Slashdot Mirror

According to This, it would have been before 14 August as that is when they announced that they noticed something.

https://www.redhat.com/archives/fedora-announce-list/2008-August/msg00008.html

"The Fedora Infrastructure team is currently investigating an issue in
the infrastructure systems. That process may result in service outages,
for which we apologize in advance. We're still assessing the end-user
impact of the situation, but as a precaution, we recommend you not
download or update any additional packages on your Fedora systems."

Now I know what the above ominous but cryptic message means. The Fedora Infrastructure is being used a a huge spam botnet!

Actually if you have a Redhat subscription you get excellent telephone or email support on all applications as well as the OS however you are going to pay for it with the cost being determined on if you are a home or corporate user, the actual coverage and the type of hardware you are running the Redhat software on. See the following costs. For the home user you can do the support yourself if you can, but for the corporate customer a support contact is essential.

For many companies support costs are not important if the perceived value of their data exceeds the cost of hardware, software and their support. If you are the IT manager and you make the suggestion to your company that they don't need software support you are placing yourself in a very risky position because one IT issue with regard to software (OS or otherwise) even if it is not your fault and you are going to get the blame.

While I have focused on Linux support many corporations want Microsoft support if they have Microsoft OS's on some of their hardware even though the actual support may actually be (to some) quite poor.

https://www.redhat.com/archives/fedora-devel-list/2007-February/msg01082.html

Eric was never forthcoming about what he did to break the system, which is no surprise because it was clearly an idiot thing to do.

If he had a problem with a repository, it's because he was trying to use a repository that wasn't compatible with Fedora. libcom_err was and is part of e2fsprogs-libs.

Absent any better proof than is available, I'll maintain that rpm is not at fault, and neither is Red Hat or Fedora. Eric was doing something stupid, and he ignored the system's warning that he was going to break the system. When he broke it, it was *his* fault, and his alone.

Stop it. This is a total troll and is 100% FUD. Fedora isn't a "trial" version at all -- it's a bleeding edge distro made for people who don't need commercial-grade support for their distro, but they want a Red Hat based system. Plus, Fedora isn't just "usable," it's awesome. Far from being a collection of bits and pieces, it's a coherent, organized collection of software -- in short, it's everything you expect a distro to be. You should check out: This and this.

WTF? My team uses Fortify to analyze our Java webapps (compiled on the Sun JDK and running on their JRE), which is then deployed to Linux servers running RHEL 5. HTTP connectivity for the apps is provided by Jetty; the apps themselves connect to Oracle databases (using C3P0 for connection pooling).

With Fortify 4.0, I griped that it provided no value that we didn't already get with FindBugs (for free). The 5.0 release (along with the workbench, which provides better information than the HTML report), however, did catch a few bugs which weren't caught by FindBugs. We now run both tools in our automated Hudson builds.

Where, exactly, are the Microsoft products in the above list?

The guys at Red Hat have released the first version of a project called Genome genome.et.redhat.com . This looks to be an open source project that makes Fedora, Red Hat Enterprise Linux, and CentOS clouds using Xen, KVM, and commodity hardware.

This is news? Redhat (like every OS vendor I've ever dealt with) have been pushing out updates with broken assumptions for years.

In fact, this isn't even the first time they've done something similar when updating bind:
back in 2004 they released RHEL 3 update 4 and many people had precisely the same experience. Additionally, when applied, Update 4 removed the /etc/rc*.d/S*named and /etc/rc*.d/K*named and then shut named off.

As a quick glance at redhat's bugzilla shows, the first problem (the same one you experienced in this release) wasn't a schoolboy mistake on the packagers part, or a bug. It was the result of a poorly understood choice on the part of the person who originally provisioned the machine.

Rather than installing just the original bind-9.2.4, the people who had their named.conf overwritten had installed bind plus a package called caching-nameserver. It's that package that, when updated, backed up and overwrote their bind config. The "caching-nameserver" package should only be installed if you want to run a caching nameserver, because the caching-nameserver package isn't an application at all - it's simply a named.conf file.

The real bug (back in 2004) wasn't actually in Update 4's bind package. As it turns out, the package it replaced incorrectly contained a `chkconfig --del named` in its uninstall script.

Anyone without proper alerting and a good QA process found that one out the hard way. I had customers who'd gotten so blasè about performing nighttime maintenances without proper reversion testing that they scheduled nightly cronjobs that ran up2date at midnight and rebooted the production machine, Naturally, they woke up in the morning to find they'd just suffered 8 hours of downtime.

Lesson? Don't trust the vendor's QC work, don't install unnecessary packages, and make sure to QC your own work! Ask any experienced Windows admin about unintended consequences from "trusted" vendor patches...

If you don't check out how neat the RHN satellite server, or the new spacewalk server is, you're really missing out. It is really nice in the enterprise environment.

Here are the problems with the RHN satellite server:
1) It only runs on RHEL4. RHEL5 is not supported.
2) It costs a lot of money ($13,500 annually)

Reference: http://www.redhat.com/red_hat_network/

As for the Spacewalk server:
1) Requires Oracle Database (9i or 10g)
2) Only supports Fedora and CentOS. Cannot manage RHEL releases.
3) Requires RHEL5 as the base machine for the initial installation/web server platform.

Reference: http://www.redhat.com/spacewalk/faq.html#compare

If you don't check out how neat the RHN satellite server, or the new spacewalk server is, you're really missing out. It is really nice in the enterprise environment.

Here are the problems with the RHN satellite server:
1) It only runs on RHEL4. RHEL5 is not supported.
2) It costs a lot of money ($13,500 annually)

Reference: http://www.redhat.com/red_hat_network/

As for the Spacewalk server:
1) Requires Oracle Database (9i or 10g)
2) Only supports Fedora and CentOS. Cannot manage RHEL releases.
3) Requires RHEL5 as the base machine for the initial installation/web server platform.

Reference: http://www.redhat.com/spacewalk/faq.html#compare

Here's the bug details: https://bugzilla.redhat.com/show_bug.cgi?id=453340

One of the bug comments says: "Latest caching-nameserver renamed my named.conf to named.conf.rpmsave in /var/named/chroot/etc" - so this should mean that you can still restore the lost conf file.

> on any Linux system you can log in in init 1 (runlevel 1)

Anyone with even the slightest bit of security concern would put a restricted flag in the boot loader to prevent this sort of thing. The boot loader will then ask for the password to alter the boot command line. See RedHat docs for a howto.

When are the patches at http://people.redhat.com/heinzm/sw/dm/dm-raid45/ going to be included? I'm running a dualboot box so have to run the BIOS-fakeraid that works with Windows. I had to run through a few hoops to get it working with 2.6.24 (https://bugs.launchpad.net/ubuntu/+source/linux/+bug/220493 comments) and for now it works...but what if I want to update kernel at some point?

You just described RedHat's business model. RedHat has been a very successful distro for about a decade (although they've sunk a bit beneath the radar these last couple years), and all they sell is tech support. Works great for them, too.

And where does the money come from to pay for the degree while they're students?

Same place it comes from for ALL students. I.e. only a teeny-tiny proportion from proprietary software. To imply otherwise is simply disingenuous. To imply it matters to this argument is also disingenuous.

when was the last time a company paid for a support and consulting contract in lieu of a service contract with a proprietary vendor?

The last time a company choose a free software platform. There is no distinction between 'support and consulting contract' and 'service contract.' They are the same thing, just a matter of degree.

When was the last time an end user called Adobe or Microsoft?

Gee, I dunno, how about 10 minutes ago?
http://www.adobe.com/support/programs/photoshop/

This only applies where there isn't a tool they can buy that's adequate.

So what? Most tools are not optimal for the particular task at hand. You can fix that with free tools. You can't with closed ones. What's worth more, time or money? It all depends on the specifics of each case.

Hiring consultants is useful because the prospective hire has expert-level knowledge of the system you're using and has the power to effect changes.

You seem to have some pie in the sky notion that a support contract for free software is the same thing as hiring Accenture. Just about all of your argument is based on that premise. It is false.

http://www.canonical.com/services/support
http://www.redhat.com/rhel/renew/faqs/
http://www.mysql.com/about/legal/supportpolicies/policies-02.html#q02
etc -- all the same style as support contracts for 'proprietary' products.

Paying for support for free software costs more, since the proprietary software has already made money on license sales.

Lol! Which is it - "initial purchase price is an almost-insignificant piece of the TCO" or license sales are significant enough to subsidize support sales?
The real point you missed here is that Free software does not have the same level of bring-up costs to begin with. The cost of the linux kernel has long ago been amortized. So while proprietary vendors have higher investment costs that must be recouped, Free software does not.

A competitive market might drive the labor rate down for support services, but the result of that is detrimental to the FOSS developer,

Sure, that's a risk of the free market. Do you believe in the free market or not? Or do you believe that it is just a zero-sum game to be manipulated for economic benefit of one group over another?

Ultimately your arguments fail the real-world test. There are tens of thousands of software engineers, maybe even hundreds of thousands, who make a living by working on and with free software.

PS. I'm still waiting for a citation to one of those many studies that says Free software depends on free labor.

I didn't say anything about a lack of profit at Red Hat, I just stated that the day may come when corporations ask themselves why they should pay for something that is available for free.

You clearly have no idea what Red Hat's model is. We don't sell bits on a CD. We sell support. We sell the ability to call us and (in some cases) talk to the original kernel developer who wrote the code. I'm sorry but support is not "something that is available for free" to any user of Linux.

Does Red Hat have any brand new product ideas that aren't part of the Linux OS that they'd like to spend a few years developing and release version 1.0 under the GPL license?

Yes, absolutely dozens of products. Off the top of my head, Red Hat MRG (developed for years and just released, GPL, version 1.0 last week), ClusterSuite, LVM and all the Sistina stuff, FreeIPA, all the ET virtualization tools, all my stuff, virtio, JBoss (bought, already open source), RHN (recently open sourced), Netscape Directory Server (bought and open sourced), and probably 10 more that I can't even remember now.

Rich.

I didn't say anything about a lack of profit at Red Hat, I just stated that the day may come when corporations ask themselves why they should pay for something that is available for free.

You clearly have no idea what Red Hat's model is. We don't sell bits on a CD. We sell support. We sell the ability to call us and (in some cases) talk to the original kernel developer who wrote the code. I'm sorry but support is not "something that is available for free" to any user of Linux.

Does Red Hat have any brand new product ideas that aren't part of the Linux OS that they'd like to spend a few years developing and release version 1.0 under the GPL license?

Yes, absolutely dozens of products. Off the top of my head, Red Hat MRG (developed for years and just released, GPL, version 1.0 last week), ClusterSuite, LVM and all the Sistina stuff, FreeIPA, all the ET virtualization tools, all my stuff, virtio, JBoss (bought, already open source), RHN (recently open sourced), Netscape Directory Server (bought and open sourced), and probably 10 more that I can't even remember now.

Rich.

I didn't say anything about a lack of profit at Red Hat, I just stated that the day may come when corporations ask themselves why they should pay for something that is available for free.

You clearly have no idea what Red Hat's model is. We don't sell bits on a CD. We sell support. We sell the ability to call us and (in some cases) talk to the original kernel developer who wrote the code. I'm sorry but support is not "something that is available for free" to any user of Linux.

Does Red Hat have any brand new product ideas that aren't part of the Linux OS that they'd like to spend a few years developing and release version 1.0 under the GPL license?

Yes, absolutely dozens of products. Off the top of my head, Red Hat MRG (developed for years and just released, GPL, version 1.0 last week), ClusterSuite, LVM and all the Sistina stuff, FreeIPA, all the ET virtualization tools, all my stuff, virtio, JBoss (bought, already open source), RHN (recently open sourced), Netscape Directory Server (bought and open sourced), and probably 10 more that I can't even remember now.

Rich.

I didn't say anything about a lack of profit at Red Hat, I just stated that the day may come when corporations ask themselves why they should pay for something that is available for free.

You clearly have no idea what Red Hat's model is. We don't sell bits on a CD. We sell support. We sell the ability to call us and (in some cases) talk to the original kernel developer who wrote the code. I'm sorry but support is not "something that is available for free" to any user of Linux.

Does Red Hat have any brand new product ideas that aren't part of the Linux OS that they'd like to spend a few years developing and release version 1.0 under the GPL license?

Yes, absolutely dozens of products. Off the top of my head, Red Hat MRG (developed for years and just released, GPL, version 1.0 last week), ClusterSuite, LVM and all the Sistina stuff, FreeIPA, all the ET virtualization tools, all my stuff, virtio, JBoss (bought, already open source), RHN (recently open sourced), Netscape Directory Server (bought and open sourced), and probably 10 more that I can't even remember now.

Rich.

Red Hat comes to mind.

I seem to recall that the Fedora project decided not to distribute FF2 with any of their spins, opting to wait for FF3 instead, precisely because of the perception of suckage.

Redhat ceased supporting their desktop line for a reason

Red Hat Enterprise Linux 5 Desktop

We've been using it for a couple of years now, and I've even taken the class on it. Everyone's gripes here are quite true. I've got three gripes with it. One: the Monitoring module, uses an internal package RedHat bought called NOCPulse. I've got auditing running on our machine and I found that gogo.pl, a piece of NOCPulse, opens /etc/shadow in read/write mode hundreds of times a day. The kicker, is that it's non-obvious from the source code where or how it's doing this, or even why. We've threatened to un-pay for Monitoring unless it gets fixed and now. Since we're using ZenOSS, we'll probably un-pay for it anyway since ZenOSS does all this stuff anyways.

Two: Oracle is their choice for a backend RDBMS. Oracle charges a very fine penny. Now, as RedHat open sources it, folks will hopefully change out the database package. RedHat has already indicated that they will keep the price the same, so my guess is that the expected profit increase will come from goading the OSS community to dump Oracle, thereby relieving them of licensing costs, and putting the new leftovers straight onto the bottom line. If Satellite Server was comparable in cost to Microsoft's SMS, I don't think folks would mind so much.

Three: Incremental updates are impossible for disconnected networks without moving all XX Gigabytes of RPMs. I've heard that under the new version, this might be possible, but I'm not holding my breath. In a world that expects you to maintain patch compliance, it's not so easy to deploy those patches. Where this matters most is isolated U.S. Government networks. Getting patches is non-trivial. Yes, it's the admin's job to sneaker-net the updates which is fine, but importing is not as trivial as you might think it should be.

Usability is something that is really lacking with this product. Notably, in configuration channels (which are a nice idea) while I'm looking at a configuration file, I should have the choice right then and there to deploy it to one or more hosts. Nope. I have to go to the system group and tell them to go get it. And even that is buried unless you've been trained on where it's hiding.

So, can the community do this? Sure. But I think most folks would rather just rewrite it around yum. The best thing Satellite offers is the automation of kickstarting and joining to the Satellite server. Sure, you go over DHCP, TFTP, and kickstart files in class, but Satellite does most of the work for you. I kinda wish mass deployment and patch monitoring was the default way to do RedHat, and the manual method is only meant for your first couple of installs - especially since RedHat has declared that they aren't interested in focusing on a general-user desktop.

Because they felt like it is a good answer.

