AUG
14
2001

Dot Down, Master Down, Newsforge on Largo

The dot was down again this weekend as many of you had noticed,
and while I myself was blissfully enjoying Halifax. This time it was the result of somebody exploiting a security hole in our apache configuration and DoS'ing us in the process. We've closed up the problem, and hopefully we will go forward with our plans to provide better availability in the future. In worse news, master.kde.org, one of the key KDE servers that handles mail, mailing lists, KDE FTP, several websites, and some other duties has been unreachable for some time now -- word on the street is that the machine has suffered a big harddrive crash over at Uni-Tuebingen. As a result of this, primary KDE communications have been cut, packagers can't upload the binary packages for KDE 2.2, and inevitably the KDE 2.2 official release has been delayed. Hang in there folks, hardworking KDE people are busy migrating essential services over to other servers. In more fun news, Newsforge is running some interesting coverage of the Linux/KDE deployment by the City of Largo, Florida, that we featured on the dot some time ago. (as seen on Slashdot)
Other tidbits that may be of interest: KMonop has now been renamed to Atlantik, and Otter wrote in with the good news that kde.themes.org is not dead but simply undergoing a big upgrade. Get ready to submit those KDE2 themes!

Comments

i bet microsoft did it.


By elliott at Tue, 2001/08/14 - 5:00am

In theme news, Liquid 0.4 is out.


By KDE User at Tue, 2001/08/14 - 5:00am

mosfet.org appears to be running on a 28.8 modem.


By ac at Tue, 2001/08/14 - 5:00am

Mosfet, better update http://www.mosfet.org than repeating here what was written long ago in the apps.kde.com ticker.


By Someone at Tue, 2001/08/14 - 5:00am

Huh? I keep mosfet.org updated with the latest Liquid version. As for repeating things here I wasn't the one to make the original post... but I can't help it if people like Liquid ;-) I use my own account when posting here, even when flaming people :P


By Mosfet at Wed, 2001/08/15 - 5:00am

mosfet.org still says "News 07/25: High Performance Liquid Version 0.3 is available" as latest news.


By somone at Wed, 2001/08/15 - 5:00am

I keep the Liquid page updated with the latest version info. I don't work much on the index page, as I have better things to do like actually code. What have you done lately?

I still didn't make the original post so your comment's still a stupid troll, Mr. Anonymous ;-)


By Mosfet at Wed, 2001/08/15 - 5:00am

Perhaps you should look into openBSD and RAID for your servers.


By Oh sure! at Tue, 2001/08/14 - 5:00am

Good RAID is expensive. Cheap RAID is evil.

It would be nice if all websites could be run on 8-way UltraSparcs, but unfortunately they can't:)

OpenBSD is not an entirely bad suggestion though:)


By AC at Tue, 2001/08/14 - 5:00am

Not even OpenBSD is magical enough to counteract moving-part hardware failure.


By Carbon at Tue, 2001/08/14 - 5:00am

No, OpenBSD may help with the security holes though.

As for the RAID, I'm sure that the KDE folks know enough about servers (!) to understand the issues. Since KDE doesn't run on RAID, the money must not be there. Perhaps now IBM or someone else could be talked into a donation though. It would be for a good cause...


By Oh sure! at Tue, 2001/08/14 - 5:00am

OpenBSD has a lot going for it but is hardly a magic security tonic. It is secure by default because it runs the absolute minimum and what it does run by default has been pretty well tested. Add an application that is open to a DoS attack for whatever reason, and as far as that goes it becomes pretty irrelevant what type of unix you're running on--it just plain won't work if exploited. If OpenBSD user don't realise this, it's secure default install probably does as much harm as good. Sysadmins being put under the impression that they don't have to worry about security is a bad thing.. we're a lazy enough group as is.


By victwenty at Tue, 2001/08/14 - 5:00am

OpenBSD... that's what I'm running on my development box, I should probably move the ole web server over to that one of these days, but I'm too lazy. I also think that would be a good move :)

I hear 2.9 is nice, I'm still running 2.7... too lazy to download and recompile


By dingodonkey at Tue, 2001/08/14 - 5:00am

KDE 2.2-Final binary packages have been in Debian Woody all day. Ah, the beauty of a distributed, volunteer effort.

Make sure to dist-upgrade right away.


By jeb at Tue, 2001/08/14 - 5:00am

Hmm, the translation packages and several others still appear to be marked beta.


By Carbon at Tue, 2001/08/14 - 5:00am

there are also SuSE KDE 2.2 final packages on
http://www.suse.de/en/support/download/LinuKS/index.html


By its_me at Tue, 2001/08/14 - 5:00am

thanx 4 the link - never would have looked anywhere else when it is not officially announced/available on kde.org! now: in what order do I install them? I go into console mode and with yast1 first qt, then kdelibs, then all the rest at once?


By sgipan at Tue, 2001/08/14 - 5:00am

Yes. But it's safe to select all the packages you downloaded before starting the installation.

rpm should take care of the order to use to upgrade.


By Evandro at Tue, 2001/08/14 - 5:00am

German users can use ftp://ftp.gwdg.de/pub/linux/suse/ftp.suse.com/suse/i386/KDE/update_for_7... to get Suse source packages.


By anon at Tue, 2001/08/14 - 5:00am

What apt sources do you use? I still get kde 2.1.1 for woody.

My sources.list:

deb ftp://sunsite.cnlab-switch.ch/mirror/debian/ woody main non-free contrib
deb ftp://debian.ethz.ch/mirror/debian/ woody main non-free contrib
deb ftp://ftp.debian.org/debian/ woody main non-free contrib

I see the packages in the pool directory, but they are not found by apt-get dist-upgrade or apt-get install kdebase.

And yes, I did apt-get update!

Stefan


By Stefan Heimers at Tue, 2001/08/14 - 5:00am

yep, the original poster was inaccurate unfortunately. I'm sure he meant unstable (sid) instead of testing (woody). KDE 2.2 is indeed not yet in woody.

(since I'm using unstable, I enjoy my KDE 2.2 fix though ;-))

-Arondylos


By Arondylos at Tue, 2001/08/14 - 5:00am

and add to that it is compiled with objprelink
Cheers!


By ac at Tue, 2001/08/14 - 5:00am

Wow! The speed difference is quite noticeable.

I have an Athlon 900 with 768MB RAM and two Debian installations: A Libranet/Woody mix as the stable one and Sid for fun. I've compiled KDE 2.2 myself on the stable system, and the one is Sid seems a lot more responsive.

Konsole, Kate and KControl open instantly, Koqnueror takes less than two seconds.

Wow. I hope this speed trick makes it in to the regular KDE distro, it's pretty sweet.

Hey, putting it in Debian Sid ought to give it the wide testing that was mentioned in th KC article.

Oh, way to go KDE team. 2.2 is simply outstanding. The depth of this environment is amazing.

Ben


By Ben Hall at Wed, 2001/08/15 - 5:00am

i want to upgrade kde 3.1.2
give proper ftp sites


By pk jithesh at Mon, 2003/10/13 - 5:00am

posting here (in an article from 2001) is sure to let you be ignored, if the posters have notfication by mail turned off.

anyway, ftp.kde.org has the semi-official packages for woody:
ftp://ftp.kde.org/pub/kde/stable/latest/Debian
(read the README file there)

good luck
-arondylos


By Arondylos at Mon, 2003/10/13 - 5:00am

KDE 2.2.0 will make it in Woody, only it will take a day of 14 before it is in Woody. You can also download the Sid-packages and upgrade manually with dpkg.


By Hans Spaans at Tue, 2001/08/14 - 5:00am

Why do people write viruses for Outlook/Windows ? Why do they attack www.microsoft.com, www.amazon.com ? Because they are famous targets, and if successful, they will have a huge impact, sometimes even in the news.

So why did they attack the dot ? Think positive:-)

This also calls for more distributive hosting for the KDE sites/repositories, to make it survive this kind of attack...

