There are several distributions (not all of them Linux per se -- the BSDs are also well worth a look) that work well in an enterprise server environment. That being the case, your choice should be based on factors like:
Do you require vendor support? If so, Suse or RHEL are your most likely options.
Do you require easy updates with automatic dependency resolution? Go with FreeBSD, with Gentoo as a possible second choice. Suse and Debian seem to be doing pretty well in this area, too, but they haven't got it perfect yet. This issue was the main reason my organization chose to drop Red Hat about a year ago (in favor of Gentoo, if that's relevant).
What system are your admins most familiar with?
How many servers are you running? If you're only doing a few, pick whatever you want, but if the number is larger (say, 10 or more), don't go with Gentoo unless you plan to run a build server and install binary packages from there. (With a build server, though, Gentoo scales very well into large numbers of servers.)
Do any of your applications require a specific distribution or platform? You may well find that you need to run Solaris or AIX for some things.
My own preference at the moment is FreeBSD, but it's a good idea to be flexible and evaluate the specific needs of your organization before you standardize on a distribution.
Yes, that does work, most of the time. There are at least two cases where it won't, though:
1 - You need your checked out copy to work the same whether you're inside the firewall (connecting directly to the subversion server without the SSH tunnel) or outside the firewall (using SSH) 2 - Whoever set up your repository did something with svn propset svn:externals
I know, I know, you can easily work around #1 by always using the SSH tunnel whether your're inside or outside the firewall (in fact, that's what you'd have to do with CVS, too, if you were using pserver and tunnelling 2401, unless you wanted to add an entry to/etc/hosts pointing your your.cvs.server to 127.0.0.1 whenever you were outside).
#2 is probably an unusual case -- at least, I hope so -- but it's a case that I'm stuck having to deal with, and it ends up meaning that I have to use ssh -L 80:svnserver:80 and a hosts file entry, rather than ssh -L 8080:svnserver:80 and localhost.
* Subversion deliberately uses a lot of working-copy disk space, because it's optimized for network use. (that is, it assumes that network is scarce, and disk is cheap.) It caches pristine copies of files so that lots of commands ("diff", "revert", "status") all work offline. It's a deliberate choice. Someday the developers hope to make this tradeoff configurable.
I am aware that it's a deliberate decision, and I am aware of the reasoning behind it. For most projects I've dealt with recently, the opposite assumptions have been true, though: network is readily available, but disk is (often) scarce.
* You seem to be unaware that Subversion is not only able to use http://, but https:// as well, complete with server and client certificate negotiation. You can also tunnel the custom server protocol over ssh, using svn+ssh:// urls; no apache required at all, if you'd just prefer to use existing ssh accounts.
No, I'm not unaware that you can do that. The problem is that most of the Subversion installations I've seen -- including the one at work, unfortunately -- don't. Of course, the repository at work would require an SSH tunnel for access from outside the firewall in any case, since we'd never put it on a publicly visible server even with https, but having to run the tunnel on port 80 is a real pain.
Yes, I have used MKS, from 1997-2000. I'll grant you the point about the UI. My main complaint with PVCS, though, was its boneheaded workaround for the 8.3 problem, which resulted (frequently, on my particular project) in it blithely overwriting a stored file with data from an entirely different file.
Subversion uses too damn much disk space, particularly on the client (not that it's good on the server, either, but when the client is an older laptop with a 9 GB hard drive, you really notice the problem)
Subversion is slow
The server-side database is too easily and far too frequently corrupted or left locked by an aborted client request, resulting in ridiculous slowdown on the client side and increased administrative overhead on the server side
Most Subversion installations are configured to work over HTTP (only). This provides all kinds of nice anti-benefits, like:
Eliminating key-based SSH authentication and replacing it with weak password-based HTTP "basic" authentication
Replacing a nice, encrypted SSH transport with plain-text HTTP
Making it so that in order to use Subversion over an SSH tunnel, you first have to shut down your local Apache server, modify/etc/hosts and set up the tunnel as root, because, of course, a non-root user can't tunnel port 80
The list goes on and on and on, but I'm not interested in continuing it just now. Subversion hasn't managed yet to be the worst version control system I've ever seen: that title is still held by PVCS on Windows 3.1, circa 1995. It's getting to be a close race, though.
Parent makes some great points. The math's all been done before. Here's an example just to show how bad the situation really is.
Consider a credit card with a 15% interest rate. (I'm being nice here -- 18% or higher isn't uncommon, especially for people just getting started who haven't had a chance to build up a stellar credit rating yet.) Suppose you make a single purchase on that card for $2000, and never use the card again. Suppose further that you make the minimum payment faithfully every month.
Monthly payment: a little over $25
Time to pay off the loan: 30 years
Total payment by the end of the loan: $9104.40
Is any purchase really worth spending 3.5 times more for interest than for the original cost of the item?
In another common alternative, of course, you file Chapter 7, eliminate the debt entirely, and destroy your credit rating for the next ten years. But, that just means that a decade from now, you might qualify for another card at 18%.
The answer? It depends. Some people do, in fact, manage to use a credit card and pay it off every month. For most, though, that just doesn't work, no matter how attractive it sounds. I'd suggest just avoiding the damn things.
This won't be showing up anytime soon in the "thin and light" laptop category, but I could easily imagine Falcon Northwest or Alienware doing this in one of their heavyweight "desktop replacement" models. They don't tend to emphasize battery life anyway...
Ok, Slashdotters!
1) Roughly what percent of your music collection is unauthorized files from P2P like Kazaa, FTP, etc.?
None. Zero. I mean it.
2) Roughly what percent of your music collection comes from sources like iTunes Music Store, eMusic, etc?
None.
3) Roughly what percent of your music collection comes from shareable sources like Creative Commons-licensed music?
None.
4) Roughly what percent of your music collection comes from rips of your own CDs?
~95%
5) Roughly what percent of your music collection comes from rips of friends' CDs?
None.
(and what am I missing?)
You're missing the portion of my music that comes from either my own or my friends' own composition and performance: the stuff we couldn't possibly "steal" because we own the copyright.
You're also missing the small amount that comes from digitizing my cassette tapes and occasionally even vinyl records.
FSF only asks this for software that's part of the GNU project, not for all GPL software. Their stated reason is that they don't believe they have a legal right to enforce, or even assist in enforcing, copyrights they don't own. In other words, if someone violates the GPL for non-GNU software, FSF and their lawyers can't (or won't) do anything about it. The owners of the code have to take care of it themselves.
I'll agree that the whole point is to run the software, but please remember that the software isn't necessarily GNU. From your list, for instance, the X servers aren't, and the FTP, Web and DNS servers aren't. Expanding from there, Mozilla isn't, KDE and all of the software for KDE aren't, cdrecord isn't,...
It is certainly true that some of the important software is GNU (see, for instance, gcc and wget), but it would be a mistake to assume that Unix is only about running GNU software.
Putting filtering on Linux doesn't make it better. Filtering still:
a) doesn't work. Kids who want pr0n will find it, or find a way to get around the filters; and
b) creates and adversarial relationship between parent and child instead of a collaborative one.
There are a couple of misconceptions here. In the first place, most of us who use filtering (I've had DansGuardian in place for a long time now) aren't looking for a way to block kids who are actively looking for pr0n. We're not stupid: we know that kids who actively want it will find it, filter or no. In the second place, our kids can be trusted to know the difference between a system we set up to prevent accidents with material they actually don't want to see, and an attempt to keep them from doing what they do want to.
As it happens, I set up my filtering system (complete with transparent proxying on the firewall) at a time when I didn't even have kids yet. My wife and I wanted a system to prevent ourselves from accidents, and from the occasionial maliciously placed popups on otherwise legitimate sites.
We have a 2-year-old now, but filtering for her won't be an issue for quite some time yet. By the time it is, she'll certainly know that the same filters that apply to her browsing apply to ours as well.
Take out the portion of MAY-SPAM that denies end users private right of action. When I and a million other people have the ability to personally sue the spammers, then maybe something will get done.
I'm on Comcast, too. For a the longest time, 2/3 of the entries in my Apache logs were from Code Red and similar worms trying to infect my nonexistent IIS server. That doesn't happen anymore, mainly because I pulled out the two dozen or so IP addresses that were sending all of the attack traffic and blocked all of them at the firewall. (I do still get the occasional attempt on port 445, though.)
Now, I can't in good conscience recommend installing Windows XP at all, but if you were to do such a thing, the ONLY reasonably safe ways to do it is to install and patch from behind a good firewall, or to install and patch on a machine with no network connection at all.
If anecdotal evidence counts, then I have several stories that run just about exactly like yours, except that in my case it was Windows that didn't work and Linux that did.
First example: A few years ago I bought a nice new laptop from a major manufacturer. Note well, this was not some obscure off-brand machine; it was one of the top three major brands. I took it home, wiped Windows ME off the hard drive, and set up a couple of partitions. On one of those, I installed Red Hat 7. It "just worked", right out of the box. On the other, I tried to install Windows 2000 Professional. After several hours of searching and a call to the manufacturer's tech support, I was about to give up: they wouldn't admit to the existence of a video driver for W2K. (I did find one eventually, by asking my company's IS manager: apparently, $manufacturer did indeed have a whole driver CD for W2K; they just didn't want to let some non-corporate customer know about it.)
Next example: having failed to learn my lesson after the laptop incident, I tried not once but three times to install XP (Pro, naturally) on a desktop computer at home. What a disaster. The first time, the installer blue-screened early in the process. The second time, it installed, and I booted, ran Windows Update, and rebooted -- to a dead black screen. Foolishly refusing to give up at that point, I tried the third time. Windows installed, Windows Update ran, the computer booted and appeared to work -- but no matter what I did, it flatly refused to recognize my scanner or my CD burner. By that point, I had had it. I reinstalled Linux, and the computer worked fine from that moment until the time a few years later when the motherboard died.
In short, Windows may be right for some people, but for me and my hardware, it was dead wrong, and I'll never go back.
My favorite is a hardwood cutting board, 14x20 inches by about half an inch thick. It provides a nice solid surface to hold the laptop, insulates reasonably well, and has room to the side of the computer for a Logitech Marble trackball. As an added bonus, when I'm not using the computer, it can double as a writing surface:)
Assuming they get it right, this could be a Very Good Thing. I mean, really, OO.o is about on a par with Word, but that means it's got a long way to go before it's as good as Word Perfect.
I'll probably end up buying a copy just to see how well it works. If it works well, then I'll grab a few more.
I realize that all humans -- even people like me -- need some social interaction. But is it really a problem if we try to limit when, where and how much?
It seems to me that people who want more social interaction can always find it. I fail to see anything wrong with wanting -- and finding -- less.
True, filtering on the receiving server is a bad solution. The filtering needs to take place at the point of origin!
the 'want' to filter spam at the server level hurts legit email marketers, inconveniences recipients of legit email marketers
"legit email marketers"? Isn't that a contradiction in terms?
Re:Not working hard enough.
on
Working Hard?
·
· Score: 5, Insightful
Vacations are good though, but you have to think of it this way, you should have a job you actually WANT to do, and you wont have a problem working 12 hours a day. Of course if you work at Mc Donalds you'll hate working 12 hours a day.
BZZZT. Wrong answer.
I have a job for one reason: to pay the bills. If I'm looking for something I want to do, I'll spend time at home (or maybe at Lake Powell) with my wife and kids. 12 hours a day seriously detracts from that. Therefore, 12 hours a day is out of the question.
It sounds like your objective is to make files available for download by the public. That being the case, your best solution is to provide both methods and let the person downloading the file determine which method is better for his/her/its needs.
Some will prefer ftp because it's faster. Others, especially those behind overly-restrictive firewalls, will find that http is a more usable alternative.
Slashdot Mirror
There are several distributions (not all of them Linux per se -- the BSDs are also well worth a look) that work well in an enterprise server environment. That being the case, your choice should be based on factors like:
My own preference at the moment is FreeBSD, but it's a good idea to be flexible and evaluate the specific needs of your organization before you standardize on a distribution.
Yes, that does work, most of the time. There are at least two cases where it won't, though:
/etc/hosts pointing your your.cvs.server to 127.0.0.1 whenever you were outside).
1 - You need your checked out copy to work the same whether you're inside the firewall (connecting directly to the subversion server without the SSH tunnel) or outside the firewall (using SSH)
2 - Whoever set up your repository did something with svn propset svn:externals
I know, I know, you can easily work around #1 by always using the SSH tunnel whether your're inside or outside the firewall (in fact, that's what you'd have to do with CVS, too, if you were using pserver and tunnelling 2401, unless you wanted to add an entry to
#2 is probably an unusual case -- at least, I hope so -- but it's a case that I'm stuck having to deal with, and it ends up meaning that I have to use ssh -L 80:svnserver:80 and a hosts file entry, rather than ssh -L 8080:svnserver:80 and localhost.
I couldn't tell you; I haven't used it since back then. I certainly hope they've at least fixed the 8.3-related problems, though.
* Subversion deliberately uses a lot of working-copy disk space, because it's optimized for network use. (that is, it assumes that network is scarce, and disk is cheap.) It caches pristine copies of files so that lots of commands ("diff", "revert", "status") all work offline. It's a deliberate choice. Someday the developers hope to make this tradeoff configurable.
I am aware that it's a deliberate decision, and I am aware of the reasoning behind it. For most projects I've dealt with recently, the opposite assumptions have been true, though: network is readily available, but disk is (often) scarce.
