My brother recently did a co-op placement for a Canadian Federal Goverment ministry as part of his degree program. He was tasked with drafting a report about switching from Oracle to MySql and/or PostgreSQL database platforms. He was told flat out from the beginning of the project that no real switch was planned...
I wonder if this ministry was pandering for some Oracle discounts?
I have actually done this. My previous employer has some Building Automation software running on a machine that was not backed up what-so-ever. We were in the process of building a replacement box and getting it all setup, etc. Only days before being able to move the data across (the new system was being backed up), the drive crapped out. A morning in the freezer and we were able to get the data off.
I wouldn't have thought to try this, but a few of the maintenance guys suggested it. I was both surprised and happy that morning!
You'll actually find (at least it's been my experience) that firing up a complete vnc session and then tunnelling that through ssh with compression will get you a usable session at your side. This is exactly how I have my inlaws setup currently. Works like a charm.
They've been using Ubuntu (Dapper, not Edgy) since Thanksgiving without problem. I added suns jre, mplayer codec pack and gnutella for file sharing and they're quite happy.
You likely will see Firefox 2 in FC6 in the fairly near future. The Fedora's are testing distros, which means they're subject to wild version jumps, etc during their life cycle. This is nice for home users that don't mind things breaking here and there, but for a corporate desktop, locked versioning is actually a _feature_!! Stabilized versions in something like RHEL or Debian Stable/Ubuntu LTS generally mean that you don't have to worry about updates breaking due to config changes, etc. This is _good_! It's also good that people can play with the latest and greatest in a place like FC or Deb Testing. You get the best of both worlds...just make sure to use the right distro/version in the right place.
I cut my inlaws over to Ubuntu this past (Canadian) Thanksgiving weekend. They're happy so far. I only had to install gtk-gnutella and a few other comfort type apps on top of the default install. I transferred all of their old data from their ntfs disk (left intact in the event that they hated ubuntu) and they're good to go.
I guess I did have to grab the mplayer codec package to satisfy a few of their media dependencies too...
The cutover was eased by the fact that I've had them doing: a) running with limited user rights in XP [this was the only way I was going to continue providing support] b) using firefox only c) using thunderbird for mail d) running gaim for im
I set their OO.o defaults to use the ms office formats so that they didn't have to futz with file extension changes when sharing docs and presto, chango, a perfect setup for their needs.
The funniest thing I've heard so far was the following from my sister-in-law: SiL -> Hey Ben, what do I use to scan the music I just downloaded for viruses. Me -> Don't worry about viruses any more. SiL -> Interesting!
Not sure why this got modded as flamebait. I completely agree with the poster. The Fedora's are not fit (or even meant) for production use on servers. Fedora is a development platform. Kernels get upgraded, major version changes happen in some packages, major things break (although they are generally corrected quickly). And this is good. FC is providing a path to the next RHEL. You can't do that without scrambling a few eggs. That being said, I generally don't like the eggs on my servers to be scrambled. There is a reason that Redhat sticks with the same kernel version, package versions, etc. Servers don't like surprises. The closer you stay to original software configuration, the less chance you have of upsetting something...or something else that depends on something. It's simple quality control.
Now, obviously, in order for FC to be useful as a testing ground for the new RHEL's, it has to be run on servers and server hardware. I just wouldn't recommend you doing so on your mission critical machines...
Couple the dynamic, fast paced nature of changes in the FC's with a short lifetime (ignoring for the moment fedora legacy) and you have a candidate for trouble in a production environment.
I recently inherited an entire infrastructure built on FC4 and am moving it over to RHEL4. I want a longer supported lifetime. I want a more moderate patch brigade to keep up with. I want standardized software versions. I want long term stability. Do I use RHEL at home? Nope...debian testing/unstable and ubuntu...I can live with downtime and screwups at home. At work, I've got better things to do with my time.
I recently finished the Pick Axe book 2nd ed and would highly recommend it. Like one of the other replies notes, it's a Ruby book, not a Rails book, but I agree you should learn Ruby first. The first edition of this book is available for free on the web at various locations (eg: http://www.rubycentral.com/book/). I started using this several years ago but got sidetracked. The recent Rails fuss has grabbed my attention again, so I finally sat down and dug in. It's now my language of choice for most programming tasks (quickly replacing Perl altogether for my needs). I've yet to do any Rails work, but have a few personal projects in mind that might be good testing for it. Ruby definitely stands on it's own as a language, Rails is just a beautiful use of a beautiful language.
Yah, I'm a CD buyer as well. I download stuff here and there, and I have most of my collection ripped to.ogg files, but I still like to have a good old CD in my hands sometimes. For me, I like supporting the artists I really like (be it little indie bands that press their own, or big names that put $$ in the hands of the RIAA)...I really don't even like having CDR's in my 'collection' as I feel that takes away from it. I think it's to do with having the CD jacket, cover art, etc that goes with the music. For me, that's a part of the art of it...
I really don't like that most of my $15-20 goes to fat cats instead of the artists, and I do realize that cd-covers.org (or whatever) is out there, but I'm not likely to change anytime soon.
That being said, I'm purchasing fewer CD's now than ever. Maybe I'm getting old and not finding as many good new bands that catch my ear, or having a family is changing my lifestyle (no time to listen to it all...?), I'm not sure.
Anyway, that's where I stand on this. (If anyone cares.)
Having just moved from a company running Novell backend and Windows on the desktop, I can say that Novell has some great products (eDirectory, Zen, etc). The biggest problem with Novell is their marketing. There is no clear, concise list of current versions and they also go to extremes with version naming confusion...
To be specific, their Open Server vs Suse Linux product line is fairly confusing. Their management tools are great (in some cases) and horrid in others...that and there are 3 different products to do management with. Which of the 18 different Linux offerings does what?
The other thing that irks me with their products is lack of 'proper' integration. We were are GroupWise shop and had to manage two sets of accounts for everyone, 1 for Windows authentication and a second for GW. There are password syncing options, but it's still a stupid maintenance headace.
Now, at first, I just thought I was an idiot, being relatively new to Novell land. I then discovered that our primary Novell dude had the same issues with them...
Novell makes some fantastic products and they do work well when you get the right stuff setup. They just really need to get their heads out of their asses with their horribly confusing product lines. Just think how deadly Novell's tech departments plus MS's marketing department would be!
I do very little 'sensitive' work while I'm visiting my folks, or the in-laws too. I just finished reinstalling the in-laws' machine and patching/updating it due to a huge spyware/virus problem. They could have had keylogging crap installed there unknowingly too.
The only machines I trust are those that I own and have direct, constant control of. Period.
My mother-in-law on the other hand decided that she'd keep doing her online banking/shopping, etc even after I advised her not to (it was going to be 2 weeks before I could do the wipe/reinstall). My father-in-law is a cop and well aware of how much identity theft is growing these days. Despite that, we couldn't convince her to sit tight for a few days.
That's why I get so annoyed when she asks for help!
The fact that you were able to install a personal firewall on your machine indicates to me that it may be quite a while before your admins figure out what nailed them...
You do realize that there is _some_ ACL support on Linux filesystems now, should you enable it, right? Although it's not perfect yet, it is a good start, and is backwards compatible with the old-school permissions system...
Tack the acl option onto a filesystem in/etc/fstab (I've only done this with ext3) and then remount the partition. Then try man setfacl and man getfacl.
I'd also like to note that even though I agree that ACL's are a better more lucid way of managing access, that in my experience it never translates to less maintenace for the admin. In *nix, you'd create a new group, assign users to said group and then give said group rwx (or whatever) to 'special area a.' If you need to grant access to 'special area b' to the same users, you're set, if not, create new group, etc. The same thing happens with windows. The benefit of ACL's is that two ACL entries suffice to create a superset of two groups where the *nix admin would need to create a third group with all members of the first two belonging to the new group. In practice (correct me if your experience is different), the windows admins are still going to end up creating as many groups as the *nix admins because the overlaps in group requirements are rarely the same.
For those who have never really thought about this issue (drive letters vs mount points), here are a few of my thoughts on the issue. I'd welcome people to comment on why they think drive letters might be a good idea. Does anyone know why drive letters were originated? An inability of early DOS-like systems to do mount points that never died?
