| DistroWatch Weekly
|DistroWatch Weekly, Issue 130, 12 December 2005
Welcome to this year's 50th issue of DistroWatch Weekly. This issue covers a variety of interesting topics, including a call to protest against introducing a DMCA-style law in France, Linux migration efforts by Berlin, Prague and Cape Town, and an insider's feedback to our last week's feature on backporting newly released applications to existing distributions. In the news section we'll introduce Security Enhanced SUSE, congratulate Patrick Volkerding, and draw your attention to a newly compiled list of FreeBSD projects for volunteer programmers. Finally, we'll take a brief look at the new Ark Linux 2005.2. Happy reading!
Join us at irc.freenode.net #distrowatch
About software freedom and Linux migration efforts
We have seen the dangerous trend of big businesses in the United States influencing the law - by lobbying and successfully instituting controversial protection measures, such as software patents or the infamous Digital Millennium Copyright Act (DMCA). Now it appears that this trend is moving across the big pond and into Europe. France is the first major target and, if not prevented, it will become the first country in Europe to have a law similar to DMCA (correction: Finland is the first). Once it happens, it will be illegal for French residents to circumvent any copy-protection or encryption technologies. As an example, those who download the libdvdcss library to watch encrypted DVDs on Linux or find a way to make a backup copy of a copy-protected music CD might face criminal penalties.
As a web site advocating the use of Free Software we find this trend unacceptable and worth fighting against. Europeans have already demonstrated their ability to get together when they protested against the adoption of software patents earlier this year, so let's hope that the current attempt by the French government to adopt another controversial law will suffer the same fate. But for this to happen, the French citizens need to mobilise once again. The leading advocate against the "loi DADVSI" is EUCD.INFO which also provides a way for readers to sign a petition against adopting the law. We would like to encourage all freedom-loving French citizens to visit the page and sign the petition - not only for the sake of preserving software freedom in France, but also to send out a message to other governments and legislators to think twice before they succumb to commercial interests of powerful multinationals.
Luckily, it's not all bad news on the European front this week. It would seem that, after Munich, Vienna and Paris, the next major cities to adopt Linux or at least encourage migration towards open source software for use in their municipalities are Berlin and Prague. According to Heise.de (link in German), the local government of the German capital is currently drafting a plan to switch their servers to Linux, while migration of some 60,000 desktops to Linux is also under consideration. Additionally, the city intends to introduce a formal requirement to buy and deploy only software with open standards and open document formats.
In the meanwhile, an interesting piece of news has reached us from across the border - from Prague. According to two news reports released by European eGovernment Services, the Czech capital has had an open source study and research plan since 2001, with the goal of cutting down the city's IT budget and "showing citizens that there are no economic, moral or ethical excuses for using illegal software since OSS is an alternative to proprietary software". As a result, the Czech government is now planning a range of activities in 2006 to actively encourage the use of open source software and to assist those municipalities that adopt a migration plan. More information is available here and here.
And while on the subject of migration to open source software, further good news comes from Cape Town (pictured on the right). As reported by Tectonic, the municipal offices of the South Africa's second largest city currently have some 540 desktops in daily use that run open source software, while a migration of another 500 City Library computers to open source is in the planning stage. "To those that say the open source desktop is not ready for wide usage we say 'we are already doing it'," asserts Nirvesh Sooful, head of the IS&T Directorate in Cape Town. (Disappointingly, the city's open source deployment plan has so far by-passed its official web site, which is still hosted on Windows and IIS.)
The above gives a good indication that more and more municipalities and government offices around the world have started seeing the value in open source software and begun migration plans.
How about the government in your city? Is it still using your tax money to pay massive license fees for running proprietary, closed-source and closed-format software in places where Free Software would do perfectly fine?
* * * * *
Miscellaneous news: SESUSE, Patrick Volkerding, FreeBSD list of projects for volunteers
One of the positive side effects of opening up the development of SUSE Linux to public is the emergence of various specialist sub-projects based on this popular distribution. The latest addition to this growing family is SESUSE (Security Enhanced SUSE), a hardened distribution for those users who demand extra strong security features. The project is presently in early development, but the first release, based on the upcoming Alpha 4 of SUSE Linux 10.1, is expected shortly. The distribution will have SELinux enabled by default, it will ship with both KDE and GNOME, and it will include a new YaST module for configuring security profiles. For more information please see the unofficial announcement and visit the SESUSE project page.
Followers of the Slackware current changelog were greeted with a rather unusual entry last weekend. "It's a girl!" declared the title of a new post, the first one in over a month. It turned out that Patrick Volkerding, the 38-year old maintainer of Slackware Linux and one of the most prominent personalities in the world of Linux distributions, had just had his first child: "I know a lot of you have been wondering what's going on here, and the news is that my wife Andrea delivered our first child, a daughter Briah Cecilia." Our warmest congratulations to Patrick and Andrea! More details (including some mundane stuff, such as upgrades to the Linux kernel, glibc, GCC and ALSA, and a promise that "things should be getting back to normal here (more or less) over the next couple of weeks") can be found in the Slackware current changelog.
FreeBSD has published a new list of projects and ideas that could help to extend its features and has invited volunteers who might be interested in contribution code: "The FreeBSD project has hundreds of active developers spread all over the world, and many of them have their own parts of the source-tree that they work on. However, there are always a lot of new interesting projects and ideas that needs to be investigated and evaluated, and this is where the FreeBSD project relies on heroic efforts from volunteers." All projects are highly technical and require the ability to write code. Please see this page for more information.
* * * * *
Feedback: On backporting applications
Our last week's feature on backporting newly released applications to stable distributions has stirred quite a debate. One of the more interesting posts was the one from John Dong, the Ubuntu Backports project leader. With more backporting experience than most, John has outlined some of the pitfalls of backporting complex applications to well-tested distribution releases. Some readers felt that it was worth reprinting John's posts for the benefit of those readers who don't read the forums. So here it goes:
- Backporting is a sweet way for us to enjoy the hot new things in the Open Source world without compromising stability like running a development/CVS/snapshot release.
- Backporting can be a major PITA if not done correctly! There are lots of compatibility issues that stem from poorly or recklessly done backports.
- Developers know what they're talking about, and what they're doing. Nobody's voice is being ignored. Most backports are just a handful of commands (just a few minutes of interactive work), so there is not much effort in the actual backporting process. So if a developer doesn't backport a certain package, it's been done with good reason.
For example, Firefox 1.5 has been a very popular request for the Ubuntu Backports project. However, backporting Firefox also requires recompiling over 50 source packages in the Ubuntu collection, and even then there is no guarantee that the recompiled packages would work correctly. As of now, everything from Mono applications (that use HTML rendering) to the GNOME Help viewer is broken by recklessly compiling a set of firefox backports, just to give you an idea about the degree of breakage.
Sometimes, there is more to a package than meets the eye -- especially true of Firefox. It's not just a browser (though that's what most people think) -- it's an embeddable HTML rendering library that's used at the core level by a majority of the Linux desktop programs that utilize HTML rendering. There is a lot more work than meets the eye when you do something. I hope now people see that the "I unpacked the damn 1.5 tarball, what's so difficult about backporting it?" argument does NOT work!"
I'd like to emphasize the importance of compatibility again. There are two aspects of compatibility: A platform for 3rd party developers to target, and consideration for the consequences of backports to users:
- As much as your distribution is able to package OSS (or even restricted) packages, others will at times need to make packages for Linux themselves. These could be authors of less-popular OSS software, or even large commercial vendors wanting support of the Linux community.
Either way, when they package, they need a platform that they can depend on. For example, if I am a commercial vendor that wants to make packages for RHEL, I expect the package to work with RHEL, no matter how much of RHEL's software I must link to. That's one thing enterprise-grade Linux is good at -- providing a well targetable uniform platform. For the life of RHEL, I can expect that the package I made 12 months ago will continue to function on this platform.
Ubuntu also tries to be that way, though we certainly do make more releases! Through the 18 (or more) months of support, we strive to make each release a targetable enterprise-grade platform. As a results, Backports has to be careful not to introduce incompatibilities in the process of providing updates. In the Firefox example, backporting Firefox 1.5 would cause any 3rd party package linked to the Ubuntu Firefox Gecko engine to need recompiling (meanwhile they'll crash on attempts to use Gecko), which is something I cannot do. Recompiling the 55 source packages in the Ubuntu repositories: sure, I have the authority to request that done. Telepathically recompile every 3rd party package that's made and will be made for Ubuntu Breezy 5.10 within the next 16 months? Sorry, don't think I can do that.
- A part of the Code of Conduct (the core philosophy behind Ubuntu) is to be considerate. Backports has to be considerate to other Ubuntu users, and the consequence to every user is weighed before a backport is officially made. For example, consider the Firefox backport example again (wow, this is becoming a popular example): many people heavily customize their Firefox profiles, usually through extensions. Most of us Firefox 1.5 adopters know that the Extension API in 1.5 is not compatible with 1.0.x. As a result, many extensions that work fine in 1.0 will not run when Firefox is upgraded to 1.5.
At the same time, there are many Ubuntu users who use Ubuntu as an enterprise-class workstation OS for getting job-critical work done. For me to decide to introduce a new package that breaks a core application for them is not considerate to them, and causes them countless headaches.
Maybe I and many of us amongst here are Linux hobbyists / enthusiasts that can deal with (or even enjoy) the occasional breakdown and fix here and there, but others cannot accept this and consider it downtime.
Until there is a user-friendly way to allow users to make a conscious decision as to what "potentially incompatible Backports" to install, I will tread very cautiously and only provide absolutely safe, top-quality packages to Backports users. Those hobbyists amongst us can use Backporting scripts (like ubp-build.py [google]) to make their own backport packages (oh boy, I think I have 50+ of those installed at the moment!).
John Dong, Ubuntu Backports Team Leader
|First looks: Ark Linux 2005.2
Ark Linux 2005.2
When Ark Linux was first announced in 2002, it created much excitement as it was to become the first free distribution designed for novice and non-technical computer users. The fact that it was led by such an experienced and well-known developer as Bernhard "Bero" Rosenkraenzer, previously coding for Red Hat, added more credibility and expectations to the project. But some three years and one buggy release later, the distribution has failed to attract many users. Partly responsible for this failure was the emergence of other free, user-friendly distributions, such as MEPIS or PCLinuxOS, with larger and more active communities, and more frequent releases.
Nevertheless the developers of Ark Linux have continued their work. Last week, the project's second stable release hit the mirrors and I decided to take a look. The new version 2005.2 comes with an updated system installer, the latest development kernel, X.Org 6.9 from cvs, KDE 3.5.0, Firefox 1.5, OpenOffice.org 2.0, and many other up-to-date applications, some bordering on the bleeding edge. It also includes 3D acceleration support for ATI graphics cards and the usual improvements in hardware detection, speed and usability.
The Ark Linux installer now provides an "expert mode" by integrating QTParted for custom partitioning and a screen for selecting partitions to install the distribution. While this is a welcome addition, I found it somewhat broken, with GRUB being setup incorrectly when told to write to the root partition instead of the Master Boot Record. Also, QTParted feels a little out of place, lacking "continue" button once you finish the partitioning. The installer still gives a feeling of something designed in the Caldera era of mid-nineties, somewhat awkward to use and with no support for the USB mouse wheel. I am, of course, writing this from the point of view of somebody who has performed hundreds of Linux installations so new Linux users might have a more favourable view of the installer. Nevertheless, I feel that Ark Linux should perhaps make use of one of the tried and tested open source installers, rather than re-invent the wheel.
I found the hardware detection and setup a little flaky as well. While the Realtek 8139too network card was configured correctly, the SoundBlaster Live! sound card was not (permission problem) and the screen resolution was set to 1024x768, which is lower than the maximum resolution supported by the monitor. Worse, there was no way to increase this in Ark's Mission Control - a surprising omission for a distribution designed for use by non-technical computer users. These are issues that many less beginner-friendly distributions solved a long time ago so it was disappointing to see Ark failing here.
On the positive side, after the GRUB problem was fixed and the hardware setup failures corrected, Ark turned out to be a very nice operating system. The beautifully designed Mission Control is a pleasure to use and Kynaptic and KPackage were pre-configured and ready for installing, removing and updating packages. The developers have resisted the temptation to introduce heavy customisations to KDE, the only available desktop, preserving its default look and feel. One of the more interesting aspects of the distribution is the omission of the "root" user - the system logs you straight into a user account with elevated privileges to modify system settings, but without the right to delete or alter important system files. Power users can access the root account via the "Super User Terminal".
Overall, Ark Linux 2005.2 is not a bad distribution, but I don't think it is quite ready to be called "beginner-friendly". More experienced users might, however, find it a worthwhile project, especially since it attempts to be on the bleeding edge of open source software development and its "dockyard" package repository is continuously updated. Perhaps a little extra attention to detail, some usability studies and better installer with more testing could bring it closer to the beginner-friendly league, but as it is now, this goal remains elusive.
For more information about Ark Linux please visit the project's home page at arklinux.org.
Ark Linux 2005.2 - still not quite as beginner-friendly as it would like to be.
(full image size: 1,367kB)
|Released Last Week
EnGarde Secure Linux 3.0.2
A new update to EnGarde Secure Linux 3.0 series has been released: "Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.2. This release includes several bug fixes and feature enhancements to the Guardian Digital WebTool, the SELinux policy, and the LiveCD environment. New features include: a new WebTool frontend to the AIDE filesystem integrity checker; daily, weekly, and monthly graphs for the Snort IDS WebTool module; the latest stable versions of MySQL (5.0.16), fetchmail (6.3.0), and Snort (2.4.3)...." Find a more complete list of changes in the release announcement.
Kate OS 2.3
The Kate OS distribution has been updated to version 2.3: "We are proud to present the newest milestone release of Kate OS II series. Kate OS 2.3 brings 22.214.171.124 kernel with Reiser4 support, the newest glibc library, XFce 126.96.36.199 desktop environment and many other applications in current versions. We have modified system boot scripts so they present the boot sequence in a clear way. Another new addition in Kate OS is a hardware detection tool 'discovery', which detects and configures system hardware. ... Additionally, the DVD edition contains GNOME 2.12.1 and KDE 3.4.3 (optimized for i686 class processors)." Read the complete release announcement on the project's home page.
Helix is a customised distribution of the Knoppix live CD dedicated to incident response and forensic analysis of compromised computer systems. A new version 1.7 has been released: "Helix 1.7 has been released. This edition revamped the GUI on the Windows side with all new code and added some new tools. The Linux side has been dramatically updated with a brand new 2.6.14 kernel that features many new RAID and SATA drivers." Read the release announcement and changelog for further information.
B2D Linux 20051207, 20051208
The December release of B2D Linux is now available for download. B2D Linux is a Taiwanese live and installation CD based on Knoppix, with complete support for traditional Chinese. The major changes in this release are: upgrade to kernel 188.8.131.52, upgrade to Firefox 1.5, inclusion of OpenOffice.org 2.0.0 (an enhanced Chinese edition packaged by OpenDesktop.org.tw), newly added ability to switch between UTF8 and Big5 locales from within a graphical utility, switch to xcin 3.0 for Chinese input, and several other enhancements. See the release notes (in Chinese) for a more detailed description of the changes.
64 Studio 0.6.0
64 Studio is a Debian-based Linux distribution with a collection of software for digital content creation on x86_64 hardware. It's based on the pure 64 port of Debian GNU/Linux, but with a specialised package selection and lots of other customisations. The latest version is 0.6, released yesterday: "I'm glad to announce the 0.6.0 version of the 64 Studio distribution. The release features many major software upgrades and system enhancement, for further details just have a look to the list of closed tickets for this milestone." More information is available in the release announcement and on the project's web site.
Ufficio Zero 0.7
Hot on the heals of the recently released version 0.6, the developers of Italy's Ufficio Zero, based on Ubuntu Linux, have announced another new release: "Ufficio Zero 0.7 has been released. This release features a big step forward with the new version of 'automatico', an automatic software installer based on gnome-app-install. A simple guide through all daily tasks has been included in the distribution so users can find information right on their desktop." Like the previous version, Ufficio Zero 0.7 is a live CD only, without a hard disk installation option. Read the full release announcement (in Italian) for further information.
ClarkConnect Gateway/Server 3.2 R1
The recently released ClarkConnect Gateway/Server 3.2 has received its first bug-fix revision: "From time to time, we release ISO downloads with all the latest updates and bug fixes. Revision Notes: intrusion detection report generation; system watch connection issues with some ISPs; PPTP VPN blocked access to local server; PPPoE configuration issue on a new network interface; Webmail configuration error on a new installation; cosmetic issue with the rpm command." Read the complete revision notes for further details.
SLAMPP 1.0 "Lite"
A "lite" edition of the SLAMPP 1.0 live CD project for home servers has been released: "As I promised before, a lite version of SLAMPP is now available for public download. It contains only essential server applications and other tools that will support your web development work. To keep SLAMPPLite small and make it easy to update, I've chosen to include a ready-made solution called XAMPP, developed by nice people at Apache Friends. ... A new linux kernel 184.108.40.206 has been used. To compile all things into a live CD, I also updated the linux live scripts which will be available for you to use as well. You can use it to edit or re-master SLAMPPLite if you have intention to do so in the future." Here is the full release announcement.
Berry Linux 0.65
A new version of Berry Linux has been released: The most important changes in version 0.65 include the following: upgrade to Linux kernel 220.127.116.11 with SMP, udev and bootsplash, upgrade to KDE 3.5.0, upgrade to Firefox 1.5, newly added Thunderbird mail client version 1.5rc1. XMMS and Mozilla have been removed and MPlayer upgraded to its latest development release. GCC has been upgraded to version 4.0.2. See the complete changelog for further information.
Coyote Linux 3.00.31
Build 31 of the Coyote Linux Personal Firewall distribution 3.00 has been released: "Coyote Linux 3.00 build 31 is available for download. This release fixes the following problems: UPnP service not working properly; web admin page not working for http remote access config; web admin reload function fixed to prevent blocking access to the web admin after a reload; several unused files were cleaned from the root firmware image. This release also contains an updated version of the firmware loader. NOTE: This release can not be upgraded to using the firmware update web admin page. Until the firmware loader specs and process are finalized, this function can not be used." The release announcement.
Ark Linux 2005.2
A new major version of Ark Linux, an easy-to-use distribution designed for non-technical users, was released today: "The Ark Linux team is pleased to announce the release of Ark Linux 2005.2. The highlights of this release include: an upgrade to the KDE 3.5 desktop; OpenOffice.org has been upgraded to version 2.0; 3D acceleration on ATI Radeon 9600 and 9800 based hardware is now supported; handling of auto running inserted CDs and DVDs has been improved; hardware support has been improved; unsupported PCI / wireless network cards can now automatically be configured to use a Windows XP driver through the Ndiswrapper emulation layer; some USB printers are configured fully automatically...." More details are available in the long press release.
Foresight Linux 0.9.2
A new version of Foresight Linux, a desktop-oriented distribution based on rPath Linux, has been released: "It has been a long hard road, but 0.9.2 ISOs are now posted. I will say they aren't perfect, but a huge jump from the previous ISOs released. What has changed? The GTK theme has been hacked to use colors that match our look better; default icon set is 'Tango'; stripped out stuff that folks won't even miss, which shaved 120MB off the 2nd CD; added laptop-tools, which includes some nice wireless drivers, NetworkManager, GNOME Power, and ndisgtk (GUI for configuring windows wireless drivers); convert back to using GNOME Systems Tools; package selection in the installer." More details can be found in the release announcement.
Wolvix 1.0.4 Games Edition
A new edition of the Wolvix live CD, featuring over 50 games, has been released: "Games Edition features over 50 games in different categories, four emulators and quite a few desktop applications. You won't find World of Warcraft or Half-Life 2 on the CD, but I've tried to include some of the finest free Linux games and I think there should be a game or two for most people, I've even added dopewars for your grandma. ;-) None of the games require 3D drivers, so you should be able to play most games on any graphics card." More in the release announcement and on the Games Edition page.
* * * * *
Development and unannounced releases
|Upcoming Releases and Announcements
Summary of expected upcoming releases
|Web Site News
New distribution additions|
- How-Tux. How-Tux is a Slackware-based, desktop-oriented Linux distribution with the installer translated into Italian and most applications localised for the benefit of Italian speakers. Compared to Slackware, How-Tux is enhanced by GWARE GNOME, OpenOffice.org, and several extra multimedia and graphics applications.
- 64 Studio. 64 Studio is a collection of software for digital content creation on x86_64 hardware (that's AMD's 64-bit CPUs and Intel's EM64T chips). It's based on the pure 64 port of Debian GNU/Linux, but with a specialised package selection and lots of other customisations. It will be marketed to hardware OEMs in the creative workstation and laptop markets as an alternative to the 64-bit version of Windows XP, or OS X on Apple hardware.
* * * * *
DistroWatch database summary
And with this we'll say good-bye until next Monday. We hope you've enjoyed this issue of DistroWatch Weekly!