Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-gwn

From: Ulrich Plate <plate@g.o>
To: gentoo-gwn@l.g.o
Subject: [gentoo-gwn] Gentoo Weekly Newsletter 4 October 2004
Date: Sun, 03 Oct 2004 23:02:05
Message-Id: 20041004005429.0a081995.plate@gentoo.org
1 ---------------------------------------------------------------------------
2 Gentoo Weekly Newsletter
3 http://www.gentoo.org/news/en/gwn/current.xml
4 This is the Gentoo Weekly Newsletter for the week of 4 October 2004.
5 ---------------------------------------------------------------------------
6
7 ==============
8 1. Gentoo News
9 ==============
10
11 Website redesign finalists up for voting
12 ----------------------------------------
13
14 The Gentoo Foundation's website redesign contest has reached its final
15 stage. More than 30 designs had been submitted to the preselection
16 committee, and choosing only five candidates was not easy for the jury.
17 Now the finalists are up for public assessment at the contest webpage[1],
18 and Gentoo users get to vote for their favorite design. A poll has been
19 set up at the Gentoo Forums, and registered users can enter their vote
20 here[2] no later than 8 October 2004.
21
22 1. http://www.gentoo.org/proj/en/infrastructure/redesign-guidelines.xml
23 2. http://forums.gentoo.org/viewtopic.php?t=227589
24
25 Gentoo PPC developers meet in Germany
26 -------------------------------------
27
28 Among the remarkable things to happen at the first international Gentoo
29 PPC developer meeting was the mere appearance of one of its participants:
30 Bryon Roche[3], who pioneered the port of Gentoo to the PPC platform in
31 early 2002, had disappeared from active Gentoo development more than half
32 a year ago when he joined the U.S. infantry. Last Thursday he was reunited
33 with his European developer colleagues at Kransberg Castle, which is just
34 a 20-minute drive from his German outpost...
35
36 3. kain@g.o
37
38 Figure 1.1: Gentoo PPC co-founder Bryon Roche
39 http://www.gentoo.org/images/gwn/20041004-kain.jpg
40
41 Working together exclusively over IRC and mailing lists may be only a
42 substitute for real-life interaction, but getting together in the flesh
43 for the first time, in the Taunus mountain area just north of Frankfurt am
44 Main, really was like meeting old friends. Only a few of the participants
45 knew each other from FOSDEM in Brussels earlier this year, making this new
46 opportunity attractive enough for e.g. Michael Hanselmann[4] from
47 Switzerland to spontaneously decide on Thursday morning to hop on the next
48 train to Frankfurt to be there, too. David Holm[5] (Sweden) and Luca
49 Barbato[6] (Italy) had attended the Freescale Smart Networks Developer
50 Forum[7] in Frankfurt since Tuesday, and Lars Weiler[8] (Germany) and
51 Damien Krotkine[9] (France) joined for the last day of that conference,
52 dedicated to introductory seminars for the recipients of free PegasosPPC
53 desktop computers handed out by the organizers. Four of those donated
54 Pegasos machines (with Debian and Yellow Dog Linux plus the exotic MorphOS
55 operating system pre-installed) ended up at the castle, one of them not
56 lasting 10 minutes before a Gentoo LiveCD was spinning on it. Like G.I.
57 Kain, Pieter van den Abeele[10] and Jochen Maes[11] (both from Belgium)
58 and guest dev Benjamin Judas[12] (Germany), the release engineer for x86,
59 only came to attend the Gentoo gathering.
60
61 4. hansmi@g.o
62 5. dholm@g.o
63 6. lu_zero@g.o
64 7.
65 http://www.freescale.com/webapp/sps/site/overview.jsp?nodeId=02VS0llCc5pzMP
66 2861
67 8. pylon@g.o
68 9. dams@g.o
69 10. pvdabeel@g.o
70 11. sejo@g.o
71 12. beejay@g.o
72
73 Figure 1.2: Screen shot of a Pegasos desktop PC running Gentoo Linux from
74 a PPC-LiveCD
75 http://www.gentoo.org/images/gwn/20041004-pegasos.jpg
76
77 On top of the Gentoo PPC meeting's agenda was the release engineering for
78 2004.3, centering on questions like choosing udev for device handling, and
79 whether to address hardware issues in the kernel. Pvdabeel announced a new
80 KDE/Gnome LiveDVD for PPC, SeJo reported from talks he had had with
81 Benjamin Herrenschmidt, the PPC kernel maintainer, and motioned for Java
82 1.5 to be masked at this stage, because of its lack of backward
83 compatibility. A tentative roadmap for PPC development in 2005 was also
84 drafted, and old and new reponsibilities were discussed and assigned to
85 individual developers.
86
87 Figure 1.3: From left to right, above: plate, beejay, pvdabeel, dams;
88 below: pylon and lu_zero
89 http://www.gentoo.org/images/gwn/20041004-collage1.jpg
90
91 Figure 1.4: Hansmi, dholm and sejo
92 http://www.gentoo.org/images/gwn/20041004-collage2.jpg
93
94 Amid all the serious talk there was space and time enough for recreation,
95 of course. Pvdabeel and SeJo had cleverly thought in advance to bring
96 Belgian beer in quantities that would have been enough, all truth told, to
97 entertain twice as many people. Photos of the event including a few shots
98 of the scenery surrounding the castle, the insides of donated PegasosPPCs,
99 and mug shots of all attendants are here[13], and even more are here[14],
100 including lots of pictures from SNDF.
101
102 13. http://www.sejo.be/kransberg
103 14. http://rift.ath.cx/~avatar/SNDF/
104
105 Nvidia Nforce network chipset driver change in Portage
106 ------------------------------------------------------
107
108 Daniel Drake[15] announced last week that the proprietary nforce-net
109 driver currently in Portage would be removed in favour of its open-source
110 alternative forcedeth. Forcedeth contains fixes to those bugs in
111 nforce-net that nobody outside of Nvidia was able to address, and it is
112 also supported by Nvidia itself, which recently provided some important
113 patches to the reverse-engineered code of the Forcedeth project. DSD's
114 developer space on gentoo.org[16] contains instructions for Gentoo users
115 on replacing the driver.
116
117 15. dsd@g.o
118 16. http://dev.gentoo.org/~dsd/nforce-net-to-forcedeth.htm
119
120 ==================
121 2. Gentoo security
122 ==================
123
124 X.org, XFree86: Integer and stack overflows in libXpm
125 -----------------------------------------------------
126
127 libXpm, the X Pixmap library that is a part of the X Window System,
128 contains multiple stack and integer overflows that may allow a
129 carefully-crafted XPM file to crash applications linked against libXpm,
130 potentially allowing the execution of arbitrary code.
131
132 For more information, please see the GLSA Announcement[17]
133
134 17. http://www.gentoo.org/security/en/glsa/glsa-200409-34.xml
135
136 Subversion: Metadata information leak
137 -------------------------------------
138
139 An information leak in mod_authz_svn could allow sensitive metadata of
140 protected areas to be leaked to unauthorized users.
141
142 For more information, please see the GLSA Announcement[18]
143
144 18. http://www.gentoo.org/security/en/glsa/glsa-200409-35.xml
145
146 sharutils: Buffer overflows in shar.c and unshar.c
147 ---------------------------------------------------
148
149 sharutils contains two buffer overflow vulnerabilities that could lead to
150 arbitrary code execution.
