Gentoo Weekly Newsletter: January 12, 2004
2003 Gentoo Bug Hunt Winners
The 2003 Gentoo Bug Hunt has come to a close. Here are the winners, who
are developers who have closed the most bugs in the last quarter of 2003
Mike Frysinger, with 672 bugs closed
- Martin Holzer, with 565 bugs closed
- Heinrich Wendel, with 480 bugs closed
Caleb Tennis, with 277 bugs closed
Michael Sterett, with 192 bugs closed
- Markus Nigbur, with 180 bugs closed
- Marinus Schraal, with 179 bugs closed
In addition, the following developers receive an honorable mention for
their great bug stomping efforts:
Seemant Kulleen, with 161 bugs closed
Marius Mauch, with 160 bugs closed
Brad House, with 160 bugs closed
Sven Vermeulen, with 158 bugs closed
- Nicholas Jones, 156 bugs closed
Robin Johnson, with 153 bugs closed
- Tim Yamin, with 145 bugs closed
- Alastair Tse, with 138 bugs closed
- Mike Gardiner, with 111 bugs closed
Martin Schlemmer, with 108 bugs closed
Paul de Vrieze, with 93 bugs closed
Donnie Berkholz, with 84 bugs closed
And last but not least, non-developer bug janitor Andrew Cooks had an
impressive showing easily worth an honorable mention: he closed 100 bugs.
If you are one of the winners or have received an honorable mention,
please contact Daniel Robbins
and make sure that he has your mailing address. If
you're a winner, then we need to determine what hardware you should
receive. Daniel has decided not to purchase the prize hardware components in
advance so that winners can suggest or request components they may need.
Thank you everyone (not just those mentioned here) for your efforts to
make Gentoo better for everyone! :)
Featured Developer of the Week
Figure 2.1: Olivier Crête
This week, we are featuring Olivier
Crête (tester), a Montréal resident who is currently spending a
year in Europe. Olivier is on the AMD64 project, maintains a few
packages that would otherwise have been abandoned, and is working on
some of the Adelie Linux
clustering enhancements to Gentoo. He is also co-maintainer of GnomeICU, a
Gnome-based ICQ client.
Olivier has been using Linux since 1997, progressing from RedHat 4.2
through 7.3 before the brand-new laptop he acquired in early-2002
caused him to look around for a distro that could be optimized for his
new hardware. He has been on Gentoo ever since, largely because he
"found the Gentoo forums to be really helpful, and the Gentoo
community was wonderful". The next summer, he was employed at Cyberlogic, a Montreal company
providing computers and support services, including clustering. One
of the projects he worked on there was Adelie Linux,using
Gentoo as the foundation for clustering, including AMD Opteron-based
clusters. Cyberlogic was very supportive of their staff pursuing an
AMD64 version of Gentoo, and Olivier worked with Daniel Robbins and others to start
making it a reality. In particular, Olivier noted that Brad House, the current Gentoo AMD64
Project lead, "is doing a tremendous job and the AMD64 port
would not be anywhere near where it is without his contribution."
A third-year Software Engineering Student at the Canadian École Polytechnique de Montréal,
Olivier is currently studying as an exchange student at the École Nationale Supérieure
d'Informatique et de Mathématiques Appliquées de Grenoble
(ENSIMAG) in France He enjoys traveling, and you can read about
his adventures (in French) on his blog. He is currently working on a
Dell Inspiron Laptop, and (as a Gnome Developer) he uses Gnome 2.4. He recently abandoned
Pine in favor of
for email, and counts Mozilla
Firebird, xchat, Gossip, Amsn and aterm among his most
oft-used applications. Democratically, he uses GNU Emacs for
development, and vi for general
Olivier closed our correspondence with the following observation:
"What I really like about Gentoo is not only that its a great
distribution from a technical point of view, but that it has a great
community. The life and blood of a Free Software project is in its
community, and Gentoo has one of the best communities that I have been
part of." His favorite quote was from Henry Spencer: "Those who do
not understand Unix are condemned to reinvent it, poorly."
GLSA: Linux kernel do_mremap() privilege escalation vulnerability
A critical security vulnerability has been found in recent Linux kernels
which allows for local privilege escalation. Arbitrary code may be able to exploit this vulnerability and may disrupt
the operation of other parts of the kernel memory management subroutines
finally leading to unexpected behavior.
Since no special privileges are required to use the mremap() system call
any process may misuse its unexpected behavior to disrupt the kernel
memory management subsystem. Proper exploitation of this vulnerability
may lead to local privilege escalation including execution of arbitrary
code with kernel level access. Proof-of-concept exploit code has been created and successfully
tested, permitting root escalation on vulnerable systems. As a result,
all users should upgrade their kernels to new or patched versions.
There is no temporary workaround - a kernel upgrade is required. A list
of unaffected kernels is provided in the GLSA announcement.
- Severity: High
- Packages Affected: see GLSA announcement
- Rectification: emerge sync; emerge -pv your-favorite-sources; emerge your-favorite-sources; follow usual procedures for compiling and installing a kernel.
- GLSA Announcement
Heard in the Community
Greet the Repoman
Genone is among those Gentoo developers with more than just occasional guest appearances in the Forums. Last week he put up a post describing the characteristics of an upcoming Portage version 2.0.50, which has quickly developed in a lively thread discussing the advantages of new and improved features, but also points out possible hickups other tools like etcat might run into if they're used in conjunction with the new Portage:
Stuck Between An ~ARCH and A Hard Place
For the moderators, the sudden outbreak of complaints about kdelibs-3.1.4 compiles ending rather abruptly on peculiar error messages was hard to contain, particularly because many people seem to panic and forget about the Forum's search function. After a biug @urge of duplicates, only one thread remained alive. Luckily, Gentoo dev Caleb had both that Forum thread and the corresponding bug report in his focus and provided a temporary solution (update autoconf to a release number beyond "x86" stable) within a very decent response time. Anyway, the actual error is on its way out as soon as autoconf-2.58 is bumped to usability for people not living on the bleeding ~x86 edge:
DJBDNS and Gentoo
DJBDNS is a popular alternative to the traditional
and sometimes buggy BIND package from ISC.
This thread covers some
basics of getting DJBDNS up and running on Gentoo.
Experimental Gentoo 2004 Stages
The new Gentoo 2004.0 stages were
quietly announced on gentoo-user this week. Download them, and submit bug reports!
The Command Line Editor Thread
Finally this week, a more entertaining thread. How many ways can you replace
a text string in a bunch of files from the Linux command line?
Interesting in submitting ebuilds? Want to know a bit more about how developers get to be developers? Feel like finding a bit more about how this whole portage tree thing works when dealing with fun issues like spam, security and screwups? Have a look here and here for a start.
There are certainly things worth noting - if only we knew about them. Please help the GWN team with information about international events, user stories and interesting projects from your own countries! By all means, do send suggestions to firstname.lastname@example.org.
The Gentoo community uses Bugzilla (bugs.gentoo.org) to record and track
bugs, notifications, suggestions and other interactions with the development team. Between 02 January 2004 and 08 January 2004, activity
on the site has resulted in:
- 578 new bugs during this period
- 322 bugs closed or resolved during this period
- 8 previously closed bugs were reopened this period
Of the 4590 currently open bugs: 100 are labeled 'blocker', 187 are labeled 'critical', and 331 are labeled 'major'.
Closed Bug Rankings
The developers and teams who have closed the most bugs during this period are:
New Bug Rankings
The developers and teams who have been assigned the most new bugs during this period are:
Tips and Tricks
Forwarding an SSH agent
This weeks tip shows you how to forward ssh sessions between hosts
so you don't have to copy private keys between hosts.
Remote SSH sessions and public keys are covered in the Keychain
If you're using remote sessions with public key authentication you
are probably used to logging into remote hosts without having to
retype your password. So logging into Host B from Host A and
logging into Host C from Host A works great. But what if you need
to login to Host C from Host B (e.g. to use scp or
rsync). Instead of copying your private key from Host A to
Host B, SSH has a configuration flag you can use.
This flag is called ForwardAgent and it will forward you
ssh-agent process from Host A to Host B so that you can use the
same authentication from Host B to Host C without copying your
private SSH key.
To enable ssh-agent forwarding, set ForwardAgent yes in
either .ssh/config or
Code Listing 7.1: /etc/ssh/ssh_config
Now you can ssh from Host A to Host B and ssh or scp to
Host C using the authentication information from Host A.
Moves, Adds, and Changes
The following developers recently left the Gentoo team:
The following developers recently joined the Gentoo Linux team:
The following developers recently changed roles within the Gentoo Linux project:
Contribute to GWN
Interested in contributing to the Gentoo Weekly Newsletter? Send us an email.
Please send us your feedback and help make the GWN better.
GWN Subscription Information
To subscribe to the Gentoo Weekly Newsletter, send a blank email to email@example.com.
To unsubscribe to the Gentoo Weekly Newsletter, send a blank email to firstname.lastname@example.org from the email address you are subscribed under.
The Gentoo Weekly Newsletter is also available in the following languages: