Jornal Semanal Gentoo: 18 de Agosto de 2003

1. Notícias Gentoo

Gentoo migra para infraestrutura de DNS mais robusta
Mais fotos, e errata, da LWE

Gentoo migra para infraestrutura de DNS mais robusta

Recentemente, a Gentoo Technologies trocou seus servidores DNS domésticos pelo uso de serviço de DNS terceirizado, powered by UltraDNS. Esta nova relação de terceirização oferece ao Gentoo uma infraestrutura de DNS mais confiável e escalável, e nos permite passar mais tempo desenvolvendo o Gentoo Linux e menos tempo administrando os servidores da infraestrutura.

Além disso, a UltraDNS oferece várias novas possibilidades e capacidades antes inexistentes em nosso ambiente BIND de servidor de nomes. Estas possibilidades incluem SiteBacker e DirectionalDNS. O Gentoo atualmente está usando SiteBacker para garantir que usuários sempre consigam acessar www.gentoo.org, que atualmente engloba quatro servidores. Quando um servidor sai do ar, para manutenção por exemplo, o SiteBacker automaticamente redireciona os pedidos de clientes para um dos outros três servidores, minimizando as interrupções para nossos usuários.

O Gentoo atualmente está experimentando o DirectionalDNS como uma forma de oferecer respostas direcionadas a requisições DNS por rsync.gentoo.org. Baseado no sucesso deste teste, procuraremos expandir o uso de DirectionalDNS a outros domínios também.

Os servidores UltraDNS atualmente respondem a quase 5 milhões de requisições DNS por mês relacionados ao Gentoo, e se userviço e suporte têm sido excepcionais até o momento. Gostaríamos de aproveitar esta oportunidade para agradecer à UltraDNS por seu suporte ao projeto Gentoo Linux.

Mais fotos, e errata, da LWE

Figure 1.1: Kevyn Shortell na LWE 2003

O desenvolvedor do Gentoo Linux Kevyn Shortell colocou mais fotos da Linux World Expo 2003 aqui neste sítio, e também nos informou que a equipe PPC tinha um PowerMac G4, um iBook e um Total Impact Briq, e não um iBook e um PowerMac G3 como falamos no Jornal da semana passada. No momento em que este texto foi escrito, Kevyn ainda não tinha posto pré-visualizações ou miniaturas das fotos, e a página tem 11MB incluindo imagens, então navegue até lá por sua própria conta e risco. :-) Obrigado ao Kevyn por colocar no ar as fotos e apontar o engano.

2. Segurança Gentoo

Resumo

GLSA: gentoo-sources
GLSA: semi

GLSA: gentoo-sources

Citado a partir do aviso:

"A implementação de cache de rota no Linux 2.4 e o módulo IP conntrack do Netfilter permitem que atacantes remotos causem uma negação de serviço (consumo de CPU), por pacotes com endereço de origem adulterados que causam um grande número de colisões de tabelas hash"

"A chamada de sistema ioperm no kernel 2.4.20 e anteriores não restringe privilégios corretamente, o que permite que usuários locais ganhem acesso a leitura e escrita a certas portas E/S"

"Uma race condition na forma como os ponteiros env_start e env_end são inicializados na chamada de sistema execve e usados em fs/proc/base.c no Linux 2.4 permitem que usuários locais causem uma negação de serviço (travamento)."

Severidade: Crítica - múltiplas vulnerabilidades.
Pacotes Afetados: gentoo-sources-2.4.20-r6
Retificação: emerge sync; emerge gentoo-sources; emerge clean. Depois disso, compile, instale e reinicie seu computador para completar o upgrade.

GLSA: semi

"A (1) biblioteca semi MIME 1.14.5 e anteriores, e (2) wemi 1.14.0 e possivelmente outras versões, permitem que usuários locais sobrescrevam arquivos arbitrários através de um ataque de link simbólico a arquivos temporários."

Severidade: Média - criação insegura de arquivos temporários.
Pacotes Afetados: semi-1.14.5-r1
Retificação: Sincronize e emerge semi, emerge clean.

Novos Relatos de Falhas de Segurança

As seguintes novas falhas de segurança foram reportadas esta semana:

3. Histórias de Usuários

Histórias de Usuários não será publicade esta semana. Lembre-se de nos enviar a sua história bizarra, hilária, ou incrível do Gentoo para que possa ser publicada aqui!

4. Featured Developer of the Week

Nick Hadaway

Figure 4.1: Nick Hadaway

This week, we are featuring Nick Hadaway (raker), a very active and prolific developer. Nick started working on Gentoo in early 2001, initially taking responsibility for maintaining most of the packages in /net-mail, and a few other packages. He has now expanded that role into work with /media-*, /net-ftp, Windowmaker and LDAP packages. Apart from the usual dev duties of maintaining ebuilds, Nick contributes C and C++ code patches and testing. He perceives his primary role as dealing with bugs by "listening to what users want and mak[ing] their wish a reality", if he can.

Some years ago, Nick began working on his own Linux source-based distro (Give Me Some Linux). His idea will sound familiar: using shell-scripts and higher-level languages to automate package installation from source. Upon discovering Gentoo, Nick abandoned the increasingly complex task of maintaining his distro, because "Gentoo filled [his] every desire", and because of his delight in its distinction from Red Hat. He promptly made a point to begin contributing to the Gentoo project. Over the past two years, Nick has earned the respect of his peers as an effective and able contributer.

Nick works as a computer consultant in Chicago, and occasionally moonlights as a manager/jack-of-all-trades for his mother's restaurant near Milwaukee. He has an additional night job as a rock musician in Madison, WI. He currently is in the process of maintaining or establishing residences in all three cities. He studied Electrical Engineering and Music Performance at the University of Wisconsin - Madison and has taken Computer Science courses at the University of Wisconsin - Milwaukee.

When not patching bugs or dealing with pizza (insert obligatory Hiro Protagonist reference here), he is usually creating music. He plays trumpet, bass and drums - even contributing vocals. He enjoys hard-core and "real techno" and was active in the rave scene when it was a little more current. He enjoys clubs and parties and will often travel a fair distance to attend a significant one.

Nick uses an aging PII-450 at home, and a variety of boxen in other places. The first app he launches is the appropriately retro "xterm -bg black -fg green". He uses Windowmaker as his WM, and Pine or SquirrelMail for mail. He concluded our interview by reminding us that "Gentoo is ... FNORD!".

5. Heard in the Community

Web Formus

Gentoo Forums Now With Italian User Interface

Forum moderatrice Brandy announced on Thursday that Italian has been added as an interface language for the Gentoo Forums. Besides English and now Italian, available board languages include Dutch, French, German, Norwegian, Portuguese, Spanish and Swedish. Users who wish to see the menu texts in their native language can switch the default in their profile.

La nuova lingua del forum ?...

Yet Another Portage Debate

There were times when the Forums went weeks without someone asking why Portage isn't rewritten in C++, but this week was clearly not one of them. Check this thread for an assessment of this and other proposed variations to Gentoo's package management technology:

Portage - the future?

Xvnc Terminal Server Installation Guide, Diskless Gentoo Installation

On occasion, tutorials about things that are not yet covered by the general documentation are being donated by Forum users. This week lines explains the procedure for setting up a VNC server that automatically spawns sessions when someone is connecting to it, a clever way to prevent having to start a new VNC server for each user. Contributions like that can lead to more than just 15 minutes of fame: Another installation guide posted by Swiss.Mage back in June, this one talking about a diskless Gentoo installation, must have been so convincing that it ascended to be a chapter of the official Alternative Install Guide last week:

gentoo-user

6. Gentoo International

Canada: Adelie Linux - Gentoo Single System Image Project

A little sidelined by other news surrounding Gentoo's Linuxworld Expo (LWE) involvement two weeks ago, the Gentoo Cluster Project certainly deserves more attention. After all, the remote cluster system that showed graphics rendering with a parallel version of POVRAY at the booth in San Francisco was proof for an exceptionally well done collaboration between academics, corporate backers and Gentoo developers: The driving force behind it all is an initiative known as Adelie Linux, part of the University of Montreal's Center for Research on Computation and its Applications (CERCA), an institute specializing in parallel and distributed multi-processor systems. When CERCA's High Performance Computing Group needed an environment for their own Beowulf systems, they chose Gentoo Linux "because is a young, innovative, and very well designed distribution that give their users a great deal of flexibility, a clear upgrade path and a very high level of hardware optimization, which makes it especially attractive for all kind of high performance applications". A local IT-solutions firm, Cyberlogic, joined CERCA in conducting the Single System Image project that is now fully operational, running on the university's own and an external industrial Beowulf. According to Cyberlogic, the Adelie/SSI cluster management system allows for a centralization of all operations on the server, providing a single point of control for the whole distributed environment, offering a performance increase of up to 30%, easier administration and expansion, fast bootup and enhanced robustness. Cyberlogic's complete cluster solutions, based on Gentoo and Adelie, are available with processors ranging from Xeon and Pentium 4 to Athlon MP/XP, and - thanks to Olivier Cr?te's AMD 64 port of Gentoo - even Opteron CPUs.

Germany: Interview with Gentoo PPC Lead Developer Pieter van den Abeele

The German online Linux magazine PPCNUX (obviously focussing on Linux for the Macintosh platform) has conducted an interview with Pieter van den Abeele, lead developer for Gentoo PPC. Pieter describes his involvement in producing a Gentoo LiveCD aiming for bootability on every single Macintosh out there, and has a lot to say about how Gentoo differentiates from other Linuces for the PowerPC, about the MetaPkg project porting Portage to Mac OS X and other aspects of Gentoo Linux development for the most popular non-x86 platform. Difficult to overlook is also his call for help: developers who would like to offer time, expertise and possibly hardware to expand Gentoo PPC to hardware from Eyetech (AmigaOne), Genesi (PegasosPPC), IBM (RS/6000) and oldworld Macintoshs should contact him right away. No need to be afraid to click on the link to the magazine if you don't speak German, by the way: They decided to publish the interview in English.

7. Portage Watch

Os seguintes pacotes estáveis foram atualizados ou adicionados nas duas últimas semanas:

app-admin/aide: AIDE (Advanced Intrusion Detection Environment) é um substituto para for Tripwire

app-admin/ufed: Editor de flags USE do Gentoo Linux

app-benchmarks/stress: Impõem cargas para estressar partes específicas do sistema.

app-editors/jedit: Editor de programas escrito em Java

app-editors/kvim: Edito do KDE baseado no vim

app-editors/vi: pacote do VI original

app-editors/vile: VI Like Emacs -- ainda outro clone de vi cheio de capacidades

app-emacs/apel: A Portable Emacs Library é uma biblioteca para fazer programas Emacs Lisp portaveis.

app-emacs/emacs-w3m: emacs-w3m eh um programa de interface w3m no Emacs.

app-emacs/flim: Uma biblioteca para prover capacidades básicas sobre representação ou codificação de mensagens

app-emacs/limit: LIMIT - Library about Internet Message, para geração de IT

app-emacs/mew: grande leitor de e-mails MIME para Emacs/XEmacs

app-emacs/navi2ch: Navi2ch é um navegador para 2ch que funciona sob muitos Emacsen

app-emacs/semi: uma biblioteca para prover capacidade MIME para Emacs -- SEMI

app-games/asc: jogo de estratégia baseado em turnos desenvolvido na tradição da série Battle Isle

app-games/atanks: jogo no estilo Worms e Scorched

app-games/doomlegacy: Doom legacy, "O" port de doom

app-games/halflife-adminmod: dê para as pessoas acesso de administrador (e muuuito mais)

app-games/kmuddy: cliente MUD para KDE

app-games/transfusion-bin: remake do Blood

app-misc/gallery: Web based (PHP Script) photo album viewer/creator.

app-misc/kdirstat: KDirStat - nice KDE replacement to du command

app-misc/krename: KRename - a very powerful batch file renamer

app-misc/linux_logo: Displays an ansi or an ascii logo and some system information.

app-office/openoffice: OpenOffice.org, a full office productivity suite.

app-office/qhacc: Personal Finance for QT

app-shells/dsh: DSH - Distributed Shell

app-text/a2ps: Any to PostScript filter

app-text/acroread: Adobe's PDF reader

app-text/kbedic: English <-> Bulgarian Dictionary

app-text/ptex: The ASCII publishing TeX distribution

dev-db/mysql: A fast, multi-threaded, multi-user SQL database server

dev-dotnet/ml-pnet: Mono C# libraries for Portable .NET

dev-dotnet/pnet: Portable .NET runtime, compiler, tools

dev-dotnet/pnetc: Portable .NET C library

dev-dotnet/pnetlib: Portable .NET C# library

dev-java/ant: Java-based build tool similar to 'make' that uses XML configuration files.

dev-java/java-sdk-docs: Javadoc for Java SDK version 1.4.2 die "Please download ${At} from ${HOMEPAGE} and move it to ${DISTDIR}"

dev-java/sun-jdk: Sun's J2SE Development Kit, version 1.4.2 die "Please download ${A} from ${HOMEPAGE} (select the \"Linux self-extracting file\" package format of the SDK) and move it to ${DISTDIR}"

dev-libs/dietlibc: A minimal libc

dev-libs/dvmysql: dvmysql provides a C++ interface to mysql

dev-libs/libdshconfig: Library for parsing dsh.style configuration files

dev-libs/memcached-api-php: PHP API for memcached

dev-libs/newt: redhat's newt windowing toolkit development files

dev-libs/progsreiserfs: library for accessing and manipulating reiserfs partitions

dev-libs/ucl: UCL: The UCL Compression Library

dev-util/calltree: A plugin for cachegrind that adds call-graph profiling, needed by kcachegrind

gnome-base/bonobo-activation: Gnome2 replacement for OAF

gnome-base/gnome: Meta package for the GNOME desktop, merge this package to install

gnome-base/gnome-session: the Gnome2 session manager

gnome-base/libgtop: library that proivdes top functionality to applications

gnome-extra/at-spi: Este é o Gnome Accessibility Toolkit

gnome-extra/gconf-editor: An editor to the GNOME 2 config system

gnome-extra/gnome-media: Multimedia related programs for the Gnome2 desktop

gnome-extra/libgail-gnome: GAIL libraries for Gnome2

kde-base/kdeadmin: KDE administration tools (user manager, etc.)

kde-base/kdegames: KDE games (solitaire :-)

kde-base/kdemultimedia: KDE multimedia apps: noatun, kscd, artsbuilder...

kde-base/kdenetwork: KDE network apps: kmail, kppp, knode...

kde-base/kdepim: KDE PIM (Personal Information Management) apps: korganizer...

media-fonts/acroread-asianfonts: Asian Font Packs for Acrobat Reader 5.0

media-fonts/urw-fonts: HOMEPAGE=""free good quality fonts gpl'd by URW++

media-gfx/w3mimgfb: Image viewer for w3m under frame buffer environment

media-libs/gst-plugins: Additional plugins for gstreamer - streaming media framework

media-libs/gstreamer: Streaming media framework

media-libs/libquicktime: A library based on quicktime4linux with extensions

media-libs/libvorbis: the Ogg Vorbis sound file format library

media-libs/netpbm: A set of utilities for converting to/from the netpbm (and related) formats

media-libs/stimg: Simple and tiny image loading library

media-libs/vflib: Japanese Vector Font library

media-libs/xine-lib: Core libraries for Xine movie player

media-plugins/xmms-realrandom: Real Random XMMS Plugin

media-sound/knob: Knob - The KDE Volume Control Applet

media-sound/sox: The swiss army knife of sound processing programs

media-tv/kwintv: a KDE application that allows you to watch television.

media-video/cinelerra: Cinelerra - Professional Video Editor

media-video/gxine: GTK+ Front-End for libxine

media-video/xine-ui: Skinned front end for Xine movie player.

net-dialup/mingetty: A compact getty program for virtual consoles only.

net-dialup/speedtouch: GPL Driver for the Alcatel Speedtouch USB under *nix

net-ftp/ftpd: The netkit FTP server with optional SSL support

net-im/kopete: The KDE Instant Messenger

net-irc/xchat: X-Chat is a graphical IRC client for UNIX operating systems.

net-libs/libvncserver: library for creating vnc servers

net-mail/cmd5checkpw: A checkpassword compatible authentication program that used CRAM-MD5 authentication mode.

net-mail/evolution: A GNOME groupware application, a Microsoft Outlook workalike

net-mail/mozilla-thunderbird: Thunderbird Mail Client

net-mail/queue-fix: Qmail Queue Repair Application with support for big-todo

net-misc/gemsvnc: an X11 vnc server for remote control

net-misc/iputils: Network monitoring tools including ping and ping6

net-misc/ntp: Network Time Protocol suite/programs

net-misc/smb4k: Smb4K is a SMB share browser for KDE 3.1.x.

net-misc/tsclient: GTK2 frontend for rdesktop

net-misc/whois: improved Whois Client

net-p2p/gift: A OpenFT, Gnutella and FastTrack p2p network client

net-p2p/giftcurs: A ncurses frontend to the giFT (OpenFT) daemon

net-p2p/giftoxic: A GTK+2 giFT frontend

net-p2p/giftui: A GTK+2 giFT frontend

net-wireless/kismet: Kismet is a 802.11b wireless network sniffer.

net-www/mozilla: The Mozilla Web Browser

net-www/w3m-m17n: Multilingual text based WWW browser

sec-policy/selinux-bind: SELinux policy for BIND

sec-policy/selinux-ntp: SELinux policy for the network time protocol daemon

sec-policy/selinux-portmap: SELinux policy for portmap

sec-policy/selinux-privoxy: SELinux policy for privoxy

sys-apps/busybox: Utilities for rescue and embedded systems

sys-apps/coreutils: Standard GNU file utilities (chmod, cp, dd, dir, ls...), text utilities (sort, tr, head, wc..), and shell utilities (whoami, who,...)

sys-apps/di: Disk Information Utility

sys-apps/fakeroot: Run commands in an environment faking root privileges

sys-apps/file: Program to identify a file's format by scanning binary data for patterns

sys-apps/hwdata-knoppix: data hwsetup program

sys-apps/hwsetup: Hardware setup program

sys-apps/kudzu: Red Hat Hardware detection tools

sys-apps/mdadm: An extremely useful tool for running RAID systems - it can be used as a replacement for the raidtools, or as a supplement.

sys-apps/netkit-base: Old-style inetd

sys-apps/parted: Create, destroy, resize, check, copy partitions and file systems

sys-apps/qtparted: QtParted is a nice Qt partition tool for Linux

sys-apps/raidtools: Linux RAID 0/1/4/5 utilities

sys-apps/star: An enhanced (world's fastest) tar, as well as enhanced mt/rmt

sys-apps/xinetd: Xinetd is a powerful replacement for inetd, with advanced features

sys-devel/distcc: a program to distribute compilation of C code across several machines on a network

sys-kernel/ac-sources: Full sources for Alan Cox's Linux kernel

sys-kernel/hppa-sources: Full sources for the Linux kernel with patch for hppa

sys-kernel/hppa-sources-dev: Full sources for the Linux kernel with patch for hppa

sys-kernel/ksymoops: Utility to decode a kernel oops, or other kernel call traces.

sys-kernel/mm-sources: Full sources for the development linux kernel with Andrew Morton's patchset

sys-libs/glibc: GNU libc6 (also called glibc2) C library

sys-libs/pam: Pluggable Authentication Modules

sys-libs/pwdb: Password database

x11-base/xfree: Xfree86: famous and free X server

x11-base/xfree-drm: Xfree86 Kernel DRM modules

x11-themes/knifty: A native KWin window decoration for KDE 3.x.

Total categories: 96 (1 category added in the last week)

Total packages: 6295 (311 packages added in the last week)

8. Bugzilla

Summary

Statistics
Closed Bug Ranking
New Bug Rankings

Statistics

The Gentoo community uses Bugzilla (bugs.gentoo.org) to record and track bugs, notifications, suggestions and other interactions with the development team. Between 08 August 2003 and 14 August 2003, activity on the site has resulted in:

414 new bugs during this period
286 bugs closed or resolved during this period
8 previously closed bugs were reopened this period

Of the 3605 currently open bugs: 94 are labeled 'blocker', 156 are labeled 'critical', and 287 are labeled 'major'.

Closed Bug Rankings

The developers and teams who have closed the most bugs during this period are:

Gentoo KDE team, with 21 closed bugs
Sven Vermeulen, with 19 closed bugs
Gentoo Linux Gnome Desktop Team, with 19 closed bugs
Gentoo Games, with 17 closed bugs
Robin Johnson, with 15 closed bugs

New Bug Rankings

The developers and teams who have been assigned the most new bugs during this period are:

Martin Schlemmer, with 16 new bugs
Portage team, with 12 new bugs
Bob Johnson, with 10 new bugs
Daniel Robbins, with 10 new bugs
X86 Kernel Team, with 9 new bugs
Gentoo Linux Gnome Desktop Team, with 9 new bugs

9. Tips and Tricks

Creating ScreenShots with import

This week's tip shows you how to take screenshots of your desktop or individual windows using the import command. import is provided by ImageMagick so you'll need to install it from portage.

Code Listing 9.1: Getting ImageMagick

# emerge media-gfx/imagemagick

Now that ImageMagick is installed, you can use it to take screenshots of either your entire desktop, parts of it, or just individual windows. First, let's look at taking a screenshot of your entire desktop and saving it as the file desktop.png.

Note: To use other image formats such as jpg, simply specify that file extension and import will create it in that format (i.e. desktop.jpg).

Code Listing 9.2: Desktop Screenshot

% import -window root desktop.png

Next we'll look at taking a screenshot of just one window. To do this, use the import command and click on the window you want to capture.

Code Listing 9.3: Window Screenshot

(First, specify the file to save)
% import gvim.png
(Now click on your gvim window to take the screenshot)

This should get you started but there are many other things you can do with import and ImageMagick. To see a list of the many options that can be passed to import, see the man page (man 1 import).

10. Citação/Assinatura da Semana

A Citação/Assinatura da Semana não será publicada nessa edição. Se você ver uma assinatura interessante ou uma citação nos forums web, listas de e-mail, IRC, ou em uma conversa com um amigo Gentooista, nos avise no gwn-feedback@gentoo.org.

11. Moves, Adds and Changes

Moves

The following developers recently left the Gentoo team: