Debian Weekly News - April 13th, 2004
Debian Weekly News
Debian Weekly News - April 13th, 2004
Welcome to this year's 15th issue of DWN, the weekly newsletter for
the Debian community. Several people have discussed the presence of
non-free components in the Linux kernel last week, which has resulted
in some removals already. Robert Millan requested that all packages
which make use of libtool be updated to a newer version, since
this is required in order to support the porting efforts based on GNU
libc and for the kernels of GNU/kFreeBSD and GNU/kNetBSD.
Request Tracker for Debian. Branden Robinson announced an
experimental request tracker instance for the Debian
infrastructure. It's a resource for the convenience of people who find
it useful and it's not for technical problems, like bugs in packages.
Those belong at bugs.debian.org. However, Joachim Breitner
believed that this software is too complex for Debian and seems to
target full-time support teams, and not part-time developers.
New Debian Project Leader elected. Manoj Srivastava announced the
results of this years' project leader election. The winner of the
election is Martin Michlmayr. Manoj thanked Branden Robinson and
Gergely Nagy for their service to the project, for standing for the
post of project leader, and for offering the developers a strong and
viable group of candidates.
GNU/Linux Security Research. In response to a security survey,
security teams from Mandrake, Red Hat, SUSE and Debian have released a
joint statement. Despite the report's claim to incorporate a
qualitative assessment of vendor reactions to serious vulnerabilities,
it treats all vulnerabilities as equal, regardless of their risk to
users. As a result, the conclusions drawn by Forrester have extremely
limited real-world value.
Back to GNU/Linux Basics. Michael Hall composed a review about
Debian 3.0. He asserted that the Debian project continues to provide a
GNU/Linux distribution that offers organizations the sort of commodity
infrastructure for which Linux was originally known. While other
GNU/Linux variants tend to complete the installation assuming a few
basic configuration parameters, Debian's installer requires the user
to make decisions about security or functionality-related issues
during the process.
Debian powers Satellite Routers. Rodney Gedda reported about 75
towns across New South Wales (Australian) that access the Internet
through Debian-based satellite routers spanning upwards of 800,000
square kilometers. The local satellite router developer Ursys chose
Debian because of its packaging support, which facilitates the ability
to push updates to the routers remotely.
Debian Package of the Day. Andrew Sweger is publishing daily
descriptions to introduce people to cool packages in the Debian
testing distribution such as proxycheck, pwgen or vtun. So
far over 25 packages have been featured. Syndicated feeds are
available in RSS and Atom formats.
Use Case: The Register. Aaron Crane of GBdirect reported that
the web servers of The Register are running Apache on Debian
GNU/Linux, with MySQL for the back-end database with a custom
content management system which is written in Perl. The scripts,
HTML, and CSS were created and edited using a combination of Vim,
GNU Emacs, and Mozilla Firefox's EditCSS extension.
GBdirect chose Debian for its stability, reliability, flexibility, and
especially for its superlative support of remote package management
Chinese Book about Debian GNU/Linux. The first Debian book in
Chinese was recently published by a very active Debian community
(Chinese only) in Taiwan. The book is entitled "Debian GNU/Linux,
The Painless Book" (Debian GNU/Linux 無痛起步)
and written by Asho Yeh and Moto Chen who also maintain the errata
Fine-grained Dependencies. Kevin McCarty announced that he's
working on defining more fine-grained dependencies on libdevel
packages that currently depend upon xlibs-dev. Branden Robinson
added that Moritz Muehlenhoff has been working on this as
Namespace for GNUstep Packages. William Ballard started a
discussion on naming GNUstep packages, since some of them use generic
names. Evan Prodromou, however, disagreed and made clear that
he will wait until a global naming standard for GNUstep application
packages is developed.
Distribution of Peripheral Firmware. J.D. Hood summarised the
options about how Debian could handle binary-only firmware components
for which no source code is available. Herbert Xu added his view
on this issue and his preference is to move all kernel packages to
non-free since this pays homage both to our commitment to Free
Software as well as our users' needs.
PAM Release Status. Sam Hartman reported about problems in current
PAM packages. Upon upgrades from woody the user is forced to answer a
dpkg configuration file question for which Branden Robinson
provided a solution. Since configuration options have been
aggregated installations that end up with an empty root password
prevent root from logging in. Steve Langasek is discussing a change
for pam_unix.so with upstream, to bypass this for console access.
Debian powers The Gathering 2004. Steinar Gunderson reported that
all central servers in the network of The Gathering 2004 in Norway
are running Debian and the load on each of these machines is usually
under 0.2. Since they're sponsored by Sun, the central machines are
Sun Netra X1 boxes (400 MHz SPARC-based 1U machines) that are running
General Resolution on the Social Contract. Manoj Srivastava called
for votes on the general resolution to add editorial changes to
the social contract. Since this modifies the social contract, this
general resolution requires a 3:1 majority to pass.
Binary Firmware Components removed. After the kernel package
maintainer has removed the acenic and tg3 ethernet drivers because
they contain an embedded firmware blobs, Marco d'Itri investigated
the Linux kernel and XFree86 packages for other drivers
containing a firmware dump. He added that if Debian will continue with
this policy then the MGA, Rage 128 and Radeon DRM drivers will have to
be removed as well.
Security Updates. You know the drill. Please make sure that you update
your systems if you have any of these packages installed.
* tcpdump -- Denial of service.
New or Noteworthy Packages. The following packages were added to the
unstable Debian archive recently or contain important updates.
* blobwars -- Platform shooting game.
* gs-gpl -- GPL Ghostscript PostScript interpreter.
* m2crypto -- Crypto and SSL toolkit for Python.
* mimms -- MMS (mms://) streaming media download utility.
* ntlmaps -- NTLM Authorization Proxy Server.
* qtparted -- Parted frontend using QT.
* xmms-blursk -- Powerful visualization plugin for XMMS, similar
to "Blur Scope".
Want to continue reading DWN? Please help us create this newsletter.
We still need more volunteer writers who watch the Debian community
and report about what is going on. Please see the contributing
page to find out how to help. We're looking forward to receiving your
mail at email@example.com.