Portage 2.0.51 continues to be in internal testing. Now in version 2.0.51_pre13 and masked, it's nearing readiness for ~arch. We'd like to cover some changes to Portage that users will notice if they pick up the currently masked 2.0.51_pre13, or a later ~arch masked or stable version. First of all, due to changes in the Portage cache, users will notice corruption messages when performing rsync updates, which will go away when the cache is altered in a few weeks. At this point however, versions of Portage prior to 2.0.50-r7 will start having problems because they won't be able to handle the new cache. As always, users are recommended to read the messages from emerge rsync and update Portage whenever a new stable version is available.
Also, in the new version /var/cache/edb/virtuals is going to become obsolete: Portage will calculate the virtuals based on packages installed in the database. Once users upgrade to 2.0.51 the file will be obsolete and there will be no need to save it. Also, /var/cache/edb/world will be moving to the FHS-compliant state directory, /var/lib/portage.
For more information, read Nicholas Jones's announcement on gentoo-dev.
XFree86, X.org: XDM ignores requestPort setting
XDM will open TCP sockets for its chooser, even if the DisplayManager.requestPort setting is set to 0. This may allow authorized users to access a machine remotely via X, even if the administrator has configured XDM to refuse such connections.
For more information, please see the GLSA Announcement
libpng: Buffer overflow on row buffers
libpng contains a buffer overflow vulnerability potentially allowing an attacker to perform a Denial of Service attack or even execute arbitrary code.
For more information, please see the GLSA Announcement
Shorewall : Insecure temp file handling
Shorewall contains a bug in the code handling the creation of temporary files and directories. This can allow a non-root user to overwrite arbitrary system files.
For more information, please see the GLSA Announcement
Ethereal: Multiple security problems
Multiple vulnerabilities including one buffer overflow exist in Ethereal, which may allow an attacker to run arbitrary code or crash the program.
For more information, please see the GLSA Announcement
MoinMoin contains a bug allowing a user to bypass group ACLs (Access Control Lists).
For more information, please see the GLSA Announcement
3. Featured Developer of the Week
Featured Developer is on hiatus this week.
New nvidia Drivers With Support for 2.6 Kernel
Both the Kernel & Hardware and the Gamers & Players forums have threads about the new nvidia drivers that have been issued little over a week ago. The 4k stacksize problem with 2.6 kernels appears to have been solved, and the new drivers feature a configuration utility people seem to be quite pleased with:
Useful Install Tips
Not to be left behind the forums, the some folks started their own Useful Install Tips thread on gentoo-user this week.
Migrating to 2.6
Still haven't made the switch? The Changing to 2.6 thread may be a good place to start!
Gentoo International is on hiatus this week.
The Gentoo community uses Bugzilla (bugs.gentoo.org) to record and track bugs, notifications, suggestions and other interactions with the development team. Between 03 July 2004 and 09 July 2004, activity on the site has resulted in:
Of the 6736 currently open bugs: 138 are labeled 'blocker', 179 are labeled 'critical', and 528 are labeled 'major'.
The developers and teams who have closed the most bugs during this period are:
The developers and teams who have been assigned the most new bugs during this period are:
Thanks to Lars Weiler for providing this week's tip.
Usualy make from sys-devel/make is known as a tool for compiling applications. But it could also be used to provide often used commands so that they can be accessed easily.
Quite everybody wants to do backups. This could be done by packing them with tar. For instance, we want to pack the ~/Mail folder and name the file with a date:
Code Listing 7.1: tar ~/Mail with date included |
$ tar cvjf ~/Backups/Mail-`date +%F`.tar.bz2 ~/Mail
|
After that we copy that file (and possibly more) to another computer by using rsync and delete all the files in ~/Backups afterwards:
Code Listing 7.2: Copy backup-file to another computer with rsync |
$ rsync -avute ssh ~/Backups/ user@othermachine:~/Backups/ % rm ~/Backups/* |
And now comes the clue with make. After a week you already forgot the commands. Why not store them in a Makefile located in the home-directory, so that you only have to call make backup?
Inside the Makefile (beware of the uppercased 'M') we provide two targets for the commands, so that we can call them separately, e.g. if you only want to copy the files. The first target backup will only call the other targets in the given order:
Code Listing 7.3: Sample Makefile for backups |
backup: compress \ copy compress: tar cvjf ~/Backups/Mail-`date +%F`.tar.bz2 ~/Mail copy: rsync -avute ssh ~/Backups/ user@othermachine:~/Backups/ rm ~/Backups/* |
Now we can call make backup in the home directory and the ~/Mail-folder will be compressed and copied to the other computer. The restore-command-set will be your homework ;-)
Of course, there is a wide use for batched processes with Makefiles. Think about all the things you ever wanted to have scripted with easy usability. You can find more instructions in the info make pages.
The following developers recently left the Gentoo team:
The following developers recently joined the Gentoo Linux team:
The following developers recently changed roles within the Gentoo Linux project:
Interested in contributing to the Gentoo Weekly Newsletter? Send us an email.
Please send us your feedback and help make the GWN better.
11. GWN Subscription Information
To subscribe to the Gentoo Weekly Newsletter, send a blank email to gentoo-gwn-subscribe@gentoo.org.
To unsubscribe to the Gentoo Weekly Newsletter, send a blank email to gentoo-gwn-unsubscribe@gentoo.org from the email address you are subscribed under.
The Gentoo Weekly Newsletter is also available in the following languages: