Figure 4.1: Luca Barbato, aka lu_zero
Portage security features detailed
As reported previously, Portage will be getting some new security features as one of the last improvements to the 2.0 branch. Recently, a message was posted to the gentoo-security mailing list that offers some more details about the upcoming features. Overall, the system relies heavily on the web-of-trust model put forth by GnuPG. Users wishing to become more familiar with the security concepts behind the new Portage model should start by reading the GNU Privacy Handbook
Open positions with the Gentoo Linux project
The Gentoo Linux project is looking to recruit developers who would like to maintain one or more of the following packages:
Please email recruiters@gentoo.org if you are interested in any of these positions.
Gentoo Linux is seeking additional source mirrors and colocation space
As many people have noticed recently, our system of source mirrors have been showing increasing signs of strain. This translates into slower download times, more "connection refused" messages and an overall increase in the length of time it takes to emerge packages. This problem has been especially apparent in North America, where we have fewer source mirrors. As such, Gentoo Linux is actively seeking sponsors willing to set up and maintain source mirrors. Our source mirrors policy explains most of the details associated with setting up a new source mirror. Any additional questions related to setting up public source mirrors can be directed to Kurt Lieber.
Additionally, Gentoo Linux is also in need of servers and colocation space for its infrastructure servers. If you know of a company who might be willing to donate the use of a server, along with bandwidth and colocation space, please contact Kurt Lieber. Most sponsors are eligible to receive recognition on our Sponsors page. Additionally, certain key sponsors may receive additional marketing efforts, such as feature articles in the Gentoo Weekly Newsletter, to acknowledge their generous contributions to Gentoo Linux.
Gentoo Linux now available on the HPPA Platform
Gentoo Linux is now available on the HPPA platform. Though still in the early stages of development, the port is operational at this point and is best suited to console or server usage for now. X, fluxbox and framebuffer are all working and LiveCD and stages can be found in the /experimental/hppa/ directory on any of our mirrors.
You can find a list of supported hardware on the ESIEE PA-Team website and on the parisc-linux web site. At this point, nearly all machines are supported. Installation instructions are also available. Users experiencing problems can seek assistance in #gentoo-hppa on freenode and bug reports can be filed on bugs.gentoo.org. The Gentoo Linux HPPA port needs your testing help to work out any remaining bugs. The Gentoo Linux/HPPA team is also looking for developers interested in helping with the port to HPPA. Interested parties should contact Guy Martin.
A new version of kdegraphics has been released to fix outstanding security bugs related to a vulnerability in Ghostscript that permits execution of arbitrary commands (see last weeks GWN).
The following new security bugs were posted this week:
Developer's Corner is a new, semi-regular section that will appear in future editions of the GWN. Written by Seemant Kulleen, the development manager and project coordinator for Gentoo Linux, this section will feature development news about Gentoo Linux along with whatever else might be on Seemant's mind at the moment.
Hello to my Gentoo friends. As you may have noticed, the xfree-4.3.0-r2 ebuild has gone stable on most architectures. There are some things to bear in mind when you install this. First of all, you will have to unmerge xft. The reason behind this is that Xft is actually a module for X, and as such, the version included in the xfree build is newer and better. Second, games based on SDL (for example, Frozen Bubble and Unreal Tournament 2003: both the demo and the release version), may misbehave due to the new xfree. There is a new extension to X, called XRandR (go read the documentation :P), which causes these games to choose the lowest refresh rates for any given resolution. The fix for this is simple: emerge libsdl-1.2.5-r2, which contains a patch, or hack, to make it behave well with the new X. For games that include their own libSDL shared library, simply replace the libSDL-1.2.so.0 file with the one from libsdl-1.2.5-r2. See you next week! Oh, on a more personal note: Happy Birthday to my sister Sindhuja, and Happy 31st Anniversary to my parents.
4. Featured Developer of the Week
Luca Barbato
Figure 4.1: Luca Barbato, aka lu_zero |
|
Featured this week is Luca Barbato, one of the Gentoo/PPC co-leads, who also maintains a custom version of Knoppix's cloop (a compressed loopback filesystem), maintains the closed-source ATI drivers ebuild, and is an ATI Radeon tester for the XFree ebuilds. Luca had already fixed or submitted several ebuilds for programs he needed when he told Michael J. Cohen that cloop could be made better by using a different compression algorithm. Asked to implement something to test that, he came up with 2 new versions, both faster than zlib cloop and one with a comparable compression ratio. Shortly thereafter, he was proposed as a developer. Luca's other contributions to OSS include his work on the BeOS port of FPSE (a PlayStation emulator; see http://linux.fpse.org/for more information) and a peer-to-peer netgame patch for frozenbubble which he has begun working on with friends as a distributed computing course project.
Luca, who likes gimp and sodipodi and installs mozilla on every machine he gets his hands on mainly uses an Athlon 850 with 768MB RAM, and a Radeon 9700 Pro, as well as a 15" Powerbook G4. Both run GNOME2, as well as lyx, dia, abiword, and OpenOffice.org for non-coding stuff. He had to use eclipse for his Java course but still prefers vim for coding.
A 21-year-old in his 3rd year studying computer science at the Politecnico di Torino, Luca's numerous hobbies include Live-action RPG, jujitsu, biking, windsail, snowboarding, traveling, books, Fumetti/Manga (that is, Italian and Japanese comics), volleyball, photography, and music (mostly epic metal, definitely not cheap dance/pop music). He lives in Turin, famous for being the first Italian capital, one of the best Egyptian museums in the world, and creepy legends about its underground caves.
Fonts, fonts and more fonts
Fonts seem to be a never-ending source of trouble for Linux. Between anti-aliased, freetype fonts, truetype fonts and all sorts of other font issues, it's no surprise that there are often a number of active font-related threads in the forums:
XFree86 4.3.0 upgrade pains
The recent marking of XFree86 4.3.0 has resulted in a number of threads cropping up in the forums related to upgrade questions and difficulties. Users experiencing trouble upgrading to XFree86 4.3.0 should be sure to check out this week's inagural Developer's Corner
Gentoo and the Sharp Zaurus
After researching the world of PDAs, Mathew Alexander decided to pickup a Sharp Zaurus SL-5500. He hoped to enhance this badboy by connecting to it through his Gentoo box, and vise-versa. Carefully following the official generic linux instructions resulted in a frustrating dysfunctional connection, another "wasted time" scenario well known to any geek. Fortunately the sound advice of the gentoo-user community brought Mathew's Gentoo box and Zaurus into harmony. David Golpira was particularly helpfull in providing his script to setup NAT & routing, and Seth Rotherberg offered his solution. Louis Candell recieves an honorable mention for becoming the Zaurus's 'uber-fan'.
There is no Gentoo International news this weekThe following stable packages were added to portage this week
The Gentoo community uses Bugzilla (bugs.gentoo.org) to record and track bugs, notifications, suggestions and other interactions with the development team. In the last 7 days, activity on the site has resulted in:
There are currently 3020 bugs open in Bugzilla. Of these: 62 are labeled 'blocker', 112 are labeled 'critical', and 237 are labeled 'major'.
The developers and teams who have closed the most bugs this week are:
The developers and teams who have been assigned the most new bugs this week are:
Preventing System Reboot with Ctrl-Alt-Del
The "Three-Finger-Salute" or, the key combination Ctrl+Alt+Del is typically mapped to the command /sbin/shutdown -r now. In other words, it reboots your system. Sometimes this may be unwanted behavior, so this week's tips shows you how to disable, or remap that key combination.
The file we need to edit is /etc/inittab. Find the line that says ca:12345:ctrlaltdel:/sbin/shutdown -r now and simply comment it out by putting a # in front of it. Or, if you prefer, you can change the /sbin/shutdown -r now part to another command.
Lastly, we need to tell the init process about these changes.
Code Listing 9.1: Reloading init |
# /sbin/init q
|
The following developers recently left the Gentoo team:
The following developers recently joined the Gentoo Linux team:
The following developers recently changed roles within the Gentoo Linux project.
Interested in contributing to the Gentoo Weekly Newsletter? Send us an email.
Please send us your feedback and help make GWN better.
The Gentoo Weekly Newsletter is also available in the following languages: