Slashdot Mirror
Red Hat Linux 9 Reaches End-of-Life
egburr writes "Well, today is the last day for Red Hat Linux 9. The Fedora Legacy Project is supposed to start legacy support. I am still planning to stick with RHL9, for a while at least. How many others are planning to do the same? How many are switching to Fedora? How many are switching to some other distribution altogether? How many have already switched? For people still using earlier levels of Red Hat Linux (6.x,7.x,8), how well has the Fedora Legacy Project worked for you?"
WSAD (WebSphere App Dev) doesn't run under Fedora, so I'm with RH9 until it does. Something to do with libc. Heigh ho.
I'm already using fedora legacy to update rh8.0 and 7.2 boxes (only four fortunately).
No complains.
apt-get update && apt-get dist-upgrade from fedora legacy work flawlessly.
- Arwen, I'm your father, Agent Smith.
- Well, you're just Smith, but my father is Aerosmith!
Might as well wait until Fedora Core 2 is released.
I can't recall the taste of food, nor the sound of water, nor the touch of grass. I'm naked in the dark. There's nothing - no veil between me and the wheel of fire. I can see him with my waking eyes.
I'm glad to be with you, Redhat 9... here, at the end of all things.
You cannot always be torn in two, RH. You must be one and a whole for many years. You have so much to enjoy, and to be, and to do...
"Music is everybody's possession. It's only publishers who think that people own it." - John Lennon.
How about the security updates?
- no sig.
Check it out at: White Box Linux
Not to be rude, but why should I download and install security patches from a site that is not an official mirror site?
When RedHat decided to throw in the towel for any real distro
When did this happen'?
Redhat just moved people distro where it belongs. Between people.
Redhat still supports development in Fedora, and even funds it. Funny I've been noticing only improvements (since the change) and no stepbacks. Fedora is just as supported as RH ever was, no better, no worse (except there's much more choices now, yum instead up2date, and more public repositories). You'd notice if you try to search package for RH9 and same package for Fedora.
I really don't know what is people problem with Fedora and neither does anyone that didn't jump to conclusion before even trying.
Signature Pro version 1.13.2-3 release 83.5 beta3try7 after-breakfast edition
If you'd done any research, you'd have found that those nessus hits were false positives, because Red Hat backports security fixes. The products will report a vulerable version, but they are not vulnerable because RH fixed them.
Nessus just looks at the version, because trying the actual expoit is too risky on running systems, many exploits crash the system (or at least the daemon) in the process of exploiting them.
I've had enough abrasive sigs. Kittens are cute and fuzzy.
I've written an article on this topic covering about a dozen alternatives, it's available at:r edhat-support.html.
http://www.seifried.org/security/redhat/20031230-
Your basic options are:
Continue using Red Hat Linux 7.x and 8.0
Continue using Red Hat Linux 9
Red Hat Advanced Workstation
Red Hat Advanced Server and Enterprise Server
Red Hat Fedora Linux
WhiteBox Linux
SuSE Linux
SuSE Linux Enterprise
Mandrake Linux
Mandrake Linux Enterprise
OpenBSD
FreeBSD
Solaris for Intel and Sparc
Windows 2003
Mac OS X Server
The community wrote it.
If you don't trust them, then why the hell are you running the software they wrote?
I've had enough abrasive sigs. Kittens are cute and fuzzy.
fedora is good for set it and forget it,
Coincidentally, so is the Ronco Shotime indoor rotisserie and BBQ.
RedHat came out to our center last year to do a presentation. One of their claims is that Linux moves too fast for some Enterprise developer's tastes.
An enterprise application developer will get done certifying that a specific build of RedHat will work with their application to their satisfaction when they realize that the official, stable build of several libraries have already jumped a few increments. Which, of course, invalidates their entire QA process.
RedHat decided to handle this issue by developing a slower-moving "Enterprise" target. This offers a more stable and predictable platform for enterprise application developers to develop for, QA, and then provide support for their products on that certified platform.
This was before the Fedora project had been announced. However, even at that point, they were saying that the RedHat Linux we all knew would be the faster-paced, more bleeding-edge version.
Err... Isn't "the community" that which created all this stuff? I've been kicking the tires of FC1, and actually I really like it (YMMV).
I think if I was deploying it "somewhere that mattered" I'd use the Enterprise WS edition - and honestly what's so evil about that?
RH9 was a strange half way house - fast moving (like FC1) and supported (a bit) like Enterprise. I don't quite understand why we all miss it so much? For Enterprise work then WS looks like a good option, for home FC1 is really very nice.
So what's the problem again?
You might have to track down a FedoraLegacy key. That shouldn't be too difficult.
FedoraLegacy packages should be signed by a key (presumably you trust the people running FedoraLegacy, otherwise you'd question why you should install updates from some random OSS project). If they have the signature, either the source is the original, or the keys have escaped FedoraLegacy's control. If the second one has happened, you're screwed. There isn't much you can do to show that the packages are correct at that point.
Unless you feel it's a major loss of time download the security updates, there's virtually nothing else for you to lose by downloading them from a mirror, if it's fast, and you have a fast connection.
Kirby
I did this with a laptop at work. I installed apt-get for RPM. Modified my sources. Did an "apt-get update" followed by an "apt-get dist-upgrade" followed by an "apt-get upgrade" to finalize a few trailing edge packages. It all went fairly smoothly.
There was one odd bug having to do with some library for GNOME that, once I had it figured out, required removal and re-installation of the appropriate package. Sorry - I forget the details. None-the-less... I was half expecting to have to reload the thing. Went fairly well.
Of course - this is a laptop sitting in front of me. Keep in mind that my very tired and currently fuzzy memory may not be recalling anything that would have caused massive heartache if I had been doing this process remotely.
YMMV.
Let me comment you back. (Not to bash Debian but I'm really interested)
I run Fedora on my server and I can tell you that it lacks nothing, for your info, it's only gains against RH9.
Few questions:)
Why do you think that you need server version. I have two of them but can't realize why small enterprise would need RHES. Yes, there are gains for enterprise (I mean ENTERPRISE) but (for SME) other than paid RH support there's nothing, and even that is needed only in case that in-house lacks administration or administration is not good enough.
Does Debian do server version, you said you changed to debian and now you cry about server?
What does RH9 and Debian offer (on server part) that FC1 doesn't (I already told you that support lacks nothing, it has only gotten better)?
Signature Pro version 1.13.2-3 release 83.5 beta3try7 after-breakfast edition
With a fedora rpm the actual code will most likely have been either written or reviewed by one of the thousands of professional linux coders be they paid by redhat, ibm or otherwise. Fedora just does the packaging.
Live & learn....
Of those to whom much is given, much is required.
Technically, who's responsible for the Fedora Legacy Support? If it is just the community, it doesn't sound like much.
The answer to your question: The Fedora Legacy Project volunteers are responsible for the project. These are, essentially, SysAdmins who've volunteered to package the bug fixes and security patches that they already need to apply to their own legacy systems so that others won't have to.
You may not have personally meant it this way, but your words echo a common sentiment that people often voice where they want to know that if the product they are using fails that someone else's head is going to roll. For those who need that, buy commercial support.
Why have we created a culture of people afraid of personal responsibility (not you necessarily, just in general)?
> The little money it makes will be sucked out by "legal" pirates
> from its very movement.
As the alleged "pirate" in question, allow me to disagree. Those who need the SUPPORT offered by RH should purchase RHEL3. Those of us who DON'T need the support shouldn't since RHEL3 is 100% Free Software. Red Hat does not sell software since that would be kinda daft, it being Free Software and all that. What they sell is support and if you are the sort of site deploying an Oracle box you will be writing them a check just like you wrote one to Sun when Oracle was sitting on an UltraSparc.
Basically, WhiteBox should be thought of a product between Fedora and RHEL, offering the longer deployment window and most of the stability of RHEL but with the community support more like that of Fedora.
And I have heard my little project from the swamps of Louisiana mantioned by several RH people, but never disparagingly. So if they don't have a problem with what I (and the cAos, tao, etc. rebuild efforts) am doing why don't you hold off on condemming me for another couple of years, until you learn a little more about how the Open Source/Free Software ecology actually works.
Democrat delenda est
What kind of a comparison is that? You've compared YaST to Anaconda, and nothing else. You never even USED Fedora Core. The installer is just one package in a multitude. Your problem could probably have been fixed with a quick visit to fedora-list@redhat.com or http://bugzilla.redhat.com/ . Linux helps those who help themselves.
How appropriate. You fight like a cow.
If your serious about security, you'll end up hand checking the RPMS that are on the list of the errata anyways. I've seen high quality mirrors out of date for days. I know kernel.org was out of date for at least a week from the RedHat security updates. I've seen several whitebox-linux mirrors out of sync for a couple of days. I've seen the redhat.com FTP site have the errata packages out at least a day before the errata messages. I actually confirmed it was an errata package with the maintainer before the errata message was posted to redhat.com's site (it was OpenSSH, and I hadn't heard publicly about the exploit).
If it really bothers you, rsync from any unofficial mirror, followed by an official mirror, and/or the primary site. I've done that on more then one occasion to take load off the primary site. I'd get the bulk of the updates/changes from the mirror site. If the mirror site is broken (which I've seen happen on several occasions) you get working packages via the primary site. Other then that, you never use the primary site. Generally, I've found that people who say they have working mirrors, in fact, have good working mirrors that are well maintained. People who post that they have mirrors, generally are pretty serious about mirroring for themselves.
Kirby
My brother's company did pretty much the same thing. Actually, I'd like to elaborate, since the person who asked (and others) may want some reasons to go with the move, and I got all the details.
So first here's the WHO: they are a small web development company. They have several development servers and a couple of deployment servers. They were running Red Hat, all the same version (the kernel configuration and the actual packages installed differred from the production to the work machines). They were using pretty much everything from RPM's, except for some central webdev things (Apache, PHP, Postgres) which they compiled from source because they needed special settings for them. They host they own servers and bandwidth is not a problem.
Now the HOW: They started with one of the development machines, by making a new root partition in the unused space. They chrooted in it and unpacked the base stable Debian tarball, then set up the apt sources to some nearby mirrors and fired up an upgrade to testing (it was a chroot, so networking was already up) as well as apt-get'ting whatever packages were needed to replicate the original environment.
Next they recompiled the kernel and those special apps I mentioned before, and copied over the work resources (projects and stuff). After a Grub setup and a reboot, it worked fine (just a few details to iron out). The whole thing took about an hour and a half (skilled guy doing it, I guess).
Next came about a week of testing. When everything turned out fine, they made a backup of the entire testing machine and then moved the Debian partition to the start of the disk and reorganized it with whatever other partitions were needed (/var, /tmp, swap).
Made an image of the disk, ghosted it to the other machines, restored work environments from backup, and they were done. Actually, the production machines were a bit tricky, but only because they had to make each of them serve everything while the other one was being changed. Plus they had to cross-compile the kernel and the webdev packages for them on the work machines, but they did that all the time already.
And now here's the WHY: why Debian? Because they were looking for: the lowest cost (cheap bastards); no support needed (they relied on their own syadmin -- yeah, one guy); painless package updates, from a variety of nearby mirrors; a distro similar enough to Red Hat so as not to need too much adjusting for the people; another end of life as far away into the future as possible (didn't fancy doing this again in 12 months). They felt that Debian and Slackware would fit the bill, because they were the oldest and most reliable Linux distro's around. (Eventually Slack got booted--you can guess why.)
Finally, a brief overview of why they rejected other choices: Red Hat = too pricey, life-time too short, plus it would imply a reinstall anyway; Gentoo = they felt that compilation and servers don't go very well together, plus Gentoo is too young; SuSE = it came very close, but the beancounters pushed for as little spending as possible; Mandrake = they felt none too sure that it won't dissapear suddenly someday, given it's history of financial problems; any BSD = too much a step from Red Hat. (Fedora wasn't yet a serious option at the time.)
Some of you are probably gonna say they're cheap bastards who wouldn't give back to open-source by at least investing in some support. What can I say, except "small company, gotta cut the expenses to stay ahead these days". The whole switch took a little over one week and cost them just a bonus for the sysadmin.
i ate crayons when i was a kid and now i have two braincells and the blue ones taste nicer
perhaps I'm underinformed when it comes to this level of computing...but...is there any other */Linux Distro that is designed for use by the 'enterprise level' ? People around me are quoting a 95-98% of business usage of Windows (doubtless mostly non-xp windows). If the rest of the world has to deal with using Fedora instead of RedHat, while the elite gets to continue to use RedHat, I can see their move being a success for everyone : No one lost - Fedora continues where RedHat left off(which they should) and RedHat continues in new directions, specifically in directions dominated by Microsoft. Isn't that a good situation? Or am I missing something?
GENERATION 26: The first time you see this, copy it into your sig on any forum and add 1 to the generation.