Gentoo Archives: gentoo-gwn

From: Ulrich Plate <plate@g.o>
To: gentoo-gwn@l.g.o
Subject: [gentoo-gwn] Gentoo Weekly Newsletter 9 May 2005
Date: Tue, 10 May 2005 10:56:01
With our sincere apologies for the delay:

Gentoo Weekly Newsletter
This is the Gentoo Weekly Newsletter for the week of 9 May 2005.
1. Gentoo News
Recruiting printing experts
The printing herd is looking for help with some of their packages, 
particularly to close some of the more than a hundred bugs[1] that have 
accumulated because the team is severely understaffed. People with 
considerable experience in both Gentoo and applications or utilities like 
CUPS, Ghostscript, gimp-print, xpdf, acroread and more, are vigorously 
encouraged to approach Heinrich Wendel[2] directly, or contact the Gentoo 
developer relations[3] with a short self-introduction including a few 
words on your experiences in the field. 

 2. lanius@g.o
 3. recruiters@g.o
News from the Forums
Staff shuffle at the Forums[4] again. Administrator Christian Hartmann[5] 
is back in play after a timeout of several weeks. During his absence, 
fellow admin Tom Knight[6] has updated the forum software to the latest 
phpBB version 2.0.15, and made some useful changes to the search function. 
The collection of these and other announcements can always be found in the 
News & Announcements forum[7]. 

 5. ian@g.o
 6. tomk@×××××××××××××.org
2. Developer of the week
"There must be no barriers to freedom of inquiry." -- Danny van Dyk 
Figure 2.1: Danny van Dyk aka kugelfang
This weeks featured develeoper is Danny van Dyk[8], the Operational Lead 
(with Mike Doty[9]) and Gentoo/AMD64 Release Coordinator, as well as a 
member of the Gentoo Scientific Project. "My work as operational lead 
developer for Gentoo/AMD64 mainly requires me to be update on the things 
the other devs do, coordinate their work, and apart from that I try to fix 
as many open bugs as possible, which is how I was recruited onto the team 
in the first place." 

 8. kugelfang@g.o
 9. kingtaco@g.o
Gentoo is Danny's first OSS project, and he takes quite some pride in the 
work he has done for Gentoo Linux on AMD64. He is a student of physics at 
the University of Dortmund and spends a lot of his time on Gentoo. When he 
isn't busy studying himself he works as a tutor and helps other students 
with trivial things such as mathematics, physics and programming 
languages, although he is for hire at the moment since his tutor job has 
He was appointed as release coordinator for AMD64 quite recently. Jason 
Huebel[10] had him step in to make the 2005.0 release media (LiveCDs, 
stages, package-CD). His computers all have greek letters as host names to 
make them more interesting, and his collection of machine covers most of 
x86, ppc and amd64. His most important tool seems to be a HP LaserJet 4+, 
while on the software side he shows how open-minded he can be by using KDE 
along with Mozilla Thunderbird and XMMS, showing off the friendly 
coexistence of things Qt and Gtk. 

 10. jhuebel@g.o
Even more amazingly he plays the flute and loves to cook, especially new 
and untested meals that show what real hackers can do in real life. To any 
females in the appropriate age range in Witten (where Danny lives:) He is 
single, and has an impressive set of skills. Danny's motto is borrowed 
from Robert Oppenheimer, and there's more to it than just the headline 
above: "There is no place for dogma in science. The scientist is free, and 
must be free to ask any questions, to doubt any assertion, to seek for any 
evidence, to correct any errors." 
3. Heard in the community
Web forums
Sudden strictness catching users unaware
FEATURES="strict" was enabled several weeks ago, but the number of people 
who've been confused by new error messages and outright installation 
errors hasn't declined. Maybe that's because there was no "official" 
announcement of the change? This thread has been made sticky to allow for 
quick referral of people with the same errors: 
 * Portage does more security checks? Digest verification fails[11] 

