Gentoo Archives: gentoo-gwn

From: Ulrich Plate <plate@g.o>
To: gentoo-gwn@l.g.o
Subject: [gentoo-gwn] Gentoo Weekly Newsletter 18 April 2005
Date: Tue, 19 Apr 2005 02:02:37
Gentoo Weekly Newsletter
This is the Gentoo Weekly Newsletter for the week of 18 April 2005.
1. Gentoo News
Documentation project updates
Shyam Mani[1]'s excellent "USB Guide"[2] for Gentoo Linux is among the 
highlighted additions to the ever-growing collection of in-house 
documentation, which also includes a paper on configuring Fluxbox this 
month. Complementing the existing Gnome and KDE documentation, this new 
Fluxbox window manager configuration aide was written by Jonathan 

 1. fox2mike@×××××.com
 3. smith.jonathan@×××××.com
Meanwhile, an announcement in the "Gentoo on Sparc" section of the Gentoo 
Forums points to recently added documentation[4] for Gentoo Linux on Sun 
hardware. Ciaran McCreesh[5], Todd Sunderlin[6] and Colin Morey[7] have 
written the guides that should improve both installation and usability of 
Gentoo Linux on Sparcs: 

 5. ciaranm@g.o
 6. todd@g.o
 7. peitolm@g.o
 * Quickinstall[8] 
 * FAQ[9] 
 * Netboot Howto[10] 

2005.0 aftermath releng meeting
On Thursday 14 April the Gentoo Releng Team had a meeting to discuss the 
good and bad things during the 2005.0 release and find new strategies for 
the next release. First the good things should be named, like building a 
CD that works well on a lot of systems and architectures, what was caused 
by not rushing the release, so that we had time to fix bugs[11]. One part 
of the release that first went wrong was communication, but with the 
security-rebuilding communication improved a lot and the different arches 
worked pretty well together with the Release Management. And now to the 
bad things: We had that big delay of the release with more than six weeks 
after the first discussed release date. Then there were some md5sums which 
were not up to date with the LiveCDs, the announcement of the Release 
through our PR-team has not been covered well, the Handbook has now 
several updates which are not in the offline-version on the CD itself and 
finally the community didn't accepted the pre-orders by the store.

In order to resolve the issues, several strategies have been discussed. So 
the Release-team will make better use of the devwiki[12] (devwiki means, 
that it is for developers only), where we will place our documention for 
the Release and create a Release-checklist, where every arch can note, 
which step has been passed. Every arch should build a testing LiveCD that 
will hit the mirrors in the experimental branch, so that users with 
special hardware can test new improvements and tell us about them in 
bug-reports. Common profiles and scripts should make the different arche's 
LiveCDs more similary, so that users can find the same utilities on every 
kind of LiveCD. And finally we want to do a better PR-work for the next 

As a last point the next release date has been discussed. We don't want to 
force it on a special date, as we want to release a LiveCD without major 
bugs, although the 2005.1 release should be just a refresh of the 2005.0 
release with newer software and less bugs. XLiveCDs with the Installer[13] 
included are in discussion, but not mandatory for the next Release. The 
release date will be about late July or August.

New official Gentoo IRC channels
Two new Gentoo IRC channels were recently added to the Gentoo IRC channel 

 * #gentoo-netmon: Network Monitoring Packages 
 * #gentoo-voip: Voice over IP related Discussion 
2. Future Zone
Luminocity X-LiveDVD for PPC released
Note:  It started harmlessly as a development project for automatic X 
configuration by the Gentoo/PPC team. All they wanted back then was to 
showcase the new configurator in a couple of X-enabled LiveCDs. But what 
Pieter Van den Abeele did release last week went more than just slightly 
beyond the initial scope of the project... 
A Gentoo-based PowerPC Altivec-Optimized LiveDVD with a long feature list 
has been released last week. Its most unique feature is probably 
Luminocity, an OpenGL-based experimental window manager technology 
testbed. The medium allows you to try out Luminocity without having to 
compile or install any experimental software from the Gnome CVS 
repository. But the 1.8GB DVD is jock-full of other exciting features, 
 * Smartcard integration: Gentoo sponsor company Genesi Inc. donated a 
number of smartcard readers, complete with media, cards . The LiveDVD 
supports authentication via smartcard for users to try it out, without the 
need to personalize the card at first -- to be done later, using 
 * GRID support: Sun Grid Engine 6 (SGE) core ported to PowerPC, Apple's 
XGRID engine agent and standalone LAM-MPI, PVM libraries. These features 
enable users to develop their own grid-enabled applications. 
 * Eclipse SDK: Much in demand, finally available from disk. 
 * Video conferencing: Compatible with QuickCam webcams from Logitech, 
cross-platform audio and video conferencing that even works with 
Microsoft's "net-meeting" is available directly from the LiveDVD. 
 * 3D desktop switching: OpenGL technology to make use of 3D graphics 
features, including three-dimensional window managers. 
 * Text to Speech, Blender, Ardour, and many more... 
 * And last but not least, Gentoo's version of Xautoconfig on Apple 

Figure 2.1: Gentoo LiveCD/DVD image asking for smartcard authentication
The Luminocity X-LiveDVD is available via bittorrent[16]. 

3. Heard in the community
Web forums
Search sucketh less
Tom Knight[17] spent ample time improving the search function of the 
Forums, concerning both speed and selection criteria. Apart from getting 
results faster than before, the default settings of a search now exclude 
the entire Off The Wall section, the dustbin and all international forums, 
a feature that had been requested by many users, and since a long time. As 
an unpleasant side effect, searching for posts by specific users also 
excluded the same forums -- a few complaints and even fewer hours later, 
tomk had fixed this issue, too. 

 17. tomk@×××××××××××××.org
 * New search function[18] 

Return of the avatars
Avatars not belonging to the default gallery of the forums were recently 
disabled due to a vulnerability in php. While some users already feared 
they would never come back, the avatars were actually reinstalled after 
less than a day. 
 * [solved]No more avatars?[19] 

4. Gentoo in the press
====================== (14 April 2005)
Last week InternetNews published an article titled "Non-Commercial Linux 
Use on The Rise"[20], reporting that "new data released this week from 
research firm Evans Data indicates non-commercial Linux distribution use 
has passed the inflection point and is now more widely used by developers 
than commercial Linux distributions." Counting Gentoo Linux among those 
worth mentioning as examples for community distributions that have left 
RedHat and SuSE behind as preferred platforms for development, author Sean 
Michael Kerner quotes the research firm to explain why Gentoo et al. are 
more popular with developers than their commercial cousins: "As the 
general knowledge base of Linux has increased, developers are less reliant 
on formal models of support.", states the study by Evans Data. 

PC Inpact (13 April 2005, in French)
A complete guide to installation and usage of a popular first-person 
shooter game for Linux, World of Warcraft, has been published by French 
"mégazine" PC Inpact in an article[21] published last week. Interesting to 
note: Much of the content of the guide has been taken from the Gentoo 
Forums, which are credited in the article as one of its major sources. 

