Gentoo Archives: gentoo-gwn

From: Kurt Lieber <klieber@g.o>
To: gentoo-gwn@g.o
Subject: [gentoo-gwn] Gentoo Weekly Newsletter -- Volume 2, Issue 26
Date: Mon, 30 Jun 2003 01:35:00
Gentoo Weekly Newsletter
This is the Gentoo Weekly Newsletter for the week of June 30th, 2003.
1. Gentoo News
 * Gentoo Linux adopts a new management structure 
 * Fork of Gentoo Linux announced 
 * GWN seeking additional translators 
Gentoo Linux adopts a new management structure
On Tuesday, June 24th, Daniel Robbins announced a new management structure 
for the Gentoo Linux project. This new structure is designed to improve 
management, coordination and communication issues in the Gentoo project. 
The structure is composed of several key elements, including: 
* Improved communication through the creation of regularly scheduled meetings
  amongst the management team. Currently, meetings are held on an ad-hoc basis
  which may cause gridlock in the communications channels and decision making

* Delegated authority by clearly defining roles within the Gentoo project and
  assigning managers who are responsible for those particular areas.  These
  "top-level" managers will be drawn from the current development team and
  will have complete authority over day-to-day decisions within their
  particular area(s). Additionally, decisions which cross multiple areas
  within the project will be decided on by the management team as a whole,
  rather than just one or two people. 

* Improved accountability by ensuring that everyone on the team knows who is
  responsible for a particular area. Projects without a clear owner can often
  stagnate or get dropped through the cracks because people do not know who to
  ask questions of. This new structure will ensure that everyone understands
  who is responsible for large projects within Gentoo Linux. 
By implementing these changes, the internal development methodology within 
the Gentoo project should become much more efficient and responsive. They 
will also serve to help reorganize the project in such a way to allow 
Gentoo to continue its planned migration to a not-for-profit organization. 
While most of these changes are directed inwards, users will notice 
benefits as well through improved speed of delivery, increased quality 
control and other tangible benefits. 
Fork of Gentoo Linux announced
On Wednesday, June 25th, the creation of a new linux distribution was 
announced, The Zynot Foundation[1]has created a new linux distribution, 
based on Gentoo Linux, and will focus on the embedded markets as well as 
supporting other architectures. By focusing on the embedded market, this 
new distribution will be able to develop tools and technologies optimized 
for this area which might otherwise be unsuitable for a traditional 
desktop or server environments. 

GWN seeking additional translators
Last week's call for translators[2] was such a success that this week 
we're trying it again. The Gentoo Weekly Newsletter is seeking help with 
its Portuguese (Portugal) translation. Candidates should have a solid 
understanding of both written Portuguese as well as written English. 
Interested parties should send an email to gwn-feedback@g.o. 

2. Gentoo Security
 * GLSA: proftpd 
 * GLSA: ethereal 
 * GLSA: xpdf 
 * GLSA: acroread 
 * New Security Bug Reports 
GLSA: proftpd
The ProFTPD server's mod_sql module permits a SQL Inject attack that may 
allow a remote user to login without a valid password or user ID. 
 * Severity: High - Remote security vulnerabiity. 
 * Packages Affected: net-ftp/proftpd prior to proftpd-1.2.9_rc1 
 * Rectification: Synchronize and emerge proftpd, emerge clean. 
 * GLSA Announcement[3] 
 * Advisory[4] 
GLSA: ethereal
It may be possible to execute a DoS or run arbitrary code on ethereal 
through the use of a maliciously formed packet or a carefully crafted 
trace file. 
 * Severity: High - Potential arbitrary code execution. 
 * Packages Affected: net-analyzer/ethereal prior to ethereal-0.9.13 
 * Rectification: Synchronize and emerge ethereal, emerge clean. 
 * GLSA Announcement[5] 
 * Advisory[6] 
GLSA: xpdf
Hyperlinks in pdf files can execute arbitrary shell commands in many pdf 
readers. Users must activate/follow the links for the exploit to activate. 
 * Severity: Moderate - Arbitrary command exploit requiring user action. 
 * Packages Affected: app-text/xpdf prior to xpdf-2.02.1 
 * Rectification: Synchronize and emerge xpdf, emerge clean. 
 * GLSA Announcement[7] 
 * Advisory[8] 
GLSA: acroread
Hyperlinks in pdf files can execute arbitrary shell commands in many pdf 
readers. Users must activate/follow the links for the exploit to activate. 
 * Severity: Moderate - Arbitrary command exploit requiring user action. 
 * Packages Affected: app-text/acroread prior to acroread-5.07 
 * Rectification: Synchronize and emerge acroread, emerge clean. 
 * GLSA Announcement[9] 
 * Advisory[10] 
New Security Bug Reports
The following new security bugs were posted this week: 
 * net-analyzer/tcptraceroute[11] 
3. User stories
Michael and his broken promise
Ok, in the last issue I told you that the user story will be back this 
week, but as I got no submissions I couldn't keep this promise.
But let me take this chance to once again remind you to send your personal 
Gentoo Linux story to user-stories@g.o and enjoy to be in the 
spotlight! Boys, girls or any other demographic group you'd like to 
impress really like this kind of stuff!
4. Featured Developer of the Week
Paul de Vrieze
Paul de Vrieze[12] is a developer involved in several projects: he's part 
of the KDE team, but he's also working on allowing the use of Berkeley DB4 
in Gentoo, as well as the Herds project[13], whose purpose is to improve 
developer coverage of the more than 4,000 ebuilds in the Portage tree. 
Having spent over a year in the gentoo-dev mailing list tossing around 
comments and referring people to past discussions, he was brought into the 
team by Dan Armak[14], who had already filled the empty slots in the KDE 
team but liked Paul's work with aegypten[15]. Now Paul does bugfixing like 
any other developer, but also likes to think up improvements for problems 
he runs into. That's how he started to work on the DB4 issue: in the old 
setup db4 and db3 could not coexist; now they can thanks to versioning 
symbols used by the db4 ebuilds, but certain packages need patches to work 
with versioned symbols, and identifying them has been a lot of work. Right 
now many packages are held back by the masking of db4, so fixing this 
problem will allow Gentoo to move forward. Similarly, Paul found himself 
with the position of openoffice bug-fixer: he wanted to try out the new 
beta, but the only way was to actually fix it, and people who saw what he 
did gave him the honor. 

 12. pauldv@g.o
 14. danarmak@g.o
Paul's favorite applications include kpat, the addictive KDE patience game 
which converted his girlfriend to Linux, pdflatex, a cousin of latex that 
directly generates clean PDF, Openoffice, which he thinks is already on 
par with MS Office(he concedes that some advanced features aren't 
implemented yet, but others, like the drawing capabilities, are more 
advanced), and OpenSSH, which has made him more secure in communication. 
His home working computer is a Pentium III 500MHz with 256MB RAM and a 
7200RPM 30GB hard disk that boots Linux 99% of the time even though 
win2000 and win98se are also installed. It boots into a GDM graphical 
bootscreen ("Yes, it's GNOME, but it looks better than kdm", says Paul) 
with the Gentoo theme, from which he logs into kde-3.1.2 with the 
highcolor default widgets since he doesn't like the keramik theme. His 
kicker panel is set to tiny size to leave more space for icons, 
applications, and the knewsticker. The first applications he starts are 
galeon, konsole, and kmail; he's still looking for a good, graphical imap 
client since kmail is much slower than necessary. His home network has his 
girlfriend's computer, set up similarly but not as customized, as well as 
an infrequently updated Pentium 60 with 24MB of RAM running a bunch of 
servers under Gentoo. 
By day, Paul is a Ph.D student currently researching user modelling 
systems - systems that try to adapt their behavior to what they perceive 
the user to be. Some simple examples include MRU(most recently used) 
lists, or the KDE start menu's MFU(most frequently used) list. Born on 30 
September 1979, Paul is 23 now, and lives in Tilburg in the Netherlands 
but commutes an hour by train to Nijmegen. Paul spends most of his 
evenings contributing to Gentoo, although on Wednesday he does 
significantly less thanks to the Dutch TV broadcasts of English detective 
series like Inspector Morse and Dalziel and Pascoe which he and his 
girlfriend like to watch. His other hobbies include reading news, playing 
field hockey, and hiking with his girlfriend. 
5. Heard in the Community
Web Forums
Fork? TINC?
Plenty of excited murmur rose in the forums across several languages last 
week, ever since the news of Gentoo-ARM lead developer Zwelch leaving the 
team hit /. and OSNews. And in good forum style, hyperbole proves to be 
man's best rhetorical friend (David Thomas, ex-Pere Ubu). Is Drobbins a 
mess or the Messiah? The -core mailing list really a cabal? Is it all just 
a scheme for making obscene amounts of money from embedded Gentoo that's 
behind all this, or yet another rift because portage wasn't written in 
C++? The time and place to check your own assumptions against reality:

 * Gentoo fork???![16] 
 * Should the Gentoo secret lists be world-readable?[17] 
 * Fork di Gentoo[18] (Italian) 
 * Hey Gentoo hat sich gespaltet![19] (German (sort of)) 
 * Gentoo Inc. Le débat s'élargit[20] (French) 
New Moderatrice
Joining the moderator team is Brandy[21] from New Zealand, thus helping to 
close the timezone gap that had left Asia pretty much on the sidelines of 
forum actuality for the past few months. The fact that she's one of the 
rare geek ladies among a vast majority of lads has triggered some 
interestingly unbalanced threads even before she was promoted to 
moderatorhood. Don't bother spraying pheromones over the following 
threads, they're both locked, and Brandy can now take care of similar 
outbreaks of misogyny herself...

 * Why are Gentoo people so nice?[22] 
 * Just noticed.... Brandy is a moderator now..[23] 

Aside from the usual discussion regarding the recent fork, much other 
discussion has occured on gentoo-user. This week, questions ranged from 
the common grub and kernel modules to discussing what each user thought 
was a strongpoint within the gentoo distribution.
Laptop Install Woes>
User Alberto Bert ran into one of the more common mistakes in a gentoo 
install. Seeing that his laptop would not boot, he quickly posted asking 
for help. Come to find out, the system was unable to mount the root 
filesystem. Other users quickly pointed out that either the grub 
configuration was to blame, or that the appropriate filesystem driver was 
not compiled into the kernel. Link here[24]. 

What do you like best on Gentoo?
Timo Boettcher was recently asked to make a presentation utilizing Gentoo 
to his local LUG and decided to ask for opinions on what fellow gentoo 
users saw as strongpoints of the distro. Various strengths that are 
discussed include the developer, user, and support communities, USE Flags, 
and being "low-maintenance" once it's installed. Link here[25]. 

6. Gentoo International
Nothing to see here, please move along...
International news take a break this week. If there's something you'd like 
to let the global GWN readership know, drop us a note to 
7. Portage Watch
The following notable packages were updated or added to portage in the 
last two weeks
 * sys-kernel/ac-sources: Full sources for Alan Cox's Linux kernel[26] 
 * sys-kernel/development-sources: Full sources for the Development Branch 
   of the Linux kernel[27] 
 * sys-kernel/gs-sources: This kernel stays up to date with current kernel 
   -pres, with recent acpi,evms,win3lin ,futexes,aic79xx, 
   superfreeswan,preempt/ll, and various hw fixes.[28] 

The following stable packages were updated or added to portage in the last 
two weeks
 * app-admin/aide: AIDE (Advanced Intrusion Detection Environment) is a 
   replacement for Tripwire[29] 
 * app-cdr/arson: A KDE frontend to CD burning and CD ripping tools.[30] 
 * app-editors/beaver: An Early AdVanced EditoR[31] 
 * app-emulation/advancemame: GNU/Linux port of the MAME emulator, with 
   GUI menu.[32] 
 * app-office/abiword: Fully featured yet light and fast cross platform 
   word processor.[33] 
 * app-shells/ash: NetBSD's lightweight bourne shell[34] 
 * app-text/bibletime: BibleTime KDE Bible study application using the 
   SWORD library.[35] 
 * dev-cpp/gnomemm: C++ binding for the GNOME libraries[36] 
 * dev-lang/R: R is GNU S - A language and environment for statistical 
   computing and graphics.[37] 
 * dev-libs/DirectFB: Thin library on top of the Linux framebuffer 
 * dev-perl/Apache-Gallery: Apache gallery for mod_perl[39] 
 * dev-perl/Apache-Test: wrapper with helpers for testing 
 * dev-perl/CGI-FastTemplate: The Perl CGI::FastTemplate Module[41] 
 * dev-perl/Cgi-Simple: The Perl CGI::Simple Module[42] 
 * dev-python/4Suite: Python tools for XML processing and 
 * dev-ruby/amrita: A HTML/XHTML template library for Ruby[44] 
 * dev-util/aegis: A transaction based revision control system[45] 
 * gnome-base/ORBit2: ORBit2 is a high-performance CORBA ORB[46] 
 * gnome-extra/acme: GNOME tool to make use of the multimedia buttons 
   present on most laptops and internet keyboards.[47] 
 * kde-base/arts: aRts, the KDE sound (and all-around multimedia) 
   server/output manager[48] 
 * media-fonts/artwiz-fonts: Artwiz Fonts[49] 
 * media-libs/allegro: cross-platform multimedia library[50] 
 * media-plugins/alsa-xmms: Allows XMMS to output on any ALSA 0.9* device. 
   Supports surround 4.0 output with conversion[51] 
 * media-sound/SphinxTrain: SphinxTrain - Speech Recognition (Training 
 * media-video/DFBSee: DFBSee is image viewer and video player based on 
 * net-dns/bind: BIND - Berkeley Internet Name Domain - Name Server[54] 
 * net-firewall/firestarter: GUI for iptables firewall setup and 
 * net-ftp/ftp: Standard Linux FTP client with optional SSL support[56] 
 * net-im/bitlbee: Bitlbee is an irc to IM gateway that support mutliple 
   IM protocols[57] 
 * net-irc/bnc: BNC (BouNCe) is used as a gateway to an IRC Server[58] 
 * net-libs/c-client: UW IMAP c-client library[59] 
 * net-libs/gnet: GNet network library.[60] 
 * net-mail/amavis: A perl module which integrates virus scanning software 
   with your MTA[61] 
 * net-misc/aria: Aria is a download manager with a GTK+ GUI, it downloads 
   files from the Internet via HTTP/HTTPS or FTP.[62] 
 * net-p2p/bittorrent: BitTorrent is a tool for distributing files via a 
   distributed network of nodes[63] 
 * net-print/apsfilter: Apsfilter Prints So Fine, It Leads To 
   Extraordinary Results[64] 
 * net-www/amaya: The W3C Web-Browser[65] 
 * net-zope/abracadabraobject: This can add pre-configured ZOPE-objects to 
   folders through ZMI.[66] 
 * net-zope/cmf: Content Management Framework. Services for 
   content-oriented portal sites.[67] 
 * sys-libs/cracklib: Password Checking Library[68] 
 * sys-libs/db: Berkeley DB[69] 
 * sys-libs/gpm: Console-based mouse driver[70] 
 * x11-plugins/asbutton: A simple dockable application launcher for use in 
Total categories: 86 (4 categories added in the last two weeks)
Total packages: 4478 (241 packages added in the last two weeks)
8. Bugzilla
 * Statistics 
 * Closed Bug Ranking 
 * New Bug Rankings 
The Gentoo community uses Bugzilla ([72]) to record and 
track bugs, notifications, suggestions and other interactions with the 
development team. Between 20 Jun 2003 and 26 Jun 2003, activity on the 
site has resulted in: 

 * 313 new bugs during this period 
 * 457 bugs closed or resolved during this period 
 * 10 previously closed bugs were reopened this period 
Of the 3361 currently open bugs: 65 are labeled 'blocker', 129 are labeled 
'critical', and 279 are labeled 'major'. 
Closed Bug Rankings
The developers and teams who have closed the most bugs during this period 
 * The Games Team[73], with 49 closed bugs[74]  
 * Martin Holzer[75], with 13 closed bugs[76]  
 * The Sound Team[77], with 13 closed bugs[78]  
 * Mike Frysinger[79], with 11 closed bugs[80]  
 * The Perl Team[81], with 9 closed bugs[82]  
 73. games@g.o
 75. mholzer@g.o
 77. sound@g.o
 79. vapier@g.o
 81. perl@g.o
New Bug Rankings
The developers and teams who have been assigned the most new bugs during 
this period are: 
 * Martin Schlemmer[83], with 15 new bugs[84]  
 * Nick Hadaway[85], with 14 new bugs[86]  
 * The Perl Team[87], with 10 new bugs[88]  
 * Nicholas Jones[89], with 8 new bugs[90]  
 * The Wine Team[91], with 7 new bugs[92]  
 83. azarah@g.o
 85. raker@g.o
 87. perl@g.o
 89. carpaski@g.o
 91. wine@g.o
9. Tips and Tricks
Quick Backup Tricks
This week we show you some quick backup tricks to keep important files 
backed up in the event of a machine failure. To have these run daily, just 
add these scripts to /etc/cron.daily. These aren't all encompassing but 
could easily be expanded or combined with other simple scripts to ensure 
that your system stays backed up. 
This will backup all MySQL databases to secondary hard drive mounted on 
/backup. You will end up with a file named mysql-2003-06-30.bz2 (mysql and 
the current date). 
| Code Listing 9.1:                                                       |
|                                                                         |
|  #!/bin/sh                                                              |
|                                                                         |
|  mysqldump --user=root --password=password --all-databases | bzip2 > \  |
|      /backup/mysql-`date +%Y-%m-%d`.bz2                                 |
|                                                                         |
This will backup all .maildir directories in /home to a second disk 
mounted on /backup. 
| Code Listing 9.2:                                                       |
|                                                                         |
|  #!/bin/sh                                                              |
|                                                                         |
|  find /home -type d -maxdepth 2 -name '.maildir' | xargs \              |
|      tar -cjf /backup/maildir-`date +%Y-%m-%d`.bz2 > /dev/null 2>&1     |
|                                                                         |
This will incrementally backup /etc/make.conf with a date and timestamp. 
This command could easily be extended to backup to another server. See man 
rsync or for more examples. 
| Code Listing 9.3:                                                       |
|                                                                         |
|  rsync --backup --suffix=.`date +%Y-%m-%d.%T` /etc/make.conf /backup    |
|                                                                         |
10. Quote/Signature of the week
Forums user Anacific[93]'s signature is something for the little geek in 
all of us: "To know recursion, you must first know recursion."

11. Moves, Adds and Changes
The following developers recently left the Gentoo team: 
 * Jack Morgan 
 * Graham Forest 
 * Zach Welch 
 * Bart Verwilst 
The following developers recently joined the Gentoo Linux team:
 * Stewart Honsberger (Blkdeath) - proftpd and other ebuilds 
 * Alex Veber (CoronaLVR) - wine 
 * Brian Jackson (iggy) - courier 
 * Donnie Berkholz (spyderous) - xfree 
The following developers recently changed roles within the Gentoo Linux 
 * none this week 
12. Contribute to GWN
Interested in contributing to the Gentoo Weekly Newsletter? Send us an 

 94. gwn-feedback@g.o
13. GWN Feedback
Please send us your feedback[95] and help make GWN better.

 95. gwn-feedback@g.o
14. GWN Subscription Information
To subscribe to the Gentoo Weekly Newsletter, send a blank email to 
To unsubscribe to the Gentoo Weekly Newsletter, send a blank email to 
gentoo-gwn-unsubscribe@g.o from the email address you are 
subscribed under.
15. Other Languages
The Gentoo Weekly Newsletter is also available in the following languages:
 * Dutch[96] 
 * English[97] 
 * German[98] 
 * French[99] 
 * Japanese[100] 
 * Italian[101] 
 * Polish[102] 
 * Portuguese (Brazil)[103] 
 * Portuguese (Portugal)[104] 
 * Russian[105] 
 * Spanish[106] 
 * Turkish[107] 
Kurt Lieber <klieber@g.o> - Editor
AJ Armstrong <aja@×××××××××××××.com> - Contributor
Brice Burgess <nesta@×××××××.net> - Contributor
Michael Kohl <citizen428@g.o> - Contributor
Yuji Carlos Kosugi <carlos@g.o> - Contributor
Rafael Cordones Marcos <rcm@×××××××.net> - Contributor
David Narayan <david@×××××××.net> - Contributor
Gerald J Normandin Jr. <gentoo@××××××××××××××××××.com> - Contributor
Ulrich Plate <plate@g.o> - Contributor
Peter Sharp <mail@××××××××××××××.net> - Contributor
Kim Tingkaer <kim@×××××××.dk> - Contributor
Mathy Vanvoorden <matje@×××××××.be> - Dutch Translation
Hendrik Eeckhaut <Hendrik.Eeckhaut@×××××.be> - Dutch Translation
Jorn Eilander <sephiroth@××××××××.nl> - Dutch Translation
Bernard Kerckenaere <bernieke@××××××××.com> - Dutch Translation
Peter ter Borg <peter@××××××.nl> - Dutch Translation
Jochen Maes <linux@××××.be> - Dutch Translation
Roderick Goessen <rgoessen@××××.nl> - Dutch Translation
Gerard van den Berg <gerard@××××××.net> - Dutch Translation
Matthieu Montaudouin <mat@××××××××.com> - French Translation
Martin Prieto <riverdale@×××××××××.org> - French Translation
Antoine Raillon <cabec2@××××××.net> - French Translation
Sebastien Cevey <seb@×××××.net> - French Translation
Jean-Christophe Choisy <mabouya@××××××××××××.org> - French Translation
Steffen Lassahn <madeagle@g.o> - German Translation
Matthias F. Brandstetter <haim@g.o> - German Translation
Thomas Raschbacher <lordvan@g.o> - German Translation
Klaus-J. Wolf <yanestra@g.o> - German Translation
Marco Mascherpa <mush@××××××.net> - Italian Translation
Claudio Merloni <paper@×××××××.it> - Italian Translation
Christian Apolloni <bsolar@×××××××.ch> - Italian Translation
Stefano Lucidi <stefano.lucidi@×××××××××××××.org> - Italian Translation
Yoshiaki Hagihara <hagi@×××.com> - Japanese Translation
Yuji Carlos Kosugi <carlos@g.o> - Japanese Translation
Yasunori Fukudome <yasunori@××××××××××××××××.uk> - Japanese Translation
Takashi Ota <088@××××××××××.jp> - Japanese Translation
Jaroslaw Swierad <messer@××××××××.net> - Polish Translation
Ventura Barbeiro <venturasbarbeiro@××××××.br> - Portuguese (Brazil) 
Atila <bohlke@×××××××××.br> - Portuguese (Brazil) Translation
Pablo Nehab-Hess <pablonhess@×××××.com> - Portuguese (Brazil) Translation
Joao Rafael <joaoraf@×××××××××.br> - Portuguese (Brazil) Translation
Dudu <dudu@××××××××.net> - Portuguese (Brazil) Translation
Ricardo Nogueira <R.Nogueira@××××××××××××××××.au> - Portuguese (Brazil) 
Bruno Ferreira <blueroom@××××××××××××.net> - Portuguese (Portugal) 
Gustavo Felisberto <gustavo@××××××××××.net> - Portuguese (Portugal) 
Ricardo Jorge Louro <rjlouro@×××××××.org> - Portuguese (Portugal) 
Sergey Kuleshov <svyatogor@g.o> - Russian Translator
Dmitry Suzdalev <dimsuz@××××.ru> - Russian Translator
Anton Vorovatov <mazurous@××××.ru> - Russian Translator
Lanark <lanark@××××××××××.ar> - Spanish Translation
Fernando J. Pereda <ferdy@××××××.org> - Spanish Translation
Lluis Peinado Cifuentes <lpeinado@×××.edu> - Spanish Translation
Zephryn Xirdal T <ZEPHRYNXIRDAL@××××××××××.net> - Spanish Translation
Guillermo Juarez <katossi@××××××××××××××××.es> - Spanish Translation
Jesús García Crespo <correo@××××××.com> - Spanish Translation
Carlos Castillo <carlos@×××××××××××××.com> - Spanish Translation
Julio Castillo <julio@×××××××××××××.com> - Spanish Translation
Sergio Gómez <s3r@××××××××××××.ar> - Spanish Translation
Aycan Irican <aycan@××××××××.tr> - Turkish Translation
Bugra Cakir <bugra@×××××××××.com> - Turkish Translation
Cagil Seker <cagils@××××××××××.tr> - Turkish Translation
Emre Kazdagli <emre@××××××××.tr> - Turkish Translation
Evrim Ulu <evrim@××××××××.tr> - Turkish Translation
Gursel Kaynak <gurcell@××××××××.tr> - Turkish Translation