Slashdot Mirror

Note the "professional" version for 149.95

Obviously you have not seen the Red Hat errata list. There are already ten security flaws in Red Hat 6.1. These bugs which were shipped with Red Hat 6.1 will allow an outsider to gain root access if the patch is not applied. It is OK for Red Hat to a buggy and insecure OS, but not for Microsoft?

I'm amazed.

That's all there is to it.

For years, SGI has treated GL and then OpenGL as one of the crown jewels. Even the API exposed a lot of their hardware architecture. The source of OpenGL was what made those amazing framebuffers go. Now, to see Kurt Akeley going on about open source and releasing source to Open GL....

As far as I'm concerned, this is definitive proof that SGI has become as much an open source company as Red Hat or VA Linux.

No. I don't think it has anything to do with the "coolness" of my hack. I expect IBM to take redistributing software in a form that violates the license as being a serious problem because as a member of the Business Software Alliance Policy Council it is part of their stated mission to take such issues seriously.

But please feel free to explain your opinion in more detail. Is it your feeling that the Free Software Foundation wrote the requirements for redistribution of a statically linked work into the LGPL only for Linus Torvalds and others who achieve the same "coolness hack" level? Has Alan Cox be considered to have written a cool enough hacks to expect the LGPL to be honored? Has Richard Stallman? Has any of the glibc maintainers? Would you even recognize any of the names of the glibc maintainer's whos copyrighted works have been pirated through IBM's actions? Have you kept up with glibc modifications to rate different programmer's "coolness hack" level? Or can even an "asswipe" (like yourself) be able to expect International Business Machines to honor federal copyright law and either honor the licensing conditions of redistribution of software works or not redistribute it at all?

Based on what I have read of the LGPL, it doesn't bring up any of the "asswipe"/"coolness hack" certification that you suggest. The LGPL was written to provide all parties involved in a software product equal access to modifing the LGPL work. This is done by requiring at minium that a redistributor to provide the source code to the LGPL work and at least the object files for accomplishing relinking to modified versions of the LGPL work if the redistributor statically links against that LGPL work. International Business Machines has failed to do this for over a year and has failed to honor requests for the object files for over six weeks. Is this really the actions of a supporter of the Linux community as a whole and supporter of the open source licenses commonly associated with that community's work? If not, then exactly what does IBM's statements of commitment to Linux/open source mean? It seems reasonable to me to expect key companies that benfit from the Linux community works to choose more carefully what actions from their business partners they are willing to put up with. So far IBM's "commitment" to Linux has been fluff and the LGPL violation regarding ADSM v3r1 level 0.1 for Linux continues...

This is appearantly a bug in modutils in Redhat 6.1, you can read about it here. It did solve my problem, and printing now works smoothlessly.

RedHat Linux and Java both lose in various benchmarks comparisons. Both are backed by enough money to incent developers to scratch their itches on the outstanding bugs. Remember that $1 Billion dollars in market cap can translate into 1,000,000 $1000 checks to community contributers.

What I suggest is this: RedHat offer shares from its huge marketcap to get bugs fixed in the RedHat installation and other not-quite open source software. Sun and IBM would then offer shares for Java bugs in their not-quite open source software. If only one thousand annoying problems were fixed (0.006% of RedHat market cap) and incorporated into later releases, the popularity of both Java and RedHat would rise enormously.

Disclaimers: I had grevious problems getting Redhat to install and have not been impressed with its ease of use. I have been employed by Sun as the strategic systems engineer liason for Java between Sun and IBM. I own stock and want it to go up.

Cheers,

Charles Merriam

merriam @ world.std.com

RedHat Linux and Java both lose in various benchmarks comparisons. Both are backed by enough money to incent developers to scratch their itches on the outstanding bugs. Remember that $1 Billion dollars in market cap can translate into 1,000,000 $1000 checks to community contributers.

What I suggest is this: RedHat offer shares from its huge marketcap to get bugs fixed in the RedHat installation and other not-quite open source software. Sun and IBM would then offer shares for Java bugs in their not-quite open source software. If only one thousand annoying problems were fixed (0.006% of RedHat market cap) and incorporated into later releases, the popularity of both Java and RedHat would rise enormously.