The "political statement" part and the "didn't want to be a part of it" are however conspiracy theories - or more likely a reflection of your own views, given your username - that seem to forget that RedHat welcomed the GPLv3 and contributed to the process:

We want to congratulate the Free Software Foundation, the Software Freedom Law Center, and the many companies and individuals, who have all worked so diligently, for their efforts in developing version 3 of the GNU General Public License. Their work is to be commended. Red Hat believes our end user customers will benefit from several of the new provisions in GPLv3, including the patent license provisions. Red Hat will continue to contribute to projects that migrate from GPLv2 or other licenses to GPLv3, and we will look to include GPLv3-licensed projects in our future distributions. GPLv3 will also be added to the list of approved open source licenses under Red Hatâ(TM)s Patent Promise.

Which means that they'll use both and see no problem in either - just like the vast majority of projects and developers that like the GPL in the first place.

From the spacewalk website

"Spacewalk manages software content updates for Red Hat Enterprise Linux and other Linux distributions such as Fedora, CentOS, and Scientific Linux, within your firewall." http://www.redhat.com/spacewalk/

see if you can get a hold of a copy of the Red Hat annual report from the year they went public (fy2000). the letter to shareholders is a poster, and on the back is the source for the Linux kernel 0.1

i worked on that report, and i remember there being some long discussion about including some of Linus' less politically correct comments in the source, but the RH execs basically told the legal teams to suck it.

you can get the PDF from their investor site here:
http://www.redhat.com/annualreport_2000/rhar2000.pdf [PDF]

if you have a nice printer or plotter, it looks really good at full size.

share and enjoy.

As of FireFox 3.0b3 browser.urlbar.richResults no longer works. The ability to chose your own search results style was removed by the Mozilla developers as part of bug #407836. They're illogical viewpoint is explained in bug #403159.

And, for the record, Oldbar does not fix the problem. It does not disable the searching style introduced by FF 3.0. It only makes the results look a little more like 2.0.

According to this article browser.urlbar.matchOnlyTyped no longer works either. The value of browser.urlbar.matchOnlyTyped is now ignored.

It's not the GP's fault either. Dozens of articles have been published in the past few months that have old, outdated information. Even Redhat put it in their Knowledgebase on 6/4. The sheer number of articles attempting to help people disable the "awesome bar" should make the developers realize that this is not a "feature" that everyone wants. I agree with the GP. I too HATE the awesome bar. It's a shame too because I would love to have the fixes for the memory leaks in FF 2.0 that don't exist but FF 3.0 addresses anyway.

I hope I am not being overly pedantic here, but there is nothing non-commercial about the GPL or any other free software licenses. In fact, you can pay money for Free softare games if you like. What they really mean is proprietary. In the article, they do however have a clearer definition,

To be eligible for inclusion in this list each game needed to be:

• Released under a proprietary license with a fee required either to purchase the game, or a monthly charge
• Not require Wine to run. Wine is a compatibility layer for running Windows software

My only complaint is with the title of the article.

Now I know what to do with all my dead monkeys!

"Are you sure this protects anyone other than Red Hat, Inc.?"

"Upstream developers receive a perpetual, fully paid-up, royalty-free, irrevocable worldwide license to the patents in suit"

"All products distributed under a Red Hat brand are covered .. In addition, derivative works .. are protected"

The book HAS to be better than the documentation that RedHat provides for RHEL 5 Virtualization. It ranks among the worst-written, most useless documents I've read in a long time.

They're no more trapped than companies stuck with precompiled, third-party software/drivers for, say, RedHat 9 or Fedora Core 3.

Tis life, my friend.

The difference is that I can call up Google and ask for RH9:

http://www.icewalkers.com/Linux/Software/53470/Red-Hat-Linux.html

or FC3:

http://download.fedora.redhat.com/pub/fedora/linux/core/3/i386/iso/

I have both RH9 and FC3 in production right now. At my last job, I believe there is still a Mandrake box with a 2.2 kernel on it running strong. The uptime flips after 500 or so days, but it works OK besides that.

Red Hat is making strides with adopting data-at-rest encryption. RHEL 5.2 now includes eCryptfs as a technology preview.

http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5.2/html/Release_Notes/RELEASE-NOTES-U2-x86-en.html
http://ecryptfs.sf.net/

Insightful is deserved. Or own the desktop at home, will drag Linux into the enterprise. Something RedHat and Novell have missed completely. If they continue to do so, many might just drag in Ubuntu... I would and will.

If anything, they should put out a home distro cheap and capitalize on Vista's shortcomings.

Let me know when you get Ubuntu hardware certified and supported with someone like Dell, HP, IBM, Sun, etc. Oh and certified and supported software like Red Hat Software Catalog Browse by Company. Until then Red Hat is probably going to stay on top.

So ubuntu desktop rules the roost because redhat forgot its roots? Would anyone go as far as to say Fedora according to RedHat is neither 'stable' and/or 'supported'?

I just found this, haven't been on the RH site for a number of years
http://www.redhat.com/rhel/desktop/

Soo... quantaman, what is wrong with Fedora? Seems like an excuse to proprietise an OS without actually taking the code away from those that wrote it. If they just wanted to sell services, surely they'd just offer Fedora w/ paid support?

Again, I'm not trying to bait or flame here, been out the RH loop for a while and just curious really.

http://olpc.download.redhat.com/olpc/streams/sdk/latest/livecd/ :)

Someone did. Too bad you jump down peoples throats over your ignorance of the facts.

Pricks like you that are rude, with bad attitudes, and noses high in the air are a great reason for the majority of other alternative OS's to ignore the Linux community when they get treated like this.

Maybe you should have ended your post with RTFM if your only purpose in life is to piss people off.

Read this and get over yourself or even better go crawl back into your miserable dark little hole.

https://bugzilla.redhat.com/show_bug.cgi?id=442457

Regards

You should be able to respin on other platforms. Running Fedora 8 on i386, Revisor gives me the option of building Fedora 6, 7, or 8, CentOS 5, or Rawhide media, for i386, x86_64, or PPC. It actually defaults to Fedora 7 i386.

Not that it actually works as sometime in the past month or so, something broke, but that's another issue entirely.

As for the status of the fix, I don't know.

I thought the name Sulphur was kind of... lame, so I decided to see what the name was about. The truth is, it was the least bad of all the names voted upon.
 
The logic behind it is thus:
Some more suggestions

  "sulphur"
  "mayonaisse"

(like werewolves they react badly with silver)
https://www.redhat.com/archives/fedora-devel-list/2007-December/msg01194.html
http://fedoraproject.org/wiki/Releases/Names
The other options were:
vote_count , name
                62 , Sulphur
                54 , Bathysphere
                43 , Chupacabra
                39 , Mayonnaise
                32 , Dragicorn
                29 , Woodwose
                23 , Tourette
                13 , Asperger
                13 , Barmanou
                10 , Chingachgook
                  6 , Kingsport Town
                  5 , Marfan

https://www.redhat.com/archives/fedora-announce-list/2008-January/msg00012.html

GFS looks like it does most of what ZFS is supposed to do. There is no hubris in hoping that the nicer parts of ZFS are not patent encumbered - the hubris is in software patents and people who think they can own ideas. If there are no patents in the way, those better ideas will make their way into free file systems.

I've got a live CD of this from RedHat, here it seemed well polished and includes mail, calendaring, Symphony and more..

RedHat Linux Documentations are very good.

http://www.redhat.com/docs/manuals/enterprise/

there are PDF downloads too for you to print.

Actually, if you read the bug report, and https://bugzilla.redhat.com/show_bug.cgi?id=439858#c22 It says they won't be shipping swfdec if FC 9.

I dunno. I hear that Fedora 9 is really lacking in important functionality. Why would I want to install something so obviously half-baked like this?

With serious issues like this, obviously 2008 won't be The Year of the Linux Desktop (Really This Time, We Mean It).

Except that even Linus Torvalds can't seem to get swfdec running correctly.

It's in TFA. For the impatient (like me), it's https://bugzilla.redhat.com/show_bug.cgi?id=439858

is here