5. Tips and tricks
Bootup with the Gentoo 2005.0 logo
When you boot from the 2005.0 LiveCD you see an awesome Gentoo bootlogo 
and progress-bar -- and you wish you could impress your friends with it 
during your usual bootup? Here we go:
Note: splashutils only work on x86 and amd64 architectures perfectly at 
the moment. Support for ppc is in progress.
First of all, we need to emerge splashutils and splash-themes-livecd:
| Code Listing 5.1:                                                       |
|emerge splashutils and                                                   |
|                                                                         |
|# emerge splash-themes-livecd                                            |
|splashutils is a dependency of splash-themes-livecd                      |
|                                                                         |
Now we have to create an initial boot-disk. You are free to change the 
resolution to your choice, but choose one that is available as a config 
file in /etc/splash/livecd-2005.0/:
| Code Listing 5.2:                                                       |
|Creation of an initrd with the                                           |
|                                                                         |
|Be sure that /boot is mounted before you call the command                |
|# splash_geninitramfs -v -g /boot/splash-livecd-2005.0-1024x768 \        |
|  -r 1024x768 livecd-2005.0                                              |
|                                                                         |
Check your kernel-config to make sure that "Initial RAM disk (initrd) 
support" is built in. You can find the option in "Device Drivers" --> 
"Block devices" --> "RAM disk support". Furthermore check that you are 
using an appropriate framebuffer for your video-card ("Graphics Support") 
or stick with the VESA-framebuffer. Usually splashutils should do the 
checks during the emerge-progress, but we want to be sure. Now tell your 
bootloader that it should load the initrd with the 2005.0-splash:
| Code Listing 5.3:                                                       |
|Configure the                                                            |
|                                                                         |
|# nano -w /boot/grub/menu.lst                                            |
|First change your kernel-boot-line to something like this (depends on    |
|your used framebuffer and further kernel-parameters):                    |
|kernel /boot/kernel-2.6.11-r6 root=/dev/hda3 video=vesafb:1024x768-32@72 |
|  splash=silent,theme:livecd-2005.0 quiet CONSOLE=/dev/tty1              |
|You must use more than 8bpp (in this example it is 32,                   |
|specified by 1024x768-32@72).                                            |
|                                                                         |
|Add the following line to your kernel-config:                            |
|initrd /boot/splash-livecd-2005.0-1024x768                               |
|                                                                         |
Now we have that nice bootup-splash installed. Finally we want a permanent 
Gentoo statusbar at the bottom of our terminal-session, like on the 
LiveCD. Therefore we have to change the default theme in /etc/splash:
| Code Listing 5.4:                                                       |
|Change the default                                                       |
|                                                                         |
|# cd /etc/splash                                                         |
|# rm default                                                             |
|# ln -s livecd-2005.0 default                                            |
|                                                                         |
This splash should be started after bootup has finished:
| Code Listing 5.5:                                                       |
|Add splash to the default                                                |
|                                                                         |
|# rc-update add splash default                                           |
|                                                                         |
If you want to finetune the splash-theme, you should have a look at 
/etc/conf.d/splash. Happy Gentooing!
Thanks to Michael Januszewski[22] for his work on splashutils and Nicholas 
D. Wolfwood[23] for the 2005.0-theme.

 22. spock@g.o
 23. blackace@g.o
6. Moves, adds, and changes
The following developers recently left the Gentoo team: 
 * None this week  
The following developers recently joined the Gentoo Linux team: 
 * Harald van Dijck (truedfx) - Portage  
 * Vibhav Garg (vgarg) - Java  
 * Diego Pettenò (Flameeyes) - KDE  
The following developers recently changed roles within the Gentoo Linux 
 * Nicholas Jones (carpaski) - Left the Portage team (and its lead 
 * Marius Mauch (genone) - New Portage co-lead  
 * Brian Harring (ferringb) - New Portage co-lead  
 * Jason Stubbs (jstubbs) - New Portage co-lead  
7. Gentoo security
OpenMotif, LessTif: New libXpm buffer overflows
A new vulnerability has been discovered in libXpm, which is included in 
OpenMotif and LessTif, that can potentially lead to remote code execution. 
For more information, please see the GLSA Announcement[24] 

xv: Filename handling vulnerability
xv contains a format string vulnerability, potentially resulting in the 
execution of arbitrary code. 
For more information, please see the GLSA Announcement[25] 

Mozilla Firefox: Various vulnerabilities
Mozilla Firefox is vulnerable to a local file deletion issue and to 
various issues allowing to trick the user into trusting fake web sites or 
interacting with privileged content. 
For more information, please see the GLSA Announcement[26] 

ImageMagick: Filename handling vulnerability
A format string vulnerability exists in ImageMagick that may allow an 
attacker to execute arbitrary code. 
For more information, please see the GLSA Announcement[27] 

Hashcash: Format string vulnerability
A format string vulnerability in the Hashcash utility could allow an 
attacker to execute arbitrary code. 
For more information, please see the GLSA Announcement[28] 

mlterm: Integer overflow vulnerability
mlterm is vulnerable to an integer overflow, which could potentially allow 
the execution of arbitrary code. 
For more information, please see the GLSA Announcement[29] 

KDE dcopidlng: Insecure temporary file creation
The dcopidlng script is vulnerable to symlink attacks, potentially 
allowing a local user to overwrite arbitrary files. 
For more information, please see the GLSA Announcement[30] 

 30. libXpm vulnerability
A new vulnerability has been discovered in libXpm, which is included in, that can potentially lead to remote code execution. 
For more information, please see the GLSA Announcement[31] 

8. Bugzilla
 * Statistics 
 * Closed bug ranking 
 * New bug rankings 
The Gentoo community uses Bugzilla ([32]) to record and 
track bugs, notifications, suggestions and other interactions with the 
development team. Between 10 April 2005 and 17 April 2005, activity on the 
site has resulted in: 

 * 835 new bugs during this period 
 * 436 bugs closed or resolved during this period 
 * 27 previously closed bugs were reopened this period 
Of the 8583 currently open bugs: 90 are labeled 'blocker', 237 are labeled 
'critical', and 641 are labeled 'major'. 
Closed bug rankings
The developers and teams who have closed the most bugs during this period 
 * Gentoo Recruiting Team[33], with 34 closed bugs[34]  
 * Xavier Neys[35], with 30 closed bugs[36]  
 * AMD64 Porting Team[37], with 30 closed bugs[38]  
 * media-video herd[39], with 19 closed bugs[40]  
 * Gentoo X-windows packagers[41], with 16 closed bugs[42]  
 * Gentoo Security[43], with 16 closed bugs[44]  
 * Gentoo Sound Team[45], with 12 closed bugs[46]  
 * Gentoo Games[47], with 11 closed bugs[48]  
 33. recruiters@g.o
 35. neysx@g.o
 37. amd64@g.o
 39. media-video@g.o
 41. x11@g.o
 43. security@g.o
 45. sound@g.o
 47. games@g.o

New bug rankings
The developers and teams who have been assigned the most new bugs during 
this period are: 
 * GDesklets packages[49], with 44 new bugs[50]  
 * Gentoo Sound Team[51], with 22 new bugs[52]  
 * media-video herd[53], with 22 new bugs[54]  
 * AMD64 Porting Team[55], with 20 new bugs[56]  
 * Gentoo's Team for Core System packages[57], with 14 new bugs[58]  
 * Hanno Boeck[59], with 11 new bugs[60]  
 * Netmon Herd[61], with 10 new bugs[62]  
 * PHP Bugs[63], with 9 new bugs[64]  
 49. gdesklets@g.o
 51. sound@g.o
 53. media-video@g.o
 55. amd64@g.o
 57. base-system@g.o
 59. hanno@g.o
 61. netmon@g.o
 63. php-bugs@g.o

9. GWN feedback
Please send us your feedback[65] and help make the GWN better.

 65. gwn-feedback@g.o
10. GWN subscription information
To subscribe to the Gentoo Weekly Newsletter, send a blank email to 
To unsubscribe to the Gentoo Weekly Newsletter, send a blank email to 
gentoo-gwn-unsubscribe@g.o from the email address you are 
subscribed under. 
11. Other languages
The Gentoo Weekly Newsletter is also available in the following languages:
 * Danish[66]  
 * Dutch[67]  
 * English[68]  
 * German[69]  
 * French[70]  
 * Japanese[71]  
 * Italian[72]  
 * Polish[73]  
 * Portuguese (Brazil)[74]  
 * Portuguese (Portugal)[75]  
 * Russian[76]  
 * Spanish[77]  
 * Turkish[78]  

Ulrich Plate <plate@g.o> - Editor
Wernfried Haas <w.haas@×××××××××××××××××××.at> - Author
Pieter Van den Abeele <pvdabeel@g.o> - Author
Lars Weiler <pylon@g.o> - Author

gentoo-gwn@g.o mailing list