fidzu : OpenSolaris

As I explained at FOSDEM (blog post coming!), the Open Source Initiative is switching to a member-led governance. For that, it will need members. The OSI Board would be very grateful if you would complete the totally anonymous survey which will help us understand what attributes you would like from OSI membership in the future. Thanks for your help!

05 Feb 2012 10:10pm GMT

Note this is not a commitment from Oracle to deliver anything as a result of your answers, nor is it an official survey of any kind.

Okay first my dirty little secret... my family home desktop machine runs Windows 7. Earlier this week I had a need to check the MD5 or SHA256 checksum on an iso image I'd downloaded. On Solaris I'd just run 'digest -a sha256' or sha256sum on Solaris or any Linux distro. But on Windows 7 the best I could come up with was code it up in Java myself or install the GNU versions via Cygwin.

So that got me thinking, the Solaris 11 repository has a lot more "upstream" Free/Open Source tools and frameworks than any other release of Solaris ever had. We have Python (which is really a core part of Solaris 11 now), Ruby loads of the GNU runtime and development toolchains and much much more. However many common Linux distributions still have more than we do but some of that isn't target at server use cases.

So what Free/Open Source software is Solaris 11 still missing that you use to run your business on your Solaris servers?

Even if you don't have Solaris 11 installed you can quickly search for packags at http://pkg.oracle.com/solaris/release

Please add details in the comments.

Again note this is not a commitment from Oracle to deliver anything as a result of your answers, nor is it an official survey of any kind, just my curiosity. I will of course log the relevant bugs for viable things if any come up.

03 Feb 2012 4:05pm GMT

An interview with a pharmaceutical industry analyst on the BBC today illustrated a key point about patents and reminds us they are about stimulating, not rewarding, innovation.

Explaining why AstraZeneca were having difficulties that were making them plan large layoffs, the analyst talked about the "patent cliff", and the interviewer insightfully observed that it was the motivation to continuing innovation. The "patent cliff" is the end of the 20 year monopoly on an invention. During the 20 years period, the pharmaceutical company is free to charge whatever it wants for a drug, and thus able to make enormous profits.

As soon as the 20 years are up, other drug companies are able to use the knowledge that's freely available in the commons to produce the drug at a price the market will bear rather than at a monopoly price. The inventor is then able to continue making the drug, but not at monopoly prices. The only way to continue making monopoly profits is to invest in research and to continue to innovate. Thus, the "patent cliff" is actually a spur to innovation and achieves exactly what the social contract behind patents was intended to achieve - a spur to research and innovation so that the pubic commons is enriched.

In other comments on the news, I could clearly hear people ready to use this news to demand extensions to the patent span for pharmaceuticals. But ia key quote from the BBC article contains the real sting in the tail - it's not the loss of patents that's to blame as much as a failure to innovate fast enough:

The company is also facing the loss of patents on some of its products such as anti-psychotic treatment Seroquel, and has not yet released alternative money earners.

While the equation clearly depends on the monopoly as a reward for innovation, the spur to innovation is actually the expiry of the patent. While some would have us believe that extending patent terms would increase innovation, there is clearly a balance to be achieved. If patent terms are extended, there's a real risk of reducing the incentive to innovate. We have to remember that the point of society granting patents and temporary monopolies is not to reward innovation; it is to encourage it.

02 Feb 2012 8:49pm GMT

I thought I would finally get SMTP AUTH working on my Solaris 11 servers, so that I could then setup my phone to send e-mail correctly. If you have seen my previous post you will see that Solaris 11 can't do it with the standard software.

Build Cyrus SASL

• Install the packages which we requite and download Cyrus SASL Library

# sudo pkg install pkg:/developer/build/make system/header developer/gcc-3 text/gnu-grep database/berkeleydb-5

# echo $PATH
/usr/sbin:/usr/bin
# export PATH=$PATH:/usr/gnu/bin:/usr/sfw/bin

• At this time it will not compile, so alter the following lines.

