Slashdot Mirror

Eric Sun writes "For you die-hard Apache users out there, the seventh alpha version of Apache 2.0 has been released. A list of the new features can be found here. As always, you can download it from the distribution site."

Mixhaus asks: "I'm trying to promote the Linux culture in my company. I want to migrate or at least start all new web projects on a Linux/Apache setup. Currently all the development is done on IIS/ASP with MSSQL 7.0. Has anybody done this kind of migration before? Any suggestions?"

"These are some of the questions that come up to my mind:

• Be able to migrate IIS to Apache first, and still be able to access the MSSQL databases (FreeTDS?)
• Use a scripting syntax similar to ASP so that the programmers don't have much of a headache learning new stuff (PHP looks like a solution).
• Migrate MSSQL 7 to MySQL, PostgreSQL or other (Which one is better for web development?)
• Web log reports (I need to generate reports on the web site usage. What weblog report generators are available for Linux? Which ones do you use? Are there any that generate graphs, charts, etc..?)

Thanks to the whole Slashdot Community!"

jonstevens writes: "Apache Velocity is a clean room implementation of the Java based MVC template engine WebMacro and is available on the Jakarta.apache.org Web site. Velocity is an alternative to other template technologies such as JSP. Velocity is available under the non-restrictive Apache Software Foundation license (WebMacro is only available under the GPL license). It has been developed primarily by Jason van Zyl (Periapt) with sideline help from Daniel Rall (CollabNet) and Jon S. Stevens (CollabNet)."

jonstevens writes: "Apache Velocity is a clean room implementation of the Java based MVC template engine WebMacro and is available on the Jakarta.apache.org Web site. Velocity is an alternative to other template technologies such as JSP. Velocity is available under the non-restrictive Apache Software Foundation license (WebMacro is only available under the GPL license). It has been developed primarily by Jason van Zyl (Periapt) with sideline help from Daniel Rall (CollabNet) and Jon S. Stevens (CollabNet)."

smooc writes "The Apache Group has released the sixth Apache 2.0alpha in a row. Downloads can be found here.
Damn, and I just installed alpha5."

smooc writes "The Apache Group has released the sixth Apache 2.0alpha in a row. Downloads can be found here.
Damn, and I just installed alpha5."

smooc writes "The Apache Group has released the sixth Apache 2.0alpha in a row. Downloads can be found here.
Damn, and I just installed alpha5."

Apache 2.0a5 seems to have gotten C|Net's attention today in an article with a few factual errors. For example, despite the misquote in the last paragraph, Apache can currently use several technologies, such as mod_perl and PHP (as modules), currently. Also, spawning a new process for each request is something Apache hasn't done in ages. Still, it's nice seeing some acknowledgement of Apache's effort!

Nirvani writes "Just an FYI for all you Apache diehards; The Apache Group has just announced that Apache 2.0a5 Alpha is now available. Feel free to download, test and submit your bugreports back to the Apache Group."

Nirvani writes "Just an FYI for all you Apache diehards; The Apache Group has just announced that Apache 2.0a5 Alpha is now available. Feel free to download, test and submit your bugreports back to the Apache Group."

Nirvani writes "Just an FYI for all you Apache diehards; The Apache Group has just announced that Apache 2.0a5 Alpha is now available. Feel free to download, test and submit your bugreports back to the Apache Group."

woggo writes "The Jakarta project quietly posted the release of ORO Matcher 2.0 this week; Dan Savarese has donated it to Apache under an open-source license. For those who don't know, ORO is a great regular expression package which supports Perl and awk-style pattern matching and substitution in Java -- something that servlet authors generally need. ORO alleged it would come out 'in early June,' but better late than never. This new version looks really cool, and requires Java 2. Download it here."

woggo writes "The Jakarta project quietly posted the release of ORO Matcher 2.0 this week; Dan Savarese has donated it to Apache under an open-source license. For those who don't know, ORO is a great regular expression package which supports Perl and awk-style pattern matching and substitution in Java -- something that servlet authors generally need. ORO alleged it would come out 'in early June,' but better late than never. This new version looks really cool, and requires Java 2. Download it here."

nellardo asks: "I know that, these days, most web sites are running on Apache and many are running on Linux or some flavor of BSD as well. But what are the biggest sites that go beyond that? We've talked about open-source application servers and the like here before, but where are these being used? Why do I ask? Well, duh, I'm trying to convince management :-) Seriously, CMP uses Mason and Slashdot uses Slashcode, but what are some of the other large ones?"

Mozilla's latest milestone, M17, arrived today(ish); early adopters, go thou and download. And while you're waiting, check out this summary of the state of the art of PNG written by Greg Roelofs. PNG is ready for prime time in its Mozilla incarnation (though there are a few outstanding issues). Imminent takeover of the net predicted. Film at 11. Update later by J: OK, so M17 isn't available yet. Mea culpa; Greg and I misread a planning page. Here are Greg's comments/corrections to clear up the matter.

PNG, MNG, JNG and Mozilla M17
26 June 2000
by Greg Roelofs

PNG support in Mozilla has improved greatly over the last few releases ("milestones"), and with each milestone comes a corresponding Slashdot posting and a lot of discussion. Unfortunately, not all of the discussion is entirely accurate, so here's a preemptive posting that attempts to update folks on the status of PNG support in Mozilla and other apps and to clear up some of the more common misconceptions. (This seems to be an annual event...)

