08 27 2004

Linux talk on NPR

04 12 2004

Xandros Desktop 2.0 writeup now posted

01 01 2004

Happy New Year!

12 18 2003

Kernel 2.6.0 in the wild...

12 02 2003

The anatomy of a Debian Attack...

11 04 2003

Interest in the Linux Book revised?

10 03 2003

ICANN Smackdown

Don Marti (http://zgp.org/~dmarti/) of multiple venues of fame, including Burn All Gifs (http://burnallgifs.org/archives/) and for the last couple of years, editor in chief of LJ, has decided to move on. I'm sad to see him go, but I'd been disturbed by his ability to stand apart from the fiasco that SSC built when they remade Linux Gazette into a CMS. Fortunately, Linux Gazette lives on in proper Gazette format at LG.net (http://linuxgazette.net/). I'll be interested to see if Don has anything to say on the issue, once his separation from SSC is complete.

Comment on this... (0 comments.)

------------------------------------------------------------------------
The Debian Project http://www.debian.org/
Debian GNU/Linux 3.1 released press@debian.org
June 6th, 2005 http://www.debian.org/News/2005/20050606
------------------------------------------------------------------------

Debian GNU/Linux 3.1 released

The Debian Project is pleased to announce the official release of Debian
GNU/Linux version 3.1 codenamed ``sarge'' after nearly three years of
constant development. Debian GNU/Linux is a free operating system which
supports a total of eleven processor architectures, includes KDE, GNOME
and GNUstep desktop environments, features cryptographic software, is
compatible with the FHS v2.3, and supports software developed for the LSB.

With the development of the new debian-installer, this release features
a new, modular and sophisticated installation routine with integrated
hardware detection and unattended installation capabilities. The
installation is available in about thirty languages and includes
configuration of the X server for many graphic cards.

The task selection system has been revamped and made more flexible. The
debconf tool has been integrated into most packages that need to be
configured and makes this easier and more user friendly. Debian
GNU/Linux can be installed from various installation media such as DVDs,
CDs, USB sticks, a few floppies, or from the network. It can be
downloaded now, and will soon be available on DVD and CD-ROM from
numerous vendors <http://www.debian.org/CD/vendors/>.

Debian GNU/Linux runs on computers ranging from palmtops and handheld
systems to supercomputers, and on nearly everything in between. A total
of eleven architectures are supported, including Motorola 68k (m68k), Sun
SPARC (sparc), HP Alpha (alpha), Motorola/IBM PowerPC (powerpc), Intel
IA-32 (i386) and IA-64 (ia64), HP PA-RISC (hppa), MIPS (mips, mipsel),
ARM (arm) and IBM S/390 (s390).

This release includes a number of up-to-date large software packages,
such as the K Desktop Environment 3.3 (KDE), the GNOME desktop
environment 2.8, the GNUstep desktop, XFree86 4.3.0, GIMP 2.2.6,
Mozilla 1.7.8, Galeon 1.3.20, Mozilla Thunderbird 1.0.2, Firefox 1.0.4,
PostgreSQL 7.4.7, MySQL 4.0.24 and 4.1.11a, GNU Compiler Collection 3.3.5
(GCC), Linux kernel versions 2.4.27 and 2.6.8, Apache 1.3.33 and 2.0.54,
Samba 3.0.14, Python 2.3.5 and 2.4.1, Perl 5.8.4 and much more.

This is the first Debian release that includes OpenOffice.org (1.1.3).
It also features cryptographic software integrated in the main
distribution. OpenSSH and GNU Privacy Guard are included in the default
installation, and strong encryption is present in web browsers, web
servers, databases, and many other applications available in this
release.

Debian GNU/Linux 3.1 includes the efforts of the Debian-Edu/Skolelinux,
Debian-Med and Debian-Accessibility sub-projects which boosted the number
of educational packages and those with a medical affiliation as well as
packages designed especially for people with disabilities.

Upgrades to Debian GNU/Linux 3.1 from the previous release Debian
GNU/Linux 3.0 codenamed ``woody'' are automatically handled by the
aptitude package management tool, and to a certain degree also by the
apt-get package management tool. As always, Debian GNU/Linux systems can
be upgraded painlessly, in place, without any forced downtime. For
detailed instructions about installing and upgrading Debian GNU/Linux,
please see the release notes
<http://www.debian.org/releases/sarge/releasenotes>.

About Debian
------------

Debian GNU/Linux is a free operating system, developed by more than
thousand volunteers from all over the world who collaborate via the
Internet. Debian's dedication to Free Software, its non-profit nature,
and its open development model make it unique among GNU/Linux
distributions.

The Debian project's key strengths are its volunteer base, its dedication
to the Debian Social Contract, and its commitment to provide the best
operating system possible. Debian 3.1 is another important step in that
direction.

Contact Information
-------------------

For further information, please visit the Debian web pages at
<http://www.debian.org/> or send mail to <press@debian.org>.</p>

Comment on this... (0 comments.)

Linux Inc., a Business Week cover story for January 31, 2005.

"Linus Torvalds once led a ragtag band of software geeks. Not anymore. Here’s an inside look at how the unusual Linux business model increasingly threatens Microsoft."

Comment on this... (0 comments.)

There's a local user vulnerability in the Linux kernel, 2.4.x and 2.6.x trees both. Marcello Tosatti, 2.4 tree maintainer has released 2.4.29-rc1, which contains a patch for the issue. A set of patches for the 2.6 tree appears to be forthcoming soon. Keep an eye on the kernel updates for your distro, or the progress on the next version of the kernel.org 2.6 tree if you roll your own, with intent to upgrade soon.

Please note that my reading shows that this is a local-user root-privilege exploit as has been frantically posted elsewhere. [I am trying to personally test this now, but can't get the exploit code to compile...] Had it come to light at the same time that the PHP Santi worm was doing it's worst, boxen could have been defaced *and* owned.

The "responsible citizen" who sent the exploit and notification out says he sent first privately to Linus on December 15, then some group called PaX sent again to Linus and Andrew Morton on January 2. They then released they exploit publically 5 days later, saying that enough time had passed for a reply and/or a patch, neither had happened, so he went public.

I might have done things a little differently, perhaps by including Alan Cox, Marcello, and a couple of other key lieutenants in the initial warning, in hopes of better getting past Linus' well-known throw-them-all-away mailbox overload solution.

Next, I might have posted to LKML that I had done so, and described in general terms the possible effects of a public exploit of the vulnerability that I had described privately to those individuals. Then I could count on LKML followers and groupies to keep the heat on from there. But what is, is, and we can only move forward from here.

Opinions, errors of omission and fact are mine and mine alone. Wooo-Hooo!

Comment on this... (2 comments.)

Teaming up to make a "standard" Linux distribution that ISV's can develop against is Conectiva, Mandrakesoft, Progeny and Turbolinux. Hey, wait a minute... weren't the first and last of those in that United Linux thing, along with SuSE (now Novell) and SCO (nee Caldera, now reviled). Wasn't United Linux supposed to do the same thing that now LCC is shooting for? Only this time, they don't have SuSE and YaST to build the distro around.

http://www.mandrakesoft.com/lcc/

Comment on this... (0 comments.)

New php versions in both the 4.x and 5.x series are now available from http://www.php.net/ and mirrors. Get it, build it and install it today. Fixes several security bugs. Learn more here:

http://www.php.net/release_4_3_10.php

Comment on this... (3 comments.)

[The following was in response to a post elsewhere that said it couldn't be done]

Subject: Regarding Xandros 3 and VMware...

The presales tech support people at Xandros were wrong. The
following works for me on x86 hardware (explicitly my Sony laptop),
other architectures ??? Well, not supported by Xandros, are they?

:

apt-get install xandros-kernel-source-2.6.9 apt-get install 'g++' cd /usr/src tar jxvf xandros-kernel-source-2.6.9.tar.bz2 ln -s xandros-kernel-source-2.6.9 linux cd linux cp /boot/config-2.6.9-x1 .config vi Makefile     # make the EXTRAVERSION line look       # like this, matching the uname -a       # kernel name       #   EXTRAVERSION = -x1 cd include ln -s asm-i386 asm cd /usr/src/linux make oldconfig make      # this takes a long time.

Then, get vmware and install it, I've got

VMware-workstation-4.5.2-8848.tar.gz

The install likely fails during the vmware-config.pl step. Okay, no
problemo, vmware-any-any patch to the rescue. I use v.84, later
may be available or moot on later reading:

:

cd /tmp wget http://ftp.cvut.cz/vmware/vmware-any-any-update84.tar.gz tar zxvf vmware-any-any-update84.tar.gz cd vmware-any-any-update84 ./runme.pl

This patches various bits, then fires off vmware-config.pl again.
All the selections I made work. I can't speak to the samba bits,
as I never ever do those.

Does this work? I've just installed OpenBSD as a GuestOS on
VMware 4.5.2 running on a Xandros 3 host. I guess that counts
as a win. I thought you'd like to know, as yours was one of three
google hits that talked about Xandros 3 and VMware in the same
breath. And your take wasn't heartening. Fortunately, the Xandros
people had it wrong.

There's something I enjoy about installing an unsupported guestOS
in VMware running on a hostOS that VMware doesn't support, and
whose tech people say can't run VMware. I must have a
contentious bone somewhere in my body.[/i]

Comment on this... (0 comments.)

http://linuxgazette.net/108/index.html

This month featuring a number of excellent articles, and one by me, too. In other good reading, the Linux Journal site offers up an article about Stanislaus County's Linux adoption progress:

http://www.linuxjournal.com/node/7877

Comment on this... (0 comments.)

The Star Wars Trilogy on DVD appears to have RCE (Region Coding Enhanced) “features” on the disks. What this means is a number of things. First off, it won’t play on region-unlocked or auto-region players. Second, and more importantly from my perspective, I can’t play it with Xine under Linux. So if you want to watch the Star Wars Trilogy on your Linux box, don’t waste your money supporting the creator of Jar Jar Binks in his complicity with the movie industry’s war on their customers. I’m not telling you to wait for the BitTorrent downloads. Oh, no, that would be illegal. You’ll have to tell yourself something like that. And do keep an eye out for discs marked RCE - don’t support this practice.

Oh, and thank your congresscritter for using his precious votes to support laws that keep people from using their rightfully owned products.

WHY DO I BUY MOVIES THAT I AM NOT ALLOWED TO WATCH???

BAAAAAAAAAAAAAAAASTARDS!!!

Comment on this... (2 comments.)

Y'all know I'm a fan of Gentoo Linux. As I surfed past the home page today, I noticed that Gentoo has released a revision of the minimal installation x86 ISO, hopefully resolving problems some people have had with installing Gentoo due to some BIOS/ISO interaction problems. So if you've given Gentoo a shot in the last little while, and had a problem with the installation disk, even when the MD5SUM checks out, then you may want to go get this image. Please note the path through the experimental tree there, and that there are many mirrors for Gentoo Linux. Pair is just one of the many wonderful commercial enterprises who provide mirroring support for a wide variety of open source projects including full Linux distributions.

Comment on this... (4 comments.)