Slashdot Mirror
CentOS Project Administrator Goes AWOL
An anonymous reader writes "Lance Davis, the main project administrator for CentOS, a popular free 'rebuild' of Red Hat's Enterprise Linux, appears to have gone AWOL. In an open letter from his fellow CentOS developers, they describe the precarious situation the project has been put in. There have been attempts to contact him for some time now, as he's the sole administrator for the centos.org domain, the IRC channels, and apparently, CentOS funds. One can only hope that Lance gets in contact with them and gets things sorted out."
If you read the message in TFA, it kind of seems like a cry for your ex-gf to get back together.
Joking aside, I dont think it's really a surprise for anyone that people have other things to do sometimes, or even getting interested in different stuff. I actually feel sorry for the guy that this got slashdotted and all. If he's on holiday, it's gonna ruin his day. If he's away doing other stuff, he probably dont want to hear his co-admins crying to get him back.
Really, give the guy a peace. I bet he has used serious amount of time on CentOS project and deserves some time off and respect.
Maybe he and Alan Cox have eloped?
Did they try the lost+found directory?
Confucius say, "Find worm in apple - bad. Find half a worm - worse."
Maybe he's hiking in Brazil. Did anyone ever think of that?
This kind of thing really scares me, because this is exactly what it happens when someone dies, for example: the data/information stream coming from them on the web simply ceases to exist. Also, this is one of the main reasons why important projects should have their main assets handled by a group of people, and not have things centralized. If the worst has happened, CentOS will be forced to fork their project and start over.
But let's just hope I'm spewing bullshit and he's just pissed off.
This sort of open letter should really be a last-resort kind of thing, but their letter says
When I (Russ) try to call the phone numbers for UK Linux, and for you individually, I get a telco intercept 'Lines are temporarily busy' for the last two weeks. Finally yesterday, a voicemail in your voice picked up, and I left a message urgently requesting a reply.
If they left a vm yesterday, they should give it at least until Monday before publicly humiliating the guy. Being a few days late in answering voiemail isn't odd at all. Also, is it out of the question to try and get someone to check his house personally? A team of 10 people have got to know someone in the UK.
The English word fart is one of the oldest words in the English vocabulary.
As someone who recently had medical problems that sprung up over night, I can honestly say that there could be other reasons he's not responding. I guess an open letter is as good a way as any to try to get in touch with him, but the tone of the letter is beyond ignorant. It's more accusatory than anything (which may be justified), but it's certainly not a sign of professionalism. If anything, it shows that he may have been correct in managing the project without the petulant "help" of the other developers.
Your sig(k) has been stolen. There is a puff of smoke!
Has anyone checked to see if he's hiking in the Applachians?
(fixed spelling)
Well, given that he's a computer geek, I think it's safe to say he's not spending time with his Argentinian mistress.
I am officially gone from
You can't even guarantee that a major project isn't just going to stop without notice
CentosOS will never die. Ultimately I will fork it and continue it. That's the guarantee you have for good projects.
They see me trollin'...
BUT, I will respond anyway.
This is not a failure of open source, it is a failure of redundancy. We've learned this lesson countless times: There should never be "only one" person with protected access to a project. It's like kusanagi374 said above.
There's a danger when one guy has complete control of the project. Not even Linus has that. If the guy bolts or drops dead, you're left in limbo.
If you need a similar compatible version of RH Enterprise Linux, I'd suggest Scientific Linux. It's made by the staff at Fermi Labs (and CERN as well) as a uniform OS platform for all their experiments, and is basically RHEL compiled from source. Like RHEL, it can also be used as a general purpose OS (it just includes a lot of science packages, especially stuff for physics). It's supposed to be 100% compatible, or very very close, and the Fermi guys distribute the ISO's online.
Life is hard, and the world is cruel
"as he's the sole administrator for the centos.org domain, the IRC channels, and apparently, CentOS funds"
Does anyone know about his personal financial situation? It is not unknown for people to borrow against their business or organization to fix personal financial problems with a "promise" to pay it back "when things get better". Since he has not provided any financial statements from the organization, I'm leaning towards this.
As opposed to with closed source projects, where when someone walks away with all the passwords everything's just fucking fine and peachy, right?
Maybe he *was* hit by a bus.
I like CentOS a lot, but still
It's open source, if anything goes _really_ wrong, fork. The source is there, all references to the "Proeminent Linux vendor" properly stripped, etc
It's less work than start from scratch again from the "proeminent linux vendor"
how long until
My first server was a boxed copy of Red Hat 5.2 that I bought for $300. It has the export-restricted SSL (pre-Clinton liberalization of encryption).
Around Fedora Core 3 I switched to CentOS for my servers.
However, I've been worried about how out-of-date CentOS currently is, basically a snapshot of FC6.
Yum keeps a box up-to-date with security back-patched code that is 2 or 3 versions out of date. Try to get a F4180 printer to work under the old CUPS. Try it.
So guys like me use CentOS but then in order to have the most recent versions of MySQL and PHP, we compile everything from source. This is a problem because we then only patch for security every 6 months or when we think of it (or when there's a big scary headline on Slashdot).
After switching my laptop to ubuntu, I discovered that the environment is now as deep as I need it to be. I was able to replicate my entire environment, including email and dns, on ubuntu, either with source or with apt-get .deb files.
So although I grew up a Red Hat man, I'm forced to consder Ubuntu for the next server. More worrying, when I ran the idea by my colleaugues they were open to the idea.
So get your whois registration and bank account sorted out, by all means.
And then hope that Red Hat releases a version of RHEL RSN based on Fedora 11.
That's an excellent simple example of the advantages of Free Software:
Free Software X lost its developer/manager/whatever -> anyone can step in and replace him, or pay someone to do it.
Company Y decides to stop supporting its proprietary software Z -> you're screwed in the ass, big time.
Don't count on "stopping without notice"... from these kind of adverse situations that interesting new stuff emerges.
`echo $[0x853204FA81]|tr 0-9 ionbsdeaml`@gmail.com
http://planet.centos.org/
You can read a bit more there what has happened.
One of the other key developers, Karanbir Singh, disappeared (albeit for a very legit reason...he got married and had the gall to go on a honeymoon ) at a very inconvenient time during which a version update was to be released earlier this year. The remaining developers either wouldn't or couldn't complete the process in his absence....the end result being a significant delay in the CentOS 5.2-->5.3 upgrade process.
I have been an active user of CentOS since version 3 (back in 2004) and it would really pain me to see such a great project fall on hard times or disband/fork. Enough of my production machines are running on CentOS that this latest strangeness has got me seriously evaluating Ubuntu's server product for low budget applications and convincing other deeper pocketed clients to consider reverting back to RHEL.
Here's hoping they manage to sort things out and come up with a more evenly distributed model for project responsibility.
Yeah, he probably died and no one, not even his wife, knew that he was a closet Linux Geek. They'll be going over his record, find the accounts, and she'll be crying "Oh my God, I never knew. Why didn't he tell me?!?! We could have worked on it TOGETHER!" Only then you realize that his wife was a closet Linux Developer, and actually responsible for a great deal of OS content.
It'd be be like Mr. and Mrs. Smith, but really nerdy.
Yes. You are right. It's impossible to go trough an incident like this without lost of credibility. But ultimately, if the project is good enough, and the motivation to continue also, the credibility will be restored.
Exactly 66% of the four CentOS users are affected.
Follow The Money.
At first when I was reading the story, I was all like, "oh, guy with only keys to kingom hit by a bus?", then I saw how he controlled the funds and I was all like "he's so on a beach in the tropics threatening to burn the hotel down if he doesn't get his paper umbrella".
Seriously though, I hope it's simply a case of needing a break, not something more ominous. I like CentOS, and I'd hate to see the project fall apart due to losing one key person.
The Digital Sorceress
> He probably took the money and ran.
He's now creating his fork called BucksOS.
From Tim Verhoeven. It explains the issues a little more in depth.
Read the post here.
I'm not sure how far he's gonna get with $27.50, a bag of skittles, and an old copy of 2600.
OMG, you guys hired Soandso. He was with our company. He knocked up 3 admin assistants, and the guy that fixes the copier. He peed in the coffee pot in the break room. As a joke, he put our proprietary code up for sale on Craig's List. The worst of it was when he used 3 months of petty cash and donated it to McCain/Palin 2008.
Politics is the art of looking for trouble, finding it everywhere, diagnosing it incorrectly and applying the wrong fix.
It seems that as of late, there has been a lot of public controversy around various FOSS projects and the people that run them. There's disputes between key players followed up, all too frequently, with giant personal missives about how this or that person isn't going to work on this project anymore because somebody else is too mean to them. There's guys disappearing, flame wars, all sorts of very public problems with projects. One wonders if FOSS is becoming too much of a soap opera and less of a collaborative development model. These aren't unimportant projects either. The GCC compiler, X Windows system and its underpinnings, the kernel, and certainly file systems, all have had some very famous and public spats between various egos.