* You seem to be unaware that Subversion is not only able to use http://, but https:// as well, complete with server and client certificate negotiation. You can also tunnel the custom server protocol over ssh, using svn+ssh:// urls; no apache required at all, if you'd just prefer to use existing ssh accounts.
No, I'm not unaware that you can do that. The problem is that most of the Subversion installations I've seen -- including the one at work, unfortunately -- don't. Of course, the repository at work would require an SSH tunnel for access from outside the firewall in any case, since we'd never put it on a publicly visible server even with https, but having to run the tunnel on port 80 is a real pain.
Yes, I have used MKS, from 1997-2000. I'll grant you the point about the UI. My main complaint with PVCS, though, was its boneheaded workaround for the 8.3 problem, which resulted (frequently, on my particular project) in it blithely overwriting a stored file with data from an entirely different file.
Damn, where to start? In no particular order:
The list goes on and on and on, but I'm not interested in continuing it just now. Subversion hasn't managed yet to be the worst version control system I've ever seen: that title is still held by PVCS on Windows 3.1, circa 1995. It's getting to be a close race, though.
20% + whatever additional the state tacks on. I belive it ends up around 50% here.
- Badnarik (Libertarian)
- Bush (Republican)
- Harris (Socialist Workers)
- Jay (Personal Choice)
- Kerry (Democrat)
- Nader (no party)
- Peroutka (Constitution)
There may be other candidates as well in some states, but I don't remember who they all are. These 7 are on the Utah ballot.Parent makes some great points. The math's all been done before. Here's an example just to show how bad the situation really is.
Consider a credit card with a 15% interest rate. (I'm being nice here -- 18% or higher isn't uncommon, especially for people just getting started who haven't had a chance to build up a stellar credit rating yet.) Suppose you make a single purchase on that card for $2000, and never use the card again. Suppose further that you make the minimum payment faithfully every month.
Is any purchase really worth spending 3.5 times more for interest than for the original cost of the item?
In another common alternative, of course, you file Chapter 7, eliminate the debt entirely, and destroy your credit rating for the next ten years. But, that just means that a decade from now, you might qualify for another card at 18%.
The answer? It depends. Some people do, in fact, manage to use a credit card and pay it off every month. For most, though, that just doesn't work, no matter how attractive it sounds. I'd suggest just avoiding the damn things.
This won't be showing up anytime soon in the "thin and light" laptop category, but I could easily imagine Falcon Northwest or Alienware doing this in one of their heavyweight "desktop replacement" models. They don't tend to emphasize battery life anyway...
Ok, Slashdotters!
1) Roughly what percent of your music collection is unauthorized files from P2P like Kazaa, FTP, etc.?
None. Zero. I mean it.
2) Roughly what percent of your music collection comes from sources like iTunes Music Store, eMusic, etc?
None.
3) Roughly what percent of your music collection comes from shareable sources like Creative Commons-licensed music?
None.
4) Roughly what percent of your music collection comes from rips of your own CDs?
~95%
5) Roughly what percent of your music collection comes from rips of friends' CDs?
None.
(and what am I missing?)
You're missing the portion of my music that comes from either my own or my friends' own composition and performance: the stuff we couldn't possibly "steal" because we own the copyright.
You're also missing the small amount that comes from digitizing my cassette tapes and occasionally even vinyl records.s/either/BOTH/g;
Otherwise, your comment is right on the mark.s/or/AND/g;
FSF only asks this for software that's part of the GNU project, not for all GPL software. Their stated reason is that they don't believe they have a legal right to enforce, or even assist in enforcing, copyrights they don't own. In other words, if someone violates the GPL for non-GNU software, FSF and their lawyers can't (or won't) do anything about it. The owners of the code have to take care of it themselves.
> IE has an executable of a few KB (WinXP).
And an almost 2.5 MB mshtml.dll, and a 1 MB mshtml.tlb, and...
I'll agree that the whole point is to run the software, but please remember that the software isn't necessarily GNU. From your list, for instance, the X servers aren't, and the FTP, Web and DNS servers aren't. Expanding from there, Mozilla isn't, KDE and all of the software for KDE aren't, cdrecord isn't, ...
It is certainly true that some of the important software is GNU (see, for instance, gcc and wget), but it would be a mistake to assume that Unix is only about running GNU software.
There are a couple of misconceptions here. In the first place, most of us who use filtering (I've had DansGuardian in place for a long time now) aren't looking for a way to block kids who are actively looking for pr0n. We're not stupid: we know that kids who actively want it will find it, filter or no. In the second place, our kids can be trusted to know the difference between a system we set up to prevent accidents with material they actually don't want to see, and an attempt to keep them from doing what they do want to.