Although *nix has had the problem of strange names (a legacy thing) and changing naming conventions (/srv, etc) the idea that for the most part, you always go to the same location for the same thing is great. With drive letters, sometimes a cdrom is D sometimes E, somethings xyz...when you get into network drives, things are at the whim of the guy that setup the scheme in the first place. Is my user drive F or G (my workplace currently maps both).
If instead the user drive was always mapped to..Docs & Settings\myuser, the network would gain more transparency. If you change jobs, you don't have to learn a new drive letter scheme (no big deal for us, but think of the users...won't someone think of the users?).
Anything that can be done to make things seem more transparent to a user without obfuscating other aspects of the system is good imo.
Not that I think belonging to the ACM is bad, but I fail to see how it makes you automatically 'qualified.' Unless things have changed since I was last a member, you had to do nothing else but PAY THE DUES to be an ACM member. While an ACM membership does provide many great benefits, 'qualified professional' status isn't one of them imho.
I use the same approach when explaining this problem to people. People don't care about standards. They care about what works. If you can get them using firefox and then tell them that the pages are bad, not the browser, you're well on your way to a vocal supporter for standards (they just don't know it...).
The 'enlightened' internet browsing population isn't large enough to effect change in a reasonable timeframe. We need to recruit anyone we can...Just because they don't understand the issues doesn't mean they can't help.
10 print '$preferred_standards_compliant_browser is good' 20 print 'IE specific web pages are bad' 30 goto 10
I've started using Samhain on all redhat boxes as part of a standard install. Those boys are paranoid and even include their own 'root kit' as part of the defense!
Slashdot Mirror
My brother recently did a co-op placement for a Canadian Federal Goverment ministry as part of his degree program. He was tasked with drafting a report about switching from Oracle to MySql and/or PostgreSQL database platforms. He was told flat out from the beginning of the project that no real switch was planned...
I wonder if this ministry was pandering for some Oracle discounts?
-Ben
I have actually done this. My previous employer has some Building Automation software running on a machine that was not backed up what-so-ever. We were in the process of building a replacement box and getting it all setup, etc. Only days before being able to move the data across (the new system was being backed up), the drive crapped out. A morning in the freezer and we were able to get the data off.
I wouldn't have thought to try this, but a few of the maintenance guys suggested it. I was both surprised and happy that morning!
-Ben
The term you're looking for is closure.
-Ben
You'll actually find (at least it's been my experience) that firing up a complete vnc session and then tunnelling that through ssh with compression will get you a usable session at your side. This is exactly how I have my inlaws setup currently. Works like a charm.
They've been using Ubuntu (Dapper, not Edgy) since Thanksgiving without problem. I added suns jre, mplayer codec pack and gnutella for file sharing and they're quite happy.
-Ben
You likely will see Firefox 2 in FC6 in the fairly near future. The Fedora's are testing distros, which means they're subject to wild version jumps, etc during their life cycle. This is nice for home users that don't mind things breaking here and there, but for a corporate desktop, locked versioning is actually a _feature_!! Stabilized versions in something like RHEL or Debian Stable/Ubuntu LTS generally mean that you don't have to worry about updates breaking due to config changes, etc. This is _good_! It's also good that people can play with the latest and greatest in a place like FC or Deb Testing. You get the best of both worlds...just make sure to use the right distro/version in the right place.
-Ben
I cut my inlaws over to Ubuntu this past (Canadian) Thanksgiving weekend. They're happy so far. I only had to install gtk-gnutella and a few other comfort type apps on top of the default install. I transferred all of their old data from their ntfs disk (left intact in the event that they hated ubuntu) and they're good to go.
I guess I did have to grab the mplayer codec package to satisfy a few of their media dependencies too...
The cutover was eased by the fact that I've had them doing:
a) running with limited user rights in XP [this was the only way I was going to continue providing support]
b) using firefox only
c) using thunderbird for mail
d) running gaim for im
I set their OO.o defaults to use the ms office formats so that they didn't have to futz with file extension changes when sharing docs and presto, chango, a perfect setup for their needs.
The funniest thing I've heard so far was the following from my sister-in-law:
SiL -> Hey Ben, what do I use to scan the music I just downloaded for viruses.
Me -> Don't worry about viruses any more.
SiL -> Interesting!
(The last line is a direct quote.)
-Ben
Not sure why this got modded as flamebait. I completely agree with the poster. The Fedora's are not fit (or even meant) for production use on servers. Fedora is a development platform. Kernels get upgraded, major version changes happen in some packages, major things break (although they are generally corrected quickly). And this is good. FC is providing a path to the next RHEL. You can't do that without scrambling a few eggs. That being said, I generally don't like the eggs on my servers to be scrambled. There is a reason that Redhat sticks with the same kernel version, package versions, etc. Servers don't like surprises. The closer you stay to original software configuration, the less chance you have of upsetting something...or something else that depends on something. It's simple quality control.
Now, obviously, in order for FC to be useful as a testing ground for the new RHEL's, it has to be run on servers and server hardware. I just wouldn't recommend you doing so on your mission critical machines...
Couple the dynamic, fast paced nature of changes in the FC's with a short lifetime (ignoring for the moment fedora legacy) and you have a candidate for trouble in a production environment.
I recently inherited an entire infrastructure built on FC4 and am moving it over to RHEL4. I want a longer supported lifetime. I want a more moderate patch brigade to keep up with. I want standardized software versions. I want long term stability. Do I use RHEL at home? Nope...debian testing/unstable and ubuntu...I can live with downtime and screwups at home. At work, I've got better things to do with my time.
Flamebait, the parent was not!
-Ben
I recently finished the Pick Axe book 2nd ed and would highly recommend it. Like one of the other replies notes, it's a Ruby book, not a Rails book, but I agree you should learn Ruby first. The first edition of this book is available for free on the web at various locations (eg: http://www.rubycentral.com/book/). I started using this several years ago but got sidetracked. The recent Rails fuss has grabbed my attention again, so I finally sat down and dug in. It's now my language of choice for most programming tasks (quickly replacing Perl altogether for my needs). I've yet to do any Rails work, but have a few personal projects in mind that might be good testing for it. Ruby definitely stands on it's own as a language, Rails is just a beautiful use of a beautiful language.
Cheers.
-Ben
Although with properly configured zones, this is perfectly reasonable now, imo.
-Ben
Yah, I'm a CD buyer as well. I download stuff here and there, and I have most of my collection ripped to .ogg files, but I still like to have a good old CD in my hands sometimes. For me, I like supporting the artists I really like (be it little indie bands that press their own, or big names that put $$ in the hands of the RIAA)...I really don't even like having CDR's in my 'collection' as I feel that takes away from it. I think it's to do with having the CD jacket, cover art, etc that goes with the music. For me, that's a part of the art of it...
I really don't like that most of my $15-20 goes to fat cats instead of the artists, and I do realize that cd-covers.org (or whatever) is out there, but I'm not likely to change anytime soon.
That being said, I'm purchasing fewer CD's now than ever. Maybe I'm getting old and not finding as many good new bands that catch my ear, or having a family is changing my lifestyle (no time to listen to it all...?), I'm not sure.
Anyway, that's where I stand on this. (If anyone cares.)
-Ben
Having just moved from a company running Novell backend and Windows on the desktop, I can say that Novell has some great products (eDirectory, Zen, etc). The biggest problem with Novell is their marketing. There is no clear, concise list of current versions and they also go to extremes with version naming confusion...
To be specific, their Open Server vs Suse Linux product line is fairly confusing. Their management tools are great (in some cases) and horrid in others...that and there are 3 different products to do management with. Which of the 18 different Linux offerings does what?
The other thing that irks me with their products is lack of 'proper' integration. We were are GroupWise shop and had to manage two sets of accounts for everyone, 1 for Windows authentication and a second for GW. There are password syncing options, but it's still a stupid maintenance headace.
Now, at first, I just thought I was an idiot, being relatively new to Novell land. I then discovered that our primary Novell dude had the same issues with them...
Novell makes some fantastic products and they do work well when you get the right stuff setup. They just really need to get their heads out of their asses with their horribly confusing product lines. Just think how deadly Novell's tech departments plus MS's marketing department would be!
My 2 cents.
-Ben
I thought that (hanging on in) 'quiet desperation' was the English Way...
-Ben
I've done WebDAV through explorer and it's worked ok. The backend is Linux/Apache and the clients are XP pro (sp1 here).
The only glitches that I've encountered are at connection time. Explorer is picky about having (or not having) a trailing slash on the url.
-Ben
I hear god uses VMS!
-Ben
Not to mention he's in Canada! We know beer up here, and we've got the docks to use it.
-Ben
I do very little 'sensitive' work while I'm visiting my folks, or the in-laws too. I just finished reinstalling the in-laws' machine and patching/updating it due to a huge spyware/virus problem. They could have had keylogging crap installed there unknowingly too.
The only machines I trust are those that I own and have direct, constant control of. Period.
My mother-in-law on the other hand decided that she'd keep doing her online banking/shopping, etc even after I advised her not to (it was going to be 2 weeks before I could do the wipe/reinstall). My father-in-law is a cop and well aware of how much identity theft is growing these days. Despite that, we couldn't convince her to sit tight for a few days.
That's why I get so annoyed when she asks for help!
-Ben
The fact that you were able to install a personal firewall on your machine indicates to me that it may be quite a while before your admins figure out what nailed them...
-Ben
Until your competition copies your manual but assigns the intern to proofing it: Plug i in
Sorry, the record now belongs to the guy that ignored the red squiggly underline in Word.
-Ben
You do realize that there is _some_ ACL support on Linux filesystems now, should you enable it, right? Although it's not perfect yet, it is a good start, and is backwards compatible with the old-school permissions system...
/etc/fstab (I've only done this with ext3) and then remount the partition. Then try man setfacl and man getfacl.
Tack the acl option onto a filesystem in
I'd also like to note that even though I agree that ACL's are a better more lucid way of managing access, that in my experience it never translates to less maintenace for the admin. In *nix, you'd create a new group, assign users to said group and then give said group rwx (or whatever) to 'special area a.' If you need to grant access to 'special area b' to the same users, you're set, if not, create new group, etc. The same thing happens with windows. The benefit of ACL's is that two ACL entries suffice to create a superset of two groups where the *nix admin would need to create a third group with all members of the first two belonging to the new group. In practice (correct me if your experience is different), the windows admins are still going to end up creating as many groups as the *nix admins because the overlaps in group requirements are rarely the same.
-Ben
For those who have never really thought about this issue (drive letters vs mount points), here are a few of my thoughts on the issue. I'd welcome people to comment on why they think drive letters might be a good idea. Does anyone know why drive letters were originated? An inability of early DOS-like systems to do mount points that never died?
..Docs & Settings\myuser, the network would gain more transparency. If you change jobs, you don't have to learn a new drive letter scheme (no big deal for us, but think of the users...won't someone think of the users?).
Although *nix has had the problem of strange names (a legacy thing) and changing naming conventions (/srv, etc) the idea that for the most part, you always go to the same location for the same thing is great. With drive letters, sometimes a cdrom is D sometimes E, somethings xyz...when you get into network drives, things are at the whim of the guy that setup the scheme in the first place. Is my user drive F or G (my workplace currently maps both).
If instead the user drive was always mapped to
Anything that can be done to make things seem more transparent to a user without obfuscating other aspects of the system is good imo.
-Ben
Not that I think belonging to the ACM is bad, but I fail to see how it makes you automatically 'qualified.' Unless things have changed since I was last a member, you had to do nothing else but PAY THE DUES to be an ACM member. While an ACM membership does provide many great benefits, 'qualified professional' status isn't one of them imho.
Someone correct me if I'm wrong here...
-Ben
I use the same approach when explaining this problem to people. People don't care about standards. They care about what works. If you can get them using firefox and then tell them that the pages are bad, not the browser, you're well on your way to a vocal supporter for standards (they just don't know it...).
The 'enlightened' internet browsing population isn't large enough to effect change in a reasonable timeframe. We need to recruit anyone we can...Just because they don't understand the issues doesn't mean they can't help.
10 print '$preferred_standards_compliant_browser is good'
20 print 'IE specific web pages are bad'
30 goto 10
-Ben
I actually read it as 'rimjob'...
-Ben
Why would anyone pay for viruses? I just download mine for free off the internet with this nifty new program I found!
-Ben
I've started using Samhain
on all redhat boxes as part of a standard install. Those boys are paranoid and even include their own 'root kit' as part of the defense!
Check it out.
-Ben