Home Page

First of all, the PNG home page got booted off of cdrom.com in early March, and in early May it settled into what should be its absolutely final home:

• http://www.libpng.org/pub/png/
• ftp://ftp.libpng.org/pub/png/

This is currently hosted on freesoftware.com, Walnut Creek CD-ROM's new site for free software (quel surprise!), but if something should ever happen to Walnut Creek, libpng.org will be redirected appropriately. (On a related note, the new zlib URL is http://www.info-zip.org/pub/infozip/zlib/, which is also currently hosted on freesoftware.com.)

PNG Features for the Web

Insofar as this is ostensibly a Mozilla posting, let's have a brief rundown of the PNG features that are most useful to Web designers:

• alpha transparency - This is geek jargon for partial or variable transparency, and it lets you do nice effects that are independent of the background color(s), such as antialiased (non-jaggy) text, drop shadows, gradient fades, and translucency. PNG not only supports a full 8-bit alpha channel in grayscale and RGB images but also what amounts to an "RGBA palette" in colormapped images. The latter lets you do nice transparency without a huge hit in file size. For example, all but one of the transparent images on my PNG alpha-transparency test page are 8-bit or less; the lone exception (one of the toucans) is a 32-bit RGBA image, virtually indistinguishable from its 8-bit cousins. Note that PNG supports only unassociated (non-premultiplied) alpha, since the alternative is not lossless.

• gamma correction - Gamma allows you to display the same image on different platforms without looking too dark on some and too light on others. For best results it does require that both the designer's display system and the user's be calibrated, but even educated guessing is better than nothing in a viewing program (which is what Mozilla does). Warning! Watch out for Adobe Photoshop; version 5.0 had a serious factor-of-two bug in its PNG gamma support, and 4.0 also had some problems. (Things seem to be fixed in 5.5, however.)

• color correction - Where gamma has to do with image "brightness," color correction has to do with rendering shades of color precisely. PNG supports it, but not many applications do; it's pretty tricky to get right. Note that Photoshop 5.5 writes incorrect PNG "iCCP" chunks, and this will crash applications based on libpng 1.0.6. (Older versions of libpng ignore the chunk, and the soon-to-be-released libpng 1.0.7 will work around it.) Also note that feeding a valid iCCP chunk to PS 5.5 will hang it.

• compression - A lot of people have some seriously crazy ideas about PNG's compression. Here's the straight dope:
  • PNGs tend to be 15% to 20% smaller than equivalent GIFs on average. There are some GIFs, particularly 32- or 64-color ones, that are smaller than the best PNGs, but usually by only a couple of percent. There are also many that are more than twice as large as the corresponding PNGs, but these tend to be tiny images. (One exception is this image, which is dimensionally rather large yet only 1/3 the file size of the GIF version.)

  • PNGs tend to be much larger than standard JPEGs. JPEGs are lossy, while PNGs are lossless; for natural (photographic) material, no lossless format can compete with JPEG--PNGs will typically be 5 or 10 times as large. On the other hand, for simple graphics or text-filled images with relatively few colors and sharp edges, JPEG is much worse, both in quality and in file size. (This means you, Slackware guys!) Use the proper tool for the job--no single image format is best in all cases.

  • PNG is roughly comparable to JPEG-LS, the new lossless JPEG standard. On the Waterloo BragZone test suite, JPEG-LS beat PNG by 5% to 10% on natural images, but PNG beat JPEG-LS by 35% to 270% on "artistic" images. YMMV.

  • PNG's compression method can be implemented in such a way that it is completely free of all known patents, but it can also be implemented in such a way that it infringes on patents held by PKWARE, Stac and others. You can guess which way zlib was written. Folks who are neither rich nor expert in patent law should probably stick to zlib- and libpng-based implementations.

  • Unlike (LZW-based) GIF, in which the compression is basically deterministic--that is, you end up with pretty much the same data regardless of who does the compression--PNG's scheme leaves a lot of room for optimization. Some programs do a good job, some don't. The GIMP happens to be one of the good ones, as is pngcrush. Photoshop traditionally has been one of the not-so-good ones, although version 5.5 includes a "Save for Web" option that presumably invokes ImageReady. ImageReady 1.0 was mediocre and reportedly isn't much better in its current release (i.e., pngcrush beats it by 15% to 25%), but it is better than Photoshop's normal "Save as" option.

  • The compression engine can't help clueless users who perform apples-and-oranges comparisons. If you start with a truecolor image and save it as both GIF and PNG, chances are the PNG will be 24-bit while the GIF will be 8-bit. Guess what? It's pretty tough to overcome that initial 3:1 deficit, no matter how good your compression engine is. (If you're not sure what kind of PNGs you have, check!) Also don't add a lot of text annotations to the PNG--unless you do the same to the GIF--and especially don't add a useless alpha channel to opaque images! (That last is directed at the Burn All GIFs folks...) Recompressing an image after it's been through JPEG compression is also a bad idea; JPEG leaves a lot of nasty little artifacts (often invisible to the naked eye) that screw up non-JPEG compressors.

• interlacing - PNG's interlacing scheme is two-dimensional, much like progressive JPEG, but unlike GIF--which uses a one-dimensional, line-based scheme. The upshot is that an interlaced PNG with text in it will be readable roughly twice as soon as the corresponding interlaced GIF.

• animation - Nope. But see MNG, below.

• MIME type - image/png. If PNG images on your server show up as broken images within Web pages and as gobbledygook text when referenced directly (i.e., as standalone URLs), you probably don't have the MIME type set up correctly. On the other hand, if they show up correctly for MSIE and some versions of Netscape but not others, you're probably running Microsoft's IIS server. Technically it's a bug in older versions of Netscape (versions 4.04 through 4.5), but consider switching to Apache anyway...

• browser compatibility - We'll get to that in a moment.

PNG Extensions and the Future

PNG is extensible. PNG is lossless. PNG is a single-image, raster (bitmap) format. One of its overriding design goals was backward compatibility. As a result, don't expect to see any sort of lossy compression methods (JPEG is doing a fine job of that, with the exception of transparency--but see JNG, below). Also don't expect to see any vector-based extensions--SVG with gzip content-encoding has that covered. Indeed, don't expect to see any new, incompatible compression methods for quite a while. Until there are lossless methods that can, on average, halve the size of PNG images, the cost in software compatibility is far too great. (Keep in mind that there still browsers that don't support progressive JPEG, and that was a relatively trivial change! And let's not even talk about JPEG 2000...)

PNG is also not going to become an animated format. Leaving multiple-image support out of PNG was a conscious design decision by the PNG development group, and it's still the right decision. Overloading a still image format with animation or video features merely confuses users and Web browsers, which have no way to distinguish still images from animations without prying into the data streams (which usually means downloading them first). Developers who prefer to program monolithically can always program for MNG instead; it's architecturally identical to PNG, and PNG is a pure subset of MNG.

Related Formats

MNG: As the previous paragraph suggests, the animated version of PNG is called MNG, for Multiple-image Network Graphics. It supports looping (including nested loops), clipping, deltas, and other features, plus everything PNG supports--including alpha transparency, of course. The home page is here:

• http://www.libpng.org/pub/mng/
• ftp://ftp.libpng.org/pub/mng/

Since this spring, a free reference library, libmng, has been under development by Gerard Juyn; its home page is at:

• http://www.libmng.com/

Note that the MIME type is video/x-mng; it has not yet been registered with the IETF. Undoubtedly there will be many misconfigured Web servers in coming years...

JNG: JNG is short for JPEG Network Graphics and is a proper subset of MNG, just as PNG is, but it's worth a separate mention. The idea is to combine the best of both worlds: JPEG's excellent compression and PNG's incredibly spiffy alpha transparency and color correction. JNG is almost identical to PNG, but in addition to standard IDAT chunks (which in JNG contain the alpha channel), there are also JDAT chunks that contain a standard JPEG/JFIF stream (suitable for handing off to libjpeg). From a developer's standpoint, if you've got support for both PNG alpha and ordinary JPEG/JFIF, adding JNG is a breeze. Of course, JNG is also supported by recent libmng betas. Its MIME type is image/x-jng.

Browser Status

Most browsers have supported PNG since at least late 1997 (when Netscape Navigator and Microsoft Internet Explorer finally did), but almost without exception, their support for alpha transparency has been abominable. Amazingly enough, it seems that 2000 may be the year that browsers finally support it, more or less ubiquitously. In April alone there were three newcomers, with another in May; so far this year, the total has more than doubled. Here's the current list of browsers that at least attempt to do alpha transparency correctly, with their supported platforms indicated in italics. If screen shots of the PNG alpha-transparency test page are available, they're linked to the browser name:

• Arena (Unix/X) - this was the first browser with good alpha support (at least for Unix, and I think anywhere). It died in 1998, however, and the final release tends to core-dump on PNG images. It always used its own "sandy" background pattern rather than that specified in the HTML. (Very old screen shot.)
• Browse (RISC OS) - Acorn's browser was the first to fully support PNG transparency and gamma correction, including background images, but it died along with Acorn itself in June 1999. The browser may or may not eventually show up in Pace Micro's digital set-top boxes. (Very old screen shot.)
• iCab (Macintosh) - this was the first Macintosh browser to support alpha transparency (since the 1.8 beta), but it doesn't do gamma correction yet.
• ICE Browser (Java) - ICEsoft's commercial browser for Java reportedly has full alpha support, but I haven't verified that.
• Internet Explorer (Macintosh) - version 5.0 added superb PNG support, including alpha, gamma and color correction. This is probably the best PNG-supporting browser available today. Unfortunately, the Windows and Unix versions seem to be a completely separate code base, so there's no telling when (or if) they'll have equally good support. (See the browsers page for details.)
• Konqueror (Unix/KDE) - I just heard that KDE's file-manager-cum-browser has full alpha support, but I haven't had a chance to check it myself. I'll try to get some screen shots added soon, however.
• Mozilla (Macintosh, Unix/X, Windows) - alpha was enabled in April, though there are a few gotchas: the Windows code is currently broken (bug 36694 and 19283, to be fixed by beta3), and the X code is a slightly nasty hack--it looks beautiful on 24-bit displays, but it's slow when scrolling, and the quality for users of 8- and 16-bit displays will be relatively poor. Nevertheless, it's a vast improvement over the previous code, and it's basically the only game in town for Unix users. Note that the infamous PNG interlacing bug (3195) was fixed in May, and Tim Rowley checked in initial MNG and JNG support on 12June.
• NetPositive (BeOS) - version 2.2, released in April, added support for alpha transparency; but like iCab, it doesn't yet do gamma correction. (It also doesn't display interlaced PNGs progressively.)
• Netscape - see Mozilla (which is basically what Navigator 6.0 will be).
• Sega Dreamcast Web Browser (Dreamcast) - version 2.0 of Planetweb's browser for the Sega Dreamcast game console, released in May, fully supports alpha transparency, but I don't have any screen shots yet.
• Webster XL (RISC OS) - R-Comp's RISC OS browser is claimed to have full alpha support, but I don't have verification, and it doesn't appear to be under development anymore.
• WebTV (WebTV) - surprisingly enough, WebTV has decent support for 32-bit RGBA PNGs, but its support for palette transparency is broken. In principle it should be easy to fix, but then again, it's a strange platform. (Note that the fonts look considerably better on a television screen.)

Honorable Mention goes to Siegel & Gale's PNG Live plug-in for Netscape, which was the only plug-in ever to manage alpha transparency (in Windows only). It died before ever getting out of beta, though, and plug-ins in general are useless for PNG. So is the HTML 4.0 OBJECT tag, but don't get me started...

Other Apps, Libs, etc.

I currently list some 500 distinct PNG-supporting packages (more if you break things like Microsoft Office into their constituent parts) in 8 categories (soon to be 9 or 10), not to mention a dozen pieces of hardware. PNG has now reached the point where even freeware authors generally don't bother to tell me when they've added support; it's largely taken for granted. (I do occasional Freshmeat sweeps, but I usually don't have time, and many entries don't mention PNG even if it's supported.) Quite a number of the apps include full source code, by the way--which is the way it should be, of course. ;-)

Within the libraries-and-toolkits category, there are a surprising number of independent PNG implementations (either encoders or decoders or both), including ones in C, C++, Java, JavaScript, Pascal, and even Ada95. PNG is now a standard part of Java 2 SE 1.3 and Tcl/Tk, and it is the main image format in the popular gd library and all of its Perl-based derivatives. In turn, this has led to its online use in areas as diverse as server statistics, chemical diagrams, computer-generated mazes, and weather maps.

Even better, PNG is the native, internal image format for a number of major applications (including Macromedia Fireworks and Microsoft Office), and it's becoming a popular icon format for advanced GUIs. It also ships as a standard part of BeOS, via the Translation Kit, and it's supported natively in the Windows Me shell (and possibly in Windows 2000 Professional).

Conclusion?

Ordinarily I'd mumble something about how PNG has finally achieved massive studliness and will soon be taking over the world, but what the hell--it has, it is, and if it's not obvious from what I've already written, another couple of lines won't make any difference. Go forth, visit the web site, write code, make lots of PNGs, etc., etc.

And Microsoft, pleeeeease get on the ball with Internet Explorer for Windows and Unix...

mod_dav 1.0 has been released, providing WebDAV functionality for the Apache HTTP Server. mod_dav is an Open Source, fully functional, standards compliant WebDAV add-on for Apache, providing remote authoring capabilities through clients such as sitecopy, cadaver, GoLive and Web Folders. In addition, the Apache Software Foundation is announcing that Apache 2.0 will directly incorporate mod_dav's functionality into the standard distribution.

mod_dav 1.0 has been released, providing WebDAV functionality for the Apache HTTP Server. mod_dav is an Open Source, fully functional, standards compliant WebDAV add-on for Apache, providing remote authoring capabilities through clients such as sitecopy, cadaver, GoLive and Web Folders. In addition, the Apache Software Foundation is announcing that Apache 2.0 will directly incorporate mod_dav's functionality into the standard distribution.

Sun Microsystems today announced the members of their Executive Committee which will oversee the Java Community Process (JCP) program, the community-based process for developing Java technology specifications, reference implementations and associated compatibility test suites. These ECs will serve in full capacity in guiding the JCP program until the first general EC election. Of particular note is the inclusion of various Open Source leaders, including Caldera and The Apache Software Foundation.

broken77 asks: "At the company I'm working for now, we're starting a new project, and at the same time are looking to find some kind of "standard" method of making our CGI-like perl programs. CGI.pm and cgi-lib.pl have been used in the past, but we're investigating some kind of embedded perl solution similar to ASP or PHP. I should mention that Unix-ASP and PHP are not options (I don't really need to go into the reasons). Also, Perl is definitely the language we will be using. We're looking mainly at ePerl, HTML::Embperl and PerlMagic Lightning. Does anyone have experience with any or all of these? Are there some benchmarks I can find? Are there any products that you've found to be better than these three that I've listed?"

The Apache Software Foundation today released a PR officially announcing ApacheCon Europe 2000. This conference continues in the tradition of the previous ApacheCon, which was held in Orlando, FLA.

Matthew Miller recently went through the RH300 training course, as well as the RHCE Certification Exam. He was kind enough to write an overview and give us his opinions on both of them, as well as his opinions on the relevance and quality of the training and the exam. Certification has been discussed extensively with regards to Linux, and here's a big scoop of food for thought.

The following was written by Slashdot Reader Matthew Miller

I'm fortunate enough to work at a place that realizes the importance of keeping employees educated and up-to-date. Since my largest current project is Linux-related, and based on Red Hat's distribution in specific, we thought it'd be worthwhile to send me to Red Hat for their RH300 course. I'm pretty familiar with Linux, but I'm a long way from knowing everything, and it's always interesting to learn what the vendor thinks are the most important parts of their product. We chose RH300 because it's the highest-level systems administration class currently offered. It's also the one linked to the RHCE exam, which was an added bonus, but learning was my main goal, not getting the certification. This is my report on the experience -- hopefully, it will help you decide if this is a good choice for you, either as a sysadmin or as an employer.

The Training Center

This course is not only available directly from Red Hat, but also from various partner organizations, including Global Knowledge, which has a training center here in Boston. However, we decided that if we were going to go to the expense of sending me, I might as well go directly to Red Hat, to increase the chances of getting a good instructor, and to insure adequate access to resources. We've had experiences in the past with third-party instructors who didn't know much beyond what was written in the materials. Of course, I don't know that this would be the case with Global Knowledge's version of RH300 -- perhaps someone else can comment on any experience they've had there.

