Cliff’s List Filter – Sept 27 – Oct 1


Author: Preston St. Pierre

Welcome to another set of Thursday updates from the trenches of Open Source development: the mailing lists. This week’s highlights: new ways to dump core; advocating a new compression algorithm in the kernel; a cryptographically strong random number generator; GNOME’s move to a new device naming scheme; a few more useful about:config hacks for Mozilla; and a host of other tidbits of information you might find useful for Linux, KDE, GNOME and Mozilla.Linux Kernel

  • Alan Cox provides some new behavior for core dumps that may make it easier to track down problems on development systems, or provide sane core dumping for production environments. Systems that apply this patch will be able to set core dumping policy to one of three modes: normal behavior, development, and set-uid safe. Development mode allows any process to dump core when needed, with cores owned by the user running the process, which isn’t very safe, security-wise, but more of a convenience for developers. Set-uid safe mode is intended for production environments, where cores are dumped to disk with the dumps owned by, and only readable by, the root user.

  • If you are unfamiliar with the term “processor affinity”, then an informative discussion on this topic from the Kernel List might be worth your while. Put simply, a process (or a set of processes) may prefer to run only on a specific set of processors. This process can then be said to have an “affinity” for that set of processors. Of course, there’s more to it than that, and it turns out that there’s actually a bit of history wrapped up in those two words.

  • Finding information about what’s currently installed in a given system can be a time consuming process. You can either pop open the machine and commit the information to paper (or a database), or you can try and query the machine and hope it returns some useable information. To assist Unix admins who are trying to do the latter, you may want to look into the Open Source program called dmidecode, as many manufacturers are writing such data to the DMI tables on their motherboards, BIOSes, and firmwares. The output of dmidecode should be easy enough to parse and stuff into most any database.

  • There are certain situations, in both the 2.4 and 2.6 series kernels, where the serial drivers may become clogged under heavy load and cause the serial driver to spin into an endless loop. Right now, a sub-optimal fix is to discard the received bytes, which will prevent lockups, but doesn’t consider hardware with automatic flow control. Sometimes, however, it may be preferable to lose bytes rather than lose your system.

  • A new compression algorithm (LZMA) has generated some interest as one developer lobbies to get it ported into the kernel for use in compressed filesystems. With a purported compression advantage of 12.5% over bzip2 (which is about the same as the advantage bzip2 had over gzip), this may bring about a decided advantage to compressed images like initrd, or may mean increasing the amount of data on a Live CD. However there is one major drawback to LZMA: in addition to the increased time it takes to compress data, LZMA has a high memory footprint, and may not work well with small block sizes (~4k per block) that are typical for most filesystems.

  • Security hounds might be interested in hearing about a kernel module that replaces /dev/random with a cryptographically strong pseudo-random number generator based on the Fortuna algorithm. There are still parts of the patch that need shaping up, but if you are a cryptology devotee and want to test the strength of this replacement for /dev/random, the developer will gladly accept reports of vulnerabilities and possible exploits.

  • Linus releases the third release candidate for Linux 2.6.9 on September 29. As is common with the release of -rc kernels, there is post-release clean up patches that you may need to apply that fixes some compile-time issues with the minor cleanups to the CAPI and ISDN files. IBM ThinkPad owners may want to consider holding off an upgrade due to reports of hard lockups.

  • Rounding out the Linux Kernel coverage, here are a few miscellaneous patches for your consideration: Guido Guenther submitted a fix for CPU frequency scaling for Linux 2.6.9-rc2; another changeset made the rounds at supporting nonblocking I/O operations; new code to make your keyboard LEDs flash in the event of a kernel panic; and some changes from the 2.4 have finally propagated in to the 2.6 series which fixes active FTP, which has been broken since 2.6.9-rc1.


  • Users of GNOME’s Epiphany browser might appreciate this little tidbit of information. There are currently two ways to manage certificates in Epiphany: one is the Certificate Management extension, available from the Epiphany Extensions package; or you can directly access an XUL-based certificate manager via a chrome:// URL.

  • There was a minor bug that was fixed in Nautilus, this week, where selected items were not preserved when the list view was switched to a different sorting order.

  • Large changes are on the horizon for the GNOME-VFS-to-HAL codebase, as evidenced by the near rewrite of that particular piece of code, in a recently submitted patch to the gnome-vfs mailing list. These changes are not-likely-to-be-merged into GNOME 2.8, but may show up in some form after the GNOME codebase is forked for the next release. One of the major advantage of these changes is entries from /etc/fstab and /etc/mtab are once again available, but the volume names are generated by policy established by the HAL library. This results in a consistent naming scheme across all applications that use HAL to access those volumes. This will obviously create some headache as the volume naming currently in GNOME 2.8 uses another scheme entirely. Right now, HAL-under-GNOME-VFS is a bit of a work in progress, and if you can avoid using it, you probably should.

  • This week’s ripened pieces of GNOME software:
    • Devhelp v0.9.2 was released on September 27. Devhelp is a developer’s tool for browsing API documentation for GNOME. The latest release includes 3 new translations, updates for 11 other translations, improved navigation and searching features.
    • A new release of the GNOME 2 password manager, Revelation, celebrated its v0.3.4 release. Revelation gives you a place to store all of your accounts and passwords in a single, secure place. Now, instead of having to keep track of hundreds of ever-changing passwords for all of your systems, you need only remember one.

    • Music lovers might be happy to hear that the Jamboree is in town, once again. Jamboree v0.5 was released on September 28, and adds in new features such as typeahead search for albums and artists, support for GStreamer and tons of localization improvements.

    • Epiphany, the GNOME web browser, has reached v1.4.1. Even though this is a bug-fix release, the development team still had some time to pad the feature list. Now Epiphany can be compiled against the Firefox version of the Gecko rendering engine, which is especially useful if you would prefer the more compact version of the Mozilla browser (as opposed to the kitchen-sink that Mozilla has become). This latest Epiphany release is accompanied by the release of its Extensions package, which adds a new sidebar extension, plugs a memory leak, fixes a crash, and improves CSS support, among other things.
    • While this may sound strange with GNOME 2.8 just released, GNOME 2.6 is now available for AIX 5. As of October 1, binary and source packages for AIX 5.1 to 5.3 are now available on the BullFreeware site.


  • Here’s a useful example of the “Quick Browser” button that you can add to the KDE Taskbar (the Kicker). Say you have a directory containing scripts, programs, documents, or whatever type of file you’d like quick access to. Add a “Quick Browser” button, enter the directory and away you go.

  • There was a bug in the KDE Slideshow that produced unexpected results if a low texture value is set for OpenGL and a GL Slideshow is used. As a result, instead of seeing the Slideshow, you get a white screen.

  • Kreme of the KDE Software Releases for the week:
    • The amaroK development team announced the release of v1.1 of the amaroK audio player for KDE on September 27. New features include: automatic album cover-art; Media Application Server support; GStreamer-engine crossfading; improved album collection performance; and more.

    • The KDE imaging program formerly known as krayon (but never known as “The Kimp”) is now known as Krita. Krita celebrated its first Preview release on September 26 (which was missed in last week’s List Filter). After 5 long hard years, the Krita team has improved Krita dramatically, adding support for things like Gimp brushes and image filters, gradients, patters and more. Things are still rough around the edges and Krita depends on code from the KOffice CVS repository (so it may interfere with existing KOffice installs from .RPM or .DEB). However if you are interested in previewing the progress made so far there are packages available for download.


  • Here’s a tip that may help bookmark identification go easier. You can make it so that the Bookmark menu displays a site’s favicon with a few easy about:config hacks. Unfortunately, these instructions only work on Mozilla as Firefox lacks the “” configuration entry.

  • Another set of about:config hacks that may improve your browsing experience deals with cookies. You can adjust 2 configuration keys to change how long cookies are preserved. Others have run into a problem where cookies start to disappear after a certain amount of time. This may happen when you hit one of the 2 cookie limits. Before the release of the Firefox 1.0 release candidate, there was an absolute limit of 300 cookies and a host limit of 20 cookies. Later versions of Mozilla and Firefox have upped this value to an absolute maximum of 1000 cookies and a 50 cookie host limit. Feel free to adjust these values to taste if the defaults don’t work for you.