |
61 |
------- |
62 |
|
63 |
* GLSA: vim vim-core gvim |
64 |
* GLSA: cvs |
65 |
* GLSA: kde-2.2.x |
66 |
* New Security Bug Reports |
67 |
|
68 |
GLSA: vim vim-core gvim |
69 |
----------------------- |
70 |
|
71 |
The vim editor and associated packages contain a bug which permits |
72 |
execution of un-sandboxed modeline commands. This permits a maliciously |
73 |
crafted textfile to execute arbitrary code with the user's privileges. The |
74 |
advisory also notes an unconfirmed report of a similar problem with local |
75 |
variables in emacs. An exploit has been demonstrated.. |
76 |
* Severity: Moderate to High - arbitrary code execution. |
77 |
* Packages Affected: app-editors/vim-core (prior to 6-1-r4), vim (prior |
78 |
to 6.1-r19), gvim (prior to 6.1-r6). |
79 |
* Rectification: Synchronize and emerge -u vim-core vim gvim |
80 |
* GLSA Announcement[1] |
81 |
* Advisory[2] |
82 |
|
83 |
1. http://forums.gentoo.org/viewtopic.php?t=31627 |
84 |
2. http://www.guninski.com/vim1.html |
85 |
|
86 |
GLSA: cvs |
87 |
--------- |
88 |
|
89 |
Maliciously malformed directory names can be used to trigger an error in |
90 |
CVS that can result in a global pointer being freed twice. This condition |
91 |
could be used to determine heap memory locations as a prelude to other |
92 |
attacks using the CVS servers' privilege level (potentially root). No |
93 |
exploits in the wild are reported. |
94 |
* Severity: Critical - remote information leak, security exposure of |
95 |
systems vulnerable to double-free pointer bugs. |
96 |
* Packages Affected: dev-util/cvs versions prior to 1.11.5 |
97 |
* Rectification: Synchronize and emerge -u cvs |
98 |
* GLSA Announcement[3] |
99 |
* Advisory[4] |
100 |
|
101 |
3. http://forums.gentoo.org/viewtopic.php?t=31285 |
102 |
4. http://security.e-matters.de/advisories/012003.html |
103 |
|
104 |
GLSA: kde-2.2.x |
105 |
--------------- |
106 |
|
107 |
In some cases, KDE may fail to properly quote execution parameters. This |
108 |
could permit arbitrary command execution (with the target user's |
109 |
privileges) through the use of carefully crafted URLs, email addresses and |
110 |
filenames. Exploits have been demonstrated. This report is related to an |
111 |
earlier report[5] of a vulnerability in kde-3.0.x. |
112 |
* Severity: High - remote execution of code, exploits in the wild. |
113 |
* Packages Affected: kde-base/kde2.2.x |
114 |
* Rectification: Synchronize and emerge -u kde |
115 |
* GLSA Announcement[6] |
116 |
* Advisory[7] |
117 |
|
118 |
The updated ebuilds for kde-2.2.2 are currently only marked stable for |
119 |
x86. |
120 |
|
121 |
5. http://forums.gentoo.org/viewtopic.php?t=27299 |
122 |
6. http://forums.gentoo.org/viewtopic.php?t=30777 |
123 |
7. http://www.kde.org/info/security/advisory-20021220-1.txt |
124 |
|
125 |
New Security Bug Reports |
126 |
------------------------ |
127 |
|
128 |
There are no new security bugs this week. The mpg123 bug mentioned last |
129 |
week: |
130 |
|
131 |
* media-sound/mpg123[8] |
132 |
|
133 |
remains open, but the message traffic implies that the issue may not be a |
134 |
concern for the version currently in the portage tree. The bug is still |
135 |
open because of a potential issue with frame size calculation in the |
136 |
current version. |
137 |
|
138 |
8. http://bugs.gentoo.org/show_bug.cgi?id=14076 |
139 |
|
140 |
================================= |
141 |
3. Featured Developer of the Week |
142 |
================================= |
143 |
|
144 |
Nicholas Jones |
145 |
|
146 |
Figure 3.1: Nicholas Jones |
147 |
http://www.ibiblio.org/pub/Linux/distributions/gentoo/images/gwn/20030127_c |
148 |
arpaski.jpg |
149 |
|
150 |
Nicholas Jones[9], this week's (and the inaugural) Featured Developer, is |
151 |
the current maintainer of Portage. Subscribers to the mailing lists will |
152 |
have his response[10] to the recent /etc/make.conf fiasco fresh in their |
153 |
minds, whereas those who frequent the IRC channel (#gentoo on |
154 |
irc.freenode.net) or the forums will have seen him as carpaski, responding |
155 |
to Portage feature requests and resolving various problems. IRC, actually, |
156 |
is where Nick got started with the Gentoo team: a regular who helped out |
157 |
with things and submitted ebuilds and patches, the developers snapped him |
158 |
up and got him onboard. Now, as Portage maintainer, he plans and codes new |
159 |
features for Portage, making sure that changes are as modular as possible |
160 |
to facilitate testing and debugging, as well as reviewing bug reports, |
161 |
looking for problems to solve and features that can be merged into |
162 |
portage. |
163 |
|
164 |
9. carpaski@g.o |
165 |
10. http://marc.theaimsgroup.com/?l=gentoo-user&m=104272726519197&w=2 |
166 |
|
167 |
A self-proclaimed console junky, Nick's favorite applications include |
168 |
Midnight Commander, vi, lsof, and bash. He uses Enlightenment 16.5 - and |
169 |
only Enlightenment 16.5 - for window management, and mutt for mail. Using |
170 |
his scripting skills, Nick has done some work remotely administering UNIX |
171 |
machines, and has also worked as a network engineer on a US goverment |
172 |
backbone. Amazingly enough, when he's not busy hacking and testing Portage |
173 |
or doing administration work, you'll find him studying at the Illinois |
174 |
Institute of Technology in Chicago, IL. After all that it's hard to |
175 |
imagine that he'd have time left for other pursuits, but Nick says he |
176 |
likes wine and music - both listening to it and playing it on guitar, as |
177 |
well as frisbee and racquetball. |
178 |
|
179 |
========================= |
180 |
4. Heard In The Community |
181 |
========================= |
182 |
|
183 |
Web Forums |
184 |
---------- |
185 |
|
186 |
emerge-webrsync Tool Problems |
187 |
|
188 |
A recent thread[11] in the forums was promoted to an alert when it was |
189 |
discovered that an upgrade to the emerge-webrsync tool from the gentoolkit |
190 |
had resulted in the potential for it to delete the /usr directory on |
191 |
machines where it was run. emerge-webrsync is a tool for automatically |
192 |
updating the local portage directory from the daily snapshots on machines |
193 |
that are prevented from using emerge sync (for example, on machines behind |
194 |
firewalls that block rsync). A number of users reported substantial (and |
195 |
possibly unrecoverable) damage to their installations. The problem was |
196 |
reported in this bug report[12]. The issue was apparently resolved in |
197 |
gentoolkit-r11. |
198 |
|
199 |
11. http://forums.gentoo.org/viewtopic.php?t=31494 |
200 |
12. http://bugs.gentoo.org/show_bug.cgi?id=14388 |
201 |
|
202 |
Much Moaning About ibiblio |
203 |
|
204 |
People all over the planet are struggling to get decent download speeds |
205 |
from the ibiblio server that provides the packages for Gentoo |
206 |
installations. Not a major problem as long as everybody was content to |
207 |
grab a stage1 tarball and take it from there, but since the introduction |
208 |
of the Gentoo Reference Platform and its collection of precompiled |
209 |
binaries, the CD images have grown to "normal" size around 500 MB each, |
210 |
and the complaints are getting louder, on the IRC channels and the forums. |
211 |
If it wasn't for the fact that many of those complaining have simply |
212 |
failed to embrace any of the dozens of mirrors listed[13] at the official |
213 |
Gentoo website and Ibiblio itself... |
214 |
|
215 |
* ibiblio esta lenta...[14] |
216 |
* Problems accessing ibiblio...[15] |
217 |
* ibiblio suddenly slow![16] |
218 |
* ibiblslow.org[17] |
219 |
|
220 |
13. http://www.gentoo.org/main/en/where.xml |
221 |
14. http://forums.gentoo.org/viewtopic.php?t=31478 |
222 |
15. http://forums.gentoo.org/viewtopic.php?t=25724 |
223 |
16. http://forums.gentoo.org/viewtopic.php?t=28560 |
224 |
17. http://forums.gentoo.org/viewtopic.php?t=22830 |
225 |
|
226 |
Automatic Writing Resurrected |
227 |
|
228 |
One of the Forum's all-time classics is back: After a break over Christmas |
229 |
and New Year's, the "Story By Post" thread has been reanimated. Knitted |
230 |
with one-liners that fit exceptionally well within the general direction |
231 |
the story will take (except that nobody actually knows where it's going), |
232 |
each contribution adds to a great recital involving (so far) the marmalade |
233 |
cat, Ellen Feiss, the wonder boy, Peter Falk and many others still rubbing |
234 |
their eyes in disbelief, wondering how they ended up starring in a prose |
235 |
artifact hovering on a technical support forum. Another thread in a |
236 |
similar genre has been left alone for a while - well, until now. This one |
237 |
actually comes with its own meta-thread: |
238 |
|
239 |
* Story By Post[18] |
240 |
* Chain Thread[19] |
241 |
* Chain Thread Offramp[20] |
242 |
|
243 |
18. http://forums.gentoo.org/viewtopic.php?t=21618 |
244 |
19. http://forums.gentoo.org/viewtopic.php?t=20571 |
245 |
20. http://forums.gentoo.org/viewtopic.php?t=20599 |
246 |
|
247 |
Forum Statistics |
248 |
|
249 |
fghellar[21], one of the Forum's bodhisattvas and an honorary headcounter, |
250 |
has posted an update on the number of users currently registered at the |
251 |
site. Hard to estimate how many of these are active or at least passively |
252 |
reading stuff, but the sheer numbers are impressive. Constantly updated |
253 |
statistics can be watched by clicking on the official statistics link in |
254 |
the top menu, but for a historical perspective on growth in the Gentoo |
255 |
forums check the first link: |
256 |
|
257 |
* 1k users[22] |
258 |
* Official forum statistics[23] |
259 |
|
260 |
21. http://forums.gentoo.org/profile.php?mode=viewprofile&u=20 |
261 |
22. http://forums.gentoo.org/viewtopic.php?t=1593 |
262 |
23. http://forums.gentoo.org/statistics.php |
263 |
|
264 |
gentoo-user |
265 |
----------- |
266 |
|
267 |
More praise for Phoenix |
268 |
|
269 |
A lengthy discussion took place on gentoo-user about the buggy misbehavior |
270 |
of Mozilla. It seems that almost everyone and their mother has complained |
271 |
about bad plugin support, sluggishness and crashes -- especially when |
272 |
dealing with Gentoo's Mozilla sources. Even with Rafa's tip[24] on |
273 |
compiling Mozilla without mail and news support and Steve's point[25] on |
274 |
using the mozilla.org tarballs, the complaints remained widespread. |
275 |
Phoenix was mentioned as an alternative and the audience gave nothing but |
276 |
praise. Phoenix is a non-bloated redesign of the Mozilla browser component |
277 |
which admittedly runs much faster and embraces the java and flash plugins |
278 |
on Gentoo systems without hesitation. The thread[26] even encouraged happy |
279 |
Mozilla users to switch to Phoenix. If you've been fighting with Mozilla, |
280 |
you may want to experiment with Phoenix if you don't need Moz's mail & |
281 |
news. |
282 |
|
283 |
24. http://marc.theaimsgroup.com/?l=gentoo-user&m=104300159002182&w=2 |
284 |
25. http://marc.theaimsgroup.com/?l=gentoo-user&m=104297434515022&w=2 |
285 |
26. http://marc.theaimsgroup.com/?l=gentoo-user&m=104296768011912&w=2 |
286 |
|
287 |
Kernel Performance |
288 |
|
289 |
Most of us gentoo users are not satisfied with an OK system. We'd much |
290 |
rather have our software tweaked just enough to squeeze an extra 5hp out |
291 |
of that already souped up 750hp big block. The number one place to muster |
292 |
this extra horsepower is the Linux kernel. We can worry about the CFLAGS |
293 |
later. Gentoo is stocked with many different kernel sources other than the |
294 |
-gentoo ones, and all come with their unique advantages and disavantages |
295 |
as determined by the patches involved with them. These patches are applied |
296 |
against the 'vanilla' source resulting in a modified kernel. An example of |
297 |
these patches, rmap[27] , was described within the thread. Aniruddha |
298 |
Shankar started the discussion[28] by boasting his happines with using Con |
299 |
Kolivas's kernel (-ck sources) for his desktop system. As always, Gentoo |
300 |
users are encouraged to tailor their system to their needs, and a good |
301 |
place to start is the kernel. |
302 |
|
303 |
27. http://marc.theaimsgroup.com/?l=gentoo-user&m=104341729031736&w=2 |
304 |
28. http://marc.theaimsgroup.com/?l=gentoo-user&m=104341350726805&w=2 |
305 |
|
306 |
gentoo-dev |
307 |
---------- |
308 |
|
309 |
Methods for managing etc files. |
310 |
|
311 |
Jeff Kowing asked[29] about the techniques to use to manage updateing etc |
312 |
files after an upgrade. Matthew Walker answer very succinctly[30] that |
313 |
etc-update may be what he was looking for. |
314 |
|
315 |
29. http://article.gmane.org/gmane.linux.gentoo.devel/6702 |
316 |
30. http://article.gmane.org/gmane.linux.gentoo.devel/6704 |
317 |
|
318 |
Gentoo-sources vs "stock" kernels. |
319 |
|
320 |
Dewet Diener wrote[31] to ask: "I'm wondering what the general status of |
321 |
gentoo-sources is compared to the more "stock" kernels, like vanilla and |
322 |
-ac? Is it being used in production-class setups without hitches?". Kim |
323 |
Nielsen replied[32] with "The gentoo kernel is quite stable but Gentoo was |
324 |
never ment as a server distribution even though it serves just as well as |
325 |
others like Redhat or Debian. It was intedned for network/developer use." |
326 |
Thomas T. Veldhouse chipped in[33] with: "I don't think there is any such |
327 |
intent. By what I can see and know about Gentoo, it is for any use that |
328 |
one sees fit. It was never designed for any particular application. [...] |
329 |
it is up to the administrator to make sure that gentoo changes don't hose |
330 |
a production machine". |
331 |
|
332 |
31. http://article.gmane.org/gmane.linux.gentoo.devel/6705 |
333 |
32. http://article.gmane.org/gmane.linux.gentoo.devel/6710 |
334 |
33. http://article.gmane.org/gmane.linux.gentoo.devel/6711 |
335 |
|
336 |
======================= |
337 |
5. Gentoo International |
338 |
======================= |
339 |
|
340 |
Unofficial European Gentoo Websites |
341 |
|
342 |
While the official Gentoo website struggles to keep up with the |
343 |
multilingual cacophony created by the enormous wave of popularity crashing |
344 |
over its head, many non-English websites have taken over the part of |
345 |
support for local communities. Today we take a closer look at some |
346 |
European sites: French-speaking users, for example, have been blessed with |
347 |
a dynamic news and discussion site of their own for many months now. The |
348 |
forum section is not as active as the French board at forums.gentoo.org, |
349 |
but manages to coexist peacefully. But the real strength of "Da Gentoo" |
350 |
lies in its news coverage, delivered not only to common browsers: |
351 |
Gentoofr.org news are being served for PDAs and for WAP-enabled mobile |
352 |
phones. The German Gentoo project is probably the oldest outside of the US |
353 |
(it started sometime back in April 2002), but hasn't lost its appetite |
354 |
yet. Gentoo.de (like many other international sites, e.g. Korea and Japan) |
355 |
is focussed on documentation, but more importantly provides a large number |
356 |
of supplementary "regional" ebuilds with spellcheckers and localized |
357 |
Openoffice-bin versions, and the occasional tool for users with specific |
358 |
homegrown problems (a PPPoE tarball for DSL users in Germany can be |
359 |
downloaded from the project's FTP-server). The Danish site has its |
360 |
emphasis equally on projects and development, and is currently looking for |
361 |
contributors and people who can help with PHP coding. The news section |
362 |
definitely needs a blood transfusion, there haven't been any updates since |
363 |
May 2002. The Norwegian website has a comparatively low profile, |
364 |
apparently content to just provide a few links to mirror servers and |
365 |
information resources. But it's highly unfair to just point out the |
366 |
websites: The most buzz for the buck comes from the many non-English IRC |
367 |
channels on Freenode! Anybody who wants to get a feel for the huge user |
368 |
base Gentoo has in many European countries, just check out the Dutch or |
369 |
the Portuguese #gentoo-nl or #gentoo-pt channels via irc.freenet.org... |
370 |
With a channel like #gentoo-fi, who needs a Finnish website, and the |
371 |
Swedes even have their own IRC statistics: |
372 |
|
373 |
* France: Da Gentoo French Page[34] |
374 |
* Germany: Gentoo Linux - Das deutschsprachige Portal[35] |
375 |
* Denmark: Gentoo Linux Danmark[36] |
376 |
* Norway: Gentoo Linux Norge[37] |
377 |
* Sweden: IRC channel statistics[38] |
378 |
|
379 |
34. http://www.gentoofr.org/ |
380 |
35. http://www.gentoo.de |
381 |
36. http://www.gentoo.dk |
382 |
37. http://www.gentoo.no |
383 |
38. http://gentoo-se.ath.cx |
384 |
|
385 |
================ |
386 |
6. Portage Watch |
387 |
================ |
388 |
|
389 |
The following stable packages were added to portage this week |
390 |
------------------------------------------------------------- |
391 |
|
392 |
Because of the pending release of 1.4_final, the Portage tree is currently |
393 |
frozen. As such, no new stable packages were introduced to Portage this |
394 |
week |
395 |
|
396 |
Updates to notable packages |
397 |
--------------------------- |
398 |
|
399 |
* sys-devel/gcc - gcc-3.2.1-r7.ebuild; |
400 |
* sys-kernel/* - aa-sources-2.4.21_pre3-r1.ebuild; |
401 |
development-sources-2.5.59-r1.ebuild; |
402 |
development-sources-2.5.59-r2.ebuild; development-sources-2.5.59.ebuild; |
403 |
gs-sources-2.4.21_pre3-r1.ebuild; gs-sources-2.4.21_pre3-r2.ebuild; |
404 |
mips-sources-2.4.19.ebuild; openmosix-sources-2.4.20-r2.ebuild; |
405 |
* net-www/apache - apache-2.0.44.ebuild; |
406 |
* app-admin/gentoolkit - gentoolkit-0.1.17-r10.ebuild; |
407 |
gentoolkit-0.1.17-r11.ebuild; |
408 |
|
409 |
=========== |
410 |
7. Bugzilla |
411 |
=========== |
412 |
|
413 |
Summary |
414 |
------- |
415 |
|
416 |
* Statistics |
417 |
* Closed Bug Ranking |
418 |
* New Bug Rankings |
419 |
|
420 |
Statistics |
421 |
---------- |
422 |
|
423 |
The Gentoo community uses Bugzilla (bugs.gentoo.org[39]) to record and |
424 |
track bugs, notifications, suggestions and other interactions with the |
425 |
development team. In the last 7 days, activity on the site has resulted |
426 |
in: |
427 |
|
428 |
* 258 new bugs this week |
429 |
* 1491 total bugs currently marked 'new' |
430 |
* 559 total bugs curently assigned to developers |
431 |
* 54 bugs that were previously closed have been reopened. |
432 |
|
433 |
There are currently 2104 bugs open in bugzilla. Of these: 40 are labelled |
434 |
'blocker', 76 are labelled 'critical', and 144 are labelled 'major'. |
435 |
|
436 |
39. http://bugs.gentoo.org |
437 |
|
438 |
The current list of developers' open bugs may be found at the Gentoo Bug |
439 |
Count Report[40]. |
440 |
|
441 |
40. |
442 |
http://bugs.gentoo.org/reports.cgi?product=-All-&output=most_doomed&links=1 |
443 |
&banner=1&quip=0 |
444 |
|
445 |
Closed Bug Rankings |
446 |
------------------- |
447 |
|
448 |
The developers and teams who have closed the most bugs this week are: |
449 |
|
450 |
* Martin Schlemmer[41], with 38 closed bugs[42] |
451 |
* Nick Hadaway[43], with 17 closed bugs[44] |
452 |
* M. Holzer[45], with 14 closed bugs[46] |
453 |
* Donny Davies[47], with 10 closed bugs[48] |
454 |
* Seemant Kulleen[49], with 8 closed bugs[50] |
455 |
|
456 |
41. azarah@g.o |
457 |
42. |
458 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=RESOLVED&bug_s |
459 |
tatus=CLOSED&resolution=FIXED&resolution=TEST-REQUEST&emailassigned_to1=1&e |
460 |
mailtype1=exact&email1=azarah%40gentoo.org&chfield=bug_status&chfieldfrom=2 |
461 |
003-01-18 |
462 |
43. raker@g.o |
463 |
44. |
464 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=RESOLVED&bug_s |
465 |
tatus=CLOSED&resolution=FIXED&resolution=TEST-REQUEST&emailassigned_to1=1&e |
466 |
mailtype1=exact&email1=raker%40gentoo.org&chfield=bug_status&chfieldfrom=20 |
467 |
03-01-18 |
468 |
45. mholzer@g.o |
469 |
46. |
470 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=RESOLVED&bug_s |
471 |
tatus=CLOSED&resolution=FIXED&resolution=TEST-REQUEST&emailassigned_to1=1&e |
472 |
mailtype1=exact&email1=mholzer%40gentoo.org&chfield=bug_status&chfieldfrom= |
473 |
2003-01-18 |
474 |
47. woodchip@g.o |
475 |
48. |
476 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=RESOLVED&bug_s |
477 |
tatus=CLOSED&resolution=FIXED&resolution=TEST-REQUEST&emailassigned_to1=1&e |
478 |
mailtype1=exact&email1=woodchip%40gentoo.org&chfield=bug_status&chfieldfrom |
479 |
=2003-01-18 |
480 |
49. seemant@g.o |
481 |
50. |
482 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=RESOLVED&bug_s |
483 |
tatus=CLOSED&resolution=FIXED&resolution=TEST-REQUEST&emailassigned_to1=1&e |
484 |
mailtype1=exact&email1=seemant%40gentoo.org&chfield=bug_status&chfieldfrom= |
485 |
2003-01-18 |
486 |
|
487 |
New Bug Rankings |
488 |
---------------- |
489 |
|
490 |
The developers and teams who have been assigned the most new bugs this |
491 |
week are: |
492 |
|
493 |
* Martin Schlemmer[51], with 10 new bugs[52] |
494 |
* Nick Hadaway[53], with 6 new bugs[54] |
495 |
* Seth Chandler[55], with 6 new bugs[56] |
496 |
* The Gnome Team[57], with 5 new bugs[58] |
497 |
|
498 |
51. azarah@g.o |
499 |
52. |
500 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s |
501 |
tatus=REOPENED&emailassigned_to1=1&emailtype1=exact&email1=azarah%40gentoo. |
502 |
org&chfield=bug_status&chfieldfrom=2003-01-18 |
503 |
53. raker@g.o |
504 |
54. |
505 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s |
506 |
tatus=REOPENED&emailassigned_to1=1&emailtype1=exact&email1=raker%40gentoo.o |
507 |
rg&chfield=bug_status&chfieldfrom=2003-01-18 |
508 |
55. sethbc@g.o |
509 |
56. |
510 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s |
511 |
tatus=REOPENED&emailassigned_to1=1&emailtype1=exact&email1=sethbc%40gentoo. |
512 |
org&chfield=bug_status&chfieldfrom=2003-01-18 |
513 |
57. gnome@g.o |
514 |
58. |
515 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s |
516 |
tatus=REOPENED&emailassigned_to1=1&emailtype1=exact&email1=gnome%40gentoo.o |
517 |
rg&chfield=bug_status&chfieldfrom=2003-01-18 |
518 |
|
519 |
================== |
520 |
8. Tips and Tricks |
521 |
================== |
522 |
|
523 |
Using Procmail and SpamAssassin to Block Spam and Filter Mailing Lists |
524 |
|
525 |
The proliferation of unsolicited email, or spam, is becoming more and more |
526 |
widespread. However, there are many tools to help prevent spam. This week, |
527 |
we look at using Procmail and SpamAssassin to filter incoming mail and to |
528 |
block incoming spam. Procmail[59] is a mail filter than can be used to |
529 |
sort incoming mail into separate folders as well as many other types of |
530 |
mail preprocessing. SpamAssassin[60] is a mail filter that uses heuristic |
531 |
scanning to identify spam. |
532 |
|
533 |
59. http://www.procmail.org |
534 |
60. http://www.spamassassin.org |
535 |
|
536 |
Since both Procmail and SpamAssassin are in Portage, installation is a |
537 |
simple emerge. |
538 |
|
539 |
--------------------------------------------------------------------------- |
540 |
| Code Listing 8.1: | |
541 |
| Installing Procmail and SpamAssassin | |
542 |
--------------------------------------------------------------------------- |
543 |
| | |
544 |
|# emerge net-mail/procmail | |
545 |
|# emerge dev-perl/Mail-SpamAssassin | |
546 |
| | |
547 |
|Add the SpamAssassin daemon to the default runlevel | |
548 |
|# rc-update add spamd default | |
549 |
| | |
550 |
--------------------------------------------------------------------------- |
551 |
|
552 |
When upgrading Perl to a higher version, you need to re-emerge |
553 |
dev-perl/Net-DNS, dev-perl/HTML-Parser, and dev-perl/Time-HiRes or |
554 |
SpamAssassin will exit and possibly discard valid emails. |
555 |
|
556 |
Each procmail filter is known as a recipie. To keep things organized, |
557 |
we're going to create the directory $HOME/.procmail for separate recipies. |
558 |
|
559 |
--------------------------------------------------------------------------- |
560 |
| Code Listing 8.1: | |
561 |
| Creating ~/.procmail | |
562 |
--------------------------------------------------------------------------- |
563 |
| | |
564 |
|% mkdir $HOME/.procmail | |
565 |
| | |
566 |
--------------------------------------------------------------------------- |
567 |
|
568 |
Upon invocation, procmail first reads the $HOME/.procmailrc file. This |
569 |
file should contain the location of your mailbox and where to look for |
570 |
other recipies. |
571 |
|
572 |
--------------------------------------------------------------------------- |
573 |
| Code Listing 8.1: | |
574 |
| Example $HOME/.procmailrc | |
575 |
--------------------------------------------------------------------------- |
576 |
| | |
577 |
|VERBOSE=no | |
578 |
| | |
579 |
|DEFAULT="$HOME/.maildir/" | |
580 |
|MAILDIR="$HOME/.maildir/" | |
581 |
| | |
582 |
|PMDIR="$HOME/.procmail" | |
583 |
|LOGFILE="$PMDIR/log" | |
584 |
| | |
585 |
|INCLUDERC=$PMDIR/lists.rc | |
586 |
|INCLUDERC=$PMDIR/spam.rc | |
587 |
| | |
588 |
--------------------------------------------------------------------------- |
589 |
|
590 |
This assumes that you are using the Maildir method of storing email. If |
591 |
you are using the mbox method, simply change .maildir to your mbox folder |
592 |
and remove the trailing slash $HOME/.procmailrc is read from top to |
593 |
bottom. This means that your recipies will be read in the order in which |
594 |
they appear. Procmail stops checking on the first recipie that matches. |
595 |
Keeping lists.rc above spam.rc ensures that mailing lists filters are |
596 |
checked first, avoiding expensive spam checking operations where possible. |
597 |
|
598 |
The next step is to set up mailing list filters. Since most lists use the |
599 |
List-Id header, we can easily filter out mailing lists from normal email. |
600 |
|
601 |
--------------------------------------------------------------------------- |
602 |
| Code Listing 8.1: | |
603 |
| Example $HOME/.procmail/lists.rc | |
604 |
--------------------------------------------------------------------------- |
605 |
| | |
606 |
|:0 | |
607 |
|* ^List-Id: Gentoo Linux mail <gentoo-security\.gentoo\.org> | |
608 |
|.gentoo-security/ | |
609 |
| | |
610 |
|:0 | |
611 |
|* ^List-Id: Gentoo Linux mail <gentoo-user\.gentoo\.org> | |
612 |
|.gentoo-user/ | |
613 |
| | |
614 |
--------------------------------------------------------------------------- |
615 |
|
616 |
To see the actual List-Id header, you may need view all email headers. |
617 |
See your mail client's documentation to enable that feature. |
618 |
|
619 |
Next, we can set up the spam filter. This recipie first invokes |
620 |
SpamAssassin using spamc and then checks the X-Spam-Status header. If the |
621 |
message is identified as spam, it is moved to the spam folder. |
622 |
|
623 |
--------------------------------------------------------------------------- |
624 |
| Code Listing 8.1: | |
625 |
| Example $HOME/.procmail/spam.rc | |
626 |
--------------------------------------------------------------------------- |
627 |
| | |
628 |
|:0 fw | |
629 |
|| /usr/bin/spamc -f | |
630 |
| | |
631 |
|:0 | |
632 |
|* X-Spam-Status: Yes | |
633 |
|.spam/ | |
634 |
| | |
635 |
--------------------------------------------------------------------------- |
636 |
|
637 |
While SpamAssassin is very good, it is not 100% accurate so using |
638 |
/dev/null as your spam folder may result in some lost email. It is better |
639 |
to move spam to a separate folder and manually delete messages. spamc |
640 |