Pascal


By Pascal at Tue, 2001/08/14 - 5:00am

They attacked the dot because they are pathetic little gnomers who are growing tired of constantly being out done.


By Kraig at Tue, 2001/08/14 - 5:00am

You have trolled.

You will now be denied tea and biscuits for two days.

Do *not* troll again!

Thank you.


By TrollAlert v0.1 at Tue, 2001/08/14 - 5:00am

Heh... have you seen my posts on /. or something? I go by "The Troll Catcher" :).

But I like TrollAlert v0.1 better... ;)


By David G. Watson at Tue, 2001/08/14 - 5:00am

While I agree trolling is a BAD BAD EVIL THING, that was the first thought that entered my mind when I read the story :)

Poor dot, I don't think it's ever been up for a month straight :)


By dingodonkey at Tue, 2001/08/14 - 5:00am

Craig (he usually spells it with a "C") trolls everywhere. You should see the junk he posts on MandrakeForum.com. What a joke.


By ScumRemover Pro at Wed, 2001/08/15 - 5:00am

Who are you Pascal???
How did you know it was me "VisualC" who attacked the dot??? :-)


By VisualC at Tue, 2001/08/14 - 5:00am

Seems like the university of Bonn has taken over ftp.kde.org and they have the KDE 2.2 release online under ftp://ftp.kde.org/pub/kde/stable/2.2 I hope that their anoncvs-server is not slowed down to much because of this. ftp.us.kde.org and ftp.us.kde.org haven't mirrored it yet, did the path change on the server? http://bugs.kde.org is still down.


By Someone at Tue, 2001/08/14 - 5:00am

Which is better to build KDE 2.2, gcc 3.0 or 2.96 from Mandrake 8.0 ?

Does objprelink works with Mandrake 8.0 (glibc 2.2.2) ?

TIA


By 2WhyNo at Wed, 2001/08/15 - 5:00am

gcc 2.96. There are some issues with Mandrake 8 as far I remember, perhaps you need a new binutils or objprelink doesn't compile unter Mandrake 8 but someone made available a binary which he compiled under Mandrake 7 which also works unter Mandrake 8. Something like that, please search in the KDE mailing list-archive.


By Someone at Wed, 2001/08/15 - 5:00am

Re: FTP and mailing-lists are up again


By steve at Sun, 2001/12/23 - 6:00am

I'm going through the same cycle every year. I install latest Red Hat distribution (as long it's not .0 release) and feel great. I start to wonder how come I've been so fed up with it last year, but can't remember. And then few months pass, new KDE release comes along, I download all the packages for my distribution and I REMEMBER.

It's because there's always problems with installing new release of KDE on it. I can never just upgrade the damn thing. There's always some catch. And new packages always depend on things that are not a part of distribution and, what's really annoying, are not even part of updates that can be found on Red Hat's site.

Sadly this time is no different. I downloaded all stuff and discovered the following:

kdebase wants following libraries:
libvorbis.so
libcrypto.so
libssl.so.2
I have no idea why rpm didn't find first two, but last one simply doesn't exist. And I have no idea where I should get it. I know where it isn't and that's latest openssl updates found on RH's servers.

kdebindings-python wants python2.1. Fair enough. But you can't have it for RH. You only get (in powertools) 2.0 and there's no update either.

Similar thing for kdeaddons-noatun. You need SDL1.2.

And there's kdeadmin, which wants rpm 4.0.3. RH 7.1 ships with 4.0.2 and there are no updates of rpm on RH sites.

So, now I have KDE 2.2, which btw looks great, that I can't trust when it comes to security. That is if it doesn't core dumps because of missing library.

I know these packages are done on voluntary bases and I really do appreciate this. Thank you for your effort. If my post sounded to hard on the packager, I really do apologize. It's just difficult to go through the same frustration every time and I wrote it in hope that next time it would be better.

But nothing will make me happier than someone who can demonstrate that I'm just an idiot by pointing out those missing packages to me.


