Dot Down, Master Down, Newsforge on Largo

The dot was down again this weekend as many of you had noticed,
and while I myself was blissfully enjoying Halifax. This time it was the result of somebody exploiting a security hole in our apache configuration and DoS'ing us in the process. We've closed up the problem, and hopefully we will go forward with our plans to provide better availability in the future. In worse news, master.kde.org, one of the key KDE servers that handles mail, mailing lists, KDE FTP, several websites, and some other duties has been unreachable for some time now -- word on the street is that the machine has suffered a big harddrive crash over at Uni-Tuebingen. As a result of this, primary KDE communications have been cut, packagers can't upload the binary packages for KDE 2.2, and inevitably the KDE 2.2 official release has been delayed. Hang in there folks, hardworking KDE people are busy migrating essential services over to other servers. In more fun news, Newsforge is running some interesting coverage of the Linux/KDE deployment by the City of Largo, Florida, that we featured on the dot some time ago. (as seen on Slashdot)
Other tidbits that may be of interest: KMonop has now been renamed to Atlantik, and Otter wrote in with the good news that kde.themes.org is not dead but simply undergoing a big upgrade. Get ready to submit those KDE2 themes!

Dot Categories: 

Comments

by elliott (not verified)

i bet microsoft did it.

by KDE User (not verified)

In theme news, Liquid 0.4 is out.

by ac (not verified)

mosfet.org appears to be running on a 28.8 modem.

by someone (not verified)

Mosfet, better update http://www.mosfet.org than repeating here what was written long ago in the apps.kde.com ticker.

by Mosfet (not verified)

Huh? I keep mosfet.org updated with the latest Liquid version. As for repeating things here I wasn't the one to make the original post... but I can't help it if people like Liquid ;-) I use my own account when posting here, even when flaming people :P

by somone (not verified)

mosfet.org still says "News 07/25: High Performance Liquid Version 0.3 is available" as latest news.

by Mosfet (not verified)

I keep the Liquid page updated with the latest version info. I don't work much on the index page, as I have better things to do like actually code. What have you done lately?

I still didn't make the original post so your comment's still a stupid troll, Mr. Anonymous ;-)

by Oh sure! (not verified)

Perhaps you should look into openBSD and RAID for your servers.

by AC (not verified)

Good RAID is expensive. Cheap RAID is evil.

It would be nice if all websites could be run on 8-way UltraSparcs, but unfortunately they can't:)

OpenBSD is not an entirely bad suggestion though:)

by Carbon (not verified)

Not even OpenBSD is magical enough to counteract moving-part hardware failure.

by Oh sure! (not verified)

No, OpenBSD may help with the security holes though.

As for the RAID, I'm sure that the KDE folks know enough about servers (!) to understand the issues. Since KDE doesn't run on RAID, the money must not be there. Perhaps now IBM or someone else could be talked into a donation though. It would be for a good cause...

by victwenty (not verified)

OpenBSD has a lot going for it but is hardly a magic security tonic. It is secure by default because it runs the absolute minimum and what it does run by default has been pretty well tested. Add an application that is open to a DoS attack for whatever reason, and as far as that goes it becomes pretty irrelevant what type of unix you're running on--it just plain won't work if exploited. If OpenBSD user don't realise this, it's secure default install probably does as much harm as good. Sysadmins being put under the impression that they don't have to worry about security is a bad thing.. we're a lazy enough group as is.

by dingodonkey (not verified)

OpenBSD... that's what I'm running on my development box, I should probably move the ole web server over to that one of these days, but I'm too lazy. I also think that would be a good move :)

I hear 2.9 is nice, I'm still running 2.7... too lazy to download and recompile

by jeb (not verified)

KDE 2.2-Final binary packages have been in Debian Woody all day. Ah, the beauty of a distributed, volunteer effort.

Make sure to dist-upgrade right away.

by Carbon (not verified)

Hmm, the translation packages and several others still appear to be marked beta.

by its_me (not verified)

there are also SuSE KDE 2.2 final packages on
http://www.suse.de/en/support/download/LinuKS/index.html

by sgipan (not verified)

thanx 4 the link - never would have looked anywhere else when it is not officially announced/available on kde.org! now: in what order do I install them? I go into console mode and with yast1 first qt, then kdelibs, then all the rest at once?

by Evandro (not verified)

Yes. But it's safe to select all the packages you downloaded before starting the installation.

rpm should take care of the order to use to upgrade.

by anon (not verified)

German users can use ftp://ftp.gwdg.de/pub/linux/suse/ftp.suse.com/suse/i386/KDE/update_for_7... to get Suse source packages.

by Stefan Heimers (not verified)

What apt sources do you use? I still get kde 2.1.1 for woody.

My sources.list:

deb ftp://sunsite.cnlab-switch.ch/mirror/debian/ woody main non-free contrib
deb ftp://debian.ethz.ch/mirror/debian/ woody main non-free contrib
deb ftp://ftp.debian.org/debian/ woody main non-free contrib

I see the packages in the pool directory, but they are not found by apt-get dist-upgrade or apt-get install kdebase.

And yes, I did apt-get update!

Stefan

by Arondylos (not verified)

yep, the original poster was inaccurate unfortunately. I'm sure he meant unstable (sid) instead of testing (woody). KDE 2.2 is indeed not yet in woody.

(since I'm using unstable, I enjoy my KDE 2.2 fix though ;-))

-Arondylos

by ac (not verified)

and add to that it is compiled with objprelink
Cheers!

by Ben Hall (not verified)

Wow! The speed difference is quite noticeable.

I have an Athlon 900 with 768MB RAM and two Debian installations: A Libranet/Woody mix as the stable one and Sid for fun. I've compiled KDE 2.2 myself on the stable system, and the one is Sid seems a lot more responsive.

Konsole, Kate and KControl open instantly, Koqnueror takes less than two seconds.

Wow. I hope this speed trick makes it in to the regular KDE distro, it's pretty sweet.

Hey, putting it in Debian Sid ought to give it the wide testing that was mentioned in th KC article.

Oh, way to go KDE team. 2.2 is simply outstanding. The depth of this environment is amazing.

Ben

by pk jithesh (not verified)

i want to upgrade kde 3.1.2
give proper ftp sites

by Arondylos (not verified)

posting here (in an article from 2001) is sure to let you be ignored, if the posters have notfication by mail turned off.

anyway, ftp.kde.org has the semi-official packages for woody:
ftp://ftp.kde.org/pub/kde/stable/latest/Debian
(read the README file there)

good luck
-arondylos

by Hans Spaans (not verified)

KDE 2.2.0 will make it in Woody, only it will take a day of 14 before it is in Woody. You can also download the Sid-packages and upgrade manually with dpkg.

by Pascal (not verified)

Why do people write viruses for Outlook/Windows ? Why do they attack www.microsoft.com, www.amazon.com ? Because they are famous targets, and if successful, they will have a huge impact, sometimes even in the news.

So why did they attack the dot ? Think positive:-)

This also calls for more distributive hosting for the KDE sites/repositories, to make it survive this kind of attack...

Pascal

by Kraig (not verified)

They attacked the dot because they are pathetic little gnomers who are growing tired of constantly being out done.

by TrollAlert v0.1 (not verified)

You have trolled.

You will now be denied tea and biscuits for two days.

Do *not* troll again!

Thank you.

by David G. Watson (not verified)

Heh... have you seen my posts on /. or something? I go by "The Troll Catcher" :).

But I like TrollAlert v0.1 better... ;)

by dingodonkey (not verified)

While I agree trolling is a BAD BAD EVIL THING, that was the first thought that entered my mind when I read the story :)

Poor dot, I don't think it's ever been up for a month straight :)

by ScumRemover Pro (not verified)

Craig (he usually spells it with a "C") trolls everywhere. You should see the junk he posts on MandrakeForum.com. What a joke.

by VisualC (not verified)

Who are you Pascal???
How did you know it was me "VisualC" who attacked the dot??? :-)

by someone (not verified)

Seems like the university of Bonn has taken over ftp.kde.org and they have the KDE 2.2 release online under ftp://ftp.kde.org/pub/kde/stable/2.2 I hope that their anoncvs-server is not slowed down to much because of this. ftp.us.kde.org and ftp.us.kde.org haven't mirrored it yet, did the path change on the server? http://bugs.kde.org is still down.

by 2WhyNo (not verified)

Which is better to build KDE 2.2, gcc 3.0 or 2.96 from Mandrake 8.0 ?

Does objprelink works with Mandrake 8.0 (glibc 2.2.2) ?

TIA

by someone (not verified)

gcc 2.96. There are some issues with Mandrake 8 as far I remember, perhaps you need a new binutils or objprelink doesn't compile unter Mandrake 8 but someone made available a binary which he compiled under Mandrake 7 which also works unter Mandrake 8. Something like that, please search in the KDE mailing list-archive.

by steve (not verified)

Re: FTP and mailing-lists are up again

by Marko Samastur (not verified)

I'm going through the same cycle every year. I install latest Red Hat distribution (as long it's not .0 release) and feel great. I start to wonder how come I've been so fed up with it last year, but can't remember. And then few months pass, new KDE release comes along, I download all the packages for my distribution and I REMEMBER.

It's because there's always problems with installing new release of KDE on it. I can never just upgrade the damn thing. There's always some catch. And new packages always depend on things that are not a part of distribution and, what's really annoying, are not even part of updates that can be found on Red Hat's site.

Sadly this time is no different. I downloaded all stuff and discovered the following:

kdebase wants following libraries:
libvorbis.so
libcrypto.so
libssl.so.2
I have no idea why rpm didn't find first two, but last one simply doesn't exist. And I have no idea where I should get it. I know where it isn't and that's latest openssl updates found on RH's servers.

kdebindings-python wants python2.1. Fair enough. But you can't have it for RH. You only get (in powertools) 2.0 and there's no update either.

Similar thing for kdeaddons-noatun. You need SDL1.2.

And there's kdeadmin, which wants rpm 4.0.3. RH 7.1 ships with 4.0.2 and there are no updates of rpm on RH sites.

So, now I have KDE 2.2, which btw looks great, that I can't trust when it comes to security. That is if it doesn't core dumps because of missing library.

I know these packages are done on voluntary bases and I really do appreciate this. Thank you for your effort. If my post sounded to hard on the packager, I really do apologize. It's just difficult to go through the same frustration every time and I wrote it in hope that next time it would be better.

But nothing will make me happier than someone who can demonstrate that I'm just an idiot by pointing out those missing packages to me.

by ac (not verified)

Maybe you can use www.rpmfind.net or freshmeat.net to get RPMs, or you could go to:

www.vorbis.com
www.openssl.org
www.python.org

etc to get the very latest versions. If you are still stuck just do the usual google search e.g.

gg: libcrypto.so

in konqueror and it'll find something. HTH.

by Bee (not verified)

I have similar problems with a few previous releases, so I gave up. I suppose that packager has a messed RedHat instalation on his computer - in fact it should be a pure RedHat installation on a separate partition but I think that packager use the same system, which he use for everyday KDE development. Doesn't RedHat provide newest KDE packages ? It is RedHat's fault ...

by TJ (not verified)

Did you look in the nonkde section of the binary rpm's on the ftp server?

by Marko Samastur (not verified)

Yes. Did you? ;)

Seriously, I think I did all that's reasonable. I d/l everything that could be even remotely useful from Red Hat directory on ftp.kde.org, I looked on RH 7.1 discs and searched for updates on Red Hat servers.

I could probably find at least some if not all software needed in form of rpm packages somewhere on the net, but I don't feel comfortable installing software from completely unknown (untrusted) sources.

by Anony-Moose (not verified)

These are all great reasons to be a real man and compile from source.

So you can either stick with 2.1.1 or grow a pair and install 2.2.

Yes, it's a hell but well worth it. KDE is just too cool. I used http://rpmfind.net as usuall to find RPMs, it is extremely useful.

I did it this way and could finally install all the packages I needed to get KDE running. Here is my list ("ls |grep -v kde"):

SDL-1.2.2-2.i386.rpm
arts-2.2-1.i386.rpm
audiofile-0.2.1-2.i386.rpm
audiofile-devel-0.2.1-2.i386.rpm
fam-2.6.4-9.i386.rpm
fam-devel-2.6.4-9.i386.rpm
kdoc-2.2-1.noarch.rpm
libogg-1.0rc1-2.i386.rpm
libogg-devel-1.0rc1-2.i386.rpm
libvorbis-1.0rc1-5.i386.rpm
libxml2-2.4.1-2.i386.rpm
libxml2-devel-2.4.1-2.i386.rpm
libxslt-1.0.1-3.i386.rpm
libxslt-devel-1.0.1-3.i386.rpm
openssl-0.9.6b-3.i386.rpm
pcre-3.4-2.i386.rpm
pcre-devel-3.4-2.i386.rpm
popt-1.6.3-0.88.i386.rpm
rpm-4.0.3-0.88.i386.rpm
rpm-build-4.0.3-0.88.i386.rpm
rpm-devel-4.0.3-0.88.i386.rpm
rpm-perl-4.0.3-0.88.i386.rpm
rpm-python-4.0.3-0.88.i386.rpm

As a note, I recompiled RPM-4.0.3 from the src.rpm . Also, some of these packages are in non-kde. Also: I used the RawHide packages in some cases. FInally: my login screen screwed up, I cannot configure it from the KDE control-center. I think I know what it is but i'll try tomorrow.

By the way, I feel the same way (even though I have lots of simpathies for the RedHat folks.

THANK YOU VERY MUCH TO THE KDE COMMUNITY.
This release is just miles away from any other desktop experience under Linux.

Cheers,
-- leo

PS: I had to install things in a certain order, I had to use --force many times and some times use "rpm -i" instead of "rpm -U". I know, you can compile, but I like rpms to keep track of dependencies an for clean uninstallations ...

by Underground (not verified)

why is ther not 1 rmp to install the new kde 2.2 one my redhat 7.1 system now I have to download 10+ RPM and when I try to install the rpm's I get erors in my rpm installer

by Carbon (not verified)

Having less packages would not solve errors in rpm.
But telling us what the error is would :-)