Debian Weekly News - September 9th, 2003
Welcome to this year's 36th issue of DWN, the weekly newsletter for the Debian community. Rio Audio announced the Rio Karma 20, which seems to be the first industrially manufactured digital audio player that supports the Ogg Vorbis audio format. In light of the recent software patents debate members of the German Debianforum signed an open letter directed at the European Parliament.
Not just another pretty Face. Robert Storey, a self-confessed Debian convert wrote a review about his successful installation experience. He explains that a good package management system should not only inform you about unmet dependencies but even better, it should just fix the problem for you without asking. He continues with a section about "Post Install Configuration" which includes many details such as APM and framebuffer configuration, which many installation articles do not mention.
Latest Versions of Webmagick and Imagemagick. Keith Goettert wrote a tutorial on installing and using the latest version of Webmagick and Imagemagick from source. He had to use more recent versions since Debian 3.0 ships older packages that work slower but consume more memory.
Placing System generated Programs? Russell Coker wondered
where a package should place programs that are automatically generated and
run. The Filesystem Hierarchy
Standard (FHS) is not clear on whether it is OK to put a script in
/var/run. This and
/var/lib/package/ seem to be the
PostgreSQL 7.4beta2 for Debian. Oliver Elphick announced Debian packages of PostgreSQL 7.4beta2 which he has uploaded into the experimental archive. The packages may not be visible for a while because there are some new binary packages that need to be authorised by the archive maintainers.
Future of Libwww? Richard Atterer reported that the W3C has stopped work on Libwww and invites the libwww user community to participate in a Future of Libwww survey that will help to determine its future. Libwww is a free, highly modular client side Web API. A public W3C account is required to complete the survey.
Free Software requiring non-free Build Tools. Matt Zimmerman wondered how tvtime should be packaged. It can use binary modules from DScaler, which are free, but currently only compilable by non-free tools. Matt thought that the binary DLLs could go in contrib, because the source code is free. Branden Robinson agreed, summarising that packages in main must be entirely free and must be buildable and usable solely with other packages also in main. Free packages with non-free dependencies or build-dependencies can go into contrib.
New Package Dependency Field Format. Adam Heath has been
working on a rewrite of
dpkg and has proposed
a number of changes to the dependency parser, including the addition of the !=
operator and full nestable parenthetical expression support. Jason Gunthorpe
APT would need huge amounts of effort to support the
changes, but it would not solve any actual problems. Anthony Towns thought
the changes would require a major rewrite of the logic of the testing scripts
for no real gain.
Would the GNU Project endorse Debian? In response to Branden Robinson's questioning, Richard Stallman explained that the GNU Project won't endorse Debian, because non-free packages are distributed on our servers. Richard explained that if Debian distributes main from a server that doesn't include or refer people to non-free software and documentation, the GNU project could point to Debian as an entirely free version of the GNU system. However, they could not endorse it in glowing terms if documentation is excluded when it is released under the GNU Free Documentation License (FDL).
Debian and the FSF. Bruce Perens thought it was time to step in between Debian and the Free Software Foundation (FSF) regarding the debate over non-free stuff in Debian and the FDL. He claimed that saying "non-free isn't really part of Debian" is a fiction. He urged Debian to make it true by giving non-free and contrib their own organisation. He also suggested that the FSF should assert that documentation is an essential component of Free Software, and that it must be under essentially the same terms as its associated software.
Politics in Free Software. Tom Chance reported about a developer who credited a certain army in four of his applications, their removal and the small storm in the community. He said that "some organisations, like Debian, have put a lot of effort into defining exactly how the community handles political and social relations, so that responsibility and authority is clearly and justly assigned, and decision-making processes are clearly and justly defined." He would like Free Software communities to take political and social considerations more seriously, since we should not continue with large numbers of people believing that politics has no place in Free Software, or that burying one's head in the sand is a wise way to work.
Security Scanning with Debian based Tools.
Victor Garza and Joseph Roth tested
Nessus using Knoppix-STD, a Security Tools
Distribution. The ease of gathering
up-to-date vulnerability information and scripts, the passive,
non-destructive scanning mode, and the fact that Nessus
also supports a PKI of sorts, using a certificate for authentication,
were features they liked. They said that
"Nessus does the job of identifying
vulnerabilities and recommending fixes,
and the Knoppix/Nessus combination goes a long way toward making the scanner
easy to use." However, reporting the results of the security scan in a clear, concise and
foolproof manner was one
area they found lacking.
Debian on NordicOS. Debian GNU/Linux is listed on NordicOS, a project of the Nordic Ministerial Council, which addresses the need for a comprehensive overview of open source software available for consumers. The item refers to several official documents from Debian and accentuated that Debian is a completely non-commercial project, perhaps the purest form of the ideals that started the Free Software movement.
Guide for Greek Debian Users. Konstantinos Margaritis announced the new Greek Debian User's Guide which he wrote. It deals with most aspects of installing Debian GNU/Linux version 3.0 and many aspects of everyday use and administration. The guide has been released under the FDL and is available in many popular document formats. A printed version is planned as well.
Security Updates. You know the drill. Please make sure that you update your systems if you have any of these packages installed.
- exim -- Buffer overflow.
- wu-ftpd -- Insecure program execution.
- mah-jong -- Buffer overflows, denial of service.
New or Noteworthy Packages. The following packages were added to the unstable Debian archive recently or contain important updates.
- camorama -- Gnome2 tool to view, alter and save images from a webcam.
- conglomerate -- Userfriendly XML editor.
- dcraw -- Decode raw digital camera images.
- directvnc -- VNC client using the framebuffer as display.
- evms-ha -- Enterprise Volume Management System (high-availability).
- freehoo -- Console Yahoo messenger client with guile and readline interfaces.
- greed -- Curses-based clone of the DOS freeware game Greed.
- jed-extra -- Collection of useful JED modes and utilities.
- latrine -- Curses-based LAnguage TRaINEr.
- lg-issue94 -- Issue 94 of the Linux Gazette.
- mediamate -- Web-based movie database and tracker.
- monster-masher -- GPL'ed mash'em-up action game for GNOME.
- resolvconf -- Nameserver information manager.
- shorlfilter -- Text filter to shorten long URLs using online redirection database.
- ssl-cert -- Simple debconf wrapper for openssl.
Orphaned Packages. 2 packages were orphaned this week and require a new maintainer. This makes a total of 205 orphaned packages. Many thanks to the previous maintainers who contributed to the Free Software community. Please see the WNPP pages for the full list, and please add a note to the bug report and retitle it to ITA: if you plan to take over a package.
- mydns -- DNS server using MySQL for data storage. (Bug#209071)
- zebra -- GPL'd, BGP/OSPF/RIP capable routing daemon. (Bug#208786)
Want to continue reading DWN? Please help us create this newsletter. We still need more volunteer writers who investigate the Debian community and report about events in the community. Please see the contributing page to find out how to help. We're looking forward to receiving your mail at firstname.lastname@example.org.
To receive this newsletter weekly in your mailbox, subscribe to the debian-news mailing list.
Back issues of this newsletter are available.
This issue of Debian Weekly News was edited by Dan Hunt, Matt Black and Martin 'Joey' Schulze.