Fedora 10 – Released !!!
Fedoa 10 Feature list – > http://fedoraproject.org/wiki/Releases/10/FeatureList
Archive for the ‘Linux’ Category
Linux kernel developer’s guide published
August 19, 2008The Linux Foundation has released a guide for developers who wish to contribute Linux code.
A guide to the kernel development process aims to encourage participation by new programmers by explaining what’s involved. Some developers and businesses attempting to submit changes to the Linux kernel find themselves tangled up with the processes used, according to the guide, which was written by Jonathan Corbet, executive editor of lwn.net and himself a Linux developer.
“A developer who does not understand the kernel community’s ways (or, worse, who tries to flout or circumvent them) will have a frustrating experience in store,” Corbet warned.
One major stumbling block is coders not taking into account the development lifecycle. According to the guide, patches deemed stable are “merged” into the mainline kernel at the beginning of the lifecycle, every two to three months.
The “merge window” lasts for two weeks, and is then closed. After that time, project lead Linus Torvalds issues a release candidate kernel, which is then stabilised. Developers who try to merge new features outside the merge window “tend to get an unfriendly reception”, wrote Corbet, as usually only release-candidate fixes are accepted.
Dissatisfaction also arises from confusion over how patches are reviewed before being merged, according to the guide.
“Much developer frustration comes from a lack of understanding of this process or from attempts to circumvent it,” wrote Corbet, who added that patches go through a series of reviews before and after they are accepted into the kernel.
At the moment, there are more than 1,000 developers at more than 100 companies making contributions to the kernel, according to the Linux Foundation. The not-for-profit organisation said the 30-page guide is central to its efforts to expand this community.
Mark Taylor, president of the Open Source Consortium, said that while it isn’t that difficult to contribute to open-source projects, to avoid disappointment there are processes that must be adhered to.
“The bigger and more important the project, the more likely it is to have a number of levels,” Taylor told ZDnet.co.uk on Friday. “Enterprise-class projects, including the Linux kernel, have more processes, but that shows how seriously they take the project. It’s less difficult to get code into a project if you understand the rules.”
Taylor added that it was “a misconception that open-source projects are total anarchy”, and that enterprise-class projects, including Linux, often have a “beneficent dictator”.
“It’s not chaos – they have rules,” said Taylor. “They have a beneficent dictator. Linus in the Linux kernel has lieutenants around him, [as does] Jeremy Allison at Samba.”
Guide: http://ldn.linuxfoundation.org/how-participate-linux-community
Torvalds: No picnic to become major Linux coder
August 19, 2008Linux project lead Linus Torvalds has said it is not easy to become a major contributor to the Linux kernel.
In an email interview with ZDNet.co.uk on Friday, Torvalds said that, while it is relatively easy for coders and organisations to contribute small patches, the contribution of large patches, developed in isolation, could lead to both new and established contributors becoming frustrated.
“It’s definitely not easy to become a ‘big contributor’,” wrote Torvalds. “For one thing, the kernel is quite complex and big, and it inevitably simply takes time to learn all the rules — not just for the code, but for how the whole development environment works. Similarly, for a new developer, it will take time before people start recognising the name and start trusting the developer to do the right things.”
However, Torvalds argued that Linux kernel processes do make it easy to contribute small patches.
“[We] make it fairly easy for people to ease into kernel development,” wrote Torvalds. “It seems to be working too. We literally have thousands of people with patches attributed to them in each release.”
Torvalds wrote that nobody should expect to start sending “big and complex” patches early, as it takes time for new contributors and established coders to learn how to interact effectively.
“The worst thing anybody can do is to study the kernel alone and try to learn things in private, and then, however many months later, present all the established kernel developers with a big patch that just comes out of the blue,” wrote Torvalds. “That’s just going to be frustrating for everybody.”
Torvalds advised new contributors to “start small” by sending “trivial patches”.
“It may not sound exciting but, quite frankly, I don’t think anybody who starts out believing that they want to rewrite some big piece of the kernel should even bother. Reality isn’t that simple.”
Torvalds admitted that frustrated developers may become alienated by the Linux development process, which he said could be improved.
“I don’t think a ‘perfect’ process exists,” wrote Torvalds. “Of course, some people will be alienated, and there’s no doubt that the process could probably be improved.”
The developer warned that Linux kernel development was “not a ‘warm and fuzzy’ environment where people sing Kumbaya around the fireplace” and that some “very opinionated people” were involved.
“The kernel is about pretty harsh technical issues, and mistakes are really frowned upon,” wrote Torvalds. “In an OS kernel, there are simply more security and stability requirements, and the bar is really higher in some respects. That will inevitably also reflect in the response to patches.”
Nonetheless, Torvalds said the patching process in Linux was more about human interaction than a quantifiable set of steps, such as those listed in official international standards processes.
Although thousands of developers are involved in Linux kernel coding, Torvalds argued that the development process was still efficient. “I think that one of the things we’ve been very good at is to scale up with a good network of maintainers, so that most people involved actually don’t work closely with more than a handful of people,” he wrote.
Mark Taylor, president of the Open Source Consortium, told ZDNet.co.uk on Friday that, in general, enterprise-class open-source projects are designed to scale appropriately.
“The whole process scales very well,” said Taylor. “Normally the people you find at the core [of open-source projects] are professional software engineers; these guys know how to run software projects.”
Torvalds’ and Taylor’s comments follow the publication of a guide to Linux kernel development by the Linux Foundation, which aims to prevent developers becoming frustrated with the process. The guide was made available on Wednesday.
Guide: http://ldn.linuxfoundation.org/how-participate-linux-community
Drive-By Contributors to the Linux Kernel
June 6, 2008There’s an interesting post over at the Kernel Trap that focuses on a man’s attempt to find out how many one-time contributors Linux averages per release. Although imperfect due to some obvious unavoidable flaws, he got a few dirty numbers of ‘never seen from agains’ in the commits from patches 2.6.11 through 2.6.25 and the numbers are: {63, 148, 128, 92, 96, 122, 137, 140, 135, 95, 136, 153, 179, 179, 304}. This makes sense as another reader, Greg KH, pointed out that the distribution curve is tilted towards one-hit contributions, ‘the distribution of all of our users are: 50% only contributed 1 patch; 25% contributed 2; 12% contributed 3; 6% contributed 4 and so on …’
I took those cleaned up log files (which run from 2.6.11 to 2.6.22) and
created some new ones (raw, I didn’t try to clean them) for 2.6.23, 2.6.24,
2.6.25 and 2.6.26-sofar. Then I skimmed through looking for drive-by
contributors (defined as someone who contributes to just one release and
is then never heard from again).
The summary looks like this:
63 in version 2.6.11 never seen again
148 in version 2.6.12 never seen again
128 in version 2.6.13 never seen again
92 in version 2.6.14 never seen again
96 in version 2.6.15 never seen again
122 in version 2.6.16 never seen again
137 in version 2.6.17 never seen again
140 in version 2.6.18 never seen again
135 in version 2.6.19 never seen again
95 in version 2.6.20 never seen again
136 in version 2.6.21 never seen again
153 in version 2.6.22 never seen again
179 in version 2.6.23 never seen again
179 in version 2.6.24 never seen again
304 in version 2.6.25 never seen again
These numbers are somewhat exaggerated by typos (the “cleaned up” files
still have some problems in the “Author:” entry (which is the only one
I looked at). People add or drop middle initials, or sometimes switch
between “Firstname Lastname” and “Lastname, Firstname”, and there are
plenty of obviously garbled entries.
The numbers for the more recent releases may also include
people who are still in the community, but just don’t contribute to
every release.
My script didn’t look for people that contributed for two or more
releases and then disappeared.
You can skim through the full list at the bottom of this message
and make your own guesses at how much of this data is garbage.
Even if 3/4 of the names here can be discounted, that still leaves
over 500 people who came to us at one point with a patch that was
good enough to be applied and then they left.
-Tony
Fedora 9 – Release Notes
May 14, 2008Fedora Release Notes
Version 9.0.0 (2008-04-16)
Copyright © 2007, 2008 Red Hat, Inc. and others
- 1. Welcome to Fedora
- 2. Release Highlights
- 3. Legal Notice
- 4. Feedback
- 5. Installation Notes
- 6. Architecture Specific Notes
- 7. Fedora Live Images
- 8. Package Notes
- 9. Linux Kernel
- 10. Fedora Desktop
- 11. File Systems
- 12. Web Servers
- 13. Mail Servers
- 14. Development
- 15. Security
- 16. Java
- 17. System Services
- 18. Multimedia
- 19. Games and Entertainment
- 20. Virtualization
- 21. X Window System (Graphics)
- 22. Database Servers
- 23. Internationalization (i18n)
- 24. Backwards Compatibility
- 25. Package Changes
- 26. Fedora Project
- 27. Colophon
1. Welcome to Fedora
The Fedora Project is a Red Hat sponsored and community supported open source project. Its goal is the rapid progress of free and open source software and content. The Fedora Project makes use of public forums, open processes, rapid innovation, meritocracy, and transparency in pursuit of the best operating system and platform that free and open source software can provide.
