Cliff’s List Filter – Sept 7-13


Author: Ian Palmer

Welcome again to another helping of news from the Lists. Linux Kernel and GNOME news dominate this weeks servings due mostly to the release of GNOME 2.8 and the fact that LKML is always noisy. Up for your perusal: Does FreeBSD make a better router than Linux? Do you really need Application XIP to speed up your embedded applications? Do you think the Digsig LSM will improve the security of your Linux server? Does Polypaudio have what it takes to become the new sound server for both GNOME and KDE? This and the usual sampling of tidbits and miscellany are all here, this week.

Linux Kernel

  • A new version of the dmraid (Device Mapper RAID) tool, v1.0.0-rc4, was announced on September 7. dmraid enables admins to setup, toggle activation, and show the details of software raid sets. It supports Highpoint, Intel, Promise and Silicon Image Medley controller, with basic support for the LSI Logic MegaRAID, works with Linux Kernel 2.6 and comes in RPMs, SRPMs and pure source forms.

  • Admins who use BSD accounting may be interested in applying a new patch which tracks
    character IO transferred at the VFS layer. This feature was initially supported by the Comprehensive System Accounting patchset. This patch is part of a move to support the collection of such statistical data in the core kernel, while leaving the presentation of the collected statistics (ala BSD-style or CSA-style accounting) to the kernel module of your choice.

  • A question was brought up on the Linux mailing list claiming that FreeBSD made a better router than Linux. While it is true that FreeBSD performs better as a pure router, several people on the kernel list questioned the degree of accuracy (almost an order of magnitude) claimed by the original linked article. It would be interesting to note if some of our readers can contest these results based on their own experiences.

  • The September release of the Linux Test Project is now available and was announced on the Linux Kernel List on September 8.

  • Embedded developers are always trying to find novel ways of improving the performance of their products, either by improving the execution time of their code, lowering the RAM footprint needed by their applications, or both. A post on LKML asking about filesystems that support Application XIP (eXecute-In-Place) sparked an interesting discussion on whether XIP is needed, including a message pointing to changes that will add XIP functionality to an ext2 filesystem mounted read-only. Most of the responses to the initial question said that XIP isn’t really needed to improve performance, but the consensus was that RAMFS may be the best choice since RAMFS is a file-system implemented in pagecache and Linux runs code from the page-cache anyways. Implementations for XIP are also available for cramfs (compressed RAM filesystem), however you lose the benefit of compression for the executables.

  • A new version of the loop-based AES cryptography package was announced on September 9. You can use this package to encrypt a file-based or device-based filesystem using the loopback mounting system in Linux. For technical reasons, it is best if you use the device-based method for various technical reasons. You can get more information on this method of generating an encrypted file-system as well as an encrypted file system from the release notes.

  • The release of Digsig v1.3.1, a utility that allows only properly signed ELF executables and shared libraries, on September 9 is an additional weapon in the Linux Security arsenal that can help administrators protect their systems against viruses, worms, trojans and other annoyances. By loading the ‘digsig’ kernel module with a public key of the administrators choice, any application or shared library signed by that public key (signing is done by the ‘bsign’ application) is allowed to execute on that system. If a program is unsigned, or signed with the wrong key, it is not executed. It is yet another layer of security an administrator can deploy to frustrate would be hackers or viruses from taking over their systems.

  • Users who have been having problems mounting their CDs or DVDs while using Kernels or higher will probably want to try applying a minor correction to Linux’s Rockridge extension code and see if that solves the problem.

  • A thread comprising patches necessary to implement a subset of the BSD style “jail” virtual servers was posted to the Linux Kernel mailing list on September 10. The implementation is in the form of a Linux Security Module, and even protects against the chdir escape that could break a user out of the chroot’d environment. The “jails” implemented by the LSM are limited in that they cannot create devices or filesystems, cannot mount or unmount, cannot change the priority of its processes nor can it change network settings. Each “jail” can have its own IP address. This functionality does have its drawbacks, however, and the security of the “jails” greatly depends on the security of the server on which they reside.

  • Greg KH announces the 31st release of udev, a devfs replacement, on September 10. udev allows Linux users to have a dynamic /dev filesystem with persistent device names and support for hotplug devices. One of the advantages of udev is that it runs entirely in userspace, responding to kernel notifications when a device is added to or removed from the system.

  • Lee Revell submitted a patch that creates an Linux Security Module which can be used to grant realtime capabilities to specific groups or applications. This has become particularly useful for audio users needing low latency access to specific applications, or admins who need to grant realtime access to a subset of their users.

  • Linus releases Linux 2.6.9-rc2 on September 13. This latest release includes, among other things, some updates to ALSA, several small fixes, and more warnings from drivers due to stricter PCI memory checks (which are safe to ignore). Post release, Peter Osterlund found and fixed a bug with the bttv driver, Geert Uytterhoeven corrected problems with the m68k and MIPS build paths, and if you are running with a hyperthreading machine and experience hard locks after upgrading, try turning off the CONFIG_SCHED_SMT feature in your kernel .config, recompile and see if the new kernel runs without problems.


  • Lennart Poettering, the author of Polypaudio, is now campaigning for its inclusion into the GNOME desktop as a drop-in replacement for Esound. The claim is that since Polypaudio is better written, delivers lower latencies, is extensible, and is nearly compatible with most Esound applications, that the time is ripe for Esound to be replaced. Since KDE is apparently also looking for a new sound server, maybe Polypaudio may end up as the common sound server for both KDE and Gnome since it doesn’t depend on Glib or Qt/KDE. If you’d like more information on the work Lennart is doing, take a look at the Polypaudio FAQ, or if you are interested in its arcane inner workings, the Polypaudio documentation pages.

  • For the adventurous users of Nautilus: Raphael Bosshard wrote some additions to the file manager that enables you to scale icons from the properties dialog. The intent here is to improve the UI by allowing certain icons (for example, the ones you use the most) to have a different size than others. Changing multiple icons at once is also supported. This patch is a work in progress and applies to Nautilus version 2.7.4.

  • Tons of new pieces of noteworthy GNOME software hit the streets, this week:

    • Looking for an RSS reader? Imendio has just released v1.4.0 of Blam, which aims to suit your news browsing needs. Supporting RSS, RDF and planet feed with auto-refresh features, notification and a variety of languages, this may just be the tool you are looking for.

    • One of the aspects many users ask for when considering a switch to Linux is an application that can generate nice looking reports from a database. Papyrus, an XML-based language that aims to do just that, just recently released version 1.3.9 on September 8. It will work with a PostgreSQL or MySQL backend (more databases can be supported through Gnome-DB) and can export its reports in a variety of formats including LaTeX, PDF, PostScript, HTML, ANSI, and of course, XML.

    • Marlin development proceeds along swiftly with the release of version 0.7 on September 13. Marlin is an audio sample editing program for the GNOME desktop and now includes an undo/redo feature.

    • Gnome Ghostview hits its landmark 2.8.0 release on September 12.
    • Gnome-games and and its related-but-optional extra data package both reach version v2.8.0 on September 13. Included in this release are games like Ataxx, Iagno, and Robots, along favorites like Blackjack, Mahjongg and the ubiquitous Minesweeper clone that no desktop can live without.
    • gEdit v2.8.0 was also released on September 13. gEdit is -the- text editor for GNOME with plugins like a word counter and a spell checker, plus it supports a wide variety of languages.
    • Epiphany v1.4.0, a web browser, hits the scene as well, with more bug fixes, and new translations. not to mention a new release of extensions, including add-ons for bookmark maintenance and CSS Stylesheet support. Epiphany v1.4.0 is designed to work with GNOME 2.8, while the latest release for the GNOME 2.6 desktop is v1.2.9, which was also released on September 13.
    • Last but not least, the GNOME 2.8 desktop wouldn’t be complete without the GNOME Panel and its set of nifty applets that can add so much to a desktop. Add-ons like a battery monitor, a small cdplayer, a character picker, sticky notes, mixer and more are included in the new release for use on your desktop panel.


    • The first public beta release of Kile v1.7, a LaTex environment for KDE, was made available on September 13. Kile allows you to prepare, convert and view your TeX documents documents easily, with useful features like auto-completion of TeX commands, templates, and easy insertion of standard tags and symbols.


    • If you haven’t heard of it yet, there is a stand-alone version of the Mozilla Composer out there, it’s called NVu, and you can find it more info on it, here. It’s currently still a work in progress, however, and being a mostly one-person operation it’s likely said progress will be slow unless there are developers out there who would be interested in sitting in and lending a hand.