Debian Weekly News - September 3rd, 2001
Debian Weekly News
Debian Weekly News - September 3rd, 2001
Debian for professionals. The German computer magazine c't has
published a survey in their 17th issue which compares the use of
various Linux distributions by different types of users in Germany.
One result of the study was the fact that the more people know about
Linux the more they use Debian in favour of other distributions like
Mandrake, SuSE or RedHat. 28 percent of people with more than five
years Linux experience prefer Debian, though only 3 percent of all
newbies use it.
Lack of Localisation. The same article criticizes the lack of German
localisation in all distributions. This shows that our projects of
translating packages files, localized boot-floppies and
international message catalogs for many packages are the right way to
improve the acceptance of Linux and Debian among people who are not
native English speakers.
Lintian reports are back. Josip Rodin has announced the return of
public lintian reports for all packages. You can now check the reports
sorted by package names, maintainer or by lintian tags.
The main page at http://lintian.debian.org/ also shows some
interesting statistics. If you're wondering, "what the heck is
Lintian?" its a Debian package checker that can check binary and
source packages to make sure the package is in compliance with Debian
policy for packages. It's a Good Thing.
New layout for lists.debian.org. Joy has had a busy week, he also
announced a new layout for the public web-archive of our mailing
lists at http://lists.debian.org/. The main page will only refer
to index pages for Development, User,
Internationalisation, Miscellaneous etc. This should improve
load time for the index pages drastically since they don't contain
links to all lists anymore, a lot of people have requested this
GPG Key Signing Coordination page. In order to enter Debian's web of
trust, prospective Debian developers have to meet an existing
developer in person for a GnuPG (GPG) key signing. Although
the almost 900 Debian developers are distributed all around the world,
it is often hard to find one nearby. In order to facilitate the
coordination of GPG key signing meetings, Martin Michlmayr has created
a web page where prospective and existing developers can sign up
and enter their location. Prospective developers can now see at a
glance whether someone nearby is willing to meet for a key signing or
sign up so existing developers can contact them.
Linking non-PIC code with PIC code for libraries. A discussion
came up on debian-devel that covers a problem with linking PIC
(position independent code) with non-PIC code in the same shared
library. PIC-code is used in shared libraries (suffix .so) while
non-PIC code is used in static libraries (suffix .a). The thread
covers some details about how dynamic linking is done with Linux
for those who didn't know already.
Missing RedHat Compatibility. A problem has been discovered with
programs compiled under a current RedHat system that does not run on a
Debian system. RedHat's choice of C++ compiler (2.96) for their
release is the reason for this breakage. Unfortunately they have
used a compiler which was never released and which generates
binaries that are incompatible with both earlier and later releases.
The precarious issue with this is that many commercial vendors are
supporting RedHat systems and compile their software on such a box.
These software simply won't run on other systems, which could keep
companies from using Debian or other distributions on their production
boxes. A similar problem arose with SuSE using an unreleased version
of egcs in may 1999 which lead to this announcement (only German,
ReiserFS with Debian? A couple of people wanted to run Debian on top
of a Reiser filesystem to benefit from its journaling and dramatically
reduced fsck-time. Debian does not yet officially support a ReiserFS
on its boot-floppies. However, there are two projects listed on
Freshmeat which cover Debian boot-floppies with support for ReiserFS.
Sections for doc-base. Yoshito Komatsu found out that there is no
policy, howto or anything that tells us which section to use for which
kind of documentation that is registered with doc-base. One way to get
around this was to use the menu sections as a guideline. Yoshito
finally came up with a draft of a doc-base section HOWTO.
Boxed Penguin contains Debian GNU/Linux. Mekinok Systems
Engineering has introduced Boxed Penguin: Instant Infrastructure.
This product uses Debian GNU/Linux and adds additional packages that
integrate all of the most common parts of a company's software
infrastructure into a single system. The system consists of Free
Software so the product itself is free. Mekinok hopes to make money on
A hard time for security. Wichert Akkerman, member of the Debian
Security Team, has posted a mail outlining problems with doing
security uploads and architectures that will be released with woody.
Currently the security team has to support six architectures (alpha,
arm, i386, m68k, powerpc, sparc). With the release of woody there may
be five more architectures to support (ia64, hppa, mips, mipsel,
s390). Doing recompiles on six architectures is a hassle already, but
doing it on eleven machines is even more time consuming. One possible
solution would be to use an rbuilder for all architectures, so
recompiles could be triggered via mail.
Freeze Upload Policy. The release manager, Anthony Towns, has posted a
request not to make any major changes to the base system as part
of the ongoing freeze. Changes should be limited to the absolute
minimum required to make the package suitable for release. The focus
for base packages is fixing release-critical bugs, but other bugs and
wishlists can be done as well, as long as the fix makes minimal
changes in order to not introduce new bugs. His request also includes
a list of base packages.
Experimental Berlin packages. Bastian Blank has announced the
availability of prelimnary packages for the Berlin display server.
Berlin is a windowing system derived from Fresco, a powerful
structured graphics toolkit. Berlin extends Fresco to a full,
network-transparent windowing system which is not based on X.
Porting Debian to Cygwin? Doesn't that sound strange? Somebody on
debian-devel has started a discussion about porting Debian to a
Cygnus cygwin environment running upon a well-known non-free system.
It's quite unclear how the architecture should be named, though this
would be one of the first things that is required to make dpkg work as
LVM Problem. A severe problem with the Logical Volume Manager and the
current Debian unstable has been discovered. The problem is quite
tricky, since LVM needs to be initialized before all filesystems are
mounted, though it can't initialize correctly since it writes to
/etc/lvmtab which will fail before the root-filesystem is mounted,
which in turn eventually can't be mounted since it is on a LVM device.
The maintainer came up with a possible solution. Another solution
would be to use an initial ramdisk.
Problem with fonts. It has been reported that fonts under Linux
are not in a satisfying state. The problem is mostly that some
applications use "blocky" fonts, bitmapped fonts that are enlarged. As
an exercise just try to use a font in xfig, enlarge it, export that to
Postscript and re-view it with ghostscript. Some techniques such as
anti-aliasing and Sub-Pixel Font Rendering could fix parts of the
problem, however this requires tweaking of the X-server and
applications. An interesting project was mentioned during the
discussion: PfaEdit - a postscript font editor.
German Debian News. Joey has started an experiment and requested
the creation of the debian-news-german mailing list. The list is
moderated and will contain Debian news and announcements translated
into German. For the last months translations were only done on
www.debian.org transparently and on linux-community.de. Frequently
we meet people who don't speak English fluently and who would
certainly appreciate a German news list. We'll have to find out if
this list will be accepted by our German speaking users or not.
Recent Security Advisories
If you have any of these packages installed on your system, you'll
want to upgrade ASAP.
* openldap -- Remote DoS
* xloadimage -- Buffer overflow
* netkit-telnet -- Remote exploit
* fetchmail -- Memory corruption
* groff -- Print format attack
* imp -- 3 Remote exploits
* wmaker -- Buffer overflow
* x-window-system and x-window-system-core -- New X
* lskb -- The Linux Security Knowledge Base, includes info on
Linux-specific security issues.
* samhain -- Integrity checker and intrustion detection system,
because a little paranoia is a Good Thing.
* kinkatta -- QT client for AOL Instant Messenger.
* kgeo -- The program formerly known as KEuklid, a geometry
program for KDE.
We've had a lot of interest in translating DWN, if you haven't heard
from us yet about translating we will be in touch shortly.