| Latest Release Notes on the Web | |
|---|---|
| These release notes may be updated. To view the latest release notes for Fedora, visit:http://docs.fedoraproject.org/release-notes/ |
| Older Release Notes on the Web | |
|---|---|
| If you are migrating from a release of Fedora older than the immediately previous one, you should refer to older Release Notes for additional information. You can find older Release Notes at http://docs.fedoraproject.org/release-notes/. |
You can help the Fedora Project community continue to improve Fedora if you file bug reports and enhancement requests. Refer to http://fedoraproject.org/wiki/BugsAndFeatureRequests for more information about bugs. Thank you for your participation.
To find out more general information about Fedora, refer to the following Web pages:
- Fedora Overviewhttp://fedoraproject.org/wiki/Overview
- Fedora FAQhttp://fedoraproject.org/wiki/FAQ
- Help and Discussionshttp://fedoraproject.org/wiki/Communicate
- Participate in the Fedora Projecthttp://fedoraproject.org/wiki/Join
| Document Links | |
|---|---|
| Many links may not work properly from within the installation environment, due to resource constraints. The release notes are also available post-installation as part of the desktop Web browser’s default home page. If you are connected to the internet, use these links to find other helpful information about Fedora and the community that creates and supports it. |
Best Computing Solutions: The Future of Linux – Part II
May 13, 2008Some People Prefer to Buy Cheap. Take most people in the market for a new computer. Put them in places like Costco or Best Buy – what do you think they will end up with? A new Ubuntu box from Dell? Nope. A Mac? Not even close. In reality, it will likely be something from HP, and it will be clearly designed for the Vista release of Windows.
This is where the Windows fans begin preaching about how no one can ever touch Microsoft’s market share. And as things sit now, they are right – just not for the reasons they preach. Microsoft has its market share for a few of the following reasons:
- They practically own the consumer market. Bundle this with blind allegiance from hardware manufacturers, and of course, the government and enterprise markets, you have a full on monopoly, pure and simple.
- Microsoft also has a lot of strength from a software industry that is drunk with Windows dependence.
- Trucks of revenue for everyone. From the PC repair guys to those that create software and even the hardware manufacturers. Stick with Microsoft, everyone wins…except the end user.
Now let’s walk into the local big box store with the mindset of the typical consumer. Alright, the user automatically is indicated with Vista logos everywhere reminding them that Windows is their overlord. This tends to reinforce that good old Windows “blind sight,” as I like to call it.
At the time of computer shopping for this user, it happened to be during a holiday sale. So this means that they see a nice Compaq desktop starting at a whopping $379. Other options also include deals where printers and other accessories are included.
People love the idea of little extras with their low-end PCs, and the fact that most of the offerings showing up as sold out are $500 and under, it is a good deal overall.
Apple. Windows zealots better be paying attention, the market share is not as strong as it once was. With the big box stores now stocking Apple’s Mac line of computers, Windows is going to feel the heat. And while I would bet that these big box stores were not carrying as many as they should have for their customers, late last year, Best Buy was back-ordered on the Mac Mini
Linux Desktops in Big Box Stores? So when should you expect to see Linux machines appearing in big box stores? I do not believe it will happen anytime soon. Not because these Linux boxes are not worthy, but they are already selling at a comfortable rate online. There’s little incentive to go through the brick-and-mortar trouble.
Within the next few years, it could be that we will indeed begin seeing ready-to-run Linux boxes making an appearance. Previous attempts in this realm have been met with mixed results. However, with closely controlled hardware and updates that have been tested on that same hardware, it could be a successful holiday item for Christmas gifts that are yet to come.
Best Computing Solutions: Windows vs. Linux – Part I
May 13, 2008As long as there are choices in computing platforms, there will be those that claim that their OS is the best over all others. In this article, I will work to put my own preferences aside, examine my years of experience with past clients who have used all three major platforms and why each made the most sense for them.
Why Change What Works? There are some people that need specialized options from their platforms. My wife, for instance, is happy to use Linux to check her e-mail; however, she cannot not rely on anything less than OS X for color calibration and working with Adobe Photoshop. Users like my mom have an entire hard drive (nearly) full of Microsoft Publisher files that are not likely to be migrated over to anything different anytime soon. Windows XP does what she needs it to do, why change it?
Then there is me with Ubuntu. While I run a number of other distributions, I have found that with the possible exception of the latest Fedora release, the adoption rate and external utility development for Ubuntu have blown the doors off of everyone else. But that is just me.
At any rate, the point is that I prefer Ubuntu, since it works for what I’m looking for. I can get every application imaginable from the given software repositories or simply Deb packages from GetDeb.net. Because of the way Ubuntu does things, I have not compiled anything since migrating to this distro from a whirlwind tour of my previous distributions.
So we are faced with the question – is any one of these “better” than the other? The very idea of one being the better option is totally relative and in the eyes of the user.
Time For An Upgrade, But Which OS to Choose From? Take any photo e-mailing browser with PC user and ask them to pay the upgrade price for Vista, and once they are done laughing at you, they will likely ask “why?” This puts us in a pickle for a number of reasons. Because outside of more than likely needs to buy completely new hardware for a semi-decent Vista experience. So the question remains – why bother? For some people, it could be a question of security improvements, which are certainly valid with Vista over XP. However, the same has been a constant with OS X and Linux, without Microsoft’s abysmal security track record. And believe me I have had a fair share of people asking me why they would want to use Windows again, considering all the virus and malware issues they had to concern themselves with.
Yet at the same time, unless they are using video, video games or something else resource intensive or specialized, the defining factor will be whatever is cheapest. This is an area most technology enthusiasts still have trouble wrapping their heads around, but it is a cold, hard fact.
Sticking to What is Familiar Vs. Overall Value. Keeping in mind that most people are not informed enough to ask if iLife comes with an office suite like iWork by default, or if Windows Vista provides MS Word as an added bonus, at the end of the day, most people will end up migrating to Vista. Surprised? Don’t even dare think that it is because “Vista is the best” for them specifically. It is a combination of PC pricing and expecting or wanting a lot of change in their computing world.
Mac users, like my wife, will never agree with this. And I say more power to them. But the reality is this – less advanced Windows users want it to be familiar, not what some consider being more functional. This is not my opinion, this is an indisputable fact. Ask anyone one out there dealing with Joe Public in the repair industry, they will agree for the most part.
Tools to access Linux Partitions from Windows
May 12, 2008If you dual boot with Windows and Linux, and have data spread across different partitions on Linux and Windows, you should be really in for some issues.
It happens sometimes you need to access your files on Linux partitions from Windows, and you realize it isn’t possible easily. Not really, with these tools in hand – it’s very easy for you to access files on your Linux partitions from Windows
Explore2fs
Explore2fs is a GUI explorer tool for accessing ext2 and ext3 filesystems. It runs under all versions of Windows and can read almost any ext2 and ext3 filesystem.
Project Home Page :- http://www.chrysocome.net/explore2fs
History of Linux
May 12, 2008
a. In The Beginning
It was 1991, and the ruthless agonies of the cold war were gradually coming to an end. There was an air of peace and tranquility that prevailed in the horizon. In the field of computing, a great future seemed to be in the offing, as powerful hardware pushed the limits of the computers beyond what anyone expected.
But still, something was missing.
And it was the none other than the Operating Systems, where a great void seemed to have appeared.
For one thing, DOS was still reigning supreme in its vast empire of personal computers. Bought by Bill Gates from a Seattle hacker for $50,000, the bare bones operating system had sneaked into every corner of the world by virtue of a clever marketing strategy. PC users had no other choice. Apple Macs were better, but with astronomical prices that nobody could afford, they remained a horizon away from the eager millions.
The other dedicated camp of computing was the Unixworld. But Unix itself was far more expensive. In quest of big money, the Unix vendors priced it high enough to ensure small PC users stayed away from it. The source code of Unix, once taught in universities courtesy of Bell Labs, was now cautiously guarded and not published publicly. To add to the frustration of PC users worldwide, the big players in the software market failed to provide an efficient solution to this problem.
A solution seemed to appear in form of MINIX. It was written from scratch by Andrew S. Tanenbaum, a US-born Dutch professor who wanted to teach his students the inner workings of a real operating system. It was designed to run on the Intel 8086 microprocessors that had flooded the world market.
As an operating system, MINIX was not a superb one. But it had the advantage that the source code was available. Anyone who happened to get the book ‘Operating Systems: Design and Implementation’ by Tanenbaum could get hold of the 12,000 lines of code, written in C and assembly language. For the first time, an aspiring programmer or hacker could read the source codes of the operating system, which to that time the software vendors had guarded vigorously. A superb author, Tanenbaum captivated the brightest minds of computer science with the elaborate and immaculately lively discussion of the art of creating a working operating system. Students of Computer Science all over the world pored over the book, reading through the codes to understand the very system that runs their computer.
And one of them was Linus Torvalds.
OpenBSD’s IPv6 mbufs remote kernel buffer overflow
May 12, 2008OpenBSD’s IPv6 mbufs remote kernel buffer overflow
Core Security Technologies – CoreLabs Advisory
Vendors contacted: OpenBSD.org
2007-02-20: First notification sent by Core.
2007-02-20: Acknowledgement of first notification received from the OpenBSD team.
2007-02-21: Core sends draft advisory and proof of concept code that demonstrates remote kernel panic.
2007-02-26: OpenBSD team develops a fix and commits it to the HEAD branch of source tree.
2007-02-26: OpenBSD team communicates that the issue is specific to OpenBSD. OpenBSD no longer uses the term “vulnerability” when referring to bugs that lead to a remote denial of service attack, as opposed to bugs that lead to remote control of vulnerable systems to avoid oversimplifying (“pablumfication”) the use of the term.
2007-02-26: Core email sent to OpenBSD team explaining that Core considers a remote denial of service a security issue and therefore does use the term “vulnerability” to refer to it and that although remote code execution could not be proved in this specific case, the possibility should not be discarded. Core requests details about the bug and if possible an analysis of why the OpenBSD team may or may not consider the bug exploitable for remote code execution.
2007-02-28: OpenBSD team indicates that the bug results in corruption of mbuf chains and that only IPv6 code uses that mbuf code, there is no user data in the mbuf header fields that become corrupted and it would be surprising to be able to run arbitrary code using a bug so deep in the mbuf code. The bug simply leads to corruption of the mbuf chain.
2007-03-05: Core develops proof of concept code that demonstrates remote code execution in the kernel context by exploiting the mbuf overflow.
2007-03-05: OpenBSD team notified of PoC availability.
2007-03-07: OpenBSD team commits fix to OpenBSD 4.0 and 3.9 source tree branches and releases a “reliability fix” notice on the project’s website.
2007-03-08: Core sends final draft advisory to OpenBSD requesting comments and official vendor fix/patch information.
2007-03-09: OpenBSD team changes notice on the project’s website to “security fix” and indicates that Core’s advisory should reflect the requirement of IPv6 connectivity for a successful attack from outside of the local network.
2007-03-12: Advisory updates with fix and workaround information and with IPv6 connectivity comments from OpenBSD team. The “vendors contacted” section of the advisory is adjusted to reflect more accurately the nature of the communications with the OpenBSD team regarding this issue.
2007-03-12: Workaround recommendations revisited. It is not yet conclusive that the “scrub in inet6″ directive will prevent exploitation. It effectively stops the bug from triggering according to Core’s tests but OpenBSD’s source code inspection does not provide a clear understanding of why that happens. It could just be that the attack traffic is malformed in some other way that is not meaningful for exploiting the vulnerability (an error in the exploit code rather than an effective workaround?). The “scrub” workaround recommendation is removed from the advisory as precaution.
2007-03-13: Core releases this advisory.
Release Mode: FORCED RELEASE
Vulnerability Description
The OpenBSD kernel contains a memory corruption vulnerability in the code that handles IPv6 packets. Exploitation of this vulnerability can result in:
1) Remote execution of arbitrary code at the kernel level on the vulnerable systems (complete system compromise), or;
2) Remote denial of service attacks against vulnerable systems (system crash due to a kernel panic)
The issue can be triggered by sending a specially crafted IPv6 fragmented packet.
OpenBSD systems using default installations are vulnerable because the default pre-compiled kernel binary (GENERIC) has IPv6 enabled and OpenBSD’s firewall does not filter inbound IPv6 packets in its default configuration.
However, in order to exploit a vulnerable system an attacker needs to be able to inject fragmented IPv6 packets on the target system’s local network. This requires direct physical/logical access to the target’s local network -in which case the attacking system does not need to have a working IPv6 stack- or the ability to route or tunnel IPv6 packets to the target from a remote network.
Vulnerable Packages
OpenBSD 4.1 prior to Feb. 26th, 2006.
OpenBSD 4.0 Current
OpenBSD 4.0 Stable
OpenBSD 3.9
OpenBSD 3.8
OpenBSD 3.6
OpenBSD 3.1
All other releases that implement the IPv6 protocol stack may be vulnerable.