# gzip -dc cyrus-sasl-2.1.25 | tar xf -
# cd cyrus-sasl-2.1.25

# vi ./lib/saslutil.c ./plugins/kerberos4.c ./plugins/digestmd5.c utils/Makefile.am

./lib/saslutil.c
85c85
extern int gethostname(char *, int);
change to:
extern int gethostname(char *, unsigned int);

./plugins/kerberos4.c
113c113
extern int gethostname(char *, int);
change to:
extern int gethostname(char *, unsigned int);

./plugins/digestmd5.c
106c106
extern int gethostname(char *, int);
change to:
extern int gethostname(char *, unsigned int);

./utils/Makefile.am
59a60,62
add the following lines:
saslpasswd2_LDFLAGS = -rpath $(libdir)
dbconverter_2_LDFLAGS = -rpath $(libdir)
pluginviewer_LDFLAGS = -rpath $(libdir)

• Now we are ready for building.

# ./configure --enable-cram --enable-digest --enable-plain \
--enable-login --disable-krb4 --disable-anon \
--disable-gssapi --with-saslauthd=/var/run/saslauthd
# make
# sudo make install

• Add the following links:

# sudo ln -s /usr/local/lib/sasl2 /usr/lib/sasl2
# sudo ln -s /usr/local/lib/libsasl2.so.2.0.25 /usr/lib/libsasl2.so.2

Build Sendmail

• Download sendmail 8.14.5

• Stop existing sendmail processes.

# sudo svcadm disable svc:/network/smtp:sendmail
# sudo svcadm disable svc:/network/sendmail-client:default

# gzip -dc sendmail.8.14.5.tar.gz | tar xf -
# cd sendmail-8.14.5

• Set up sendmail FEATURES (SSL, SASL, DB)

# cat > devtools/Site/site.config.m4
dnl ### Changes to disable the default NIS support
APPENDDEF(`confENVDEF', `-UNIS')

dnl ### Changes for STARTTLS support
APPENDDEF(`confENVDEF',`-DSTARTTLS')
APPENDDEF(`confLIBS', `-lssl -lcrypto')
APPENDDEF(`confLIBDIRS', `-L/usr/local/lib -L/usr/lib -R/usr/lib')
APPENDDEF(`confINCDIRS', `-I/usr/include/openssl')

dnl ### SASL support
APPENDDEF(`confENVDEF', `-DSASL=2')
APPENDDEF(`conf_sendmail_LIBS', `-lsasl2')
APPENDDEF(`confINCDIRS', `-I/usr/local/sasl -I/usr/include')

dnl ### Berkley DB support
APPENDDEF(`confENVDEF', `-DNEWDB')
APPENDDEF(`confINCDIRS', `-I/usr/include')
APPENDDEF(`confLIBDIRS', `-L/usr/lib')

dnl ### TCP Wrapper
APPENDDEF(`confENVDEF', `-DTCPWRAPPERS')
APPENDDEF(`conf_sendmail_LIBS', `-lwrap')
EOF
#

• Build Sendmail

# ./Build -c
/* It should build but ignore the gtroff:error at the end */
# sudo mv /usr/lib/sendmail /usr/lib/sendmail_orig
# sudo cp obj.SunOS.5.11.i86pc/sendmail/sendmail /usr/lib/sendmail
# sudo sudo chgrp smmsp /usr/lib/sendmail
# sudo sudo chmod g+s,u-ws /usr/lib/sendmail

• Now a Vendor and SASL support to sendmail.cf file (I hope you know what you are doing here)
• Edit sendmil.mc add add the extra lines:

define(`VENDOR_NAME', `Berkeley')
define(`confAUTH_OPTIONS', `A')dnl
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl

# cd /etc/mail/cf/cf
# cat sendmail.mc
divert(0)dnl
VERSIONID(`sendmail.mc (Sun)')
define(`VENDOR_NAME', `Berkeley')
OSTYPE(`solaris11')dnl
DOMAIN(`solaris-generic')dnl
define(`confAUTH_OPTIONS', `A')dnl
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl define(`confFALLBACK_SMARTHOST', `mailhost$?m.$m$.')dnl
MAILER(`local')dnl
MAILER(`smtp')dnl

LOCAL_NET_CONFIG
R$* < @ $* .$m. > $* $#esmtp $@ $2.$m $: $1 < @ $2.$m. > $3
#
# sudo make sendmail.cf
# sudo cp sendmail.cf ../../sendmail.cf

# sudo /usr/lib/sendmail -bt -d0 < /dev/null
Version 8.14.5
Compiled with: DNSMAP LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8 MIME8TO7
NAMED_BIND NDBM NETINET NETINET6 NETUNIX NEWDB PIPELINING
SASLv2 SCANF STARTTLS TCPWRAPPERS USERDB XDEBUG

Setup sasl authentication server

• Now lets set up SASL plugin via a Sendmail.conf

# sudo cat > /usr/local/lib/sasl2/Sendmail.conf
pwcheck_method: saslauthd
EOF
#

• For authentication to work the saslauthd has to be started, so you can start in as a one off process (good for debugging) and at boot time.