As it happens, I set up my filtering system (complete with transparent proxying on the firewall) at a time when I didn't even have kids yet. My wife and I wanted a system to prevent ourselves from accidents, and from the occasionial maliciously placed popups on otherwise legitimate sites.
We have a 2-year-old now, but filtering for her won't be an issue for quite some time yet. By the time it is, she'll certainly know that the same filters that apply to her browsing apply to ours as well.
Take out the portion of MAY-SPAM that denies end users private right of action. When I and a million other people have the ability to personally sue the spammers, then maybe something will get done.
I'm on Comcast, too. For a the longest time, 2/3 of the entries in my Apache logs were from Code Red and similar worms trying to infect my nonexistent IIS server. That doesn't happen anymore, mainly because I pulled out the two dozen or so IP addresses that were sending all of the attack traffic and blocked all of them at the firewall. (I do still get the occasional attempt on port 445, though.)
Now, I can't in good conscience recommend installing Windows XP at all, but if you were to do such a thing, the ONLY reasonably safe ways to do it is to install and patch from behind a good firewall, or to install and patch on a machine with no network connection at all.
If anecdotal evidence counts, then I have several stories that run just about exactly like yours, except that in my case it was Windows that didn't work and Linux that did.
First example: A few years ago I bought a nice new laptop from a major manufacturer. Note well, this was not some obscure off-brand machine; it was one of the top three major brands. I took it home, wiped Windows ME off the hard drive, and set up a couple of partitions. On one of those, I installed Red Hat 7. It "just worked", right out of the box. On the other, I tried to install Windows 2000 Professional. After several hours of searching and a call to the manufacturer's tech support, I was about to give up: they wouldn't admit to the existence of a video driver for W2K. (I did find one eventually, by asking my company's IS manager: apparently, $manufacturer did indeed have a whole driver CD for W2K; they just didn't want to let some non-corporate customer know about it.)
Next example: having failed to learn my lesson after the laptop incident, I tried not once but three times to install XP (Pro, naturally) on a desktop computer at home. What a disaster. The first time, the installer blue-screened early in the process. The second time, it installed, and I booted, ran Windows Update, and rebooted -- to a dead black screen. Foolishly refusing to give up at that point, I tried the third time. Windows installed, Windows Update ran, the computer booted and appeared to work -- but no matter what I did, it flatly refused to recognize my scanner or my CD burner. By that point, I had had it. I reinstalled Linux, and the computer worked fine from that moment until the time a few years later when the motherboard died.
In short, Windows may be right for some people, but for me and my hardware, it was dead wrong, and I'll never go back.
My favorite is a hardwood cutting board, 14x20 inches by about half an inch thick. It provides a nice solid surface to hold the laptop, insulates reasonably well, and has room to the side of the computer for a Logitech Marble trackball. As an added bonus, when I'm not using the computer, it can double as a writing surface :)
Assuming they get it right, this could be a Very Good Thing. I mean, really, OO.o is about on a par with Word, but that means it's got a long way to go before it's as good as Word Perfect.
I'll probably end up buying a copy just to see how well it works. If it works well, then I'll grab a few more.
In what way is anti-social behavior "bad"?
I realize that all humans -- even people like me -- need some social interaction. But is it really a problem if we try to limit when, where and how much?
It seems to me that people who want more social interaction can always find it. I fail to see anything wrong with wanting -- and finding -- less.
server side email filtering is BAD, BAD, BAD!
True, filtering on the receiving server is a bad solution. The filtering needs to take place at the point of origin!
the 'want' to filter spam at the server level hurts legit email marketers, inconveniences recipients of legit email marketers
"legit email marketers"? Isn't that a contradiction in terms?
Vacations are good though, but you have to think of it this way, you should have a job you actually WANT to do, and you wont have a problem working 12 hours a day. Of course if you work at Mc Donalds you'll hate working 12 hours a day.
BZZZT. Wrong answer.
I have a job for one reason: to pay the bills. If I'm looking for something I want to do, I'll spend time at home (or maybe at Lake Powell) with my wife and kids. 12 hours a day seriously detracts from that. Therefore, 12 hours a day is out of the question.
It sounds like your objective is to make files available for download by the public. That being the case, your best solution is to provide both methods and let the person downloading the file determine which method is better for his/her/its needs.
Some will prefer ftp because it's faster. Others, especially those behind overly-restrictive firewalls, will find that http is a more usable alternative.