connects to the SpamAssassin daemon (spamd). If for some reason you cannot |
641 |
use the daemon, SpamAssassin can be called directly using |
642 |
/usr/bin/spamassassin -a |
643 |
|
644 |
You should now be set up to filter your email and block most spam. For |
645 |
more information on Procmail or SpamAssassin, see their system |
646 |
documentation with man procmail and perldoc Mail::SpamAssassin or the |
647 |
associated websites at http://www.procmail.org and |
648 |
http://www.spamassassin.org. |
649 |
|
650 |
========================== |
651 |
9. Moves, Adds and Changes |
652 |
========================== |
653 |
|
654 |
Moves |
655 |
----- |
656 |
|
657 |
The following developers recently left the Gentoo team: |
658 |
|
659 |
* none this week |
660 |
|
661 |
Adds |
662 |
---- |
663 |
|
664 |
The following developers recently joined the Gentoo team: |
665 |
|
666 |
* none this week |
667 |
|
668 |
Changes |
669 |
------- |
670 |
|
671 |
The following developers recently changed roles within the Gentoo project. |
672 |
|
673 |
* none this week |
674 |
|
675 |
===================== |
676 |
10. Contribute to GWN |
677 |
===================== |
678 |
|
679 |
Interested in contributing to the Gentoo Weekly Newsletter? Send us an |
680 |
email[61]. |
681 |
|
682 |
61. gwn-feedback@g.o |
683 |
|
684 |
================ |
685 |
11. GWN Feedback |
686 |
================ |
687 |
|
688 |
Please send us your feedback[62] and help make GWN better. |
689 |
|
690 |
62. gwn-feedback@g.o |
691 |
|
692 |
=================== |
693 |
12. Other Languages |
694 |
=================== |
695 |
|
696 |
The Gentoo Weekly Newsletter is also available in the following languages: |
697 |
|
698 |
* Dutch |
699 |
* English |
700 |
* German |
701 |
* French |
702 |
* Japanese |
703 |
* Italian |
704 |
* Portuguese (Brazil) |
705 |
* Portuguese (Portugal) |
706 |
* Spanish |
707 |
|
708 |
Kurt Lieber <klieber@g.o> - Editor |
709 |
AJ Armstrong <aja@×××××××××××××.com> - Contributor |
710 |
Brice Burgess <nesta@×××××××.net> - Contributor |
711 |
Yuji Carlos Kosugi <carlos@g.o> - Contributor |
712 |
Rafael Cordones Marcos <rcm@×××××××.net> - Contributor |
713 |
David Narayan <david@×××××××.net> - Contributor |
714 |
Ulrich Plate <plate@×××.com> - Contributor |
715 |
Peter Sharp <mail@××××××××××××××.net> - Contributor |
716 |
Mathy Vanvoorden <matje@×××××××.be> - Dutch Translation |
717 |
Tom Van Laerhoven <tom.vanlaerhoven@××××××.be> - Dutch Translation |
718 |
Roel Adriaans <roel@××××××××.cx> - Dutch Translation |
719 |
Nicolas Ledez <nicolas.ledez@××××.fr> - French Translation |
720 |
Guillaume Plessis <gui@×××××××××.com> - French Translation |
721 |
Eric St-Georges <thevedge@××××××××.net> - French Translation |
722 |
John Berry <anfini@××××.fr> - French Translation |
723 |
Martin Prieto <riverdale@×××××××××.org> - French Translation |
724 |
Michael Kohl <citizen428@g.o> - German Translation |
725 |
Steffen Lassahn <madeagle@g.o> - German Translation |
726 |
Matthias F. Brandstetter <haim@g.o> - German Translation |
727 |
Thomas Raschbacher <lordvan@g.o> - German Translation |
728 |
Marco Mascherpa <mush@××××××.net> - Italian Translation |
729 |
Claudio Merloni <paper@×××××××.it> - Italian Translation |
730 |
Daniel Ketel <kage-chan@g.o> - Japanese Translation |
731 |
Yoshiaki Hagihara <hagi@×××.com> - Japanese Translation |
732 |
Andy Hunne <andy@×××××××××.com> - Japanese Translation |
733 |
Yuji Carlos Kosugi <carlos@g.o> - Japanese Translation |
734 |
Ventura Barbeiro <venturasbarbeiro@××××××.br> - Portuguese (Brazil) |
735 |
Translation |
736 |
Bruno Ferreira <blueroom@××××××××××××.net> - Portuguese (Portugal) |
737 |
Translation |
738 |
Lanark <lanark@××××××××××.ar> - Spanish Translation |
739 |
Rafael Cordones Marcos <rcm@×××××××.net> - Spanish Translation |
740 |
Julio Castillo <julio@×××××××××××××.com> - Spanish Translation |
741 |
Jaime Freire <jfreire@××.com> - Spanish Translation |
742 |
Sergio Gómez <s3r@××××××××××××.ar> - Spanish Translation |