Disclaimers: I had grevious problems getting Redhat to install and have not been impressed with its ease of use. I have been employed by Sun as the strategic systems engineer liason for Java between Sun and IBM. I own stock and want it to go up.

Cheers,

Charles Merriam

merriam @ world.std.com

RedHat Linux and Java both lose in various benchmarks comparisons. Both are backed by enough money to incent developers to scratch their itches on the outstanding bugs. Remember that $1 Billion dollars in market cap can translate into 1,000,000 $1000 checks to community contributers.

What I suggest is this: RedHat offer shares from its huge marketcap to get bugs fixed in the RedHat installation and other not-quite open source software. Sun and IBM would then offer shares for Java bugs in their not-quite open source software. If only one thousand annoying problems were fixed (0.006% of RedHat market cap) and incorporated into later releases, the popularity of both Java and RedHat would rise enormously.

Disclaimers: I had grevious problems getting Redhat to install and have not been impressed with its ease of use. I have been employed by Sun as the strategic systems engineer liason for Java between Sun and IBM. I own stock and want it to go up.

Cheers,

Charles Merriam

merriam @ world.std.com

Unless you are in the "web business", none of Apache, mod_perl or PHP are necessary tools.

How many non-web businesses do you think use Suns for Intranets? I think it's a very large number. And why should it not be there?

So, which Linux vendor supports Perl, Python, Apache, GIMP, whatever?

Red Hat, SuSE, Corel, TurboLinux... need I go on?

What you are mistaking is the difference between providing commercial support for a product and managing the development schedule of a product. Red Hat provides support for all of the products that they include in their distribution. They will work to help you with probelms and, if necessary, fix the software. If they patch the software in order to provide support, it goes into their updates (after Q/A), and also back to the maintainer.

Sometime unpack a few Red Hat SRPMS (source RPMs) and check out what comes with one. Usually, it's the base package plus one or two Red Hat specific patches (e.g. to make it work with RPM or with PAM or some other porting issue or bug fix that hasn't made it into the core distribution yet). You can type "rpm --rebuild package.srpm" to merge the patches in and create an RPM, so you don't notice Red Hat's contribution unless you look for it, but it's significant, and it's there.

Red Hat or Debian ain't going around "oh, there's a new release of Perl, quick, we need to make a new release too".

Check out ftp://updates.redhat.com/6.1/SRPMS/. Yes, that's exactly what they do. And they do it the same way Sun releases new sendmail versions. They provide a patch after having done their own Q/A, and then they include it in the next major update.

Saying that Linux is better than Solaris because of the existance of vendors that gather the freeware for you, and put it on a CD doesn't make much sense.

I agree, but that wasn't what I was saying. Vendors like the ones you describe (e.g. Slackware) are interesting to me, but not for business use. Vendors like Red Hat that integrate all of those products well, create their own infrastructure around them and support the whole RESULTING PRODUCT are very interesting to me, and I consider them more business worthy than Sun for those very reasons.

Now, to be fair, I hear that a lot of the software that I have mentioned (but not all) actually *is* in the next Solaris release. I guess I'll wait and see. But, for right now, the choice is clear for those who want a low TCO.

Slowaris suxx! Linux ruleZ!

Is that so hard to comprehend???

Where the hell is LiNuXMaN when you need him?

I do not use Solaris. Ever.

I do not use Solaris. Ever.

Well, look at the Linux/Stoag computer virus. It does exactly what we're worrying about in exploit bugs.

Linux as an operating system is, in actuality, a lot more insecure than we'd like to admit. To prove my point, look at RedHat's Linux 6.1 Security Advisories page. How many of these packages were fixed to prevent root exploits? Five of thirteen. But look at how common some of these five are!

Malicious people can use lpr of all things! Another famous example: bind. Or how about wu_ftpd? Those two, alone, are present alone on how much of the linux community?

Honestly, were it not for freshmeat.net , I probably would not have discovered the existance of the new packages. (I don't check RedHat's site often. And I don't signup for mailing lists either... So this is my fault.)

