Debian Weekly News - June 17, 2003
Jun 18, 2003, 05:00 (0 Talkback[s])
Desktop-as-a-Service Designed for Any Cloud ? Nutanix Frame
Debian Weekly News
Debian Weekly News - June 17th, 2003
Welcome to this year's 24th issue of DWN, the weekly newsletter
for the Debian community. A survey demonstrated a high level of
interest in PCs preloaded with GNU/Linux across the world.
Antonio Trueba Gayol discovered a picture taken by the Kernel
developer Greg Kroah-Hartman which explains the story of Tux and
is believed to originate from the Bristol Zoo (or the Canberra
National Zoo and Aquarium). 1. http://www.wewantlinux.org/pickcountry.php
Removing Automake 1.5. Eric Dorland would like to remove
automake 1.5 from Debian. It is said to contain a lot of bugs and
is unsupported upstream. Newer versions (1.6 and 1.7) can generally
work with Makefile.am files written for 1.5. Debian already ships
automake1.4 automake1.5, automake1.6 and automake1.7. Eric would
like to get rid of automake1.5 before automake1.8 comes out.
However, 28 packages still define a dependency to this package.
Compiling Kernels the Debian Way. Jonathan Oxer explained how
to compile Linux kernels the Debian way. The Debian approach allows
you to compile your kernel and automatically build a Debian package
around it. This means you can install a custom kernel in the same
way as you install any other package. Jonathan explains all the
steps from getting the kernel source to rebooting and testing your
A Single Unified License. Richard Stallman discussed the goal
of having a single license scheme that covers both software and
documentation, which goes beyond Richard's original purpose in
writing the GNU licenses. It may or may not be possible to
design a license that is good for both Free Software and free
documentation, and that is close enough to today's General Public
License (GPL) that it qualifies as a successor version. Richard
intends to make the effort some day, but will first finish GPL
version 3, which faces other difficult questions.
The 'build' debian/rules Target. Colin Walters made a policy
proposal to change build to an optional target, much like
build-arch and build-indep already are. He agrees that the build
target is certainly useful for many packages. But, as policy
recognises, for some packages, notably ones where the same source
tree is compiled in different ways to produce two binary packages,
the build target does not make much sense.
Oracle on Debian. Alex Malinovich described his experience
installing Oracle 9i Developer Suite on Debian sid (unstable).
Overall, the installation is relatively painless. The installer
will handle most of the process just fine, however there are a few
caveats, which Alex deals with in his article.
Debian in the Spanish Administration. It is worth noticing that
in Spain, the Ministerio para las Administraciones Publicas
(roughly translated as "Ministry for Public Administrations) has
published guidelines for standardisation, security and
conservation of information. All documents recommend the use of
Debian as a free GNU/Linux distribution.
Debian Ututo Router in Argentina. The Inquirer reported that
public schools in Buenos Aires, Argentina, are using the CD-based
Utoto(R) "Ututo Router" to connect to the Internet. The Ututo
distribution is specially adjusted to work as a dedicated router to
connect the schools local network to the Internet. Ututo is
based upon Debian and SuSE distributions.
Using Auto Tools properly. Joey Hess wanted to know how
automake and autoconf are best used for Debian packaging. His
general rule is not to touch the generated files as long as
possible, but let them generate at build-time when they have to be
altered anyway. Colin Watson believes that the auto tools
should never be run by the maintainer but only by the upstream
PNG Library Version Update. Josselin Mouette reported that
he has uploaded new versions of libpng which have been built with
versioned symbols. This means that, as soon as the necessary
libraries depending on them are rebuilt, one can build packages
depending indirectly on libpng10 and libpng12 simultaneously.
C++ Toolchain in perfect Shape? Marcelo E. Magallon sent out a
thank you message to those who worked on the C++ toolchain. For
the first time in many years he was able to compile a complex C++
program using templates and a couple of external libraries on a
Debian (unstable) machine and it ran on a machine with SuSE 8.2.
There was a time when not even a simple "Hello, World!" in C would
Testing built Packages. Christophe Barbé proposed to
test packages at build-time, especially if they are auto-built,
since some of his packages compiled fine but turned out to be
broken. Such tests would improve the quality and were most probably
already discussed in older QA (quality assurance) meetings. Dan
Jacobowitz noted that such checks should just be added in a
check target which would be evaluated between the build and the
packaging stage. Ben Collins added that this is already
implemented for GCC and GlibC.
Every SPAM is sacred... Santiago Vila started a discussion
about how the Debian admin people refuse to add Realtime Block
Lists (RBL) to debian.org mail servers. They argue that Debian was
listed in one or more of them innocently already, which proved that
those lists are not trustworthy enough. Theodore Ts'o added
that he doesn't want to delegate to someone else the power to say
whether or not a very large number of people will see mail from a
particular host or network. Noah Meyerhans pointed out the
warning header could aid client side filtering.
Debian's Five Freedoms for Free Works. Branden Robinson
published an essay about five freedoms intended to apply to
non-public-domain works in general. They are conforming with the
FSF's definition and include the freedom to use the work for
any purpose and adapt it to one's needs, which implies access to
the form of the work which is preferred for making modifications
(i.e. source). They also include the freedom to redistribute
altered and pristine copies of the work. Branden personally
advocated a fifth freedom to retain privacy in one's person,
effects, and data.
Schedule for the Debian Day. The schedule for the Debian Day
has been fixed, assuming that the times will please the speakers
and no talks need to be moved. The Debian Day will take place on
Friday, July 11th, during LinuxTag in Karlsruhe. The conference
begins with developer-oriented talks and a success story, continues
with user-oriented talks and finishes with two talks targeted at
active and prospective developers. More talks with a Debian focus
will take place outside of this one-day conference.
Birthday Coordination Page. With Debian's 10th birthday
approaching on August 16th, people have been asking on various
mailing lists if any parties are planned (see our last issue).
To make it easier to find events in the local area a 10th birthday
party coordination page has been started. If you know of an
event in your local area please go to the page and submit the
details if it's not listed already.
European Open Content License. The German Institute for
Legal Issues on Free and Open Source Software has developed an
Open Content License. It is based on the ideas emphasised in
the GNU General Public License and was adjusted especially for
the law system of Germany and Europe.
Department of Defense Issues Open Source Policy. Thor Olavsrud
wrote that the U.S. Department of Defense has distributed a
memo putting Open Source software on a level playing field with
proprietary software when it comes to use within the department.
However, the memo also warned that those using Open Source software
must comply with "lawful licensing requirements" and be aware of
what those licenses entail.
Recommendation for Migration in Germany. The German Federal
Ministry of the Interior is about to release a recommendation
paper that demonstrates how to use Free Software in governmental
agencies. However, each agency will still have to decide on their
own whether to use Free Software or something else. The paper will
be discussed in detail at LinuxTag next month in Karlsruhe,
Suggestions for GTK Frontend. Sebastian Ley asked for
suggestions with respect to the GTK frontend for cdebconf. Plans
were to base the frontend on the framebuffer library libdirectfb.
First efforts were successful and basic functions could be
implemented. However, it is currently not possible to start a shell
and to provide the user with an error log.
Depressing Bug Statistics for Base. Martin Michlmayr noticed
that there are still way too many bugs reported against
packages in the base system. He thinks that Debian should promote
co-maintainership for important packages and try to get people to
submit patches for open bugs to help the maintainers.
Orphaned Packages to remove. Andrew Suffield reported that
he is making a series of passes over the list of orphaned packages,
looking for ones which can be removed. The first list attached to
his mail is comprised of those packages which are now completely
obsolete, for one reason or another. He intends to ask ftp-master
to remove them.
Infrastructure for Meta-Distribution Projects. Jeremy Malcolm
asked about the experience of sub-projects to get some
ground-rules sorted out before he makes too many irreversible
decisions for debian-lex. In particular he has looked at the
debian-jr sub-project and their use of meta packages.
Security Updates. You know the drill. Please make sure that you
update your systems if you have any of these packages
- ethereal -- Buffer overflows, integer overflows.
- atftp -- Buffer overflow.
- gnocatan -- Buffer overflows, denial of service.
- nethack, slashem -- Buffer overflow, incorrect
- cupsys -- Denial of service.
- lyskom-server -- Denial of service.
- webmin -- Remote session ID spoofing.
- mikmod -- Buffer overflow.
- radiusd-cistron -- Buffer overflow.
- typespeed -- Buffer overflow.
- noweb -- Insecure temporary file creation.
New or Noteworthy Packages. The following packages were added to
the unstable Debian archive recently or contain important
- checksecurity -- Basic system security checks.
- eggcups -- Print job monitor.
- httpush -- Proxy for HTTP(S) application/server security
- krita -- Image editor for the KDE Office Suite.
- riece -- Redesign of the Liece IRC client for Emacs.
- spikeproxy -- Web application security testing proxy.
- yepp -- Samsung YEPP MP3 loader.
Orphaned Packages. 2 packages were orphaned this week and
require a new maintainer. This makes a total of 188 orphaned
packages. Many thanks to the previous maintainers who contributed
to the Free Software community. Please see the WNPP pages for
the full list, and please add a note to the bug report and retitle
it to ITA: if you plan to take over a package.
- libghttp1 -- Gnome HTTP client library.
- php-gtk -- PHP extension for GTK+ client-side
cross-platform GUI apps. (Bug#197196)
Want to continue reading DWN? Please help us create this
newsletter. We still need more volunteer writers who investigate
the Debian community and report about events in the community.
Please see the contributing page to find out how to help. We're
looking forward to receiving your mail at firstname.lastname@example.org.