Gentoo Weekly Newsletter: June 2nd, 2003
North America gets two new source mirrors
As most Gentoo users in North America know, source mirrors for Gentoo Linux have often been overloaded as the distribution continues to gain in popularity. Fortunately, the load will be eased somewhat with the addition of two new source mirrors, provided by the University of California, Santa Barbara and pair Networks.
UCSB, located in sunny Santa Barbara, California, was recently ranked the 14th best public university in the United States. Renown for its scientific research, UCSB professors recently won three Nobel Prizes in chemistry and physics for their landmark research.
pair Networks provides world-class web hosting services to customers around the globe. With over 140,000 unique web sites and customers from 150 different countries, pair Networks has established a reputation in the industry for outstanding service at reasonable prices.
Gentoo Linux wishes to thank both pair Networks and the University of California, Santa Barbara, for their generous support of the project. Without their support, along with the support of our other sponsors, Gentoo Linux would not be the successful distribution that it is today. Users interested in taking advantage of these new mirrors can find more information on our mirrors page.
CFLAGS/cpuinfo collection project
One of the projects being worked on within the Gentoo Linux project is an application that will generate a recommended set of
CHOST/CFLAGS/CXXFLAGS for a given system. In order to make this application as useful and accurate as possible, we are in
need of much sample /proc/cpuinfo data. To facilitate this, a web page has been created with both submission forms and a quick submission tool. Users are encouraged to submit their information. The web page contains additional information about specific systems for which we particularly need more data.
Upcoming infrastructure changes
The infrastructure that supports Gentoo Linux will be undergoing a number of changes over the coming weeks. These include:
- Migrating our DNS to an outsourced provider.
- Load balancing and failover services for the multiple servers that run www.gentoo.org.
- Moving bugs.gentoo.org to a new, dedicated server.
- Moving cvs.gentoo.org to a new, dedicated server.
- Distributing and de-centralizing our mail infrastructure, placing list mail on one server and other mail on another server.
- Significant changes to the security infrastructure, including kernel patches, chrooted environments for many of our public services, iptables scripts and other areas.
- Many other smaller changes.
Considerable effort will be put into ensuring these changes are as smooth as possible, with little or no direct impact to the user community. However, as with all things technology-related, unforseen circumstances and Murphy's Law generally crop up at the most inopportune times. Your patience as we work through these changes will be greatly appreciated.
A crytographic weakness in Kerberos 4 allows an attacker to impersonate any principal in a realm through using a
chosen-plaintext attack. This vulnerability extends to the implementation of mit-krb5 (see the the GLSA in the
April 7th GWN) and the Heimdal implementation.
- Severity: Critical - Authentication compromise.
- Packages Affected: app-crypt/heimdal prior to heimdal-0.6
- Rectification: Synchronize and emerge heimdal, emerge clean.
- GLSA Announcement
The scripting engine in the Nessus security scanner has several vulnerabilities. Exploiting these vulnerabilities to execute
arbitrary code would require a malicious user to have a valid account as well as tricking a user into running a script.
- Severity: Moderate - Arbitrary code execution, mitigated by requirement for privileges by exploiter.
- Packages Affected: net-analyzer/nessus prior to nessus-2.0.6a
- Rectification: Synchronize and emerge nessus, emerge clean.
- GLSA Announcement
New Security Bug Reports
The following new security bugs were posted this week:
A little reminder
Sadly we received no submissions for a user story during the last week. :( So it seems like a good time to remind you to send your experiences with Gentoo Linux which might be interesting to fellow Gentooers to email@example.com like Kai, Kenneth and Mathy did!
Fortunately we already have a candidate (who will be quite interesting, promise!) for the next issue, we just ran out of time for this week...
Featured Developer of the Week
Jon Portnoy, aka avenj
Figure 4.1: Jon Portnoy, aka avenj
This week we feature Jon Portnoy, whose duties in the Gentoo development team include recruitment and management of developers (along with Development Manager Seemant Kulleen), coordination of releases, caretaking of the distfiles repository, and maintenance of some thirty or so ebuilds, including ICC, Intel's C++ Compiler. As developer recruiter and manager, Jon is the person project managers talk to when they want to get someone on the team, and oversees the training of new recruits (which is conducted by the original sponsor/mentor). He and Seemant also handle much of developer policy creation. As release coordinator, Jon oversees the entire release process, delegating tasks like stage building, QA, GRP building, and works to keep the release process flowing smoothly. All the while he makes sure the distfiles repository is in shape as much as possible, and has been working to integrate ICC into Gentoo Linux's current GCC-focused environment ever since he joined the development team. Jon had stopped in at freenode's #gentoo seeking help with a tricky initrd problem, ended up staying and helping people with their problems, and eventually got noticed by Seemant and joined the team as ICC implementor. He's proud of everything he's done for Gentoo, especially his management of developers and coordination of releases.
Jon uses Enlightenment 0.16.5 with the Maw theme, as well as X-Chat 2, Mutt, Mozilla, XMMS, screen, and slrn (he's very active on comp.os.linux.advocacy and alt.os.linux.gentoo) on his workstation - cerberus, a P3 866mhz with 384MB RAM. He also finds the game Icebreaker very addictive. He also uses three other boxen: tempest, a P3 development/testing box, eris, a K6-2 nameserver/proxy server, and lucifer, a celeron 1.8ghz dedicated to compilation. A student living out in the middle of nowhere in New Hampshire, Jon enjoys spending time outdoors away from his monitors, whether it be walking, biking, or kayaking. He also spends lots of time reading and studying history, especially Russian history. An aficionado of a variety of kinds of music, from Bob Dylan to Lucinda Williams to Juno Reactor to KMFDM, Jon is a particularly big fan of industrial music.
Heard In The Community
Spam, Spam, Spam, Baked Beans and Spam
Did you know that Episode 25 of Monty Python's Flying Circus is the reason we call it that? SPiced hAM has become a synonym for unsolicited, obnoxious commercial email clutter that enrages the Internet community. Gentoo users are no different, albeit a little more versatile in anti-spam combat, and the forums are witness to some of the more inventive ideas how to deal with the no. 1 nuisance on the Internet these days:
Break My Gentoo
Promoted as "a haven for all those cvs ebuilds left homeless by the Great Portage CVS Purge of '03", links to a website maintained by Forums gurus karl11 and Lin_Matt are occasionally rippling the waves whenever something new is not immediately reflected by the official Gentoo development activities. Breakmygentoo.net does have a bugzilla of their own, but everybody seems to prefer swapping experiences at the Gentoo forums...
OSnews Poll: And the Winner Is...
Whatever the significance of this may be: Gentoo beat all the other major distributions in this year's Linux popularity poll at OSnews.com, up from 11 percent last year to exactly twice that share of the cake this time around. Interestingly enough, the thread that solicited Gentooists to go and vote (which at the current traffic experienced inside the Gentoo forums may well have contributed to the clear lead in the poll) even triggered one of the rare but welcome visits of Eugenia Loli-Queru, head mistress of everybody's favourite website, and Gentoo forum user with one of the earliest membership numbers around...
Performance of nVidia cards
In an uncommonly active thread, Spider called for the -user community to submit glxgear benchmark results of their Nvidia graphics cards. The submissions provide a good way to compare your hardware to others, allowing you to gauge any configuration errors that may be sucking precious FPS(frames per second). I'm sure we all appreciate Ernie Schroder whoopin' it up in the 3D world.
** fixpackages **
As portage travels down the road of becoming the best package manager for Linux -- ever --, new features are thrown into the mix. After Tom Veldhouse updated portage, he was soon confronted with an unfamilar prompt to 'fixpackages'. Other community members may have experienced similar confusion. Brett Holcomb notes that, "It's a new feature that fixes things when packages move from one category to another" and is located in /usr/lib/portage/bin/fixpackages. The gentoo-forums also developed a thread discussing the new feature.
Seemant Kulleen posted a message announcing the r3 (masked) release of v4.3.0.
The plan for this 3rd release of xfree is to move all font building into seperate packages. However, though it has been released it still needs some work.
Menu system for all gentoo wm's
Also an exciting idea was brought up to implement a windowmanager-independent menu layout system. A system which maintains entries for installated / removed programs in a non wm specific way. Much like the .desktop system from freedesktop.org.
Assigning unique system uid/gid for new ebuild
Considerable discussion took place regarding how to decide what uid/gid the new package should run as. The plan apparantly is to make the installation process more flexible to include dynamically modifying a list of uids/gids. However for now everything is fixed around /etc/passwd, which is part of baselayout.
Fresh off the presses: Makoto Yamakura has announced an up-to-date Japanese version of the Gentoo Installation Guide (x86), available via the main Gentoo website. While the Japanese, Dutch, French and German translators have thus pretty much synchronized their documents with the current state of things, documentation in Spanish, Italian and Swedish is lagging behind by a few steps. If you want to contribute to the translation efforts for the Gentoo documentation, either by brushing up existing language versions or adding new ones, please contact John P. Davis.
The following notable packages were updated or added to portage this week
The following stable packages were updated or added to portage this week
Total categories: 82
Total packages: 4478 (82 packages added since last week)
Due to technical difficulties with the bugs.gentoo.org server on Friday, bug statistics will be unavailable this week. Next week's GWN will include a two-week summary.
Tips and Tricks
Export an X Session
This week's tip shows you how to run GUI programs remotely by exporting an X
session and tunneling it over SSH. Note that this is heavily dependant on the
speed of your network connection. If you're trying to run Mozilla off of a
box on the other side of the country on a 56K modem it is probably not going
to work very well. The best application for this is running programs over the
same LAN or possibly a high-speed WAN. An easy example application is running
gvim remotely so you can have a GUI editor.
For this example we assume the local machine has an IP of 192.168.1.2 and
the remote machine has an IP of 192.168.1.3. On the local machine you're
going to need to give the remote machine access to connect to your X server.
Use the command xhost to do this.
Code Listing 9.1: Local machine
# xhost +192.168.1.3
On the remote machine, you need to export the $DISPLAY variable to
your local machine. After that, you should be ready to run GUI programs
Code Listing 9.2: Remote machine
# export DISPLAY="192.168.1.2:0.0"
# gvim /etc/passwd
Note: This is very unsecure and not recommended since everything you type including
passwords will be transmitted over the network unencrypted.
To tunnel the connection over SSH and thus encrypt the traffic edit your
Code Listing 9.3: /etc/sshd2_config
Now connect from the local machine to the remote machine via ssh and start your
Code Listing 9.4: Remote machine
# gvim /etc/passwd
Notice that you don't have to set the DISPLAY variable, ssh automagically
does that for you. You do however have to allow access to your local machine's
X server (see above).
Moves, Adds and Changes
The following developers recently left the Gentoo team:
The following developers recently joined the Gentoo Linux team:
- Rob Holland (robh) -- media-sound
- Ned Ludd (solar) -- Hardened Gentoo, grsecurity
The following developers recently changed roles within the Gentoo Linux project.
Contribute to GWN
Interested in contributing to the Gentoo Weekly Newsletter? Send us an email.
Please send us your feedback and help make GWN better.
GWN Subscription Information
To subscribe to the Gentoo Weekly Newsletter, send a blank email to firstname.lastname@example.org.
To unsubscribe to the Gentoo Weekly Newsletter, send a blank email to email@example.com from the email address you are subscribed under.
The Gentoo Weekly Newsletter is also available in the following languages: