Gentoo Archives: gentoo-gwn

From: Kurt Lieber <klieber@g.o>
To: gentoo-gwn@g.o
Subject: [gentoo-gwn] Gentoo Weekly Newsletter -- Volume 2, Issue 12
Date: Mon, 24 Mar 2003 02:16:22
Message-Id: 20030324020811.GO4660@mail.lieber.org
1 ---------------------------------------------------------------------------
2 Gentoo Weekly Newsletter
3 http://www.gentoo.org/news/en/gwn/current.xml
4 This is the Gentoo Weekly Newsletter for the week of March 24th, 2003.
5 ---------------------------------------------------------------------------
6
7 ==============
8 1. Gentoo News
9 ==============
10
11 Summary
12 -------
13
14 * How to become a Gentoo developer
15 * Changes in the way Gentoo Linux supports CFLAGS
16 * errata from last week's issue
17
18 A question we hear a lot from Gentoo users is, "How can I become a member
19 of the Gentoo development team?" Largely, the answer to this question is
20 simply to start assisting the development process as a user. This can be
21 done via numerous ways, most of which involve bugs.gentoo.org[1] to an
22 extent. Submitting bug fixes for existing bugs on a consistent basis is
23 one sure way to get the attention of the Gentoo developers. Additionally,
24 consistently submitting new ebuilds is another way. As you may have
25 noticed, consistency is an important part of the overall process.
26
27 1. http://bugs.gentoo.org
28
29 For those folks who still want to become a developer, but aren't kernel
30 hacking gurus or python mongers, helping with the development of Gentoo's
31 documentation is another area where users can contribute and become
32 members of the team. Whether it's creating new documents or assisting in
33 translating existing documents into other languages, the quality of our
34 Documentation is a critical part of the overall success of Gentoo Linux.
35
36 Finally, as the Gentoo Linux project continues to grow, other types of
37 roles, such as GWN contributors and infrastructure people, may become
38 available as well. They will be announced here in the Gentoo Weekly
39 Newletter on an as-needed basis. So for those of you interested in
40 becoming part of the Gentoo Linux team, take a crack at some open bugs,
41 creating new ebuilds or helping out with documentation. Regular
42 contributors will get noticed!
43
44 Changes in the way Gentoo Linux supports CFLAGS
45 -----------------------------------------------
46
47 CFLAGS have always been an important part of the Gentoo Linux hacker's
48 toolkit. Tweaking CFLAGS to eke out every last drop of performance is a
49 technique that is used by many, but fully understood by few. Many of the
50 bugs filed on bugs.gentoo.org[2] are directly caused by overly aggressive
51 CFLAGS in a user's make.conf file. One of the ways that the Gentoo Linux
52 developers deal with this is by stripping out certain CFLAGS in ebuilds
53 where they are known to cause problems. (Most kernel modules, for
54 instance, don't like the -fPIC option) However, this is handled on a
55 case-by-case basis, which is not a long-term solution.
56
57 2. http://bugs.gentoo.org
58
59 In an effort to come up with a long term solution, a discussion was had on
60 the internal Gentoo Linux developer's mailing list talking about various
61 options. In the end, the decision was reached to come up with a list of
62 safe CFLAGS that will be officially supported by Gentoo Linux. This means
63 if you use one of these flags and have problems with it, it will be
64 considered a valid bug in Gentoo Linux. Users are still free to try any
65 and all other CFLAGS as they see fit, but bugs filed in relation to these
66 options may not be considered valid and the user may be asked to try
67 less-aggressive optimization settings when compiling that specific
68 program. Over time, as gcc continues to mature, the list of officially
69 supported CFLAGS will be reviewed and added to as appropriate, with the
70 goal being to support as many -f options s possible without overwhelming
71 our QA and bugfix resources.
72
73 To a large extent, this practice of supported vs. unsupported CFLAGS has
74 been in practice for quite some time now. However, now the process will be
75 formalized and the list of supported CFLAGS will be integrated into our
76 installation docs as well as our other documentation where appropriate.
77
78 errata from last week's issue
79 -----------------------------
80
81 As many readers pointed out, last week's Tips & Tricks section contained
82 an error in one of the code listings. Instead of
83 SYNC="rsync.us.gentoo.org", it should have been listed as
84 SYNC="rsync://rsync.us.gentoo.org/gentoo-portage". The person making the
85 error has been properly tarred and feathered and this week's Tips & Tricks
86 section is brought to you by our normal contributor, David Narayan, who
87 was on vacation last week. (and thus is absolved from all blame :))
88
89 ==================
90 2. Gentoo Security
91 ==================
92
93 Summary
94 -------
95
96 * GLSA: samba
97 * GLSA: kernel
98 * GLSA: mysql
99 * GLSA: openssl
100 * GLSA: rxvt
101 * GLSA: evolution
102 * GLSA: qpopper
103 * GLSA: man
104 * New Security Bug Reports
105 * gentoo-security
106
107 GLSA: samba
108 -----------
109
110 The samba smbd daemon has a buffer overflow which could permit a remote
111 attacker to gain root privileges on the server.
112
113 * Severity: Critical - Remote root exposure.
114 * Packages Affected: net-fs/samba versions prior to samba-2.2.8
115 * Rectification: Synchronize and emerge samba, emerge clean.
116 * GLSA Announcement[3]
117 * Advisory[4]
118
119 3. http://forums.gentoo.org/viewtopic.php?t=41881
120 4. http://lists.samba.org/pipermail/samba-announce/2003-March/000063.html
121
122
123 GLSA: kernel
124 ------------
125
126 Linux stable kernels 2.2 and 2.4 have a flaw in ptrace that permits local
127 users to elevate their privileges to root. The flaw is not remotely
128 exploitable. It is not believed that the flaw affects the 2.5 kernel. The
129 following kernel sources have been patched: gentoo-sources, gs-sources,
130 pfeifer-sources, sparc-sources, and xfs-sources. A patch for other sources
131 can be obtained from cvs[5].
132
133 5. http://cvs.gentoo.org/~aliz/linux-2.4.20-ptrace.patch
134
135 * Severity: High - Kernel compromise, privilege elevation.
136 * Packages Affected: Linux kernel versions 2.2, 2.4
137 * Rectification: Synchronize and emerge kernel sources for your system,
138 recompile and install kernel.
139 * GLSA Announcement[6]
140 * Advisory[7]
141
142 6. http://forums.gentoo.org/viewtopic.php?t=42814
143 7. http://marc.theaimsgroup.com/?l=linux-kernel&m=104791735604202&w=2
144
145 GLSA: mysql
146 -----------
147
148 If MySQL's configuration file's are world-writable, it is possible to
149 modify the server's configuration so that MySQL will run as root after a
150 restart. MySQL has been fixed so that it will not load world-writable
151 config files.
152
153 * Severity: High - Privilege elevation.
154 * Packages Affected: dev-db/mysql versions prior to mysql-3.23.56
155 * Rectification: Synchronize and emerge mysql, emerge clean.
156 * GLSA Announcement[8]
157 * Advisory[9]
158
159 8. http://forums.gentoo.org/viewtopic.php?t=42383
160 9. http://marc.theaimsgroup.com/?l=bugtraq&m=104739810523433&w=2
161
162 GLSA: openssl
163 -------------
164
165 OpenSSL is subject to a timing attack which may permit exposure of RSA
166 keys. This vulnerability can be eliminated by enabling RSA blinding. The
167 fix is to enable blinding by default, involving only a trivial performance
168 impact.
169
170 * Severity: High - Cryptographic exposure.
171 * Packages Affected: dev-libs/openssl versions prior to openssl-0.9.6i-r1
172 * Rectification: Synchronize and emerge openssl, emerge clean.
173 * GLSA Announcement[10]
174 * Advisory[11]
175
176 10. http://forums.gentoo.org/viewtopic.php?t=42581
177 11. http://www.openssl.org/news/secadv_20030317.txt
178
179
180 GLSA: rxvt
181 ----------
182
183 The rxvt terminal emulator is subject to remote attack when un-trusted
184 data is displayed to the screen. This exposure permits a DOS attack or (by
185 taking advantage of other vulnerabilities on the system) the potential for
186 system compromise.
187
188 * Severity: High - Remote System Compromise.
189 * Packages Affected: x11-terms/rxvt versions prior to rxvt-2.7.8-r6
190 * Rectification: Synchronize and emerge rxvt, emerge clean.
191 * GLSA Announcement[12]
192 * Advisory[13]
193
194 12. http://forums.gentoo.org/viewtopic.php?t=42582
195 13. http://marc.theaimsgroup.com/?l=bugtraq&m=104612710031920&w=2
196
197 GLSA: evolution
198 ---------------
199
200 Evolution is subject to several vulnerabilities that permit remote attacks
201 ranging from DoS through security bypasses and potential execution of
202 arbitrary code through the use of carefully crafted UUEncodes or MIME
203 headers.
204
205 * Severity: High - Multiple exposures to remote attack.
206 * Packages Affected: versions prior to evolution-1.2.3
207 * Rectification: Synchronize and emerge , emerge clean.
208 * GLSA Announcement[14]
209 * Advisory[15]
210
211 14. http://forums.gentoo.org/viewtopic.php?t=42816
212 15. http://www.coresecurity.com/common/showdoc.php?idx=309&idxseccion=10
213
214 GLSA: qpopper
215 -------------
216
217 Qpopper exposes a buffer overflow which could permit the execution of
218 arbitrary code. The code would normally be executed with the privileges of
219 a user that must be authenticated.
220
221 * Severity: Moderate - arbitrary code execution, mitigated by requirement
222 for user authentication.
223 * Packages Affected: net-mail/qpopper versions prior to qpopper-4.0.5
224 * Rectification: Synchronize and emerge qpopper, emerge clean.
225 * GLSA Announcement[16]
226 * Advisory[17]
227
228 16. http://forums.gentoo.org/viewtopic.php?t=41957
229 17. http://marc.theaimsgroup.com/?l=bugtraq&m=104739841223916&w=2
230
231 GLSA: man
232 ---------
233
234 Man contains an error return value bug that could permit a specially
235 formatted man file to execute a program named 'unsafe', if it exists.
236
237 * Severity: Moderate - arbitrary code execution, mitigated by requirement
238 for local access and program installation.
239 * Packages Affected: versions prior to
240 * Rectification: Synchronize and emerge , emerge clean.
241 * GLSA Announcement[18]
242 * Advisory[19]
243
244 18. http://forums.gentoo.org/viewtopic.php?t=42384
245 19. http://marc.theaimsgroup.com/?l=bugtraq&m=104740927915154&w=2
246
247 New Security Bug Reports
248 ------------------------
249
250 The following new security bugs were posted this week:
251
252 * net-irc/bitchx[20]
253 * dev-java/*[21]
254 * kerberos[22]
255 * net-im/gaim[23]
256 * sys-apps/baselayout[24]
257 * media-libs/net-bpm[25]
258 * sys-libs/glibc[26]
259 * net-mail/mutt[27]
260 * net-www/mod_ssl[28]
261
262 20. http://bugs.gentoo.org/show_bug.cgi?id=17567
263 21. http://bugs.gentoo.org/show_bug.cgi?id=17574
264 22. http://bugs.gentoo.org/show_bug.cgi?id=17718
265 23. http://bugs.gentoo.org/show_bug.cgi?id=17733
266 24. http://bugs.gentoo.org/show_bug.cgi?id=17738
267 25. http://bugs.gentoo.org/show_bug.cgi?id=17756
268 26. http://bugs.gentoo.org/show_bug.cgi?id=17846
269 27. http://bugs.gentoo.org/show_bug.cgi?id=17857
270 28. http://bugs.gentoo.org/show_bug.cgi?id=17862
271
272 gentoo-security
273 ---------------
274
275 Alexander Holler posted a message[29] to the gentoo-security mailing list
276 describing and offering a link to a proof-of-concept trojan for gentoo
277 that exploits the oft-discussed[30] problem that ebuilds are not signed
278 or otherwise authenticated. Mr. Holler's statement that "nobody .. seems
279 concerned about portage security" provoked some comment, as did the
280 question about whether posting a trojan for an already documented
281 vulnerability was productive or advisable. The discussion continued with
282 some expressions of concern that the issue be addressed soon, including a
283 note[31] from Daniel Robbins indicating a desire to add enhanced security
284 to Portage-2.0. All told, the discussion seems particularly timely, given
285 the recent launch[32] of the hardened gentoo project.
286
287 29. http://marc.theaimsgroup.com/?l=gentoo-security&m=104816199500974&w=2
288 30. http://bugs.gentoo.org/show_bug.cgi?id=5902
289 31. http://marc.theaimsgroup.com/?l=gentoo-security&m=104820132213706&w=2
290 32.
291 http://www.gentoo.org/news/en/gwn/20030317-newsletter.xml#doc_chap1_sect5
292
293 =================================
294 3. Featured Developer of the Week
295 =================================
296
297 Daniel Ahlberg
298
299 This week we feature Daniel Ahlberg[33], one of the watchful eyes who keep
300 Gentoo secure and up-to-date. Monitoring security-related mailing lists
301 and hunting for new package versions, he sends out GLSAs and bumps package
302 versions, facing the constant fear of breaking something when he marks a
303 package as stable. Daniel had been using Gentoo for a couple of months
304 when he saw a discussion on #gentoo-dev about how every package needed to
305 be checked for the license it used, and the new LICENSE keyword added to
306 each ebuild. Later that night he checked the licenses and updated the
307 ebuilds for a couple of categories, and sent them to drobbins and seemant,
308 who asked him to become a developer a couple of days later. Daniel doesn't
309 feel he's done anything extraordinary, but likes the occasional bash
310 script hacks he does.
311
312 33. aliz@g.o
313
314 Three years ago Daniel started a company with some of his friends; he
315 still works there, administering the network and servers, making sure
316 others can do their work, and consulting. He likes all the software he
317 uses daily, including bash, nano, phoenix, kde, enlightenment, kmail,
318 xchat, sim, kate, and gkrellm2, and runs Gentoo on his three primary
319 computers: a workstation at home and at work, and his laptop, which is
320 usually connected to his work computer by VNC. Daniel, who lives
321 "somewhere in the upper middle of Sweden", likes to read (he's on his
322 third Tom Clancy novel right now), listen to music, and watch movies.
323
324 =========================
325 4. Heard In The Community
326 =========================
327
328 Web Forums
329 ----------
330
331 Gentoo GNU/Hurd Project Started
332
333 Jon Portnoy aka avenj[34] announced last week that he's started working on
334 a port of the Hurd[35] for Gentoo, and he is currently scanning the Forums
335 for people interested in this development. The official discussion about
336 the project and the right place for anyone interested in posting a "me,
337 too" has found its permanent home here:
338
339 34. http://forums.gentoo.org/profile.php?mode=viewprofile&u=7981
340 35. http://hurd.gnu.org
341
342 * Repost: Anyone interested in Gentoo GNU/Hurd?[36]
343 * Avenj's page on Gentoo GNU/Hurd development[37]
344
345 36. http://forums.gentoo.org/viewtopic.php?t=41939
346 37. http://cvs.gentoo.org/~avenj/
347
348 Better Uses for Gentoo Gadgetry
349
350 As reported last week, the Gentoo store has recently added a few new
351 items, and one of those has inspired some hardware buffs to make it
352 slightly more useful than it already is: Who needs sandwiches and apples
353 in their Gentoo lunchbox when they can have a full-blown PC instead? Carry
354 on:
355
356 * Other uses for the Gentoo Lunch box[38]
357 * The lunchbox order page at the Gentoo store[39]
358
359 38. http://forums.gentoo.org/viewtopic.php?t=41716
360 39. http://www.cafeshops.com/gentoolinux.5161317
361
362 Intel's C Compiler in Gentoo
363
364 Using the ICC, Intel's C compiler, is still quite limited, both in terms
365 of software that can actually be built with it, and people who try using
366 despite this limitation. Some people like to replace the default GCC with
367 ICC for certain applications, and on occasion they discuss this broadly
368 enough to let others get an idea of what, why and how to do it:
369
370 * Anyone else using ICC?[40]
371 * replace gcc with Intel CC?[41]
372
373 40. http://forums.gentoo.org/viewtopic.php?t=33772
374 41. http://forums.gentoo.org/viewtopic.php?t=28435
375
376 Gentoo Installation Success on an RS/6000
377
378 Got a dusty old B50 lying around in a broom closet at the office? Here's
379 how to blow some new life into it... Welcome, thanks and congratulations
380 to Forum newcomer JurgyMan[42] for this contribution:
381
382 42. http://forums.gentoo.org/profile.php?mode=viewprofile&u=16708
383
384 * Gentoo on RS6000 B50 HOWTO - first draft[43]
385
386 43. http://forums.gentoo.org/viewtopic.php?t=42672
387
388 gentoo-user
389 -----------
390
391 Realistic Install timeframe
392
393 Trey Sizemore started an interesting thread by asking how long it
394 realistically takes to install a Gentoo Linux desktop from stage 1[44].
395 Most of the responses seemed to indicate that Trey was probably a little
396 optimistic in his initial assessment of getting a full KDE desktop up and
397 running on a PII400 in about a day. Of course, KDE is easily the largest
398 app that needs to be compiled in Trey's setup, so a lighter-weight WM like
399 fluxbox would likely drop his setup time considerably.
400
401 44. http://article.gmane.org/gmane.linux.gentoo.user/26597
402
403 * Realistic Install timeframe[45]
404
405 45.
406 http://news.gmane.org/onethread.php?group=gmane.linux.gentoo.user&root=%3C3
407 E7B2F24.407%40fastmail.fm%3E
408
409 Command line interface tools
410
411 Dhruba Bandopadhyay asked for opinions[46] regarding peoples' preferences
412 for command line interface tools. Naturally, lively discussion ensued.
413
414 46. http://article.gmane.org/gmane.linux.gentoo.user/26664
415
416 * Command line interface tools[47]
417
418 47.
419 http://news.gmane.org/onethread.php?group=gmane.linux.gentoo.user&root=%3C2
420 0030322004933.GA19784%40wolf.codewordt.co.uk%3E
421
422 ftp/iptables always in emerge world
423
424 Kurt Hindenberg asked why ftp and iptables always showed up during an
425 emerge world[48]. When it turned out that these packages were being
426 required by the base system profile, a bug report ensued[49].
427
428 48. http://article.gmane.org/gmane.linux.gentoo.user/26368
429 49. http://bugs.gentoo.org/show_bug.cgi?id=17859
430
431 * ftp/iptables always in emerge world[50]
432
433 50.
434 http://news.gmane.org/onethread.php?group=gmane.linux.gentoo.user&root=%3C2
435 00303191142.41399.khindenburg%40cherrynebula.net%3E
436
437 gentoo-dev
438 ----------
439
440 Status of a Gentoo Installer?
441
442 Bip Thelin asked[51] wether the creation of a Gentoo installer was in
443 somebody's tasklist. He proposed to implement such an installer in Java.
444 Alain Penders replied[52] with a link to CursingCow[53], a Python/NEWT
445 installer for Gentoo Linux. Although currently, only the PPC architecture
446 is supported the code does support architecture specific modules. Gentoo
447 developer Dylan Carlson finally replied[54] that even though Java would be
448 a good choice for such a task, Python plays a central role in the whole
449 Gentoo infrastructure and it may be difficult to integrate a Java solution
450 in the Gentoo toolchain.
451
452 51. http://marc.theaimsgroup.com/?l=gentoo-dev&m=104789209111303&w=2
453 52. http://marc.theaimsgroup.com/?l=gentoo-dev&m=104792524715198&w=2
454 53. http://cvs.gentoo.org/cgi-bin/viewcvs.cgi/gentoo-src/cursingcow/
455 54. http://marc.theaimsgroup.com/?l=gentoo-dev&m=104792524715198&w=2
456
457 ACCEPT_KEYWORDS + bootstrap.sh
458
459 As one user noticed[55], early this week, during the installation of his
460 Gentoo. The bootstrap process does not use the ACCEPT_KEYWORDS setting
461 from /etc/make.conf.
462
463 55. http://marc.theaimsgroup.com/?l=gentoo-dev&m=104791759004540&w=2
464
465 The ACCEPT_KEYWORDS is meant as a tool for easy testing of packages. That
466 is, effectively users can add or remove unstable packages to the usual
467 stable lot.
468
469 Disregarding the ACCEPT_KEYWORDS setting during bootstrap is not a bug.
470 Rather it is supposed to ease the installation and to secure a stable
471 foundation for the rest of Gentoo to exist on. This is done by
472 specifically choosing well tested packages as opposed to newly released
473 packages.
474
475 Some argue against this suggesting that it eliminates choices which is not
476 appropriate for the kind of distribution that Gentoo is. And that there
477 really is no point in trying to secure a stable foundation in this way
478 when the rest of the distribution make use of the ACCEPT_KEYWORDS.
479
480 And the arguments are true, for the most part. Because reading through the
481 /usr/portage/scripts/bootstrap.sh script reveals that the bootstrap
482 process grabs packages from a file describing a default profile. A default
483 profile tailored for a specific architecture (intel, ppc, etc.). So
484 instead of eliminating the choices they have been disguised as profiles,
485 waiting to be modified. The command cd $(readlink -f /etc/make.profile)
486 will bring you to the location of your default profile.
487
488 A word of caution. When modifying the default profile you can possibly
489 cripple your Gentoo installation from step one since version changes could
490 break package dependencies.
491
492 =======================
493 5. Gentoo International
494 =======================
495
496 Gentoo in the Japanese Press
497
498 Two articles in Japanese about Gentoo were published on the same day last
499 week in different magazines, both written by fervent supporters of
500 GentooJP: Yoshiaki Hagihara, one of the translators of the GWN among other
501 things, has written a very funny seven-pager ("Gentoo Lifestyle -- My days
502 with Gentoo") for LinuxPower Vol. 1[56], the first issue of this new
503 addition to the growing number of Linux magazines in Japan. And Masatomo
504 Nakano, spiritus rector of the GentooJP project, wrote his piece ("Gentoo
505 again") for the April issue of Software Design[57]. Both magazines are on
506 sale in Japanese bookshops since 18 March.
507
508 56. http://www.enterbrain.co.jp/techwin/linux/index.html
509 57. http://www.gihyo.co.jp/magazines/SD/contents
510
511 Russian Gentoo Community Set Up!
512
513 Developer George Shapovalov[58] announced that the "Fellowship of
514 gentoo.ru" has been up and running for almost a month already! The
515 Fellowship was born after growing interest in Gentoo Linux by the Russian
516 speaking community was becoming impossible to overlook, and it's already
517 got its own website[59]) and user support forums[60]. Gentoo.ru also
518 provides translations for Gentoo documentation, carefully supervised by
519 official devs. No need to be shy if you would like to help with
520 translations or any other subotnik, the Fellowship will certainly welcome
521 any such attempt. Real time chat is available on irc.rinet.ru, channel
522 #gentoo.
523
524 58. george@g.o
525 59. http://linuxshop.ru/unix4all/?cid=16
526 60. http://linuxshop.ru/forum/viewforum.php?f=16
527
528 New Mailing List for French Gentoo Users
529
530 Adding to the support base for French speakers, a new official mailing
531 list, gentoo-user-fr, has been created last week. Between the new list,
532 the French forum and the IRC channel on Freenode for French users, chances
533 to get support for technical questions are on a pretty acceptable level
534 now.
535
536 International Event Calendar
537
538 The GWN editorial staff is extremely grateful for information about
539 anything related to conferences, seminars, user meetings, install fest or
540 any other event Gentoo users are organizing or participating in. This week
541 an impressive number of events has come up, take your pick from those, and
542 send an e-mail to gwn-feedback@g.o if you know of any others:
543
544 * Austria: The Vienna community is turning openly hedonistic... They've
545 barely recovered from their last meeting, yet up comes a plan for the next
546 one. Date: 1 April, venue to be decided via this thread[61] in the German
547 forum.
548 * Portugal: Gentoo-stronghold Coimbra (and certainly one of the most
549 pleasant locations to be in around spring) is the venue for the 7th
550 "Encontro de Gestão e Tecnologias da Informação", co-organized by
551 Gentoo Forum moderator RoadRunner[62] and other Gentooists, to be held on
552 2 April in the Auditório da Reitoria at Coimbra University. An
553 indisputable highlight of this conference will be the afternoon podium
554 discussion about "Free Software Use in Public Administrations", with the
555 Marketing Director of Microsoft Portugal and the head of the Portuguese
556 Linux distribution Caixa Magica fencing it out on stage. Further
557 information here[63], if you're planning on attending the show, tell the
558 others here, please[64].
559 * France: Same day, similar subject, 800 kilometres further north... A
560 conference in Paris about opportunities for free software use in small and
561 medium sized companies may serve as a venue for an informal meeting of
562 Gentoo users, all the details are here[65].
563 * Denmark & Sweden: Also on 2 April, the Skåne Sjælland LUG is getting
564 a fully-fledged Gentoo presentation by Klavs[66]. Details were hard to get
565 by before this week's GWN deadline, but the presenter will certainly be
566 able to guide you if you make yourself heard in this forum thread[67].
567 * UK: In an almost forgotten thread in the Forums, brum-based
568 mr-simon[68] is looking for Gentooists to join him at the Linux User &
569 Developer Expo in Birmingham on 15/16 April[69].
570 * GermanyStill way ahead, but worth noting: 14 May is the tentative date
571 for Gentoo users in the Köln/Bonn region to organize their first meeting.
572 Expressions of interest in joining the crowd go here[70].
573
574 61. http://forums.gentoo.org/viewtopic.php?t=42337
575 62. http://forums.gentoo.org/profile.php?mode=viewprofile&u=2185
576 63. http://egti.dei.uc.pt
577 64. http://forums.gentoo.org/viewtopic.php?t=41922
578 65. http://forums.gentoo.org/viewtopic.php?t=41972
579 66. http://forums.gentoo.org/profile.php?mode=viewprofile&u=1524
580 67. http://forums.gentoo.org/viewtopic.php?t=42421
581 68. http://forums.gentoo.org/profile.php?mode=viewprofile&u=10081
582 69. http://forums.gentoo.org/viewtopic.php?t=36907
583 70. http://forums.gentoo.org/viewtopic.php?t=40510
584
585 ================
586 6. Portage Watch
587 ================
588
589 The following stable packages were added to portage this week
590 -------------------------------------------------------------
591
592 * app-doc/ebook-gcc : GCC 3.2 EBook."
593 * app-sci/lin-seti : A Seti@Home cache manager, cache-compatible with
594 Seti Driver. Can be run as system daemon.
595 http://lin-seti.sourceforge.net/
596 * dev-java/avalon-logkit : LogKit is an easy-to-use Java logging toolkit
597 designed for secure, performance-oriented logging.
598 http://avalon.apache.org/
599 * dev-java/commons-cli : The CLI library provides a simple and easy to
600 use API for working with the command line arguments and options.
601 http://jakarta.apache.org/commons/logging.html
602 * dev-java/gnu-jaxp : GNU JAXP, a free implementation of SAX parser API,
603 DOM Level 2, Sun JAXP 1.1. http://www.gnu.org/software/classpathx/jaxp/
604 * dev-java/velocity : A Java-based template engine that allows easy
605 creation/rendering of documents that format and present data.
606 http://jakarta.apache.org/velocity/
607 * dev-perl/Convert-ASN1 : A Convert Perl Module
608 http://www.cpan.org/modules/by-module/Convert/Convert-ASN1-0.16.readme
609 * media-gfx/gif2png : gif2png http://www.tuxedo.org/~esr/gif2png/
610 * net-mail/vacation : automatic mail answering program
611 http://vacation.sourceforge.net/
612 * sys-apps/reoback : Reoback Backup Solution
613 http://reoback.penguinsoup.org/
614 * sys-devel/oskit : Building blocks for a x86 operating system.
615 http://www.cs.utah.edu/flux/oskit/
616 * app-dicts/freedict-eng-fra :
617 * app-dicts/freedict-fra-eng :
618
619 Updates to notable packages
620 ---------------------------
621
622 * kde-base/kde - kde-3.1.1.ebuild;
623 * gnome-base/gnome - gnome-2.2.1.ebuild;
624 * sys-kernel/* - aa-sources-2.4.21_pre5-r1.ebuild;
625 aa-sources-2.4.21_pre5-r2.ebuild; development-sources-2.5.65.ebuild;
626 gentoo-sources-2.4.20-r2.ebuild; gs-sources-2.4.21_pre5-r1.ebuild;
627 mm-sources-2.5.65-r1.ebuild; mm-sources-2.5.65-r2.ebuild;
628 pfeifer-sources-2.4.20.1_pre1.ebuild; selinux-sources-2.4.20-r1.ebuild;
629 sparc-sources-2.4.20-r6.ebuild; xfs-sources-2.4.20-r1.ebuild;
630 xfs-sources-2.4.20-r2.ebuild; xfs-sources-2.4.20.ebuild;
631 * dev-db/mysql - mysql-3.23.56.ebuild;
632
633 Updates to notable packages
634 ---------------------------
635
636 * sys-apps/portage - portage-2.0.47-r10.ebuild;
637 * x11-base/xfree - xfree-4.3.0-r1.ebuild;
638 * sys-kernel/* - ac-sources-2.4.21_pre5-r3.ebuild;
639 gaming-sources-2.4.20-r1.ebuild; lolo-sources-2.4.20.2_pre5.ebuild;
640 mm-sources-2.5.64-r4.ebuild; mm-sources-2.5.64-r5.ebuild;
641 mm-sources-2.5.64-r6.ebuild; wolk-sources-4.0_rc2.ebuild;
642 wolk-sources-4.0_rc3.ebuild;
643 * dev-db/mysql - mysql-4.0.11a-r1.ebuild;
644 * app-admin/gentoolkit - gentoolkit-0.1.19-r3.ebuild;
645
646 New USE variables
647 -----------------
648
649 * lirc - Adds support for lirc (Linux's Infra-Red Remote Control)
650
651 ===========
652 7. Bugzilla
653 ===========
654
655 Summary
656 -------
657
658 * Statistics
659 * Closed Bug Ranking
660 * New Bug Rankings
661
662 Statistics
663 ----------
664
665 The Gentoo community uses Bugzilla (bugs.gentoo.org[74]) to record and
666 track bugs, notifications, suggestions and other interactions with the
667 development team. In the last 7 days, activity on the site has resulted
668 in:
669
670 74. http://bugs.gentoo.org
671
672 * 275 new bugs this week
673 * 294 bugs closed or resolved this week
674 * 9 previously closed bugs were reopened this week.
675 * 2161 total bugs currently marked 'new'
676 * 465 total bugs currently assigned to developers
677
678 There are currently 3001 bugs open in bugzilla. Of these: 70 are labeled
679 'blocker', 108 are labeled 'critical', and 228 are labeled 'major'.
680
681 Closed Bug Rankings
682 -------------------
683
684 The developers and teams who have closed the most bugs this week are:
685
686 * Martin Schlemmer[75], with 16 closed bugs[76]
687 * Seemant Kulleen[77], with 14 closed bugs[78]
688 * The Gnome Team[79], with 13 closed bugs[80]
689 * Martin Holzer[81], with 13 closed bugs[82]
690
691 75. azarah@g.o
692 76.
693 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&ch
694 field=bug_status&chfieldfrom=2003-03-15&chfieldto=Now&resolution=FIXED&assi
695 gned_to=azarah%40gentoo.org
696 77. seemant@g.o
697 78.
698 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&ch
699 field=bug_status&chfieldfrom=2003-03-15&chfieldto=Now&resolution=FIXED&assi
700 gned_to=seemant%40gentoo.org
701 79. gnome@g.o
702 80.
703 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&ch
704 field=bug_status&chfieldfrom=2003-03-15&chfieldto=Now&resolution=FIXED&assi
705 gned_to=gnome%40gentoo.org
706 81. mholzer@g.o
707 82.
708 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&ch
709 field=bug_status&chfieldfrom=2003-03-15&chfieldto=Now&resolution=FIXED&assi
710 gned_to=mholzer%40gentoo.org
711
712 New Bug Rankings
713 ----------------
714
715 The developers and teams who have been assigned the most new bugs this
716 week are:
717
718 * The x86 Kernel Team[83], with 19 new bugs[84]
719 * The Gnome Team[85], with 12 new bugs[86]
720 * Nick Hadaway[87], with 9 new bugs[88]
721 * Nicholas Jones[89], with 9 new bugs[90]
722 * Martin Holzer[91], with 7 new bugs[92]
723
724 83. x86-kernel@g.o
725 84.
726 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s
727 tatus=REOPENED&chfield=assigned_to&chfieldfrom=2003-03-15&chfieldto=Now&=&a
728 ssigned_to=x86-kernel%40gentoo.org
729 85. gnome@g.o
730 86.
731 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s
732 tatus=REOPENED&chfield=assigned_to&chfieldfrom=2003-03-15&chfieldto=Now&=&a
733 ssigned_to=gnome%40gentoo.org
734 87. raker@g.o
735 88.
736 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s
737 tatus=REOPENED&chfield=assigned_to&chfieldfrom=2003-03-15&chfieldto=Now&=&a
738 ssigned_to=raker%40gentoo.org
739 89. carpaski@g.o
740 90.
741 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s
742 tatus=REOPENED&chfield=assigned_to&chfieldfrom=2003-03-15&chfieldto=Now&=&a
743 ssigned_to=carpaski%40gentoo.org
744 91. mholzer@g.o
745 92.
746 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s
747 tatus=REOPENED&chfield=assigned_to&chfieldfrom=2003-03-15&chfieldto=Now&=&a
748 ssigned_to=mholzer%40gentoo.org
749
750
751 ==================
752 8. Tips and Tricks
753 ==================
754
755 Using tmpfs
756
757 This week's tip shows you how to make use of tmpfs to speed up access time
758 for small temporary files. Tmpfs simulates a filesystem by supporting
759 normal read/writes but the files are stored in memory. This makes access
760 much faster. Note that files stored in tmpfs are not saved between
761 reboots. Also, tmpfs is only recommended for systems with large amounts of
762 memory.
763
764 First make sure that tmpfs is enabled in your kernel.
765
766 ---------------------------------------------------------------------------
767 | Code Listing 8.1: |
768 | Enabling tmpfs in the kernel |
769 ---------------------------------------------------------------------------
770 | |
771 |# cd /usr/src/linux |
772 |# make menuconfig |
773 | Enable File Systems --> |
774 | [*] Virtual memory system support |
775 | (Enable this option) |
776 | |
777 |# make dep && make clean bzImage |
778 | |
779 |Make sure /boot is mounted before this step |
780 |# cp /usr/src/linux/arch/i386/boot/bzImage /boot |
781 | |
782 ---------------------------------------------------------------------------
783
784 /tmp is the most common place for temporary files. We will use tmpfs to
785 mount /tmp
786
787 ---------------------------------------------------------------------------
788 | Code Listing 8.2: |
789 | Mounting /tmp with tmpfs |
790 ---------------------------------------------------------------------------
791 | |
792 |# mount -t tmpfs tmpfs /tmp |
793 | |
794 ---------------------------------------------------------------------------
795
796 Now that /tmp is mounted, all you have to do is add the following to your
797 /etc/fstab in order to have it load on boot.
798
799 ---------------------------------------------------------------------------
800 | Code Listing 8.3: |
801 | Add the following line to your stab file |
802 ---------------------------------------------------------------------------
803 | |
804 |tmpfs /tmp tmpfs defaults 0 0 |
805 | |
806 ---------------------------------------------------------------------------
807
808 ==========================
809 9. Moves, Adds and Changes
810 ==========================
811
812 Moves
813 -----
814
815 The following developers recently left the Gentoo team:
816
817 * none this week
818
819 Adds
820 ----
821
822 The following developers recently joined the Gentoo Linux team:
823
824 * Felix De Vliegher (Popsickle) -- LiveCD, KDE
825 * Philip Walls (malverian) -- media-gfx, distributed computing stuff
826 * Matthew Rickard (frogger) -- ProPolice
827 * Jeraimee Hughes (a.sleep) -- Gentoo Infrastructure
828
829 Changes
830 -------
831
832 The following developers recently changed roles within the Gentoo Linux
833 project.