There are script kiddies out there who can manipulate the overflows in bind. (Please, for the love of God, if you haven't updated to bind 8.2.2_P3, go do so!) If a script kiddie can find a way to do that, then some coder worth his paycheck can probably figure out a way to have a program manipulate itself into root that way.

I mean, all some perverse (or highly bored) programmer has to do is write a program to manipulate those bugs to get root... And then run rm -rf / to kill your machine. (There are, of course, nastier things one could do, but the less ideas I generate for others, the better.)

By no means, are we safe. Linux virii will eventually be created and released into the wild. (There are even some that claim that MicroSoft will be the origin for the epidemic.)

The only way we can keep ourselves truly safe is to catch security holes before the other side does and update our source packages before the attacks start.

There is a saying in network security: "One loose link is all you need."

boot a software RAID meaning boot a kernel on a s/w raid partition? If so, it'll only work with the 0.90 RAID (not the 0.4x that ships in kernels, at least AFAIK) and it will only work with the lilo with RH 6.1 (unless you add a disk= section for md0 geometry).

kernel.org/pub/linux/daemons/r aid/alpha/ has the 0.90 raidtools and patches for 2.2.11 (works on .11, .12, .13) and www.redhat.com/~mingo/ has patches for 2.2.14 (raid-2.2.14-B1) and 2.3.40 (ibc-ext2-raid-2.3.40-N1)

Haddock, Salmon, Pike, Bass, Cod, Tuna

I knew this kid named Jimmy when I was growing up. Jimmy was, how shold I put it... "Special". Jimmy loved to eat peanut butter and jelly sandwiches. That's why I think pb & j is the appropriate smell for these guys

Nervous sweat is the smell for these guys and these guys too

For these guys it's obvious, rocket fuel.

And in the same spirit, that vomitey, greasy, sugarey, metallic smell you find near big rollercoasters for them

And the muddy, porcine smell you'd find around that prize-winning heiffer that just keeps eating and getting bigger for these freaks. Of course you know that animal is the main ingredient for the spiced ham smell that you'd find here

first time post on slash, so go ahead and make the jokes

As you wish... How dare you invent a new contest? the first post stuff is already bad enough, and now you've started first time post... You should be punished. ;)

what i wanted to know [...] is if corel's linux os is really better than windows

The only way to find out for sure if it's better for you is to try. My personal opinion is "yes, definitely", although I don't really agree with your choice of distributions. Corel Linux looks quite nice, but compared to the others, it's just a bit too buggy and non-standard. You might want to have a look at Red Hat, Mandrake and Debian before making the final decision on which version to try.

You've seen the "getting bugs fixed" argument - other arguments include speed, stability and lower hardware requirements.

That can't possibly be true for all cases; ping is still broken for rh 6.1. Users are forced to backtrack to the version shipped with 6.0.

It is an undisputed fact that RH has been aware of this since October 7, 1999.
Over three months on something as simple as /bin/ping, and no fix! I know for us do-it-yer-selfers it's trivial to force-downgrade to the one shipped with rh6.0, but let's be honest, redhat is not impressing new users with this behavior.

For those interested, it's Bugzilla bugid 5692, found here.
Thanks,
Josh

Redhat is kinda slow at getting out the official fix. For example, the linux kernel is at 2.2.14 but Redhat has not put out a official rmp yet even though 2.2.14 contains a bunch of fixes

Red Hat has actually released several 2.2.14 RPMs in Raw Hide, our more experimental version. If you want to be on the bleeding edge, use that.

Also, check the source RPM for Red Hat's 2.2.13 kernel - it already contains a number of the fixes that later made it into the official 2.2.14 kernel.

We don't put out errata RPMs for every minor bug (misspelled man pages and such); this stuff gets fixed in Raw Hide and then makes it into the next release.

Errata RPMs are released only when they fix a MAJOR bug, such as a security problem (such as the bind update currently available) or a real functionality problem (such as the lynx update).
Releasing them for every minor problem, or every base version update, would be a bad idea because it would be very hard to keep track of everything. (And of course it would lead to "You need to update 1500 packages before Red Hat Linux works well" FUD from Microsoft and other people who don't care to check what an update does before writing flames).

Am I completely nuts, or is RedHat's distro already free? I hop on over to their ftp site and see it. They must mean they're giving the Brits CDs free of charge - which is pretty darned cool. (I paid 30$ for mine.)

For those of you unaware of who Red Hat Center for Open Source is (like me untill 5 min ago), here's the link:
http://www.redhat.com/community/rh_c enter.html

By the way, if you're new to Slashdot, here's how to do it:

• Wrong. with just the text, like this:

  http://www.redhat.com/community/rh_center.html

• Ri ght. Inside an anchor tag, with the text following, like this:

  <A HREF="http://www.redhat.com/community/rh_center.ht ml">http://www.redhat.com/c ommunity/rh_center.html</A>

  Got it?

From redhat's website

While I agree with what you said about most certification programs, there are some exceptions. The overview for RedHat Certification>/a> focuses on practical experience and prior knowledge of Linux. Though the program does include the standard multiple choice test, it also requires a 2.5 hour troubleshooting session.

Of all the sites that could use a good defacing, this would be one of them. At least redirect their traffic to RedHat or some other decent Linux site.

http://www.redhat.com/about/2000/pr ess_HKS.html

You idiot, look at Red Hat. They're swimming in money made off other people's hard work.

So, why don't you go to redhat's ftp site and "rip them off" by downloading a copy?

Some of us have unrelated daytime jobs and are swimming in money. Why should I sell my hobby and place restrictions on what I think is cool?

If your business is threatened by what I do in my free time, change careers. Either that or lobby to make it illegal to do cool stuff for your neighbors and whoever for free. Think about it, would you want it to be illegal to mow your neighbor's lawn to help him out? Why should I make more cash when I already earn more than twice the average family income and I wish to help others enjoy life more at times?

Oh, I could put work under the BSD license. I could certainly be someone's unpaid employee like I'm talking about, but their modifications to my work could not ever be seen. The GPL has the potential to keep my work growing.

http://www.redhat.com/supp ort/errata/RHBA1999061-01.html

Kennith, the cricual thing you are forgetting is that Y2K problems are still being found. Debian could have behaved like some other distributions did and claimed to be 100% Y2K compliant many months in advance, and then as more problems were found, either kept their head stuck in the sand, or backpedaled and released patches with little fanfare.

But we didn't, because we're more interested in overall quality than in PR, and because we belive in openness. So instead we put up a public list of known Y2K problems, and worked on keeping that up-to-date, and on fixing them. When we had a large collection of Y2K fixes available, I publicized it in Debian Weekly News, well knowing someone would respond the way you have, but considering it much more important to make sure everyone had a chance to upgrade to it.

Compare this with Red Hat's response -- their Y2K page is a mixture of reassurance, and legalese -- "You won't have problem, but if you do, you can't sue us." (You can't sue Debian either. ;-) It's not under the legal/ directory of thier web site by mistake.

Nethack's developers finally woke up and recently released a y2k-safe version of nethack, fixing problems we had been aware of for months -- days too late for it to go into our Y2K update. (It is in unstable, of course, and has been backported to stable now.) Do you really think that other distributions that claimed y2k compliance this summer already had that fix in place? If they did, why didn't they share it? Redhat's errata page lists exactly 0 Y2K fixes for Red Hat 6.1, which has been out since October.

I fully agree that people on the whole are impatient and lazy when it comes to reading documentation. But for now, it's a fundamental skill if one can expect to be successful with Linux.

I can safely classify myself as a Linux newbie, but I've known from the start that the majority of the answers to questions I have lies at LDP. I've waded though a buttload of documentation -- most of it useful, some truely helpful and some truely useless.

If I have learned anything through it, it would be the fact that finding answers in Linux documentation takes some skills. Clearly, one has to understand the difference between a HOWTO, a Mini-HOWTO, a guide and a man page, and the scope of the information in each - sounds like HOWTO is in order for this? *half kidding*.

I don't know what the answer is for newbies without the patience to RTFM. I get frustrated by the lazy "hold my hand" approach of some newbies, but I try not to give them attitude.

Sometimes the road to world domination is long and arduous. We'll get there.

• Y2K compliance upgrade disk for Win 9x machines.
• Beer & beer making supplies in case the water isn't drinkable.
• Cell phone number of friend on Y2K team for local power company.
• Leslie Fish's tape Firestorm containing such useful songs as Black Powder and Alcohol, Blue Bread Mold and The Day It Fell Apart.
  

Actually, you won't lose everything that's RPMd. Debian can deal with RPMs just fine-- you can use the traditional "rpm" program (yes, the same one from Red Hat) or you can convert them to .DEB packages with the "alien" package. :)

Do you have any idea how many different ways there are to type chinese? (at least 18 different imput methods if memory serves me)

Do you have any idea how many different and incompatible character sets there are for Chinese? (at least 3 completely different ones)

Do you have any idea how few of the total chinese characters are even represented in a complete UNICODE font? (I think unicode font includes about 20,000 Chinese, Japanese, Korean glyphs while Chinese has over 80,000 characters)

add on a batch of other languages with accents above, below, or on either side of character, and then start thinking about right to left text input. (arabic, hebrew, ...)

Before you get too far ahead of yourself, buying all that hardware, I think you should checkout what's supported. The Red Hat 6.X distro doesn't support some of the things on your shopping list (the video card and the NIC are two that I saw right away).

This isn't to say you can't get it to work--because in most cases you can--but, when you call for support, if you are lucky, the tech will at most give you the URL to download the drivers for the hardware and tell you that the installation instructions "should be on that page or in the tarball". They will not troubleshoot any unsupported hareware problems (I know from experience).

So before spending hours in frustration, or spending dime one of my taxes, check the Hardware Compatibility List for Intel/6.1.

I downloaded the Opera binary to give it a run. I was impressed by how small it was and how small of a footprint it has while it is running. However, it's important to remember that with Mozilla you can create a small web browser as well. Everything is embeddable so you can create whatever interface ( with whatever size ) you want. Everything is modular so if you don't want it, you don't have to load it. Here is a screenshot of the "simplebrowser" test program. It's simple. It's small. The nice thing about Mozilla is that you can design any interface you want around it since it's completely embeddable. You like the Opera interface with MDI? Write one! There's nothing stopping you.

I also found it interesting that they called this a "beta release." Mozilla is more stable and has a greater amount of its final functionality impelemented than the current Opera release. We didn't want to call the Mozilla M12 release "Alpha" because we weren't comfortable enough with its level of stability (although we consider it almost there.) Yet another example of the redefinition of the word "Beta." :)

Even if Red Hat goes bankrupt tomorrow, all their code will be around for anyone to use. And just as importantly, their code will not be used in a way that is harmful to the Open Source communitiy, such as in a closed source distro by Microsoft or another giant corporation. Why? Because of the GPL.

The commercial BSD vendor, Berkeley Software Design, Inc., and Eric Allman's companym, Sendmail, Inc., share several characterics. (Note: I may be wrong about some of the following. Corrections welcome) They both started with free software. They both added proprietary enhancements. The both sell their value-added product as a revenue source. Both give you source code to the product you bought. And both forbid you from redistributing that source or changes to it to those who don't hold a licence.

Two critical questions are:

1. What's the current technology transfer? To what extend do corporate BSDI enhancements return to the free BSD distributions?
2. If these companies go down, what happens to their code? Licence holders still have the source, but so what? Is it dead?

To add one more pair of companies to the stack, consider John Ousterhout's TCL-based Scriptics company, or the Canadian Perl-related firm, ActiveState. My understanding is that there's more technology transfer between these two companies and their core free software roots than might be immediately obvious with the previous pair. I cannot really speak of the TCL world, but in the case of the Perl one, that firm funds not only the salary of the Perl release manager, they also fund development for porting to non-free systems. For example, they've made Perl's fork() call work "right" on Microsoft systems (actually, Microsoft paid for that work!) and have immediately returned those corporately funded enhancements back to the world of free software.

Yes, that means that the current developer release of Perl, version 5.005_63, supports fork(2) with Unix semantics even on Microsoft. Hurray!

If you want other mixed-mode business models, think about Alladin Ghostscript. The interesting issue of licensing is covered in the FAQ. There's also Sleepycat Software, whose database product, Berkeley DB, was used in Netscape with neither credit nor compensation, thus triggering a good bit of bad blood on the authors' parts because of lack of public recognition and appreciate for their work. The resulting `poison pill' licence seeks to avoid a repeat of this unpleasantry.

Now, we have in contrast to those situations, look at companies that are making a business, or trying to make a business, out of GPL'd software. The two most obvious examples, RHAT and LNUX, are hardly typical cases due to their current market valuations, which are obviously astronomically overvalued. But even in their cases, you'll find things that aren't what you would call "free software". In fact, they aren't even open source; look at the way Redhat ships "demo versions" of things without source. Now, I would be willing to argue that this is in fact a good thing because it shows people that Redhat's operating system is a viable platform for traditional licensed software. Others, however, dispute this, pointing out that that software would be orphaned if the company who produces it were to die.

My point is that I believe we now have a sufficiently long list of corporate endeavours which are based, at least with respect to some definitions of the term, free software. That means we have actual cases to look at, not hypothetical cases. I'm sure I've only named a couple of them here. What about other companies? I'm not talking about simple packagers and distributors. I mean firms that do serious development work based on free software. (I would mention Cygnus, but they've recently become an acquisition by Redhat.)

Do we have examples of companies that have died or otherwise abandoned their work in these areas? The university Ingress experience and Britten-Lee? Can we come up with other examples to look at? What has happened to the product of their work? Has it truly gone the way of all things, or did humanity derive some benefit from it?

Check out thispage for hardware compatibility on RedHat 6.1 Systems.

Perhaps you could just point me to the URL that has these detailed instructions.

Linux has much better documentation

Take Redhat/Linux, for example (please :-). Most of what Redhat ships is undocumented, and that which exists is severely underpowered compared with BSD.

For example, let's suppose you'd like to learn about the interface to the system's terminal drivers. That's in tty(4).

redhat% man 4 tty | wc -l
66

redhat% find /usr/man/man4 '*.*' -type f -name -print | wc -l
62

openbsd% man 4 tty | wc -l
299

openbsd% find /usr/share/man/cat4 '*.*' -type f -name -print | wc -l
371

And that's just part of it. Here's a bug list on Redhat docs that I've submitted, along with programs to automatically detect these problems. You should really read those over to start to get a feel for how bad it is.

I'd like to make clear that redhat has done a very great job at fielding these bugs and trying to do something about them. I am completely happy with their customer service. I'm not trying to knock that.

Some of the tools I used for this are:

• cfman - make sure manpages have accurate SEE ALSOs
• no3man - identify which library calls aren't mannable
• noman - identify which commands are installed without manpages
• scatman - find turds in mantrees

My point of view is that it isn't fair to the user of your system for you to ever include something that isn't documented. When I have been part of releases, either the old Unix releases from years ago or even the new Perl releases today, the rule was simple: if it isn't documented, it isn't shipped. No excuses.

I strongly believe that the Linuces should do the same. Let no program or library be shipped which is undocumented. It's the very least a systems integrator can do. That's just part of what we mean when we say that BSD distributions are more "solid" than Linux distributions. The commercial Unices and the free BSDs take this kind of thing seriously. The Linuces, so far, do not. I have hope that this will change, and Redhat has a truly positive attitude about all this, but right now, you just can't compare them.

Red Hat includes a text-mode tool called Xconfigurator, which walks you through several steps to create an X config file. It automatically probes for your video card, and lets you choose from a long list of monitors. You can choose what video modes and color depths you want (or let it probe for those too), and it writes an XF86Config file. If you don't have the program, you can download it as an i386 RPM or source RPM.

Red Hat includes a text-mode tool called Xconfigurator, which walks you through several steps to create an X config file. It automatically probes for your video card, and lets you choose from a long list of monitors. You can choose what video modes and color depths you want (or let it probe for those too), and it writes an XF86Config file. If you don't have the program, you can download it as an i386 RPM or source RPM.

Check out Red Hat's Geek Toys section. Seems we will need to add Red Hat to the boycott list.

This might be a rather good target to aim at. Given Red Hat's high Wall St. visibility it's severing a relationship with Amazon over this issue could lead to very interesting news in the major media. Software patents are not in Red Hat's interests. So we should get out th lever and use it where it will could be noticed.

