Gentoo Weekly Newsletter 13 November 2006

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Gentoo Weekly Newsletter 13 November 2006

Chris Gianelloni
Gentoo Weekly Newsletter
This is the Gentoo Weekly Newsletter for the week of 13 November 2006.

1. Gentoo News

Anonymous CVS and SVN now available

The Gentoo Infrastructure team[1] is pleased to announce that they have
completed the configuration and testing of the anonymous read-only CVS and
SVN services for Gentoo repositories, and that these services are now
available for public use.


The anonymous services are primarily intended to help our non-developer
contributors easily produce patches and modifications (cvs diff/svn diff),
and provide easier access to the source for gentoo-hosted projects.

For our more enthusiastic of users out there, please note that the CVS and
SVN services are not any more up-to-date than what is available via rsync,
and may be an additional 30 minutes behind, based on load on various
machines. Please do not switch to using the CVS simply because you think
that it will get you the tree faster, or make you cooler. Compared to our
rsync distribution method, the anonymous services have considerably less
resources (both processing and bandwidth) behind them. Infrastructure will
not hesitate to block IP addresses that abuse this service.


CVS is limited to 5 concurrent users. It currently offers the following
repositories: gentoo, gentoo-projects, gentoo-src, and gentoo-x86

| Code Listing 1.1                                                          |
| Checking out from CVS                                                     |
| $ cvs -d :pserver:[hidden email]/var/cvsroot co <repo>      |


SVN has the following repositories: apache, baselayout, catalyst, devmanual,
eselect, genkernel, gentoo-alt, gentoo-python, gentoo-syntax, gentoo-vdr,
gentoolkit, gli, glsr, hardened, hwdata, keychain, linux-patches,
livecd-tools, portage, sandbox

| Code Listing 1.2                                                          |
| Checking out from SVN                                                     |
| $ svn co<repo>                    |

The front page of the service,, maintains an
accurate list of the repositories available, as well as holding complete
instructions and caveats.

Please file an Infrastructure bug[2] for any problems that might come up.


The gzip blocking previously discussed has been removed, due to bandwidth
constraints on the part of the server. The concurrent user limit has been
lowered correspondingly.

Thanks go to: kengland, robbat2, kingtaco, ramereth, and several others for
helping make this happen.

Engine Yard uses Gentoo clusters for Ruby on Rails service

Engine Yard uses Gentoo-based clusters for its Ruby on Rails deployment
service. There's a video about its use of Gentoo at In it, they talk about
how Gentoo has helped them in the design of their service and praise
Gentoo's customization capabilities. They also make several humorous
comments about Gentoo, such as "I'm pretty convinced that all the other
distros are built on Gentoo." They then go on to describe their upcoming Xen
domU image, which will be a Ruby on Rails development environment based on

2. Heard in the community


Symlinking out of a chroot

Brian Davis was planning on running his Apache server in a chroot. However,
he did not want to have to copy the pictures and other content to be served
into the chroot. He wanted to know if he could symlink out of the chroot to
the content.

Responding Gentooers pointed out that the symlinks wouldn't work and
suggested using mount --bind instead.

| Code Listing 2.1                                                          |
| Using --bind with mount                                                   |
| # mount --bind /source /chroot/target                                     |


New to Gentoo. Having trouble getting it started for the first time

Jon M had set up his root partition on /dev/hda3 using ReiserFS. When he
tried to boot, however, he received error messages including "VFS: Cannot
open root device "hda3" or unknown-block(0,0)".

Richard Fish responded that the "unknown-block(0,0)" showed that the kernel
could not find a device for hda3. This would be a symptom of failure to
compile in the necessary IDE device driver's for Jon's chipset or a failure
to compile int IDE support entirely.

Jon M had a look at the .config file for his kernel and indicated he'd
missed the device driver for his chipset.


3. Gentoo developer moves


The following developers recently left the Gentoo project:

  * none this week


The following developers recently joined the Gentoo project:

  * Alexander Færøy (eroyf) User Relations/Alpha/MIPS
  * Cédric Krier (cedk) netmon team


The following developers recently changed roles within the Gentoo project:

  * none this week

4. Gentoo security

NVIDIA binary graphics driver: Privilege escalation vulnerability

The NVIDIA binary graphics driver is vulnerable to a local privilege
escalation through an X session.

For more information, please see the GLSA Announcement[3]


Bugzilla: Multiple Vulnerabilities

Bugzilla is vulnerable to cross-site scripting, script injection, and
request forgery.

For more information, please see the GLSA Announcement[4]


Netkit FTP Server: Privilege escalation

An incorrect seteuid() call could allow an FTP user to access some files or
directories that would normally be inaccessible.

For more information, please see the GLSA Announcement[5]


5. Upcoming package removals

This is a list of packages that have been announced to be removed in the
future. The package removals come from many locations, including the
Treecleaners[6] and various developers.



Package:                    Removal date: Contact:
games-fps/ut2004-domain2049 10 Dec 06     Chris Gianelloni[7]
dev-db/dbbalancer           10 Dec 06     Tiziano Mueller[8]

   7. [hidden email]
   8. [hidden email]

6. Bugzilla


  * Statistics
  * Closed bug ranking
  * New bug rankings


The Gentoo community uses Bugzilla ([9]) to record and track
bugs, notifications, suggestions and other interactions with the development
team. Between 05 November 2006 and 12 November 2006, activity on the site
has resulted in:


  * 753 new bugs during this period
  * 484 bugs closed or resolved during this period
  * 15 previously closed bugs were reopened this period
  * 181 bugs marked as duplicates during this period

Of the 10914 currently open bugs: 29 are labeled 'blocker', 103 are labeled
'critical', and 487 are labeled 'major'.

Closed bug rankings

The developers and teams who have closed the most bugs during this period

  * Gentoo's Team for Core System packages[10], with 34 closed bugs[11]
  * Gentoo Linux Gnome Desktop Team[12], with 30 closed bugs[13]
  * PgSQL Bugs[14], with 22 closed bugs[15]
  * AMD64 Project[16], with 21 closed bugs[17]
  * X11 External Driver Maintainers[18], with 17 closed bugs[19]
  * Gentoo Games[20], with 15 closed bugs[21]
  * Gentoo Security[22], with 12 closed bugs[23]
  * Gentoo Sound Team[24], with 10 closed bugs[25]

  10. [hidden email]
  12. [hidden email]
  14. [hidden email]
  16. [hidden email]
  18. [hidden email]
  20. [hidden email]
  22. [hidden email]
  24. [hidden email]

New bug rankings

The developers and teams who have been assigned the most new bugs during
this period are:

  * Default Assignee for New Packages[26], with 26 new bugs[27]
  * AMD64 Project[16], with 9 new bugs[28]
  * X11 External Driver Maintainers[18], with 8 new bugs[29]
  * Sandro[30], with 8 new bugs[31]
  * Gentoo Sound Team[24], with 7 new bugs[32]
  * Java team[33], with 7 new bugs[34]
  * Gentoo X-windows packagers[35], with 6 new bugs[36]
  * Steve Arnold[37], with 6 new bugs[38]

  16. [hidden email]
  18. [hidden email]
  24. [hidden email]
  26. [hidden email]
  30. [hidden email]
  33. [hidden email]
  35. [hidden email]
  37. [hidden email]

7. GWN feedback

The GWN is staffed by volunteers and members of the community who submit
ideas and articles. If you are interested in writing for the GWN, have
feedback on an article that we have posted, or just have an idea or article
that you would like to submit to the GWN, please send us your feedback[39]
and help make the GWN better.

  39. [hidden email]

8. GWN subscription information

To subscribe to the Gentoo Weekly Newsletter, send a blank e-mail to
[hidden email].

To unsubscribe to the Gentoo Weekly Newsletter, send a blank e-mail to
[hidden email] from the e-mail address you are subscribed

9. Other languages

The Gentoo Weekly Newsletter is also available in the following languages:

  * Chinese (Simplified)[40]
  * Danish[41]
  * Dutch[42]
  * English[43]
  * German[44]
  * Greek[45]
  * French[46]
  * Korean[47]
  * Japanese[48]
  * Italian[49]
  * Polish[50]
  * Portuguese (Brazil)[51]
  * Portuguese (Portugal)[52]
  * Russian[53]
  * Slovak[54]
  * Spanish[55]
  * Turkish[56]


Ulrich Plate <[hidden email]> - Editor
Chris Atkinson <[hidden email]> - Author
Donnie Berkholz <[hidden email]> - Author
Robin H. Miller <[hidden email]> - Author
Chris Gianelloni <[hidden email]> - Author

[hidden email] mailing list