LWN featured content
[$] A kernel change breaks GlusterFS
[Kernel] Posted Mar 27, 2013 20:33 UTC (Wed) by mkerrisk
Linus Torvalds has railed frequently and loudly against kernel
developers breaking user space. But that rule is not ironclad; there
are exceptions. The story of how a kernel change caused a GlusterFS
breakage shows that there are sometimes unfortunate twists to those
exceptions.
Full Story (comments: 26)
[$] PyCon: Evangelizing Python
[Front] Posted Mar 27, 2013 16:50 UTC (Wed) by jake
Python core developer Raymond Hettinger's PyCon 2013 keynote had elements of a revival meeting
sermon, but it was also meant to spread the "religion" well beyond those
inside the meeting tent. Hettinger specifically tasked attendees to use
his "What makes Python awesome?" talk as a sales tool with
management and other Python
skeptics. Subscribers can get the full coverage of the talk from this
week's edition at the link below.
Full Story (comments: 49)
[$] Multipath TCP: an overview
[Kernel] Posted Mar 26, 2013 22:36 UTC (Tue) by corbet
The world was a simpler place when the TCP/IP network protocol suite was
first designed. The net was slow and primitive and it was often a triumph
to get a connection to a far-away host at all. The machines at either end
of a TCP session normally did not have to concern themselves with how that
connection was made; such details were left to routers. As a result, TCP
is built around the notion of a (single) connection between two hosts. The
Multipath TCP (MPTCP) project looks
to change that view of networking by adding support for multiple transport
paths to the endpoints; it offers a lot of benefits, but designing a
deployable protocol for today's Internet is surprisingly hard.
Full Story (comments: 62)
Anatomy of a user namespaces vulnerability
[Kernel] Posted Mar 20, 2013 21:10 UTC (Wed) by mkerrisk
An exploit posted on March 13
revealed a rather easily exploitable security vulnerability (CVE 2013-1858)
in the implementation of user namespaces. That exploit enables an
unprivileged user to escalate to full root privileges. Although a fix was
quickly provided, it is nevertheless instructive to look in some detail at
the vulnerability, both to better understand the nature of this kind of
exploit and also to briefly consider how this vulnerability came to appear
inside the user namespaces implementation.
Full Story (comments: 28)
When does the FSF own your code?
[Front] Posted Mar 19, 2013 15:12 UTC (Tue) by corbet
Many pixels have been expended in the discussion of contributor agreements
that transfer copyright from developers to a company or
foundation. But, for developers in many projects, the discussion is moot,
in that the requirement for an agreement exists and the papers must be
signed before
contributions to the project can be made. But, even then, there are some
interesting details that merit attention. A recent discussion regarding
one developer's contributions to the Emacs Org mode project shows how
expansive and poorly understood such agreements can be in some cases.
Full Story (comments: 48)
The trouble with CAP_SYS_RAWIO
[Kernel] Posted Mar 13, 2013 14:34 UTC (Wed) by mkerrisk
A February linux-kernel mailing list discussion of a patch that extends
the use of the CAP_COMPROMISE_KERNEL capability soon evolved into
a discussion of the specific uses (or abuses) of the CAP_SYS_RAWIO
capability within the kernel. However, in reality, the discussion once
again exposes some general difficulties in the Linux capabilities
implementation—difficulties that seem to have no easy solution.
Full Story (comments: 38)
LC-Asia: An Android upstreaming update
[Kernel] Posted Mar 12, 2013 15:10 UTC (Tue) by corbet
Many people have talked about the Android kernel code and its relation
to the mainline. One of the people who has done the most to help bring
Android and the mainline closer together is John Stultz; at the 2013 Linaro
Connect Asia event, he
talked about the status of the Android code. The picture that emerged
shows that a lot of progress has been made, but there is still a lot of
work yet to be done.
Click below (subscribers only) for the full report.
Full Story (comments: 17)
Ubuntu unveils its next-generation shell and display server
[Distributions] Posted Mar 6, 2013 22:09 UTC (Wed) by n8willis
Ubuntu publicly announced its plan for the future of its Unity
graphical shell on March 4, a plan that includes a new compositing
window manager designed to run on the distribution's device platforms
as well as on desktop systems. The plan will reimplement the Unity
shell in Qt and replace Compiz with a new display stack called Mir that
will incorporate a compositor, input manager, and several other
pieces. Mir is not designed to use the Wayland display protocol
(although the Ubuntu specification suggests it could be added later),
a decision that raised the ire of developers in several other
projects.
Full Story (comments: 46)
Namespaces in operation, part 6: more on user namespaces
[Kernel] Posted Mar 6, 2013 17:32 UTC (Wed) by mkerrisk
In this article, we continue last week's
discussion of user namespaces. In particular, we look in more detail
at the interaction of user namespaces and capabilities as well as the
combination of user namespaces with other types of namespaces.
Full Story (comments: 23)
The conclusion of the 3.9 merge window
[Kernel] Posted Mar 5, 2013 16:37 UTC (Tue) by corbet
By the time that Linus released the 3.9-rc1
kernel prepatch and closed the merge window for this cycle, he had pulled a
total of 10,265 non-merge changesets into the mainline repository. That is
just over 2,000 changes since last week's
summary. Subscribers can click below for a look at the last merges for 3.9.
Full Story (comments: 42)
| |
Current news
McIntyre: Scanning for assembly code in Free Software packages
[Development] Posted Apr 2, 2013 3:04 UTC (Tue) by jake
On his blog, Steve McIntyre writes about work he has been doing to identify assembly code in Linux packages:
In the Linaro Enterprise Group, my task for the last several weeks was to work through a huge number of packages looking for assembly code. Why? So that we could identify code that would need porting to work well on AArch64, the new 64-bit execution state coming to the ARM world Real Soon Now.
Working with some Ubuntu and Fedora developers, we generated a list of packages included in each distribution that seemed to contain assembly code of some sort. Then I worked through that list, checking to see:
- if there was actually any assembly there;
- if so, what it was for, and
- whether it was actually used
That work resulted in a report with his findings.
Comments (none posted)
Subsurface mourns Jan Schubert
[Announcements] Posted Apr 1, 2013 21:29 UTC (Mon) by corbet
The Subsurface project mourns the
loss of Jan Schubert. "It is with great sadness that we say a
final 'Tschüss' to one of our most active and engaging developers. Without
Jan, Subsurface would not support the needs of technical divers the way it
does today."
Comments (none posted)
Security advisories for Monday
[Security] Posted Apr 1, 2013 16:46 UTC (Mon) by ris
Debian has updated bind9 (denial of
service).
Fedora has updated rubygem-actionpack (F18; F17:
multiple vulnerabilities), gajim (F18; F17: man-in-the-middle attack),
drupal7-views (F18; F17: cross-site scripting),
rubygem-activesupport (F18; F17: XML parsing vulnerability), mantis
(F18; F17:
multiple vulnerabilities), httpd (F18:
cross-site scripting), rubygem-activerecord
(F18: denial of service), glibc (F18:
denial of service), sssd (F18: privilege
violation), kernel (F17: multiple
vulnerabilities), puppet (F17: multiple
vulnerabilities).
openSUSE has updated privoxy (11.4:
proxy spoofing).
Comments (none posted)
A look at C++14: Papers Part 2
[Development] Posted Apr 1, 2013 15:07 UTC (Mon) by corbet
Here's the
second part in the C++14 papers series on the "Meeting C++" site.
"A proposal for Executors, objects that can execute units of work
packaged as function objects. So this is another possible approach to task
based parallelism, where the executor object is used as a reusable thread,
that can handled a queue of tasks. One possible implementation of an
executor is a thread-pool, but other implementations are possible."