So, it was off to the Red Hat headquarters in Durham, NC. Incidentally, I stayed in the Residence Inn there -- it was on Red Hat's site as being nearby. They didn't mention that it was on the other side of a major highway, with no provision for pedestrians to get across. Moral: stay at one of the closer hotels, or else get a car. Anyway, the RH building is very nice -- much bigger than I expected. (I suppose the IPO cash is going to good use.) Of course, as students, we weren't shown much of it -- no tour, and we weren't introduced to any of the celebrity employees. (Fair enough -- with several classes coming through every week, they'd never get anything done.) The people I did meet seemed pretty cool, and in general I got the impression that it's a fun place to work.

The classroom was about as I expected -- projection screen up front, rows of decent-enough small-brand Celeron-based systems (one per student). The machines were on a private network -- reasonable for the course, but unfortunately there was no provision for Internet access, which at the least would have been nice to have when I finished labs early.

We did have access to a breakroom with free soft drinks / juice and various snack items. This is also where the lunches were served -- to my surprise, these were quite good, and there were even decent non-meat choices.

The Teacher

The instructor was very knowledgeable -- not necessarily a complete guru, but he knew his stuff, including the "why" behind the course material. He was able to present the material in a good way, and was good at answering questions. I think the decision to go to Red Hat directly was wise; unlike a third-party consultant, he had some idea of what was going on inside of Red Hat and of their potential future plans. For example, during the section on the printing subsystem, he mentioned that they're considering a replacement for LPR in future releases -- perhaps LPRng or even CUPS. It's unlikely that someone from a different company would have had access to that kind of information.

Other Students

The other students in the course had a wide range of skills and backgrounds. I think that everyone probably met the listed better than pico. However, I could tell that some people were struggling. The instructor mentioned that the pass rate for the exam is about 65%, and I wouldn't be surprised if our class came out at that level or worse. It's not that anyone was stupid -- just that some people were out of their depth. On the other end of the spectrum, there were some people who were over-qualified: a few highly experienced sysadmins, and some folks from IBM taking the class because they are soon going to teach it.

The Course

The course was generally similar to the outline found on Red Hat's site, although I think the online information is a bit out of date. (Notice that the Web page makes reference to ipfwadm instead of ipchains or netfilter.) The eight units had slightly different names, and covered slightly different information. In the most drastic example, Unit 8, listed on the Web site as "Systems Administration and Security II", has turned into "Routers, Firewalls, Clusters and Troubleshooting". Some of the information listed in the online Unit 8 was moved into Unit 7, and some of it (cops, for instance) wasn't talked about at all. Hopefully, the online info will be updated soon.

Overall, the class went into less depth than I was hoping. Some of this was due to limitations of the lab setup -- it's a bit difficult to experiment with RAID in any meaningful way when you've only got one IDE hard drive, and obviously impossible to set up a cluster on one machine (short of running VMware). Other things where just plain introductory -- the section on the kernel, for example, focused on the steps required to build and install a new kernel, rather than being an in-depth discussion of tunable parameters. The part about Apache was similar; I was hoping to hear "You've all configured Apache before; here's things you should be aware of when you need it to do such-and-such", but the most advanced we got was setting up a virtual host. Building RPMs from source was mentioned briefly, but there was no information given on important and largely undocumented topics like --buildpolicy.

That's not to say I didn't learn anything -- the section on LVS / Piranha was enlightening even without hands-on experience, and I appreciated the part about quotas, which isn't something I've worked with much. And, I learned a large number of tiny things which add up to making the experience worthwhile to me. RPM can now do globbing over ftp! Portmap uses tcp_wrappers, but doesn't do reverse name lookups, so be sure to use IP addresses instead of names. RH Linux provides a little script called "service" that lets one avoid the tedium of typing /etc/rc.d/init.d/servicename all the time. And so on....

The "300" designation is a bit misleading. This isn't really what I'd consider an upper-level course -- it's more along the lines of SysAdmin 101. Overall, I think this class is probably worthwhile to someone with a good RH Linux background who hasn't done any systems administration. In fact, I'd even recommend it to people in that situation. On the other hand, if you've been a Linux sysadmin for a while, you'll probably be bored most of the time. It might be valuable to experienced Unix sysadmins who haven't dealt with Linux much (or even Linux admins who haven't used Red Hat Linux), but the course wasn't particularly taught from that angle and there are probably better options.

The Exam

Since I signed a confidentiality agreement, I can't talk about specific details of the test, but I will address the exam in general terms. It's a day-long three part process, with each part being worth 1/3 of the total. To pass, your overall score must be at least 80%, and you can't do worse than 50% on any one part.

One of the sections is a typical multiple-choice test, but the other two are lab based. I was quite impressed with the hands-on tests -- they are certainly what makes the RHCE meaningful. I'm not aware of any other sysadmin certifications that work this way.

For one of the lab tests, students are given a several-page specification, and must install and configure Red Hat Linux and several network services. This wasn't particularly difficult, and shouldn't be for anyone with much experience. For me, the hardest part was resisting the temptation to go beyond the spec -- since I finished the given requirements with plenty of spare time, I considered installing and setting up additional services in a way that would fit in with the listed goals. But, I decided that it'd be better to leave well-enough alone -- there's no concept of extra credit.

The other hands-on test is the cool and exciting one. Students are given preconfigured setups which are broken in some way, and given a task that must be completed. The system's problem doesn't necessarily relate directly to the task, but does interfere with it. The test-taker must find out what's wrong and correct the error. (Reinstalling packages is not allowed.) Being able to list the steps taken and to repeat the fix is important, but ultimately the test is scored on a works / doesn't work basis. One the examiner verifies that the problem is fixed, he or she wipes the system and provides another broken config.

This problem-solving section directly tests skills important to being a sysadmin in the real world; if someone has trouble with these, they're probably not ready for a systems administration job. Of course, just passing this test doesn't guarantee good problem solving skills (let alone all the other needed abilities), but it does seem a genuinely valuable indicator.

I've only two complaints with this part of the test. First, I'd make it a much larger section -- at least 50% -- and I'd increase the number of problems given so that there'd be a better sample size. The various challenges are assigned at random, and some are easier than others, and each tests knowledge of different parts of the system. The way it's done isn't bad, but it wouldn't hurt to have a lot more of it. Second, I'd give each student two computers, and make more of the problems network-related. This has logistical and cost issues (especially in places other than Red Hat's own training centers), but since many of the problems faced in the real world have to do with the way systems interact, I feel it'd be worth it.

The Exam Separated From The Course

You may have noticed that I seem a lot more excited by the exam than by the course itself. I think both are valuable, but they seemed aimed at slightly different levels. The course definitely can serve as a good review for the exam, but if you need the course, you won't do well on the test. If you're tight on cash and the certification seems valuable to you or to your employer, going straight to the exam would be reasonable. (Make sure you take a look at Red Hat's test prep page.) On the other hand, if you need to be quickly brought up to speed on the basic knowledge required of a RH Linux sysadmin, it might make sense to take this course without worrying about the test. Since RH300 is equivalent to RH033 + RH133 + RH253, this could be a much more intensive and time-efficient option.

Red Hat-Specificness

It's probably obvious, but bears mentioning anyway: this is a Red Hat Linux course and certification, not a general Linux one. I found this to be true both explicitly and implicitly. The instructor was good about saying "This is the Red Hat way of doing things -- it's possibly different on other distributions." (I found the increase-the-whole-pie attitude to be common to all of the RH employees I talked to.) There were also quite a few things that were just assumed. If you take the exam without knowing a lot about Red Hat Linux in particular, you're likely to have trouble.

This doesn't make the certification meaningless for organizations running other distributions -- many of the skills and knowledge required for the test (especially the problem solving part) are generally applicable anywhere. In fact, due to the lab-based testing process, I have more respect for this exam than I might for a multiple-choice test covering more distributions. I think this issue is a one-way sort of thing: the RHCE exam requires knowledge of Red Hat Linux, but anyone who can pass it shouldn't have much trouble picking up other flavors.

Stuff

Ok, the Web page promises that they'll give Red Hat promotional items to course participants. Yeah, well, they can do better on this front. Not even a t-shirt! C'mon, everyone gives t-shirts. Vendor shirts are a staple of my wardrobe! All we got was a mousepad, some stickers, and a baseball cap. (No chance of getting a red fedora.) Oh, and of course an official copy of the CD (with the 180 days of support). Many people in the class were surprised to learn that Red Hat doesn't sell anything from their offices -- you can't buy copies of the distro or additional merchandise. They've got a lot of students coming through there, so it seems like this could be a decent (even if relatively small) revenue stream.

A Bit About Study Guides

Before I went, I flipped through RHCE Exam Cram , the sole study guide I found at the local bookstore. Someone in the class actually purchased it and brought it with them, and I got a chance to read more of it then. I wasn't really impressed. The book was especially concerned with what it called "trick questions", and indeed its sample questions were sometimes a bit confusing -- and often poorly worded. After taking the test, I can say that this seems mostly to be a problem with the book, not something encountered on the actual exam, which was mostly straightforward and fair.

There are RHCE study guides, but I wouldn't recommend spending any money on any of them. As the course instructor told us: if you're going to pass, you'll do so even if you don't have a guide. And if you're going to fail, the guide won't be much help.

Conclusion

I think the RH300 course and RHCE certification can be valuable to both employers and individuals. The course provides a nice quick overview of the basics needed to move, for example, from being a systems operator to being an admin. I wouldn't think of it as either a requirement for the test or as something that can make someone not ready suddenly have the skills required for the exam. Since the exam is hands-on and lab based, those abilities can only come from real world experience. Looking at that from the other direction: this is exactly what makes the RHCE worth anything. While it's not a total statement on someone's talent, being able to pass is a strong indicator that they have the basic skills for a systems administration job. If I were making hiring decisions, I wouldn't make the RHCE a requirement, but I would have more confidence in applicants who have it.

prac_regex writes "Apache JServ v-1.1.1 is out and with it the retirement of JServ is publicized. The project is merging with the Jakarta project to create the most stable servlet production and development environment for everyone's favorite Webservers. Let's all pray for the best... " JServ will still be around until Tomcat becomes as well tested, so there's no need to panic :) ...

prac_regex writes "Apache JServ v-1.1.1 is out and with it the retirement of JServ is publicized. The project is merging with the Jakarta project to create the most stable servlet production and development environment for everyone's favorite Webservers. Let's all pray for the best... " JServ will still be around until Tomcat becomes as well tested, so there's no need to panic :) ...

Yesterday, due to system-level misconfigurations, www.apache.org was defaced after a root-level breakin. Those responsible for finding the holes and the ASF have been in cordial contact, and the holes have been plugged. In the process of doing that, FTP and other services on www.apache.org have been stopped. A mirror of the defaced site can be found on the Attrition.org mirror site. Brian Behlendorf sent the following to various Apache mailing lists:

Hi. We have been made aware (thanks to a very humorous banner ad for Microsoft Back Office on the front of www.apache.org!) that our particular configuration on www.apache.org of ftpd and bugzilla opened a security hole that allowed someone from the outside to get a shell account, and then get root. We have been in contact with those who found the hole, and have closed up the misconfigurations that allowed this.

It is important to note that this is *not* a hole in the Apache web server or related software products. I would encourage double-checking the PGP signatures of Apache releases for the immediate future.

However, I do not believe we are out of the woods yet. Bugzilla has not been thoroughly audited, and while I am not worried about ftpd, simply having another deamon that can write files to the web server whose purpose has been completely superceded by others suggests that taking it down for good is the right idea.

So I am taking down FTP - something that should have been done long ago. If there are FTP links on any of our pages (or on places like freshmeat) they should be change to HTTP. There are enough high-quality text-mode HTTP clients that there is no point to having it up, save for mirroring, and we allow rsync and cvsup for that. I will be contacting the mirror site admins list to communicate this.

Also, I have taken down all installations of bugzilla on apache.org until it can be audited. I will be performing a first pass tonight over it, but anyone else familiar with perl and willing to deal with rather ugly code is welcome to do so as well. I will set it back up once I'm comfortable there's been at least one reasonable pass over the whole codebase and any obvious holes have been plugged. This is only life-support though; I really don't think we should be using bugzilla once a suitable replacement is found.

Finally, I think it can be said that this compromise was mostly due to a lack of discipline on the part of those who had root and set up services without considering the ramifications of the way they were installed. I don't want to point fingers, since I'm probably at least as to blame as others, but I do feel that the policy of giving root access to a larger number of people than usual was probably a mistake. Along those lines, I've changed the root password and removed everyone from group wheel but myself - sorry to be fascist about this but I kinda feel like at the end of the day it's my responsibility. We'll come up with a strategy soon about granting sudo access to particular people for particular binaries so that I don't become a bottleneck again.

The details will soon be posted to bugtraq. Thanks.

The Apache Jakarta Project has reached another milestone with their release of a 100% Java-based regex package. This suite is based on original work by Jonathan Locke, which he has graciously donated to the ASF.

The Apache Jakarta Project has reached another milestone with their release of a 100% Java-based regex package. This suite is based on original work by Jonathan Locke, which he has graciously donated to the ASF.

The Apache Jakarta Project has reached another milestone with their release of a 100% Java-based regex package. This suite is based on original work by Jonathan Locke, which he has graciously donated to the ASF.

The latest alpha release (that's number 3) of the new Apache 2.0 server was announced today by the Apache Software Foundation. Noteworthy in this release are numerous Win32 fixes and some core module improvements. This is still a developer's release, as it's alpha status should indicate.

dlc writes, "Someone with too much free time and an insane streak has ported Apache to NetWare. It's still in the experimental stage, and only runs on NetWare 5.1, so don't ditch Linux yet, but still, it's pretty interesting. Only time will tell if the Apache team takes advantage of NetWare's strengths, such as NDS, in this port. The Apache site has an official page for the project. "

gavinroy was the first to write in with the news that Apache 2.0a2 has just been released. And it runs on FreeBSD! :)

TheWildBanana writes, "The editors of JavaWorld asked readers to participate in their 1999 JavaWorld Readers' Choice Awards. Under the entry of Best Free Product, the Java Apache Project JServ grabbed the top spot." It's important to remember that Apache is much more than just the Web server project. :)

TheWildBanana writes, "The editors of JavaWorld asked readers to participate in their 1999 JavaWorld Readers' Choice Awards. Under the entry of Best Free Product, the Java Apache Project JServ grabbed the top spot." It's important to remember that Apache is much more than just the Web server project. :)

dlc writes,"Apache/Perl programmers will be happy to note that Doug MacEachern has released mod_perl 1.22. It's been sucessfully built with Perl 5.6.0 and Apache 1.3.12, without any problems. Doug's announcement is here." The main mod_perl page can be found at perl.apache.org.

dlc writes,"Apache/Perl programmers will be happy to note that Doug MacEachern has released mod_perl 1.22. It's been sucessfully built with Perl 5.6.0 and Apache 1.3.12, without any problems. Doug's announcement is here." The main mod_perl page can be found at perl.apache.org.

The March 2000 Netcraft survey puts Apache at over 60% of all surveyed servers, with an impressive increase of 1.97%, or 1.4 million domains. All other servers showed a decrease in percentage, except for the mysterious mod_x-httpd-php3_script server which appears to be an Apache/PHP setup with a somewhat mangled Server: line.

At the closing ceremony at the ApacheCon 2000 conference in Orlando, FLA, the Apache Software Foundation announced the availability of an Apache 2.0 Alpha release. 2.0a offers a number of improvements over the 1.3 codebase, including support for threads and the inclusion of the Apache Portable Runtime (APR) library. 2.0a is being released in order to really kick development into high gear. Let the hacking begin!! UPDATE And how, exactly, did the ASF announce 2.0a? By posting the news on Slashdot, projected on a viewscreen in front of the closing ceremony audience. A first!

At the closing ceremony at the ApacheCon 2000 conference in Orlando, FLA, the Apache Software Foundation announced the availability of an Apache 2.0 Alpha release. 2.0a offers a number of improvements over the 1.3 codebase, including support for threads and the inclusion of the Apache Portable Runtime (APR) library. 2.0a is being released in order to really kick development into high gear. Let the hacking begin!! UPDATE And how, exactly, did the ASF announce 2.0a? By posting the news on Slashdot, projected on a viewscreen in front of the closing ceremony audience. A first!

At the closing ceremony at the ApacheCon 2000 conference in Orlando, FLA, the Apache Software Foundation announced the availability of an Apache 2.0 Alpha release. 2.0a offers a number of improvements over the 1.3 codebase, including support for threads and the inclusion of the Apache Portable Runtime (APR) library. 2.0a is being released in order to really kick development into high gear. Let the hacking begin!! UPDATE And how, exactly, did the ASF announce 2.0a? By posting the news on Slashdot, projected on a viewscreen in front of the closing ceremony audience. A first!

The Apache Software Foundation has just announced the release of Apache 1.3.12, the latest version of the Apache Web server. The main improvements in this release are designed to handle the "cross site scripting" issues reported in http://www.cert. org/advisories/CA-2000-02.html and http://www.a pache.org/info/css-security/index.html. The full announcement goes into more detail.

The Apache Software Foundation has just announced the release of Apache 1.3.12, the latest version of the Apache Web server. The main improvements in this release are designed to handle the "cross site scripting" issues reported in http://www.cert. org/advisories/CA-2000-02.html and http://www.a pache.org/info/css-security/index.html. The full announcement goes into more detail.

The Apache Software Foundation has just announced the release of Apache 1.3.12, the latest version of the Apache Web server. The main improvements in this release are designed to handle the "cross site scripting" issues reported in http://www.cert. org/advisories/CA-2000-02.html and http://www.a pache.org/info/css-security/index.html. The full announcement goes into more detail.

The Apache Software Foundation has just announced the release of Apache 1.3.12, the latest version of the Apache Web server. The main improvements in this release are designed to handle the "cross site scripting" issues reported in http://www.cert. org/advisories/CA-2000-02.html and http://www.a pache.org/info/css-security/index.html. The full announcement goes into more detail.

The Apache Software Foundation has just announced the release of Apache 1.3.12, the latest version of the Apache Web server. The main improvements in this release are designed to handle the "cross site scripting" issues reported in http://www.cert. org/advisories/CA-2000-02.html and http://www.a pache.org/info/css-security/index.html. The full announcement goes into more detail.

The February Netcraft Survey is out with Apache showing its highest share ever: 58.08%. The number of hosts surveyed also passed the 10 mill mark. The survey also has some other notable nuggets, such as Apple introducing their MacOS X Server (which runs Apache) into the load balancing pool serving their site.

The January 2000 Netcraft survey is out, with Apache showing a 1% gain in share. What is interesting is that, with the exception of Netscape, all other servers suffered a decrease (or no change at all), according to the survey.

schave writes "Apache 1.3.11 has just been uploaded to http://www.apache.org/. It should show up at your favorite mirror site within the next 24 hours. 1.3.11 is mostly contains bug fixes, and should be the last 1.3.X release before Apache 2.0." jimjag adds: UPDATE 1/22/99 at 4:30pm Eastern: The official Announcement has gone out and the Apache site now reflects the new release. Distribution tarballs are always uploaded "early" to give mirrors a chance to grab them before the Announcement is made and people bang the servers to grab it :)

morzel asks a doosy: "XML is one of these words everybody's talking about yet no-one really knows how to use it in specific applications or server technologies. At the Apache XML Project, some work is being done on integrating XML/XSL in the server itself, but personally I like IBM's idea of a transcoder in between a range of (XML) servers and a range of clients. But... how can it be done?" (More)

"Suppose you have to develop an on-line application, and you'd want to go with XML on the server side, and everyday browsers on the client side. Portable platforms like Palm and WAP-enabled phones will probably be a client platform that is being used frequently.
What tools -open source or commercial- are available to accomplish this?

The elements of the system are:

• XML Enabled Database system: Data is retrieved by the transcoder using HTTP or your favorite protocol
• Transcoding gateway: should translate the XML data using XSL (or another way) to a form readable by the client. The exact translation or the XSL to use can be set by the server (included in the XML source), or be detected by the gateway.
• Browsers of all colours and kinds.

A typical usage of this system would be the publishing of an on-line application without having to bother with client troubles except for writing the XSLs. I do web development, and the amount of work that goes into making sure every platform works as it's supposed to be is way too much in comparison to the functionality of the system. Specially when exotic clients like PDAs and WAP mobile phones are requested client platforms (e.g.: a sales follow-up app), the burden of getting everything working and having a UI that does the job is a real nightmare...

XML is the wave of the future, that's for sure... But what tools are available to actually incorporate XML in a system that can do all things we poor webdesigners dream of?

All suggestions welcome! "

The Java Apache Project announced the release of Apache JServ 1.1, a JSDK 2.0 Servlet engine for Apache. Improved installation, performance and stability had been the main goals for this release. The project itself involves the design of a 100% pure Java servlet engine fully compliant with the JavaSoft Java Servlet APIs 2.0 specification.

The Java Apache Project announced the release of Apache JServ 1.1, a JSDK 2.0 Servlet engine for Apache. Improved installation, performance and stability had been the main goals for this release. The project itself involves the design of a 100% pure Java servlet engine fully compliant with the JavaSoft Java Servlet APIs 2.0 specification.

The Java Apache Project announced the release of Apache JServ 1.1, a JSDK 2.0 Servlet engine for Apache. Improved installation, performance and stability had been the main goals for this release. The project itself involves the design of a 100% pure Java servlet engine fully compliant with the JavaSoft Java Servlet APIs 2.0 specification.