Gentoo Logo

Jornal Semanal Gentoo: 26 de Maio de 2003

Content:

1.  Noticias Gentoo

Resumo

Falhas de hardware no espelho Oregon State

Na sexta feira, o servidor que hospeda o gentoo.oregonstate.edu sofreu duas falhas nos discos rigidos de seu RAID 5 array, uma das quais infelizmente era o de reserva. Isto causou uma série de problemas, incluindo um grande número de arquivos corrompidos e más informações. Nós estamos atualmente trabalhando com o pessoal da OSU para resolver os problemas, tanto em curto prazo como a longo prazo. Isto significa que os usuários estão convidados a usar um espelho alternativo até que o problema seja corrigido.

Gentoo Linux esta procurando por desenvolvedores para a equipe GNOME

A equipde do Gentoo GNOME Desktop esta procurando por desenvolvedores para ajudar a resolver falhas e manter todos os ebuilds relacionados com o GNOME Desktop atualizado no limite do desenvolvimento. Nós estamos procurando por desenvolvedores dedicados, de preferência com experiência em desenvolver para GNOME/GTK, alguma experiência em criar ebuilds e capacidade comprovada de resolver problemas. Um "a mais" é a experiência na área de acessibilidade, possivelmente em combinação com o GNOME. Principalmente, estamos procurando alguém que esteja de acordo com a filosofia de desenvolvimento do GNOME. Se você imagina que esta nestas condições e pode nos ajudar, por favor, envie um curriculo resumido para Marinus Schraal, explique porque você que fazer parte da equipe, inclua referências de trabalho que já tenha feito com software livre e nos envie o seu email bugzilla, se possível.

2.  Segurança Gentoo

Resumo

GLSA: lv

The lv file viewer reads a configuration file from the current directory. This could permit a malicious user to insert commands that would be executed by lv on viewing a particular file.

  • Gravidade: Alta - Potential local root exploit.
  • Pacotes afetados: app-text/lv prior to lv-4.49.5
  • Correção: Synchronize and emerge lv, emerge clean.
  • GLSA Announcement

GLSA: cdrtools

cdrecord contains a format string vulnerability that could permit the execution of arbitrary code.

  • Gravidade: Alta - Arbitrary code execution.
  • Pacotes afetados:
    1. app-cdr/cdrtools prior to cdrtools-1.11.33-r1 (xcdroast users)
    2. app-cdr/cdrtools prior to cdrtools-1.11.39-r1 (sparc)
    3. app-cdr/cdrtools prior to cdrtools-2.01_alpha14 (others)
  • Correção: Synchronize and emerge \=app-cdr/(your_version), emerge clean.
  • GLSA Announcement
  • Advisory

GLSA: xinetd

The xinet daemon contains a memory leak associated with rejecting connections.

  • Gravidade: Moderada - Memory leak.
  • Pacotes afetados: sys-apps/xinetd prior to xinetd-2.3.11
  • Correção: Synchronize and emerge xinetd, emerge clean.
  • GLSA Announcement
  • Advisory

GLSA: ut2003-demo

The Unreal Tournament game demo has a bug in how it handles spoofed negative index values. This could permit a denial of service attack on the client.

  • Gravidade: Moderada - DoS.
  • Pacotes afetados: app-games/ut2003-demo prior to ut2003-demo-2206-r1
  • Correção: Synchronize and emerge ut2003-demo, emerge clean.
  • GLSA Announcement
  • Advisory

Anúncio de novos bugs de segurança

Os seguintes novos bugs de segurança foram postados esta semana:

  • imap clients
  • kernel
  • app-games/maelstrom
  • net-analyzer/nessus

3.  Histórias de usuários

Mathy e lanzone.be


Figure 3.1: Mathy Vanvoorden (equerda)

Fig. 1: Um Mathy cansado (esquerda) tentando resolver um problema com o Squid

Mathy Vanvoorden da Bélgica, organiza LAN parties junto com o seu irmão e algumas outras pessoas. Ele é o webmaster do lanzone.be (onde le também faz algum código HTML e PHP) e politics.be. Algumas semanas atrás a equipe LANzone decidiu mudar todos os seus servidores de jogos para Gentoo Linux (exeto Delta Force Land Warrior, que só pode ser executado em Windows) e agora vamos aprender alguns truques envolvidos:

Avoiding backaches

All of Mathy's gameservers are thin clients which boot from a Dual Pentium III. This setup has many benefits over regular servers. Firstly they don't need any hard drives, which saves money and leads to lighter servers which is really nice for the backs of the people carrying them. :-) But the greatest advantage is the easiness of hooking up a new game server: just plug in two network cards, set the MAC adress in dhcpd so the machine gets a static IP adress, copy a base directory and have fun!

Details on the thin clients

The setup used by Mathy and his friends is slightly based on the Linux Terminal Server Project but evolved beyond that. Although they are using the project's kernel patch, the initrd script has already been modified and lots of changes were made to the Gentoo Linux init scripts (e.g. removing dependencies so that init wouldn't try to fsck mounted NFS systems).

Using these thin clients is very easy: they are connected to the main server using a 100 MBit switch and boot from a floppy (although the LANzone guys are thinking about buying network cards with boot roms so they can get rid of the disk drives which would be even better for their backs ;-). After booting they just present a regular login. Based on which user one enters a gameserver will be started. This is accomplished by replacing the login shells with a script that starts up the server. So for example login in using the UID 'ut2k3instadm' will bring up an UT 2003 Instagib deathmatch server.

Final words

Many other small adaptations had to been done for specific gameservers, but this would go to far to be covered here. As a last note, LANzone also uses Gentoo Linux for the 0.5 Terabyte FTP server (running ProFTPD) and the router (using iptables and Squid to limit incoming traffic to 5 kB/s per user), although Mathy's thinking about switching the router to a BSD because he heard that they handle traffic shaping better than Linux and he's curious about trying it out.

4.  Ouvimos na comunidade

Web Forums

Gnome 2.3.2

Forum veteran Lovechild started a thread announcing the ebuild he concocted mere minutes after the new Gnome version was published, and ever since then the band of Gnome fanatics in the forums has been merrily patching and tweaking it to almost stable use. Get carried away by the enthusiasm in this thread:

When Portage Chokes

You'd expect critical alerts on bugs.gentoo.org or the mailing lists first, but whenever something affects a large number of people, many of them look to the Forums as the main emergency alert mechanism. Last week, Oregon State University's rsync server had temporary trouble that immediately got spotted by a lot of users. Check the sticky thread for an instant workaround in cases like this:

5.  Gentoo Internacional

Gentoo Poland Established

Their URL points to more than just Poland as a base, but it's essentially for their compatriots here and there and everywhere that the Polish Gentooists busied themselves with setting up a complete Gentoo Poland framework. Started by a handful of activists a few weeks ago, the #gentoo-pl IRC channel on irc.freenode.net is now quite popular, and the very well organized website has made great progress in providing translations of the Gentoo documentation, a forum of their own, and many other features. And to round it all up, the group around Jaroslaw Swierad is currently bringing together enough translators to work on a Polish version of the Jornal Semanal Gentoo, too.

German Gentoo Usermeeting Planning

A small group of Gentoo Linux users, led by Gentoo developer Sascha Schwabbauer and Gentoo Linux user Tilman Klar, have started an effort to put together a German Gentoo Usermeeting. As part of the effort, Sascha has put up a web page that asks German Gentoo Linux users where they live. The responses to this survey will determine where the meeting will be physically held. Anyone interested in attending is invited to input their location using the above form.

Additional details about the German Gentoo Linux Usermeeting will be made available in future editions of the GWN.

6.  Portage Watch

The following stable packages were updated or added to portage this week

Total categories: 82

Total packages: 4428 (32 new packages added this week).

7.  Bugzilla

Resumo

Statistics

The Gentoo community uses Bugzilla (bugs.gentoo.org) to record and track bugs, notifications, suggestions and other interactions with the development team. In the last 7 days, activity on the site has resulted in:

  • 343 novos bugs this week
  • 346 bugs closed or resolved this week
  • 7 previously bugs fechados were reopened this week.
  • 2669 total bugs currently marked 'new'
  • 339 total bugs currently assigned to developers

There are currently 3056 bugs open in Bugzilla. Of these: 44 are labeled 'blocker', 111 are labeled 'critical', and 242 are labeled 'major'.

Closed Bug Rankings

The developers and teams who have closed the most bugs this week are:

New Bug Rankings

The developers and teams who have been assigned the most novos bugs this week are:

8.  Tips and Tricks

Blocking Spam with bogofilter

While we've already had one tip on blocking spam with SpamAssassin, this week we look at another way to block spam using bogofilter (available in portage), crontab and Evolution. This example uses MH style mailboxes but could be extended to other types as well.

This week's tip was submitted by John Mylchreest.

You will need bogofilter and a mail client that reads MH style mailboxes such as mutt or Evolution.

Code Listing 8.1: Installing bogofilter

# emerge bogofilter

Create a folder called SPAM and mark it as MH format. Additionally, mark Inbox as MH format.

Add a filter for incoming mail that pipes to a shell command. The shell command should be /usr/bin/bogofilter. Set the return condition to 0 and set the action as "Move to Folder SPAM". Add another action to this filter called "Stop Processing".

Create another filter than runs after the first one. This filter should have two criteria. The first is that Size should be greater than 0. The second is another external pipe; this time to /usr/bin/bogofilter -Sn (notice the -Sn). The -Sn option tells bogofilter to register the text as non-spam and to undo any prior registrations of the message as spam.

The last step is to set up a crontab to evaluate spam messages. Add the following to your crontab with crontab -e.

Code Listing 8.2: crontab

(Go through the SPAM folder and learn what spam looks like)
0 0 * * * cd ~/evolution/local/SPAM/mbox/ ; for i in *; do if [ ! "$i" = "*" ] ; then /usr/bin/bogofilter -Ns < $i ; rm $i ; fi ; done
(Go through the Inbox folder and learn what spam is not.)
5 0 * * * cd ~/evolution/local/Inbox/mbox/; for i in *; do if [ ! "$i" = "*" ] ; then /usr/bin/bogofilter -Sn < $i ; fi ; done

9.  Quote/Signature of the week

Old but still good: "There are 10 types of people in the world; those who understand binary, and those who don't". (Signature of forums user ssjf)

10.  Moves, Adds and Changes

Moves

The following developers recently left the Gentoo team:

  • none this week

Adds

The following developers recently joined the Gentoo Linux team:

  • none this week

Changes

The following developers recently changed roles within the Gentoo Linux project.

  • none this week

11.  Contribute to GWN

Interested in contributing to the Jornal Semanal Gentoo? Send us an email.

12.  GWN Feedback

Please send us your feedback and help make GWN better.

13.  GWN Subscription Information

To subscribe to the Jornal Semanal Gentoo, send a blank email to gentoo-gwn-subscribe@gentoo.org.

To unsubscribe to the Jornal Semanal Gentoo, send a blank email to gentoo-gwn-unsubscribe@gentoo.org from the email address you are subscribed under.

14.  Other Languages

The Jornal Semanal Gentoo is also available in the following languages:



Print

Page updated 26 Maio 2003

Summary: Este é o Jornal Semanal Gentoo da semana de 26 de Maio de 2003.

Kurt Lieber
Editor

AJ Armstrong
Colaborador

Brice Burgess
Colaborador

Michael Kohl
Colaborador

Yuji Carlos Kosugi
Colaborador

Rafael Cordones Marcos
Colaborador

David Narayan
Colaborador

Ulrich Plate
Colaborador

Peter Sharp
Colaborador

Kim Tingkaer
Colaborador

Mathy Vanvoorden
Tradução Holandês

Hendrik Eeckhaut
Tradução Holandês

Jorn Eilander
Tradução Holandês

Bernard Bernieke
Tradução Holandês

Peter Ter Borg
Tradução Holandês

Jochen Maes
Tradução Holandês

Roderick Goessen
Tradução Holandês

Gerard van den Berg
Tradução Holandês

Matthieu Montaudouin
Tradução Francês

Martin Prieto
Tradução Francês

Antoine Raillon
Tradução Francês

Sebastien Cevey
Tradução Francês

Jean-Christophe Choisy
Tradução Francês

Steffen Lassahn
Tradução Alemão

Matthias F. Brandstetter
Tradução Alemão

Thomas Raschbacher
Tradução Alemão

Klaus-J. Wolf
Tradução Alemão

Marco Mascherpa
Tradução Italiano

Claudio Merloni
Tradução Italiano

Christian Apolloni
Tradução Italiano

Daniel Ketel
Tradução Japones

Yoshiaki Hagihara
Tradução Japones

Andy Hunne
Tradução Japones

Yuji Carlos Kosugi
Tradução Japones

Yasunori Fukudome
Tradução Japones

Takashi Ota
Tradução Japones

Ventura Barbeiro
Tradução Português do Brasil

Bruno Ferreira
Tradução Português de Portugal

Gustavo Felisberto
Tradução Português de Portugal

Ricardo Jorge Louro
Tradução Português de Portugal

Ricardo Nogueira
Tradução Português do Brasil

Sergey Kuleshov
Tradução Russo

Dmitry Suzdalev
Tradução Russon

Lanark
Tradução Espanhol

Rafael Cordones Marcos
Tradução Espanhol

Julio Castillo
Tradução Espanhol

Sergio Gómez
Tradução Espanhol

Pablo Pita Leira
Tradução Espanhol

Carlos Castillo
Tradução Espanhol

Tirant
Tradução Espanhol

Jaime Freire
Tradução Espanhol

Lucas Sallovitz
Tradução Espanhol

Aycan Irican
Tradução Turco

Bugra Cakir
Tradução Turco

Cagil Seker
Tradução Turco

Emre Kazdagli
Tradução Turco

Evrim Ulu
Tradução Turco

Gursel Kaynak
Tradução Turco

Donate to support our development efforts.

Copyright 2001-2014 Gentoo Foundation, Inc. Questions, Comments? Contact us.