Next generationinitreplacement
Yet another community project[12] originating from the apocryphic 
sidelines of the greater Gentoo realm has attracted not only hundreds of 
replies to the original thread in the Forums, it's already carried on 
Freshmeat and getting some media coverage. Swedish forum user Jimmy 
Wennlund has devised this "replacement for the old and in many ways 
deprecated sysvinit" that just made it into the official Portage tree last 

 * Beta test New Init system, realy improved boot time.[13] 
 * Initng in Portage[14] 

Inofficial install media released
Together with a small team of contributors[15], Bob Perdaina (a forum 
regular and author of a popular howto on installing Gentoo with an 
underlying NPTL structure) has released a series of bootable CDs 
containing stage 3 tarballs made to work as if you were installing from 
stage 1. The name of the project takes some getting used to, though: 

 * Jackass! 2005.0 is Released![16] 
 * Installing Gentoo 2005.0: Stage 1 NPTL on a Stage 3 Tarball[17] 

Splitting up dev-perl (phase one of a million)
Michael Cummings[18] brings good news from the perl camp: "This weekend I 
intend to start splitting dev-perl into sub categories, starting with 
perl-core. If anyone doesn't think there are enough packages in the 
current dev-perl, resync your tree because it's been years since the last 
time you did :) perl-core will contain ebuilds for those modules that are 
also distributed with the core installs of perl (though versions and 
patches may vary from the version you have installed). Anyone wishing to 
provide input on this multi-phased migration can always post on bug 75435 

 18. mcummings@g.o
 * Splitting up dev-perl [20] 

Certified Gentoo?
An interested Gentooist who works with IBM hardware asks what can be done 
to get Gentoo IBM-certified. Other Gentooists join in with their questions 
how to get Gentoo certified for other commercial software. It seems that 
IBM will only certify distributions that have a commercial backend 
(because of Service Level Agreements etc.), but it is always good to see 
people trying to take Gentoo to the next level. 
 * Certified Gentoo? [21] 

Portage as a secondary package manager
Since Portage can do software management quite well, why not use it on 
other distros for your own customizations? A similar thought must have 
motivated this GLEP draft that wants to enhance portage to be able to 
install and manage software in arbitrary locations, and also as a 
secondary package manager when rpm just isn't good enough. 
 * Portage as a secondary package manager [22] 

4. Gentoo International
Belgium: Gentoo website brought online
Last Sunday, Gentoo developer Jochen Maes[23] has set up a server that 
hosts Gentoo's regional Belgian web presence[24]. As many of the other 
country-specific Gentoo community sites, this one also has a number of 
features besides syndicalised content from the official Gentoo website, 
including a user forum, photo gallery and other community functions. The 
site is so new that it doesn't even have a logo of its own yet, hence a 
call for contributions to a logo contest held until the end of the month. 
A special section in the forum has been set aside for this purpose, check 
the site for instructions. 

 23. sejo@g.o
Canada: Elementary school Gentoo LTSP installation
Cory Oldford is the vice-president of Prairie Linux User Group[25] and 
manager for a remarkable community project in Winnipeg. His group was 
approached some time ago[26] to switch a lab at a local private elementary 
school to Gentoo Linux. The lab consisted of about 30 workstations ranging 
from a P75 with 16MB RAM to a handful of PIII 667mhz with 128MB RAM. The 
machines were constantly plagued with issues caused by hardware failures 
and outdated operating systems and software. 

 26. 20050110-newsletter.xml#doc_chap5
It was originally thought the PIIIs wouldn't be able to handle the 
workload, and that administering several LTSP servers would be too 
cumbersome. The solution devised by the HC-Linux team [27] (as in "Holy 
Cross", the name of the school) was an openMosix-enabled LTSP, Gentoo 
Linux server. After the server's filesystem was built, however, the 
administrator at the school scraped up much more suitable server hardware, 
an AMD Sempron 2500 with 1.2GB of RAM. 

openMosix worked great for a time, says Cory, but in the class room 
environment it turned into a liability, because students would insist on 
powering off the machines. Currently openMosix is disabled, but could be 
fired up anytime simply by starting the service. The diskless clients 
don't share their own load, so they just wait for openMosix on the server 
to farm out processes anyway. 
LTSP[28] functioned as expected after a few network issues were resolved, 
but the desired desktop environment presented a challenge at first: The 
memory requirements of up to 30 instances of KDE and Konqueror caused the 
server to start swapping under load. With only one slow 40GB IDE drive, 
the performance of the server went down dramatically when 30 students were 
working in the lab. Switching to icewm and a simplified (kludged) 
ROX-Filer resolved this. The switch to a less voracious desktop 
environment also left enough RAM to precache the major applications and 
related libraries on a RAM disk for a greater performance boost. 

The HC-Linux PLUGgers get called in for minor issues from time to time, 
but the server has been running reliably for months now. Cory is grateful 
for the support he received from the community: "Thanks to Michael 
Imhof[29] and the rest of the cluster team, and to all the other Gentoo 
developers for their hard work." 

 29. tantive@g.o
Figure 4.1: Gentoo on historic hardware - Pentium 75MHz with 16MB RAM
Note: Photo courtesy of Cory Oldford
5. Gentoo in the press
Coyotegulch (2 May 2005)
Last week Scott Robert Ladd[30], the author of a tool for compiler 
analysis called Acovea[31], conducted a benchmarking test[32] to compare 
the performance of both compilation and compilate using the GNU C compiler 
(gcc) version 3.4.3, and the new 4.0 that Was released just two weeks ago. 
"No matter which compiler options I choose, someone is likely to send me 
e-mail telling me I got it all wrong," says the author of the review, 
fully aware of the pitfalls of benchmarking, and he also refrains from 
comparing gcc with Intel's or other commercial C compilers. The platforms 
he uses for the benchmark test are an AMD64 Dual Opteron and a plain x86 
Pentium 4 host -- both running Gentoo Linux, which he's unlikely to 
recompile with 4.0 right away: "Version 4.0.0 is laying a foundation for 
the future, and should be seen as a technological step forward with new 
internal architectures and the addition of Fortran 95. If you compile a 
great deal of C++, you'll want to investigate GCC 4.0," says Scott Ladd. 
If that's not the case, looks like the 3.4 series is still the way to go. 

 30. scott.ladd@×××××××××××.com
Desktoplinux (8 May 2005)
The survey results[33] of Desktoplinux' annual reader poll show a 
remarkable decline in the number of respondents, an inexplicable 
disappearance of about two thirds of the Debian user community, and a 
comfortable growth of Gentoo to about twice the market share of 2003, up 
at 10 percent of all desktop Linux installations chez Desktoplinux 
readers. There is, however, room for belief that there may be a fairly 
large portion of market reality not covered by this particular research.

6. Moves, adds, and changes
The following developers recently left the Gentoo team: 
 * None this week  
The following developers recently joined the Gentoo Linux team: 
 * Duncan Coutts (dcoutts) - Haskell  
The following developers recently changed roles within the Gentoo Linux 
 * Tobias Scherbaum (dertobi123) - joined the PPC team  
 * Bryan Ostergaard (kloeri) - new Alpha architecture co-lead  
7. Gentoo security
Sylpheed, Sylpheed-claws: Buffer overflow on message display
Sylpheed and Sylpheed-claws contain a vulnerability that can be triggered 
when displaying messages with specially crafted attachments. 
For more information, please see the GLSA Announcement[34] 

Dnsmasq: Poisoning and Denial of Service vulnerabilities
Dnsmasq is vulnerable to DNS cache poisoning attacks and a potential 
Denial of Service from the local network. 
For more information, please see the GLSA Announcement[35] 

mit-krb5: Multiple buffer overflows in telnet client
The mit-krb5 telnet client is vulnerable to two buffer overflows, which 
could allow a malicious telnet server operator to execute arbitrary code. 
For more information, please see the GLSA Announcement[36] 

Gaim: Denial of Service issues
Gaim contains multiple vulnerabilities that can lead to a Denial of 
For more information, please see the GLSA Announcement[37] 

sharutils: Insecure temporary file creation
The unshar utility is vulnerable to symlink attacks, potentially allowing 
a local user to overwrite arbitrary files. 
For more information, please see the GLSA Announcement[38] 

8. Bugzilla
 * Statistics 
 * Closed bug ranking 
 * New bug rankings 
The Gentoo community uses Bugzilla ([39]) to record and 
track bugs, notifications, suggestions and other interactions with the 
development team. Between 01 May 2005 and 08 May 2005, activity on the 
site has resulted in: 

 * 833 new bugs during this period 
 * 433 bugs closed or resolved during this period 
 * 27 previously closed bugs were reopened this period 
Of the 8576 currently open bugs: 95 are labeled 'blocker', 219 are labeled 
'critical', and 629 are labeled 'major'. 
Closed bug rankings
The developers and teams who have closed the most bugs during this period 
 * Gentoo Games[40], with 25 closed bugs[41]  
 * AMD64 Porting Team[42], with 25 closed bugs[43]  
 * media-video herd[44], with 21 closed bugs[45]  
 * Gentoo's Team for Core System packages[46], with 19 closed bugs[47]  
 * PHP Bugs[48], with 17 closed bugs[49]  
 * Jeremy Huddleston[50], with 14 closed bugs[51]  
 * Gentoo Sound Team[52], with 13 closed bugs[53]  
 * Xavier Neys[54], with 13 closed bugs[55]  
 40. games@g.o
 42. amd64@g.o
 44. media-video@g.o
 46. base-system@g.o
 48. php-bugs@g.o
 50. eradicator@g.o
 52. sound@g.o
 54. neysx@g.o

New bug rankings
The developers and teams who have been assigned the most new bugs during 
this period are: 
 * Gentoo Linux Gnome Desktop Team[56], with 31 new bugs[57]  
 * Gentoo KDE team[58], with 16 new bugs[59]  
 * Gentoo Sound Team[60], with 15 new bugs[61]  
 * AMD64 Porting Team[62], with 10 new bugs[63]  
 * Gentoo Science Related Packages[64], with 9 new bugs[65]  
 * Gentoo Release Team[66], with 9 new bugs[67]  
 * Python Gentoo Team[68], with 8 new bugs[69]  
 * Netmon Herd[70], with 8 new bugs[71]  
 56. gnome@g.o
 58. kde@g.o
 60. sound@g.o
 62. amd64@g.o
 64. sci@g.o
 66. release@g.o
 68. python@g.o
 70. netmon@g.o

9. GWN feedback
Please send us your feedback[72] and help make the GWN better.

 72. gwn-feedback@g.o
10. GWN subscription information
To subscribe to the Gentoo Weekly Newsletter, send a blank email to 
To unsubscribe to the Gentoo Weekly Newsletter, send a blank email to 
gentoo-gwn-unsubscribe@g.o from the email address you are 
subscribed under. 
11. Other languages
The Gentoo Weekly Newsletter is also available in the following languages:
 * Danish[73]  
 * Dutch[74]  
 * English[75]  
 * German[76]  
 * French[77]  
 * Japanese[78]  
 * Italian[79]  
 * Polish[80]  
 * Portuguese (Brazil)[81]  
 * Portuguese (Portugal)[82]  
 * Russian[83]  
 * Spanish[84]  
 * Turkish[85]  

Ulrich Plate <plate@g.o> - Editor
Patrick Lauer <patrick@g.o> - Author
Cory Oldford <> - Author

gentoo-gwn@g.o mailing list