Frugalware Linux Newsletter - Issue 63
...to inform...to educate...to entertain
"It is only when they go wrong that machines remind you how powerful they are." Clive James
Welcome
The newsletter's aim is to keep you up to date with what's happened recently in the world of the Linux distribution 'Frugalware'.
Features of this issue include:
- Frugalware 1.3 pre1 released
- Package compression is improved
- Frugalware's users are people too - Lenezir
- Focus On Package(s) - Textadept
Events etc
Here's a selection of events which have occurred since the previous newsletter:
Frugalware 1.3 pre1 released
On 3 May 2010, VMiklos announced the release of the first preview of Frugalware 1.3. Perhaps the most exciting part of the announcement was that a GUI version of the network installer is available for the very first time. Congratulations and thanks are due to Elentir, developer of the GUI network installer, officially known as Fwife. Elentir has been working on Fwife almost since he joined the development team.
Each preview release has just one aim: to allow people to test a snapshot of the next official release. The development team needs your help to test the preview on your own hardware and with your own combination of packages. The more bugs which are found and fixed before the final release, the better quality the release will be. If you have the time and bandwidth required, please download, install and test this preview.
Kooda has been busy
Kooda, a new member of the development team, has been busy updating FrugalBuilds and creating new ones. Since the previous newsletter issue, he has committed 43 new or modified FrugalBuilds, many of them being Ruby-related packages. Thanks to Kooda and of course we look forward to your next contributions.
Let Tux be your Commander
Frugalware contributor kikadf recently had FrugalBuilds for the package TuxCommander and its add-ons accepted by the development team. Well done to him and thanks for packaging it. Tux Commander is a GUI file management application, with a UI design similar to that of Midnight Commander, or Norton Commander.
Let's make Frugalware 1.3 look great!
Each Frugalware release features new default artwork, including: GRUB theme, wallpaper, GUI toolkit, login manager, mouse pointers and icons. The wallpaper is a central part of the theme and all other elements are either based on it or chosen because they complement it. To follow the artwork team's progress, you can monitor the artwork wiki page for 1.3.
If instead you want to get involved, you can do so in many ways. Comment on the artwork team's creations on the wiki page. Of course praise is enjoyed most by the team's members, but constructive criticism is also welcome. If you have artwork to display or suggest, add to the artwork wiki page. There is also an IRC channel available for live chat - #frugalware.artwork - but you need to be lucky to find anyone in there.
Devil505, the artwork team's coordinator, has made it simple to have your say in the selection of artwork for the next release. On his blog he is conducting a number of polls on various artwork elements, seeking peoples' opinions on which they would like to be the default for 1.3. Right now he's conducting a poll on which icon set should be the default. This poll closes on 22 May 2010 so be quick. It's as easy as it can be to get involved in Frugalware's artwork so please do do get involved.
Package compression is improved
The current method of compression used for Frugalware's packages is bzip2, which provides good compression and decompression. The development team recently decided that packages could be compressed even more with the 'xz' method of compression. Smaller packages have two advantages: (1) less* storage space is required, and (2) less bandwidth is required when they are being downloaded. The extra compression comes at a slight cost though, because it takes more CPU time and memory to compress a package into the xz format compared to the bzip2 format. Since packages need to be compressed only once, when they are built, this extra load is placed on the build servers, not your PC or server.
Errata
In newsletter issue 62 I included a tip about using pacman-g2's regular expression support. The only problem is that I don't have much practical experience with regular expressions and so made a simple mistake in the example. I know, it seems incredible that I could have made such a simple error, but it's true. (Note to members of the development team: please don't point out to readers all my other past errors! :P). I said that the example command would install all packages whose names started with the string "gst-plugins-bad" but instead it would install all packages which had this string anywhere in their name. In this case it wouldn't have made any difference, but I still need to correct the example. The correct command is:
pacman-g2 -S --regex ^gst-plugins-ugly
Frugalware's users are people too
This is the latest in the ongoing series of interviews with Frugalware's users. This issue's interview is with Lenezir. Please read on...
- What's your IRC/forum nickname?
-
Lenezir.
- In what country do you live?
-
France.
- What operating system(s) did you use before FW ?
-
I started with Windows 3.1 when I was very young, then I went through Windows 95, 98SE, XP and finally Ubuntu.
- When did you start to use Linux (Frugalware)?
-
I met Linux with Ubuntu in October 2006, then after a year of faithful service I wanted to look elsewhere and found Frugalware in 2007. I was able to install it only in November 2008 due to a technical problem.
- What do you like most about Frugalware?
-
The rolling release system which allows to have the latest software, the lightness of the distribution, the reactivity of the team and especially the atmosphere. It's always a pleasure to connect to Jabber and IRC channels because we are always welcomed. I really feel like part of a family.
- What would you like to see changed in Frugalware?
-
What is missing most in my opinion is the fact that many people fail to install the distribution. Not because of lack of experience but problems with hardware recognition. If this problem was solved, Frugalware would make a meteoric rise.
- Do you do anything to spread knowledge of Frugalware?
-
When I started on Frugalware I started a blog to talk about it, but I lost the motivation to write. Maybe I will start again. Otherwise I do not have much opportunity to talk about it.
I contribute to the French-language community by translating the news items and managing the server that hosts the site. I also helped rewrite the web site - http://frugalware.fr.
- For what purpose(s) do you use Frugalware?
-
I use Frugalware for my Internet browsing, office automation, programming, 3D and for playing games like native UrbanTerror or through PlayOnLinux.
- How did you find Frugalware - e.g. a friend/Google search?
-
Doing a search on Google if I remember correctly.
- Please show us a screenshot of your desktop(s)
-
- What's the view from your front door?
-
This is the view from my room (where my computer is located) because the view from my front door is blocked.
New Packages
In this new section of the newsletter I'll highlight some new packages which have been added since the previous issue.
| Package's Name | Description | Maintainer |
|---|---|---|
| tuxcmd-0.6.70 | Tux Commander is a windowed file manager with 2 panels | Devil505 (Contributed by kikadf) |
| gst123-0.0.3-1 | A command line media player based on gstreamer. | bouleetbil |
| ffmpegtheora-0.26-1 | A simple converter to create Ogg Theora files | Kooda |
| dvgrab-3.5-1 | dvgrab links and stores video from Firewire movies camera into an AVI file. | Kooda |
Tips and tricks
Disclaimer - Be aware that the hints & tips provided here have NOT been tested and so come with no warranty.
What's 1 + 1?
Without using a hand-held calculator, calculate the answer following equation: ((18263 + 382767 + 27276) / 2) x 1.5
If you were able to calculate the correct answer in your head then you should skip this tip since you obviously don't need it. For everyone else, please read on. If you sometimes need to do calculations such as this, the command-line application 'bc' is a great help. When you start bc, you are then in a console in which you type your calculation and press [Enter] and the result appears on the next line. bc is capable of much more complex calculations but this is just an example. Remember bc when you next need to do some calculations, instead of reaching for your hand-held calculator.
This section relies on your contributions! If you have some tips and tricks that you would like to be shown in the newsletter, please post them on the forums.
Focus On Package(s)
Textadept
Textadept is a cross-platform, general-purpose text editor with features including: syntax highlighting, support for external tools and complete customisability. What makes it really interesting is that while its core was written in C, most of it was developed in Lua. Textadept's was designed to be extensible and adaptable through scripts written in Lua. Its documentation is excellent and always current so anyone writing a script has all the help they need. This is a quite young project and still under active development, with version 2.2 released recently. Take a look at Textadept and I think you'll be pleasantly surprised, because there's a lot in a small package.
Bug fixes
The following table gives you a overview of activity on bugs and feature requests as at 21 May 2010. In each cell of the table is a link to a detailed list of the relevant bugs or feature requests.
| Activity | Bugs | Feature Requests |
|---|---|---|
| Open | 167 | 194 |
| Opened since the previous newsletter | 33 | 10 |
| Closed since the previous newsletter | 72 | 17 |
Security announcements
Remember - According to the normal support arrangements for Frugalware, the release of 1.2 ("Locris") means that no further security or bug fixes will be released for Frugalware 1.1 ("Getorin") or earlier.
Here is a list of security issues which have been discovered and fixed in the 1.2 release since the previous newsletter.
| FSA | Package | FSA Description | Upgrade To |
|---|---|---|---|
| FSA671 | drupal6-filefield | A security issue has been reported in the FileField module for Drupal, which potentially can be exploited by malicious users to compromise a vulnerable system | drupal6-filefield-6.x_3.3-1locris1 |
| FSA670 | drupal6-imagefield | A security issue has been reported in the ImageField module for Drupal, which can be exploited by malicious people to disclose potentially sensitive information | drupal6-imagefield-6.x_3.3-1locris1 |
| FSA669 | gnustep-base | Two vulnerabilities have been reported in GNUStep Base, which can be exploited by malicious, local users to potentially gain escalated privileges or disclose sensitive information | gnustep-base-1.18.0-2locris1 |
| FSA668 | kernel | Three vulnerabilities have been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) | kernel-2.6.32-4locris2 |
| FSA667 | fetchmail | Fetchmail did not properly sanitize external input (mail headers and UID) | fetchmail-6.3.16-1locris1 |
| FSA666 | cacti | A vulnerability has been reported in Cacti, which can be exploited by malicious users to conduct SQL injection attacks | cacti-0.8.7e-2locris1 |
| FSA665 | nano | Some security issues have been reported in GNU nano, which can be exploited by malicious, local users to perform certain actions with escalated privileges | nano-2.0.9-2locris1 |
| FSA664 | polkit | A weakness has been reported in PolicyKit, which can be exploited by malicious, local users to disclose certain system information | polkit-0.96-3locris1 |
| FSA663 | memcached | A weakness has been reported in memcached, which can be exploited by malicious, local users to potentially cause a DoS (Denial of Service) | memcached-1.4.5-1locris1 |
| FSA662 | glibc | Dan Rosenberg reported two security issues in glibc: 1) "ncpmount" and "mount.cifs" failed to properly sanitize provided mountpoint directory names (specifically, special characters such as newlines were not stripped) | glibc-2.11.1-2locris1 |
| FSA661 | j2sdk | A vulnerability has been discovered in Sun Java, which can be exploited by malicious people to compromise a user's system | j2sdk-6-23locris1 |
| FSA660 | sudo | A security issue has been reported in sudo, which can be exploited by malicious, local users to gain escalated privileges | sudo-1.7.2-4locris1 |
About the newsletter
Author
The Frugalware newsletter is written and edited by Russell Dickenson (AKA phayz). Credit for the Frugalware distribution goes to the development team.
Translations
The newsletter is currently translated into French and Danish by their respective communities as soon as possible. Please be patient as it can take some time to translate each issue. Thanks to all those involved in providing and hosting these translations.
Release
To allow time for review and corrections, each newsletter is written ahead of its release date. Therefore it may not mention events which occurred in the few days before its release - e.g. security fixes. To be sure that you've got the very latest information on these topics, go to the appropriate page of the Frugalware web site.
Feedback
If you have feedback about the Frugalware newsletter - whether good or bad - please provide it via the forums. Your feedback is valuable because we want the newsletter to meet the needs of Frugalware's users.