I will be sending an email to Red Hat letting them know I will not be purchasing anything from them until and unless they sever their relationship with Amazon, and that I will recommend my employer do the same.

The way it works is a server listens on the net for ARP requests. when it gets those ARP's, it returns with a machine name and the ability to give it a boot block. hence, you have a centralized server that you can have a standardized, customized configuration of the RedHat linux distribution.

Anyway, we were just talking about two different things, there isn't any reason to get all uptight because you think i'm attacking debian. oh, and upgrading redhat is just as easy with freshrpms, rpmsrelay, and autoupdate. And i'd prefer redhat's 1 or 2 floppies to debians 6 floppies, if you want to get technical. But I think debian has it's own strengths.

and just because you havn't played with all the unix distributions yourself doesn't mean that the functionality isn't there.

Are there any other distributions besides redhat (which has KickStart) that supports network installs?

Is this a feature when considering which distribution to choose?

Well if you ignore their contributions to the Linux kernel team(funding Alan Cox, et. al.), their donations to the Mozilla, KDE, Gtk, Gnome projects(code and $), all that wacky stuff on http://www.labs.redhat.com, contributions to Apache and Sendmail, and god knows what else, then I guess that they've done nothing more than package together other people's stuff and pay hundreds of developers to sit on their asses all day long because they've got major $$ from the IPO, right?

[sarcasm]I guess that's all Debian and Suse do for that matter too[/sarcasm]

Good post, just one main thing to add. In a cluster system hwat you
can do is very much constrained by the way you glue the individual
nodes together. The 100Mbits per second throughput of a fast ethernet
connection may sound as if it gives you all the connectivity you need
but if a machine sends each 100bit opacket to a different machine, it
will slow down to a snails pace as it is not very fast at these kind
of switching tasks.

Good routing software can make up for this, as can careful forethought
about the network geometry. An ATM network is the best of all worlds,
but very expensive ... actually what happened about all those claims
that ATM routers would become as cheap as water? A last point: look
at the Parallel processing HOWTO.

We are a small Internet development shop, running a few servers and a mixed bag of development stations. Currently, there are three Linux boxen on our network, running the latest RedHat releases. We are looking to put in three more systems, for a total of 5 running some Linux/UNIX like OS.

• A MySQL server box
• A Firewall
• A Mail/Fileserver
• 2 Webservers running Apache / PHP(Zend)

When we perform this upgrade, we are willing to change operating systems if there is a demonstrable benefit. Due to recent slashdot postings we have started looking at OpenBSD as our server OS. Now, we do understand that RedHat is not the only Linux distribution available, but we don't really want to get into a Linux/Linux war here. We don;t mind changing if we should for technical reasons - but the Linux world seems more hip and vibrant, and we really like the penguin T-shirts we have... so if we can stay on Linux then we want to.

So far, we like what we hear about OpenBSD - but we don't know if the things we like are inherent in the relative designs of OpenBSD or if they are results of policy choices by the OpenBSD team. If they are the results of policy decisions, then with any luck a Linux distribution could be found that exhibited the same characteristics?

Features we like about OpenBSD:

• It seems like the release/testing cycle is extremely carefully controlled. While a freewheeling machine with lots of OpenSource code on the desktop is a good thing, for a server it seems that a smaller group exercising testing/release control is a more controlled system.
• The integrated crypto looks great, the one time use passwords look like a big winner here.
• There are a lot of references to OpenBSD's security and stability - but none with any specific examples or technical backing.
• The file layout on OpenBSD seems like a winner, it looks like things live in a well thought out and logical set up - not in a mishmash like RedHat.

Assumptions:

These systems will be running the server software they need, and X11 + (Gnome||KDE) for administration and so on. They will not be running the latest stuff from Linuxberg or a bunch of things that would be on a desktop OS. So we are going to try very hard not to introduce any instabilities. We aren't going to be compiling running games, sound drivers and the like that integrate directly into the kernel.

The questions are:

1. Is OpenBSD more secure in some fundamental way that a well maintained Linux distribution?
2. Is OpenBSD more stable than a well maintained Linux distribution?
3. Will the OpenSource software we normally need (firewall, Apache, PHP4, Perl, Python) and so on probably compile on OpenBSD?
4. Does OpenBSD have something like clustering support (Beowulf) and failover?
5. Is the performance of a well maintained OpenBSD system better than a well maintained Linux distribution?
6. Does Linux have anything like the one time use password system?
7. Does OpenBSD support multiple CPU's better then Linux?

Thanks for taking the time, and hopefully we can keep the flames down to nothing and talk about technical issues this time.

I would love to see Mozilla become a viable browser once again. And if it takes money from Redhat to do that it peachy keen by me.

Once upon a time, Netscape was the best browser. Now web developers have learned to curse both Netscape and IE. I would love not to have do all kinds of tricks not to have to support the peculiarities of both common browsers. And money from Redhat may just make that a little easier.

Make the net easier to use with less complicated browsers intracacies makes it better for everyone ... even with RedHat's money.

• Emery Jeffreys

well, somehow i don't think this is very likely. corel has way too many "other" interests that would turn off red hat.

a) windows software
b) macintosh software
c) old support contracts

that said, there are some interesting aspects of a corel buy (namely the hardware connections, the expertise, and the two distribution questions). more important, though, is that corel doesn't even make as much sense as other companies for a possible office suite for linux. a company with more focus seems to be a much better option. what about abisource? what about applix? seems that if red hat bought applix, gpl'd it, gtk'd it, and gnome-ified it that would make much more sense.

as for red hat buying everyone and everything rumors, red hat is starting to have enough money to screw up. it was fine when they could only afford blunders. it seems now, though, that they can afford disasters as well. tread lightly mr. young (and don't even think about cray)!

well, somehow i don't think this is very likely. corel has way too many "other" interests that would turn off red hat.

a) windows software
b) macintosh software
c) old support contracts

that said, there are some interesting aspects of a corel buy (namely the hardware connections, the expertise, and the two distribution questions). more important, though, is that corel doesn't even make as much sense as other companies for a possible office suite for linux. a company with more focus seems to be a much better option. what about abisource? what about applix? seems that if red hat bought applix, gpl'd it, gtk'd it, and gnome-ified it that would make much more sense.

as for red hat buying everyone and everything rumors, red hat is starting to have enough money to screw up. it was fine when they could only afford blunders. it seems now, though, that they can afford disasters as well. tread lightly mr. young (and don't even think about cray)!

This has been annoying me too. The quote on archive.redhat.com (which is now a link back to the main redhat site) is:

Wondering what happened to the mailing list archive search function?

Now that the quiet period is over, it will be returning soon! Thanks for your patience.

which is a bit out of date. :) (Or redhat has a different definition of "soon" than I do)

The Moongroup one above is only the redhat-list, not the others, and doesn't appear to be arranged in any logical way. (Archive[1-5], of vastly varying sizes). The "how do we do this" page is the same as the original page as well.

Maybe someone should subscribe mail-archive.com to the lists...

So, we aren't going to keep the server functionality secret, it will just take time to create a release of the pieces you need to build a server. It will be released when it is ready.

In the meantime, the the protocol is documented to some extent.

But I recently discovered something that now has me wondering if this will continue to be the case.

In Red Hat 6.1, there is a new program called the Red Hat Update Agent . Basically, it appears to be a program that allows you to automatically download and optionally install updated RPM's. It sounds like a wonderful new addition, and I wanted to try it out.

Well, you have to be a registered user. But that's fine, there's nothing wrong with that. They only want registered users to access their upgrade site (priority.redhat.com). I completely understand and agree with that. This is a service after all.

Because of this, I imagined that I (or anyone else) could simply setup one of these Update Agent servers myself. Knowing that Red Hat releases everything they create under the GPL, I started looking for the server-side CGI scripts.

I couldn't find them.

Now, it might just be that I didn't look hard enough. I have looked all over the FTP site, and I've tried several queries in their site's search engine. I haven't tried to actually send email to anyone at Red Hat, and I haven't actually asked anyone on a public forum (until now). But I'm still a little worried that the source for this script wasn't as easy to find as the sources for any other Red Hat software.

So, is it available? Or is Red Hat going to keep this script secret so that only registered Red Hat users can enjoy the benefits of the Update Agent?