The one thing that money does, when developers actually get paid for their work, is that it forces people to put aside their differences. When there's no cash on the table, there's no logical reason for someone to take a pounding personally due to a personality conflict. But, when there is cash, people can accept quite a bit of abuse and still produce something. While personal glory is nice to have, its not nearly so nice as a check. But, in FOSS, if you take away that personal glory, there's really no incentive at all. You almost have to wonder if, personality driven politics will continue to undermine FOSS, and how much personality FOSS can stand before the whole brand is so polluted by public conflict that one would almost prefer to just write somebody a check just to avoid the soap opera.
This is my sig.
Comment removed based on user account deletion
Hi,
i don't think that this an atypical problem, neither inside or outside the
open source community. We have people giving ressources of to projects
(e.g. time, money). Usually they expect something in return (e.g. recognition,
influence). Normally those expectations are never stated explecitely. So what
happens: Someone sees his expectations not met, so he cuts the ressources he
gives. Usually this goes together with hurt feelings as well, so he tries to
get a refund by keeping assets (domains, money, passwords, etc.).
Same thing happened with other OSS projects (e.g. Blastwave) and non
profit organisations (e.g. Hannelore Kohl Stiftung here in germany).
You cannot fix this. When you try to fix it, you need a board and a charta
right at the beginning. Too many projects would already die here and would
never get to the stage where a quitting founder brings a crisis. In the worst
case now: they have to start at the current status again under a new name.
CU, Martin
P.S. This shell not be a factual description, what happened in this project.
This is only a description of things i observed elsewhere and would expect
to find here too.
Gotta be a record for a chair throw, even for someone with so much practice.
You mean that of all the 'geeks' that are working on this 'project', no one can take over the IRC channel and domain name? Its pretty trivial to do both, even today, with all the 'safe gaurds' in place. I haven't tried to steal a bank account but that seems pretty trivial as well.
So tell me exactly why this is a problem for a bunch of geeks?
Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
He told his wife he had to fly out, to meet the other CentOS developers... in Buenos Aires...
One of the consultants I worked with always thought "hit-by-a-bus" was too negative. So she always asked what the company would do if Joe Overworked won the lottery. (sheeyah... the BUS lottery)
Other way more likely scenarios;
Joe takes another job, takes a vacation to avoid burnout, gets sick - job stress lowering his immune system and all...
Wow. Imagine all those whiz kids who told their bosses they'd save mad money changing RHEL to CentOS.
This reminds me of the Xircon IRC chat client software from a few years ago.
Sometimes people just pull the plug, I guess.
Kriston
If RedHat doesn't want to share their code, then they should build their own OS, instead of just working on the pre-existing huge resource that is Linux/GPLed code. See how that works? They agreed to CentOS-style reuse of their work in exchange for THEIR for-profit reuse of decades worth of OTHER people's work; that's the price of the GPL, and they pay it willingly, because what they get is so valuable.
And speaking of cynicism: anyone stop to think that maybe some overaggressive RedHat executive with a suitcase full of cash is behind Lance's disappearance? Follow the money: CentOS looks unreliable ==> RedHat cashes in....
LinkedIn says he's the founder of CentOS, and that he stopped working there in 2008. Oops.
Lance Davis, the first editor of Centos, who never actually resigned from his job. He simply left one morning for lunch and never returned to his office, making all later holders of the position "Acting Editors." His old office is still preserved by the Centos volunteers in the hope that he will return. His desk sports a sign that reads "Missing, presumed fed."
Learning HOW to think is more important than learning WHAT to think.
I totally agree with the "bus syndrome" thinking. At one company I was at for many years, the boss had that concern. I was the senior SysAdmin, who created and managed the entire IT infrastructure. To alleviate it, everything was documented. A copy of the passwords were kept under lock and key. Server functions were well documented. My assistant(s) (depending on the year I had 1 to 4) could continue smooth operations without me.
Keeping the "bus syndrome" mentality, should I be unavailable for a day or days, there were no problems. I could fly between cities to do work, and not panic that the whole world was going to fall apart while I was on a plane. I still got plenty of phone calls, simply because it was my baby. Junior admins didn't want to make widespread changes without my seal of approval, even if it was a quick phone call where they gave me a brief outline of their changes, and I gave them verbal approval ("Go for it. Let me know how it goes.").
The day came that they decided I wasn't necessary. I was locked out of the machines per my own plan, and then notified that I was no longer part of the company. Whoever did the changing wasn't quite as consistent as I was and missed a few spots. Being a "good guy", I verified that I was locked out of everywhere, and sent a list (it was short) of what I still had access to, so they could get those too. The missed spots were non-essential, so even if I had a desire to do bad things, I couldn't have broken much.
The password plan had better motives than firing the top guy. On password change day, I issued the passwords on slips of paper to the people who needed them (and to the vault). Should someone's passwords become compromised, I could have all the passwords changed in approx 5 minutes. Should something seem funny, we'd change the passwords. Usually we just changed them because the existing passwords had been in use for too long. We did have someone lose their USB key with their SSH keys on it. We went through the well practiced drill. It turned out to be just an exercise. The key had fallen out of his pocket, and was under the seat of his car.
When they terminated me, the company lived on. The transition was smooth without me. I may as well have been hit by a bus. No one asked me "how do I....?", because it was all there for those with access who knew what to look for. Even if we had a walkout of all IT staff, things were documented well enough where an experienced IT person could walk in and keep things running.
We were a high dollar, small staff company. Why should somewhere like CentOS be any different?
Serious? Seriousness is well above my pay grade.
I personally won't use software produced by projects like CentOS. My belief is that projects like CentOS are there because people want to skate on the backs of people and companies who have spent time and money making a good product, just because they don't want to pay for that hard work. I believe this is the flaw in the GNU license, and not open source in general. It is like stealing money from those who created the original work. Redhat spends a lot of money to develop their product, and others just copy it and give it away for free.
You do realize that technically Redhat is just skating by on the free give-aways of others, too, don't you?
I mean, as I understand the whole Linux thing. Feel free to correct me.
It is by my will alone my thoughts acquire motion; it is by the juice of the coffee bean that the thoughts acquire speed
Comment removed based on user account deletion
"Redhat spends a lot of money to develop their product, and others just copy it and give it away for free. "
You conveniently forgot the fact that Redhat, in their "product", contains 99% stuff that was developed by others for free. It is *not* like stealing money from those who created the original work, because the vast majority of that work had nothing to do with Redhat.
Comment removed based on user account deletion
Really? CentOS is robbing Redhat of their hard work and giving it to selfish, cheap people? Really? You've clearly misunderstood the very basic concepts of OSS.
And who cries for the people that made the software that Redhat freely uses in their distros? Lest you forget, while they've contributed a great deal, Redhat has contributed less than they distribute. Same for SuSE, Ubuntu, et al.
Yeah, but.... I knew when Solaris 8, Irix, MacOS9, and Windows 2000 were going out of support and could plan accordingly. If my plan was: "Keep using it and hope for the best", then it's my fault when/if it all falls apart. Where ever this guy is, he just up and left for there without even a week's warning, let alone the months or even years companies give for products going out of support. Now he may turn up next week and everything is fine, or he may turn up long enough to turn over the reins (and everything's probably a bit rocky, but otherwise fine), or they may find his body (hopefully not, but it's possible) and nothing can be done with CentOS' resources till everything goes through probate. Or he may never resurface in any meaningful way (maybe he joined a monastery and took a vow of "no computers"), and the project will be left hanging.
With commercial vendors, even when they go completely bankrupt, there's usually some sort of continued support, or at least some reasonable announcement of when such support will cease. Now the flip side is that if CentOS IS defunct for whatever reason, someone can just fork the project and "DollarOS" can take over where CentOS left off... but that still isn't the same as good ongoing support from a reliable vendor. Maybe the people who run DollarOS won't be as dedicated, or as competent, or maybe no one will fork it at all.
Don't get me wrong, I've used and liked CentOS; I'm not arguing against using it, just against using it in mission critical apps where long term support might be needed. In that case you should really use RHEL, or even (if you really don't like commercial companies) something like Debian. Debian doesn't have a company behind it, but it does have a large incorporated organization that can survive the loss of any one or even several members.
I don't need a million points of light, just two points of multi-mode fiber and a 10 Gig-E router.
It is like stealing money from those who created the original work. Redhat spends a lot of money to develop their product, and others just copy it and give it away for free.
Not to diminish the contribution by Red Hat, which is pretty extensive, the above argument is invalid. Red Hat did not create the products included in their distributions. They take existing free software, package it, and sells it as part of a complete package, including support. The software is still free.
Some projects whose products are included in Red Hat distributions were created by Red Hat and staffed by Red Hat personnel. They chose the GPL anyway. They have even purchased several companies and relicensed the products of those companies under the GPL. Do you really think that Red Hat would have done this if they thought that this would severely impact their business?
We periodically see companies trying to make open source products switch to closed source for this very reason.
Those companies are in a very different situation. They own the copyrights to their entire code base, and are thus able to change the license to a proprietary one if they think that it will create an advantage. Companies like Red Hat cannot do this, since many of the components of their products are free software. They could have done it with those components that they have written themselves, or acquired the producers of, but they mostly haven't.
While legal, I think it is morally wrong.
Why? Not even Red Hat think so. They argue that people or organizations that have little or no money are not their target market, and thus, it doesn't impact them that those instead use free rebuilds of their product. In fact, it is a better option for them than to use a completely different distribution, such as a Debian one, since using CentOS means that you are already used to their distribution, and may become a customer in the future when you have acquired the financial capabilities, as well as the demand for commercial support contracts.
If Redhat were just starting and were still on the edge of financial stability, and a 'CentOS' product started giving away Redhat's product for free, the for profit company could fail.
The original Red Hat product, which they shipped when they were just starting and on the edge of financial stability, *was* completely open source and was very widely given away for free. You could download it from their servers, or get it copied onto a CD for a token charge. It still seems to have worked for them for quite a long time.
I have not been more conflicted about a comment like yours in a while. The first half is spot-on with regards to projects and leadership. On the other hand the rant against the GPL doesn't make much sense and the license you scenario would spawn would be insanely complex if not downright impossible.
Redhat puts a ton of work/code into linux and associated projects, they're not merely aggregating.
And, as I understand it, they are happy with the CentOS project. They used to give away Redhat and charge for RHEL. Then they switched to an all-pay model, forked the Fedora project, and CentOS fills the gap that was previously held by Redhat. Sure, there's probably some marginal drain away from paying customers, but there's also a large potential customer base that can 'upgrade' to RHEL very easily.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
actually, Solaris 8 end of service life is March 31, 2012. OpenVMS is still alive, new releases coming out periodically, and patches being issued, and support of course available. SGI was bought by Rackable and becoming Silicon Graphics International and support for IRIX is until December 31, 2013.
Bad examples. Solaris 8 doesn't reach the end of it's service life until March 2012, legacy versions of Irix will reach end of support no sooner than December 2013 and even the oldest versions of OpenVMS for the Alpha will be supported through 2012. And of course all three platforms have new versions coming out, so there's an upgrade path on current hardware platforms.
Really, enterprise vendors (including Red Hat) have an excellent history of supporting their paying customers for extended periods.
Your example of RHEL not getting an update in a timely manner is wrong. They issues RHSA-2009:1162-1 nine days ago to address the Firefox vulnerabilities. That's the same day the vulnerabilities were announced by the Mozilla foundation.
My prediction is that either the Admin will turn up or (worst case) won't.
An amazing grasp of the obvious, Mr. AC!
.
Trolling is a art,
A more in-depth blog post from one of the authors can be found here: http://misterd77.blogspot.com/2009/07/what-is-up-with-centos-project.html
Things sound pretty shady...
The way I see it, it's their company. They can either keep me around forever, and appreciate the work I do, or let me go. Either way, I did a good job while I was there.
As I heard it through the grapevine, they spent an absolute fortune redoing everything I did. They switched the servers away from Linux to FreeBSD. They didn't optimize things as well as I had, so that left them in a situation where things simply didn't work as well. They rewrote a lot of my software. Some was trivial, and some was very intricate. I strongly suspect they were trying to defeat my back doors that they were never able to find. The funny part was, I didn't leave any back doors. If I leave a back door for myself, that means there's a back door for someone else to exploit. I spent enough time watching the front door for trouble, why should I have to double my work? :)
The only contact I've maintained is watching their Alexa score drop. It's nothing related to anything I did, but I strongly suspect there have been some nasty technical issues, since some people have called and emailed me saying that the site was suddenly unavailable, or throwing weird errors. I know what the weird errors were. Misconfigured servers, because they were deviating from my well constructed and tested plans. Some of them were obvious. They put into production what I had already tested and decided were not satisfactory for that environment. C'est la vie. I moved on to better things, and they were stumbling over old hurdles. It seems that happens a lot. Places like to second guess the work of old staff just for the sake of trying to make him/her look bad. Sometimes it's just to justify why they got rid of him/her, even years after he could care less. :)
Serious? Seriousness is well above my pay grade.
how is he gone? He is clearly on IRC right now * [lancelan] (n=lance@uklinux.plus.com): Lance Davis * [lancelan] @#centos-devel @#uklinux @#lbw @#centos @#centos-mirror #centos-social @#lance * [lancelan] irc.freenode.net :http://freenode.net/
* [lancelan] is identified to services
* [lancelan] is signed on as account lance_cen
* [lancelan] idle 01:47:07, signon: Thu Jul 30 19:55:01
* [lancelan] End of WHOIS list.