# sudo /usr/local/sbin/saslauthd -n 1 -V -d -a pam
saslauthd[398] :main : num_procs : 1
saslauthd[398] :main : mech_option: NULL
saslauthd[398] :main : run_path : /var/run/saslauthd
saslauthd[398] :main : auth_mech : pam
saslauthd[398] :ipc_init : using accept lock file: /var/run/saslauthd/mux.accept
saslauthd[398] :detach_tty : master pid is: 0
saslauthd[398] :ipc_init : listening on socket: /var/run/saslauthd/mux
saslauthd[398] :main : using process model
saslauthd[398] :get_accept_lock : acquired accept lock

• To set it up ant boot time we should set up a services, but for now we will stick to init.d files.
  

cat > /etc/init.d/saslauthd
#!/usr/sbin/sh
#
NAME=saslauthd
DAEMON="/usr/local/sbin/${NAME}"
DESC="SASL Authentication Daemon"

# -a Selects the authentication mechanism to use.
# -n Number of worker processes to create.
# -V Enable verbose logging
# -d Debugging (don't detach from tty, implies -V)

case "$1" in
'start')
${DAEMON} -n 1 -V -d -a pam
;;

'stop')
pgrep saslauthd
;;

*)
echo "Usage: $0 { start | stop }"
exit 1
;;
esac
EOF
#
# sudo ln init.d/saslauthd rc0.d/K38saslauthd
# sudo ln init.d/saslauthd rc1.d/K38saslauthd
# sudo ln init.d/saslauthd rc2.d/S82saslauthd
# sudo ln init.d/saslauthd rcS.d/K38saslauthd

• Time for some testing, via first the SASL daemon.

# cyrus-sasl-2.1.25/saslauthd/testsaslauthd -u RealUser -p MyPassword
0: OK "Success."

• We need the encrypted username and password to test sendmail:

# perl -MMIME::Base64 -e 'print encode_base64("\000MyUser\000MyPassword")'
AE15VXNlcgBNeVBhc3N3b3Jk

• Test the sendmail part:

# sudo /usr/lib/sendmail -bv -O LogLevel=14 -bs -Am
220 mailer5.dcs.bbk.ac.uk ESMTP Sendmail 8.14.5/8.14.5; Tue, 31 Jan 2012 09:52:24 GMT
EHLO localhost
250-mailer5.dcs.bbk.ac.uk Hello root@localhost, pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-EXPN
250-VERB
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH DIGEST-MD5 CRAM-MD5 LOGIN PLAIN
250-DELIVERBY
250 HELP
AUTH PLAIN AE15VXNlcgBNeVBhc3N3b3Jk
235 2.0.0 OK Authenticated
quit
221 2.0.0 mailer5.dcs.bbk.ac.uk closing connection

• That is it.

refernces:
- Guía Instalación de Sendmail con SMTP-AUTH y (tema #2688)
- Sendmail-SMTP-AUTH-TLS-Howto
- OpenSolaris Sendmail Auth

01 Feb 2012 1:36pm GMT

I need to go back.

01 Feb 2012 12:07pm GMT

Are the European Commission just trying to provoke us? Having seen the depth of feeling over SOPA and PIPA, you would expect the European Commission to regard ACTA as a hot topic. But not a bit of it - they almost seem to relish the confrontation by getting member states to sign it almost before the blood was cold in SOPA and PIPA. I believe we need to repeat the experience of the Software Patent Directive, and I explain why on ComputerWorldUK today.

01 Feb 2012 12:07pm GMT

I thought I would finally get SMTP AUTH working on my Solaris 11 servers, so that I could then setup my phone to send e-mail correctly.

So can you do it with default Solaris 11 software?
If you can't wait the answer is NO! but here is what I tried just in case someone can solve the problem.

• First Solaris 11 comes with Sendmail and SASL, but worst luck Sendmail has not been built with SASL support (you see the following when you edit sendmail.cf. see later).

# sudo /usr/lib/sendmail -d0 -bt < /dev/null
Version 8.14.5+Sun
Compiled with: DNSMAP LDAPMAP LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8
MIME8TO7 NAMED_BIND NDBM NETINET NETINET6 NETUNIX NEWDB NIS
PIPELINING SCANF STARTTLS TCPWRAPPERS USERDB USE_LDAP_INIT
XDEBUG
Warning: Option: AuthMechanisms requires SASL support (-DSASL)
Warning: Option: AuthOptions requires SASL support (-DSASL)

• Lets try compiling sendmail to see if Solaris SASL can work!
• Install the packages which we requite and download sendmail 8.14.5

# sudo pkg install pkg:/developer/build/make system/header developer/gcc-3 text/gnu-grep database/berkeleydb-5

# echo $PATH
/usr/sbin:/usr/bin
# export PATH=$PATH:/usr/gnu/bin:/usr/sfw/bin

• Stop existing sendmail processes.

# sudo svcadm disable svc:/network/smtp:sendmail
# sudo svcadm disable svc:/network/sendmail-client:default

# gzip -dc sendmail.8.14.5.tar.gz | tar xf -
# cd sendmail-8.14.5

• Set up sendmail FEATURES (SSL, SASL, DB)

# cat > devtools/Site/site.config.m4
dnl ### Changes for STARTTLS support
APPENDDEF(`confENVDEF',`-DSTARTTLS')
APPENDDEF(`confLIBS', `-lssl -lcrypto')
APPENDDEF(`confLIBDIRS', `-L/usr/lib -R/usr/li')
APPENDDEF(`confINCDIRS', `-I/usr/include/openssl')

dnl ### SASL support
APPENDDEF(`confENVDEF', `-DSASL')
APPENDDEF(`conf_sendmail_LIBS', `-lsasl')
APPENDDEF(`confINCDIRS', `-I/usr/include/sasl')

dnl ### Berkley DB support
APPENDDEF(`confENVDEF', `-DNEWDB')
APPENDDEF(`confINCDIRS', `-I/usr/include')
APPENDDEF(`confLIBDIRS', `-L/usr/lib')
EOF

• Build Sendmail

# ./Build -c
/* It should build but ignore the gtroff:error at the end */
# sudo mv /usr/lib/sendmail /usr/lib/sendmail_orig
# sudo cp obj.SunOS.5.11.i86pc/sendmail/sendmail /usr/lib/sendmail
# sudo sudo chgrp smmsp /usr/lib/sendmail
# sudo sudo chmod g+s,u-ws /usr/lib/sendmail

• Now a Vendor and SASL support to sendmail.cf file (I hope you know what you are doing here)
• Edit sendmil.mc add add the extra lines:

define(`VENDOR_NAME', `Berkeley')
define(`confAUTH_OPTIONS', `A')dnl
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl

# cd /etc/mail/cf/cf
# cat sendmail.mc
divert(0)dnl
VERSIONID(`sendmail.mc (Sun)')
define(`VENDOR_NAME', `Berkeley')
OSTYPE(`solaris11')dnl
DOMAIN(`solaris-generic')dnl
define(`confAUTH_OPTIONS', `A')dnl
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl define(`confFALLBACK_SMARTHOST', `mailhost$?m.$m$.')dnl
MAILER(`local')dnl
MAILER(`smtp')dnl

LOCAL_NET_CONFIG
R$* < @ $* .$m. > $* $#esmtp $@ $2.$m $: $1 < @ $2.$m. > $3
#
# sudo make sendmail.cf
# sudo cp sendmail.cf ../../sendmail.cf

# sudo /usr/lib/sendmail -bt -d0 < /dev/null
Version 8.14.5
Compiled with: DNSMAP LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8 MIME8TO7
NAMED_BIND NDBM NETINET NETINET6 NETUNIX NEWDB PIPELINING
SASLv2 SCANF STARTTLS USERDB XDEBUG

• Now lets set up SASL plugin via a Sendmail.conf

# cat > /etc/sasl/Sendmail.conf
# pw_check: shadow

• I have tried the following in the above with no luck: shadow,pam,auxprop, but none seem to check password information.
• Testing, but first we need the encrypted username and password:

# perl -MMIME::Base64 -e 'print encode_base64("\000MyUser\000MyPassword")'
AE15VXNlcgBNeVBhc3N3b3Jk

• Test the sendmail part:

# sudo /usr/lib/sendmail -bv -O LogLevel=14 -bs -Am
220 mailer5.dcs.bbk.ac.uk ESMTP Sendmail 8.14.5/8.14.5; Tue, 31 Jan 2012 09:52:24 GMT
EHLO localhost
250-mailer5.dcs.bbk.ac.uk Hello root@localhost, pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-EXPN
250-VERB
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH DIGEST-MD5 CRAM-MD5 PLAIN
250-DELIVERBY
250 HELP
AUTH PLAIN AE15VXNlcgBNeVBhc3N3b3Jk
535 5.7.0 authentication failed
Jan 31 09:52:35 mailer5 sendmail[5928]: Password verification failed
Jan 31 09:52:35 mailer5 sendmail[5928]: q0V9qOd1005928: AUTH failure (PLAIN): user not found (-20) SASL(-13): user not found: Password verification failed, relay=root@localhost
quit
221 2.0.0 mailer5.dcs.bbk.ac.uk closing connection

• So no luck, if you can spot anything I am doing wrong please let me know.
• I will post shortly how to get over the above.

refernces:
- Guía Instalación de Sendmail con SMTP-AUTH y (tema #2688)
- Sendmail-SMTP-AUTH-TLS-Howto
- OpenSolaris Sendmail Auth

01 Feb 2012 11:19am GMT

I'm just posting this quick note to help publicize the Oracle Solaris 11 Technology Forum we're holding in the Detroit area next week. There's still time to register and come get a half-day overview of the great new stuff in Solaris 11. The "special treat" that's not mentioned in the link is that I'll be joining Jeff Victor as a speaker. Looking forward to being back in my home state for a quick visit, and hope I'll see some old friends there!

31 Jan 2012 9:20pm GMT

La nouvelle licence open-source de Mozilla est bien plus qu'un simple ravalement de façade. Elle pourrait créer de nouvelles possibilités pour l'unité de la communauté du Libre.

La première semaine de janvier 2012 marque un jalon discret mais important dans le mouvement de l'open-source, grâce à la publication d'une deuxième version de la Mozilla Public License (MPLv2) et sa validation en tant que licence libre officielle. Quand bien même beaucoup n'y voient qu'un énième détail juridique, cette publication est importante à deux titres : le procédé par lequel on l'a élaborée, et l'objectif pour lequel on l'a créée. Il s'agit d'une licence qui a pour but l'unité.

Rédaction et révision de cette licence se sont déroulées selon un processus très ouvert, dans lequel Luis Villa a joué un rôle prépondérant. Organisé en majeure partie dans des forums publics, le débat a conduit à de nombreuses modifications du texte. Luis est entré en contact très tôt avec l'Open Source Initiative, a accepté les retours du groupe de révision des licences, puis obtenu sans mal l'approbation du conseil d'administration.

D'autres articles sur cette nouvelle licence se sont concentrés sur les modifications de la partie « patent peace » (NdT: la paix des brevets) et autres ajustements des clauses (adieu, Netscape !), mais le changement le plus important apporté par la version 2 de la licence Mozilla est à mon sens l'inclusion d'une compatibilité particulière avec la GPL (GNU General Public License). Par le passé, le projet Mozilla jonglait avec un système complexe et peu clair de triple licence afin de composer avec les univers des licences copyleft et non copyleft. De manière générale, les autres utilisateurs de la MPL (et ses nombreux clones rebaptisés) ne prenaient pas cette peine, et par conséquent certains codebases se sont retrouvés exclus de toute collaboration possible avec l'immense univers des logiciels placés sous licence GPL.

Selon un procédé inédit que la Commission européenne a inauguré pour la licence publique de l'Union européenne (EUPL), la MPLv2 inclut des clauses permettant à un projet de stipuler, de façon optionnelle et explicite, sa compatibilité avec d'autres licences, en particulier celles de la famille GPL. À mes yeux, la MPLv2 représente une mise à jour d'envergure de la famille précédente des v1.x, justement grâce à cette compatibilité explicite avec la GPL, laquelle offre pour la première fois une passerelle praticable entre les paradigmes permissifs et copyleft. Elle ne satisfera pas les puristes des deux mondes, mais propose avec pragmatisme une nouvelle solution aux projets open-source appuyés par des entreprises. Celles-ci pourront disposer d'une communauté qui produit du code sous licence permissive tout en fournissant à cette même communauté un moyen d'entretenir des relations avec d'autres communautés travaillant sur du code sous licence copyleft.

30 Jan 2012 10:29am GMT

Cross-posted from my blog on the Yocto Project website. Check us out there and the other things we're doing on Embedded Linux.

I sat down this morning to jot down a few words about the latest Yocto Project development milestone, which has the very homely name of "M2". We pause at this time to branch our code, run a full pass of our QA suite and make sure we are on track with major features. (This is all good by the way).

The developers working on the Yocto Project are a very interesting bunch - we have people who have worked in open source projects for their entire careers and others who come from the world of product development. It's fascinating to see these worlds intermix as we try to do the right thing to make Linux the best choice for embedded development.

Now before you think I'm totally confused on this point, let me assure you, I am not. The Yocto Project is not a product. It is an open source project, which will form the upstream for products, ranging from devices to board support packages to operating systems from the like of Mentor Graphics and Wind River Systems. To be a stable basis for these products, we take seriously the need to track the health of our bits as we develop them.

You can track project health with all kinds of metrics and dashboards and charts. Often it comes down to the experience and intuition of the project leaders to figure things out.

In 2001, the Oakland Athletics baseball team was eliminated from the playoffs by the New York Yankees, a team with three times the money available for players. How could the Athletics (or A's as they are called) ever hope to beat a team with so much money to spend? The tale is told in Moneyball, nominated for the 2011 Best Picture Oscar.

Now, I will confess, I am not such a fan of baseball, and I have a hard time caring about such things. What drew me in was the way players are traditionally chosen in baseball. Professional scouts, who are quite experienced in baseball, will evaluate a player based on everything from their statistics to how pretty their girlfriend is.

How in the world could you evaluate a player on whether they had an attractive girlfriend? This was part of the intuition the scouts would use to indicate a player's confidence.

The A's general manager tries a different tactic. Could you apply economic theory and create a formula that would boil down all of the metrics for a player and create a single number to evaluate them? And can the movie's makers take such a dry topic and make it interesting, as Aaron Sorkin did with The Social Network, 2010's Best Picture.

Well, you can judge that last bit for yourself. I thought it was very good (and beautifully photographed as well).

How about the Yocto Project? Can we as leaders boil all those statistics down to a single number to tell us the health of the project? I'd like to think we do.

Meet the Weighted Defect Density:

This is just a snapshot I grabbed from the end of https://wiki.yoctoproject.org/wiki/Yocto_Bug_Trend - you can see all kinds of other statistics in there as well. But this is the one I look at first when I want to know how we're doing. TO compute it, we eliminate the bugs which are not defects (there are enhancements and features tracked in Bugzilla as well) and then weight the open bugs by their severity and track this number over time.

This single trend chart gives us a lot of insight into the project. It helps us to ask more questions about what is going on, to drill into other data and to potentially change course. Do we think we're going to hit our goals for the release? Do we need to stop development work and focus people on bug fixing for a while? Maybe we need to stop testing so much and work on fixing bugs. Or maybe the line is lower than we expect it to be and we should be doing more testing.

Using a Weighted Defect Density in a project is not a new idea[1]. I first heard about it and used it way back in the early 1990s. But it has proven to be a good indicator of Yocto Project health and helped us make informed decisions.

In Moneyball, the hero played by Brad Pitt says his ultimate goal is to change the way the game of baseball is played. He sounds like he could be on the Yocto Project. We're trying to change the way the world develops devices. Time will tell if we're right.

[1] Robert Baetke, an associate at Sequent Computer Systems learned about the Weighted Defect Density metric at a talk given about how Boeing developed the 787 aircraft. He brought the tool to Sequent and employed in there, and I am very grateful for his contribution to my way of thinking about development.

30 Jan 2012 6:28am GMT