151
152 For more information, please see the GLSA Announcement[19]
153
154 19. http://www.gentoo.org/security/en/glsa/glsa-200410-01.xml
155
156 =========================
157 3. Heard in the community
158 =========================
159
160 Web forums
161 ----------
162
163 Checksum worries
164
165 A sci.crypt newsgroup posting by Tom St. Denis triggered a forum thread
166 about whether vulnerabilities in MD5 make it possible to get malicious
167 code past security and into the Portage tree:
168
169 * Gentoo Linux Insecurities[20]
170 20. http://forums.gentoo.org/viewtopic.php?t=229875
171
172
173 gentoo-user
174 -----------
175
176 Newcomers and etc-update
177
178 Using etc-update properly is vital to the ongoing stability of your Gentoo
179 system. However, at the same time it can be one of the most confusing
180 aspects for people new to Gentoo. Many other distributions do the "work"
181 of maintaining most of the configuration files, however Gentoo's hands-on
182 approach requires gaining sufficient knowledge to surf through the /etc
183 directory and at least know what the files are for. This thread was
184 started by a Gentoo newcomer who accidentally overwrote most of his /etc
185 configuration files, and it discusses methods for recovering as well as
186 some handy etc-update use tips.
187
188 * etc-update Noob mistake[21]
189 21. http://thread.gmane.org/gmane.linux.gentoo.user/101079
190
191
192 gentoo-dev
193 ----------
194
195 Non-root emerges
196
197 The possibilities and security implications of non-root (i.e. normal user)
198 emerges were discussed in this thread. Portage has limited support
199 ("userpriv" and "sandbox" features), but the installation of software
200 needs root privileges at some point.
201
202 * Non-root emerges[22]
203 22. http://thread.gmane.org/gmane.linux.gentoo.devel/21739
204
205
206 Removing dhcpcd from system?
207
208 This long thread weighed the pros and cons of having dhcpcd as part of the
209 system profile, drifting off to a discussion of what needs to be part of
210 the base system in the first place.
211
212 * Removing dhcpcd from system?[23]
213 * Removing dhcpcd from system?[24] (continued)
214 23. http://thread.gmane.org/gmane.linux.gentoo.devel/21624
215 24. http://thread.gmane.org/gmane.linux.gentoo.devel/21754
216
217
218 Integrating the hardened toolchain and better NTPL support
219
220 Travis Tilley[25] caught the list's attention with two topics this week:
221 "Recent gcc ebuilds have been patched to recognise an environment
222 variable, GCC_SPECS, that sets which specs-file should be used. The gcc
223 3.4.2-r2 ebuild also builds both hardened and non-hardened specs files for
224 all users," in reference to the efforts for integrating the hardened
225 toolchain to Gentoo, and concerning support for NTPL: "[The ebuild] builds
226 glibc twice, once with and once without nptl. The nptl libs go into
227 lib/tls where they belong and are used by default when using a 2.6 kernel
228 and LD_ASSUME_KERNEL isn't set."
229
230 25. lv@g.o
231
232 * Integrating the hardened toolchain[26]
233 * Better NTPL support[27]
234 26. http://thread.gmane.org/gmane.linux.gentoo.devel/21792
235 27. http://thread.gmane.org/gmane.linux.gentoo.devel/21790
236
237
238 =======================
239 4. Gentoo International
240 =======================
241
242 Italy: Gentoo installation week at University of Bologna
243
244 It is only open to registered students of information science at Bologna's
245 university, but it is a highly interesting initiative: During the entire
246 week of 11 to 15 October, weathered Gentooists of the faculty will provide
247 an "assisted installation" of Gentoo Linux on their co-ed's PCs. For those
248 who have access to it, all the necessary details are to be had via the
249 university's internal newsgroup, unibo.cs.students. Although it is of
250 immediate benefit only to a limited audience this time, the event doubles
251 as a dress rehearsal for a planned public Bolognese "Gentoo Installation
252 Week" in the near future.
253
254 ======================
255 5. Gentoo in the press
256 ======================
257
258 Linux.com (28 September 2004)
259 -----------------------------
260
261 Linux.com[28], the "Enterprise Linux Resource," carried an article by Jem
262 Matz[29] on "Gentoo in the server room", reflecting the use of Gentoo
263 Linux for web servers and back room production platforms, featuring two
264 Gentoo sponsor companies, Tek Alchemy[30] and Seven L Networks[31].
265
266 28.
267 http://distrocenter.linux.com/distrocenter/04/09/23/1944240.shtml?tid=127&t
268 id=108
269 29. http://www.thejemreport.com
270 30. http://www.tek.net
271 31. http://www.sevenl.net
272
273 Linux Format (October issue 2004)
274 ----------------------------------
275
276 Linux Format[32], a UK Linux magazine published by the Future Publications
277 group, has Gentoo Linux on the cover DVD of the October issue. This is a
278 full source installation of Gentoo's latest 2004.2 release, with the DVD
279 booting as an x86 LiveCD and more than 2GB of source in the distfiles
280 directory. The magazine also contains detailed information on installing
281 Gentoo. The CD version of the magazine has two CDs dedicated to Gentoo,
282 and the DVD version also contains the AMD64 live CD ISO image.
283
284 32. http://linuxformat.co.uk
285
286 LinuxPlanet (DistributionWatch, September 2004)
287 -----------------------------------------------
288
289 Sean Michael Kerner has just published his latest report called
290 "DistributionWatch: Your Guide to Linux Distributions" at LinuxPlanet[33],
291 one of the publications of Internet.com. Gentoo is featuring prominently
292 in the "Major Linux distributions" section, while "Specialized
293 distributions", interestingly enough, lists both Gentoo Linux and its
294 predecessor Enoch, extinct since 1999...
295
296 33. http://www.linuxplanet.com/linuxplanet/reports/1266/1/
297
298 ===========
299 6. Bugzilla
300 ===========
301
302 Summary
303 -------
304
305 * Statistics
306 * Closed bug ranking
307 * New bug rankings
308
309 Statistics
310 ----------
311
312 The Gentoo community uses Bugzilla (bugs.gentoo.org[34]) to record and
313 track bugs, notifications, suggestions and other interactions with the
314 development team. Between 25 September 2004 and 01 October 2004, activity
315 on the site has resulted in:
316
317 34. http://bugs.gentoo.org
318
319 * 714 new bugs during this period
320 * 426 bugs closed or resolved during this period
321 * 27 previously closed bugs were reopened this period
322
323 Of the 7175 currently open bugs: 136 are labeled 'blocker', 227 are
324 labeled 'critical', and 555 are labeled 'major'.
325
326 Closed bug rankings
327 -------------------
328
329 The developers and teams who have closed the most bugs during this period
330 are:
331
332 * net-dialup[35], with 23 closed bugs[36]
333 * Gentoo Games[37], with 19 closed bugs[38]
334 * osx porters[39], with 17 closed bugs[40]
335 * AMD64 Porting Team[41], with 17 closed bugs[42]
336 * Perl Devs @ Gentoo[43], with 16 closed bugs[44]
337 * Jeremy Huddleston[45], with 16 closed bugs[46]
338 * Net-Mail Packages[47], with 15 closed bugs[48]
339 * Gentoo's Team for Core System packages[49], with 15 closed bugs[50]
340 35. net-dialup@g.o
341 36.
342 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&ch
343 field=bug_status&chfieldfrom=2004-09-25&chfieldto=2004-10-01&resolution=FIX
344 ED&assigned_to=net-dialup@g.o
345 37. games@g.o
346 38.
347 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&ch
348 field=bug_status&chfieldfrom=2004-09-25&chfieldto=2004-10-01&resolution=FIX
349 ED&assigned_to=games@g.o
350 39. osx@g.o
351 40.
352 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&ch
353 field=bug_status&chfieldfrom=2004-09-25&chfieldto=2004-10-01&resolution=FIX
354 ED&assigned_to=osx@g.o
355 41. amd64@g.o
356 42.
357 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&ch
358 field=bug_status&chfieldfrom=2004-09-25&chfieldto=2004-10-01&resolution=FIX
359 ED&assigned_to=amd64@g.o
360 43. perl@g.o
361 44.
362 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&ch
363 field=bug_status&chfieldfrom=2004-09-25&chfieldto=2004-10-01&resolution=FIX
364 ED&assigned_to=perl@g.o
365 45. eradicator@g.o
366 46.
367 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&ch
368 field=bug_status&chfieldfrom=2004-09-25&chfieldto=2004-10-01&resolution=FIX
369 ED&assigned_to=eradicator@g.o
370 47. net-mail@g.o
371 48.
372 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&ch
373 field=bug_status&chfieldfrom=2004-09-25&chfieldto=2004-10-01&resolution=FIX
374 ED&assigned_to=net-mail@g.o
375 49. base-system@g.o
376 50.
377 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&ch
378 field=bug_status&chfieldfrom=2004-09-25&chfieldto=2004-10-01&resolution=FIX
379 ED&assigned_to=base-system@g.o
380
381
382 New bug rankings
383 ----------------
384
385 The developers and teams who have been assigned the most new bugs during
386 this period are:
387
388 * Gentoo KDE team[51], with 16 new bugs[52]
389 * Gentoo Linux Gnome Desktop Team[53], with 16 new bugs[54]
390 * Gentoo Science Related Packages[55], with 15 new bugs[56]
391 * Gentoo X-windows packagers[57], with 14 new bugs[58]
392 * osx porters[59], with 12 new bugs[60]
393 * Gentoo Sound Team[61], with 11 new bugs[62]
394 * Java team[63], with 10 new bugs[64]
395 * AMD64 Porting Team[65], with 10 new bugs[66]
396 51. kde@g.o
397 52.
398 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s
399 tatus=REOPENED&chfield=assigned_to&chfieldfrom=2004-09-25&chfieldto=2004-10
400 -01&assigned_to=kde@g.o
401 53. gnome@g.o
402 54.
403 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s
404 tatus=REOPENED&chfield=assigned_to&chfieldfrom=2004-09-25&chfieldto=2004-10
405 -01&assigned_to=gnome@g.o
406 55. sci@g.o
407 56.
408 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s
409 tatus=REOPENED&chfield=assigned_to&chfieldfrom=2004-09-25&chfieldto=2004-10
410 -01&assigned_to=sci@g.o
411 57. x11@g.o
412 58.
413 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s
414 tatus=REOPENED&chfield=assigned_to&chfieldfrom=2004-09-25&chfieldto=2004-10
415 -01&assigned_to=x11@g.o
416 59. osx@g.o
417 60.
418 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s
419 tatus=REOPENED&chfield=assigned_to&chfieldfrom=2004-09-25&chfieldto=2004-10
420 -01&assigned_to=osx@g.o
421 61. sound@g.o
422 62.
423 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s
424 tatus=REOPENED&chfield=assigned_to&chfieldfrom=2004-09-25&chfieldto=2004-10
425 -01&assigned_to=sound@g.o
426 63. java@g.o
427 64.
428 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s
429 tatus=REOPENED&chfield=assigned_to&chfieldfrom=2004-09-25&chfieldto=2004-10
430 -01&assigned_to=java@g.o
431 65. amd64@g.o
432 66.
433 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s
434 tatus=REOPENED&chfield=assigned_to&chfieldfrom=2004-09-25&chfieldto=2004-10
435 -01&assigned_to=amd64@g.o
436
437
438 ==================
439 7. Tips and Tricks
440 ==================
441
442 Some pretty .bashrc hints
443 -------------------------
444
445 This week we cover some nice to know bash tips that in my opinion every
446 user should know of.
447
448 Do not remember a command you typed in a few days ago and can not find it
449 because it has already been removed from your .bash_history? Then it is
450 time to increase the number of lines bash keeps in its history file.
451
452 ---------------------------------------------------------------------------
453 | Code Listing 7.1: |
454 |~/.bashrc-----------------------------------------------------------------|
455 --------
456 |# Keep 1000 lines in .bash_history (default is 500) |
457 |export HISTSIZE=1000 |
458 |export HISTFILESIZE=1000 |
459 ---------------------------------------------------------------------------
460
461 Note: To find commands in your history easily use the ctrl+r shortcut to
462 reverse-search your .bash_history as you type.
463
464 If you want to stop bash from creating a history file simply add export
465 HISTFILE=/dev/null to your .bashrc.
466
467 Another nice tip is to put export HISTCONTROL=ignoredups into your .bashrc
468 that will stop bash from caching duplicate lines.
469
470 ===========================
471 8. Moves, adds, and changes
472 ===========================
473
474 Moves
475 -----
476
477 The following developers recently left the Gentoo team:
478
479 * None this week
480
481 Adds
482 ----
483
484 The following developers recently joined the Gentoo Linux team:
485
486 * None this week
487
488 Changes
489 -------
490
491 The following developers recently changed roles within the Gentoo Linux
492 project:
493
494 * None this week
495
496 ====================
497 9. Contribute to GWN
498 ====================
499
500 Interested in contributing to the Gentoo Weekly Newsletter? Send us an
501 email[67].
502
503 67. gwn-feedback@g.o
504
505 ================
506 10. GWN feedback
507 ================
508
509 Please send us your feedback[68] and help make the GWN better.
510
511 68. gwn-feedback@g.o
512
513 ================================
514 11. GWN subscription information
515 ================================
516
517 To subscribe to the Gentoo Weekly Newsletter, send a blank email to
518 gentoo-gwn-subscribe@g.o.
519
520 To unsubscribe to the Gentoo Weekly Newsletter, send a blank email to
521 gentoo-gwn-unsubscribe@g.o from the email address you are
522 subscribed under.
523
524 ===================
525 12. Other languages
526 ===================
527
528 The Gentoo Weekly Newsletter is also available in the following languages:
529
530 * Danish[69]
531 * Dutch[70]
532 * English[71]
533 * German[72]
534 * French[73]
535 * Japanese[74]
536 * Italian[75]
537 * Polish[76]
538 * Portuguese (Brazil)[77]
539 * Portuguese (Portugal)[78]
540 * Russian[79]
541 * Spanish[80]
542 * Turkish[81]
543 69. http://www.gentoo.org/news/da/gwn/gwn.xml
544 70. http://www.gentoo.org/news/be/gwn/gwn.xml
545 71. http://www.gentoo.org/news/en/gwn/gwn.xml
546 72. http://www.gentoo.org/news/de/gwn/gwn.xml
547 73. http://www.gentoo.org/news/fr/gwn/gwn.xml
548 74. http://www.gentoo.org/news/ja/gwn/gwn.xml
549 75. http://www.gentoo.org/news/it/gwn/gwn.xml
550 76. http://www.gentoo.org/news/pl/gwn/gwn.xml
551 77. http://www.gentoo.org/news/br/gwn/gwn.xml
552 78. http://www.gentoo.org/news/pt/gwn/gwn.xml
553 79. http://www.gentoo.org/news/ru/gwn/gwn.xml
554 80. http://www.gentoo.org/news/es/gwn/gwn.xml
555 81. http://www.gentoo.org/news/tr/gwn/gwn.xml
556
557
558 Ulrich Plate <plate@g.o> - Editor
559 Brian Downey <bdowney@×××××××××××.net> - Author
560 Christian Hartmann <ian@g.o> - Author
561 Patrick Lauer <patrick@g.o> - Author
562 Emmet Wagle <ewagle@×××××.com> - Author
563
564
565 --
566 gentoo-gwn@g.o mailing list
Report Message
Find on MARC Find on Google Groups