Comments (2 posted)
Kernel prepatch 3.9-rc5
[Kernel] Posted Apr 1, 2013 5:45 UTC (Mon) by mkerrisk
The 3.9-rc5 kernel prepatch is out. Linus
says: "Nothing really peculiar stands out. Exynos DRM updates, IBM RamSan
driver updates are a bit larger, l2tp update... The rest is pretty
much small patches spread out all over. Mostly drivers (block, net,
media, tty, usb), networking, and some filesystem updates (btrfs,
nfs). Some arch updates (x86, arc).
Things seem to be calming down a bit, and everything seems largely on
track for a 3.9 release in a few weeks."
Comments (none posted)
Yorba crowdfunding Geary development
[Development] Posted Mar 29, 2013 17:24 UTC (Fri) by n8willis
Back in August 2012, Yorba
Foundation founder Adam Dingle spoke at GUADEC about the complexities of
crowdfunding development for open source applications. This week, the
group officially launched
a campaign at IndieGoGo to underwrite development of its open source
email client Geary. The target is US $100,000, which, as executive
director Jim Nelson explains,
is a number chosen to support three full-time developers for the next
release cycle. "I
doubt there’s a widely-used desktop application out there developed
for less than US$100,000 — it’s just that the price tag might be
hidden from its users." The campaign runs for one month; among
the many factors Dingle spoke of that differentiate between funding
sites, IndieGoGo only distributes funds if the target is met.
Comments (17 posted)
Friday's security updates
[Security] Posted Mar 29, 2013 14:42 UTC (Fri) by n8willis
CentOS has updated bind (C6; denial of service) and
bind97 (C5; denial of service).
Debian has updated rails
(multiple vulnerabilities).
openSUSE has updated clamav
(security hardening fixes).
Oracle has updated bind (OL6; denial
of service) and bind97 (OL5; denial of service).
Red Hat has updated bind
(denial of service) and bind97 (denial
of service).
Scientific Linux has updated bind (denial of service) and
bind97 (denial of service).
Slackware has updated libssh
(denial of service).
Ubuntu has updated bind (denial of service).
Comments (1 posted)
PostgreSQL security update coming April 4
[Security] Posted Mar 29, 2013 14:12 UTC (Fri) by corbet
The PostgreSQL project has announced an update coming on April 4.
"This release will include a fix for a high-exposure security
vulnerability. All users are strongly urged to apply the update as soon as
it is available." Pre-announcement of security updates is quite
rare, as is the associated shutdown of
repository updates and distribution of commit messages, so one assumes that
it would be a good idea to be ready to apply this update when it arrives.
Full Story (comments: 1)
ZFS on Linux 0.6.1
[Kernel] Posted Mar 29, 2013 13:51 UTC (Fri) by corbet
On behalf of the ZFS-on-Linux project, Brian Behlendorf has announced
the availability of version 0.6.1 of this Solaris-derived filesystem.
"Over two years of use by real users has convinced us ZoL is ready
for wide scale deployment on everything from desktops to super
computers." The project's home
page offers binary modules for a wide variety of distributions. (See
the FAQ for the project's take
on licensing issues.)
Comments (10 posted)
What is Open Source Cloud? (Linux.com)
[Development] Posted Mar 28, 2013 22:04 UTC (Thu) by jake
Over at Linux.com, Joe "Zonker" Brockmeier, community evangelist for CloudStack at Citrix, tries to disambiguate the term "cloud". He describes the attributes of clouds, using the US National Institute of Standards and Technology (NIST) definition of cloud computing, looks at the various "X as a service" offerings, how it all works, and why it's important to have open clouds. "Having an open cloud matters because we need to be able to continue the work that GNU and Linux folks have been doing for more than twenty years, at scale. It matters because we need the cloud to be bigger than Amazon or proprietary companies – and because users and organizations should have as much control over their computing destiny at scale as they have had on individual servers."
Comments (3 posted)
--> More news items
|