By Marko Samastur at Wed, 2001/08/15 - 5:00am

Maybe you can use www.rpmfind.net or freshmeat.net to get RPMs, or you could go to:

www.vorbis.com
www.openssl.org
www.python.org

etc to get the very latest versions. If you are still stuck just do the usual google search e.g.

gg: libcrypto.so

in konqueror and it'll find something. HTH.


By ac at Wed, 2001/08/15 - 5:00am

I have similar problems with a few previous releases, so I gave up. I suppose that packager has a messed RedHat instalation on his computer - in fact it should be a pure RedHat installation on a separate partition but I think that packager use the same system, which he use for everyday KDE development. Doesn't RedHat provide newest KDE packages ? It is RedHat's fault ...


By Bee at Wed, 2001/08/15 - 5:00am

Did you look in the nonkde section of the binary rpm's on the ftp server?


By TJ at Wed, 2001/08/15 - 5:00am

Yes. Did you? ;)

Seriously, I think I did all that's reasonable. I d/l everything that could be even remotely useful from Red Hat directory on ftp.kde.org, I looked on RH 7.1 discs and searched for updates on Red Hat servers.

I could probably find at least some if not all software needed in form of rpm packages somewhere on the net, but I don't feel comfortable installing software from completely unknown (untrusted) sources.


By Marko Samastur at Wed, 2001/08/15 - 5:00am

These are all great reasons to be a real man and compile from source.

So you can either stick with 2.1.1 or grow a pair and install 2.2.


By Anony-Moose at Wed, 2001/08/15 - 5:00am

Yes, it's a hell but well worth it. KDE is just too cool. I used http://rpmfind.net as usuall to find RPMs, it is extremely useful.

I did it this way and could finally install all the packages I needed to get KDE running. Here is my list ("ls |grep -v kde"):

SDL-1.2.2-2.i386.rpm
arts-2.2-1.i386.rpm
audiofile-0.2.1-2.i386.rpm
audiofile-devel-0.2.1-2.i386.rpm
fam-2.6.4-9.i386.rpm
fam-devel-2.6.4-9.i386.rpm
kdoc-2.2-1.noarch.rpm
libogg-1.0rc1-2.i386.rpm
libogg-devel-1.0rc1-2.i386.rpm
libvorbis-1.0rc1-5.i386.rpm
libxml2-2.4.1-2.i386.rpm
libxml2-devel-2.4.1-2.i386.rpm
libxslt-1.0.1-3.i386.rpm
libxslt-devel-1.0.1-3.i386.rpm
openssl-0.9.6b-3.i386.rpm
pcre-3.4-2.i386.rpm
pcre-devel-3.4-2.i386.rpm
popt-1.6.3-0.88.i386.rpm
rpm-4.0.3-0.88.i386.rpm
rpm-build-4.0.3-0.88.i386.rpm
rpm-devel-4.0.3-0.88.i386.rpm
rpm-perl-4.0.3-0.88.i386.rpm
rpm-python-4.0.3-0.88.i386.rpm

As a note, I recompiled RPM-4.0.3 from the src.rpm . Also, some of these packages are in non-kde. Also: I used the RawHide packages in some cases. FInally: my login screen screwed up, I cannot configure it from the KDE control-center. I think I know what it is but i'll try tomorrow.

By the way, I feel the same way (even though I have lots of simpathies for the RedHat folks.

THANK YOU VERY MUCH TO THE KDE COMMUNITY.
This release is just miles away from any other desktop experience under Linux.

Cheers,
-- leo

PS: I had to install things in a certain order, I had to use --force many times and some times use "rpm -i" instead of "rpm -U". I know, you can compile, but I like rpms to keep track of dependencies an for clean uninstallations ...


By Leo Milano at Wed, 2001/08/15 - 5:00am

why is ther not 1 rmp to install the new kde 2.2 one my redhat 7.1 system now I have to download 10+ RPM and when I try to install the rpm's I get erors in my rpm installer


By Underground at Wed, 2001/08/15 - 5:00am

Having less packages would not solve errors in rpm.
But telling us what the error is would :-)


By Carbon at Wed, 2001/08/15 - 5:00am