834
835 * Mark Guertin (gerk) -- Retired as Gentoo/PPC Project Lead
836
837 =====================
838 10. Contribute to GWN
839 =====================
840
841 Interested in contributing to the Gentoo Weekly Newsletter? Send us an
842 email[93].
843
844 93. gwn-feedback@g.o
845
846 ================
847 11. GWN Feedback
848 ================
849
850 Please send us your feedback[94] and help make GWN better.
851
852 94. gwn-feedback@g.o
853
854 ===================
855 12. Other Languages
856 ===================
857
858 The Gentoo Weekly Newsletter is also available in the following languages:
859
860 * Dutch[95]
861 * English[96]
862 * German[97]
863 * French[98]
864 * Japanese[99]
865 * Italian[100]
866 * Portuguese (Brazil)[101]
867 * Portuguese (Portugal)[102]
868 * Spanish[103]
869
870 95. http://www.gentoo.org/news/be/gwn/gwn.xml
871 96. http://www.gentoo.org/news/en/gwn/gwn.xml
872 97. http://www.gentoo.org/news/de/gwn/gwn.xml
873 98. http://www.gentoo.org/news/fr/gwn/gwn.xml
874 99. http://www.gentoo.org/news/ja/gwn/gwn.xml
875 100. http://www.gentoo.org/news/it/gwn/gwn.xml
876 101. http://www.gentoo.org/news/br/gwn/gwn.xml
877 102. http://www.gentoo.org/news/pt/gwn/gwn.xml
878 103. http://www.gentoo.org/news/es/gwn/gwn.xml
879
880
881 Kurt Lieber <klieber@g.o> - Editor
882 AJ Armstrong <aja@×××××××××××××.com> - Contributor
883 Brice Burgess <nesta@×××××××.net> - Contributor
884 Yuji Carlos Kosugi <carlos@g.o> - Contributor
885 Rafael Cordones Marcos <rcm@×××××××.net> - Contributor
886 David Narayan <david@×××××××.net> - Contributor
887 Ulrich Plate <plate@g.o> - Contributor
888 Peter Sharp <mail@××××××××××××××.net> - Contributor
889 Kim Tingkaer <kim@×××××××.dk> - Contributor
890 Mathy Vanvoorden <matje@×××××××.be> - Dutch Translation
891 Tom Van Laerhoven <tom.vanlaerhoven@××××××.be> - Dutch Translation
892 Peter Dijkstra <phj.dijkstra@××××.nl> - Dutch Translation
893 Bernard Bernieke <bernieke@××××××××.com> - Dutch Translation
894 Vincent Verleye <zu@×××××××.be> - Dutch Translation
895 Jochen Maes <linux@××××.be> - Dutch Translation
896 Ben De Groot <yngwin@××××××.nl> - Dutch Translation
897 Jelmer Jaarsma <j.jaarsma@××××××××××××××××××.nl> - Dutch Translation
898 Nicolas Ledez <nicolas.ledez@××××.fr> - French Translation
899 Guillaume Plessis <gui@×××××××××.com> - French Translation
900 John Berry <anfini@××××.fr> - French Translation
901 Martin Prieto <riverdale@×××××××××.org> - French Translation
902 Michael Kohl <citizen428@g.o> - German Translation
903 Steffen Lassahn <madeagle@g.o> - German Translation
904 Matthias F. Brandstetter <haim@g.o> - German Translation
905 Thomas Raschbacher <lordvan@g.o> - German Translation
906 Marco Mascherpa <mush@××××××.net> - Italian Translation
907 Claudio Merloni <paper@×××××××.it> - Italian Translation
908 Daniel Ketel <kage-chan@g.o> - Japanese Translation
909 Yoshiaki Hagihara <hagi@×××.com> - Japanese Translation
910 Andy Hunne <andy@×××××××××.com> - Japanese Translation
911 Yuji Carlos Kosugi <carlos@g.o> - Japanese Translation
912 Yasunori Fukudome <yasunori@××××××××××××××××.uk> - Japanese Translation
913 Ventura Barbeiro <venturasbarbeiro@××××××.br> - Portuguese (Brazil)
914 Translation
915 Bruno Ferreira <blueroom@××××××××××××.net> - Portuguese (Portugal)
916 Translation
917 Gustavo Felisberto <gustavo@××××××××××.net> - Portuguese (Portugal)
918 Translation
919 Ricardo Jorge Louro <rjlouro@×××××××.org> - Portuguese (Portugal)
920 Translation
921 Lanark <lanark@××××××××××.ar> - Spanish Translation
922 Rafael Cordones Marcos <rcm@×××××××.net> - Spanish Translation
923 Julio Castillo <julio@×××××××××××××.com> - Spanish Translation
924 Sergio Gómez <s3r@××××××××××××.ar> - Spanish Translation
925 Pablo Pita Leira <pablo.leira@×××××××××.com> - Spanish Translation
926 Carlos Castillo <carlos@×××××××××××××.com> - Spanish Translation
927 Tirant <tirant@×××××.net> - Spanish Translation
928 Jaime Freire <jfreire@××.com> - Spanish Translation
929 Lucas Sallovitz <krusty_ar@×××××.com> - Spanish Translation