why does redhat insist on upgrading the sendmail even if this package was uninstalled <br> Because you installed a broken qmail package. You need a package that Provides: smtpdaemon, or the installer will resolve that dependency by installing sendmail.
We're currently working on it. If you've checked the beta, you've probably noticed the wuftpd-config printer-config apache-config squid-config firewall-config packages. They're a start. There will be a central tool for them all, but we probably won't finish it in time for 6.2.
I had replaced sendmail with postfix, and the upgrade stomped on it, reinstalling sendmail.
Then you did something wrong. You probably didn't rpm -e sendmail, so the installer saw sendmail was installed and needed to be updated.
Or, you installed a broken postfix RPM that doesn't provide smtpdaemon, so the installer saw there's no smtpdaemon and resolved that dependency by installing sendmail.
Actually it's not quite the same. What's the last time you downloaded a free update from Windows NT 4.0 to Windows 2000? If you need to update to Red Hat Linux 6.2, just go to ftp.redhat.com. We don't force anyone to buy anything.
Also, the issue is definitely not a bug. It's a questionable preconfiguration (enabling everything by default). How would you want to "fix" older versions? Re-Release 5.2 with a different installer? For real problems (bind rootshell exploit), Red Hat has issued updated RPMs for versions down to 4.2.
As for bug reporting, nobody (including both Red Hat and Microsoft) can fix bugs/add changes they aren't aware of. Reporting a bug is always a good idea. The difference here is that, last time I checked, Microsoft didn't even have the beginnings of a bug reporting system. That's part of why they never get some trivial bugs fixed. Most Linux distributors do have a working bug reporting system - and most bugs reported there WILL get fixed (or at least you'll get the reasons why they won't be fixed).
I wouldn't condemn Microsoft for telling their users to report bugs (if they had a bug tracking system) - actually that would be a good idea.
They are not really bugs, but our bugzilla has an option to report enhancements. Just because something has been a certain way forever doesn't mean it's the right way. (And of course we always have the option to just add the comment "we won't do this because it's not a good idea" and close the bug report).
As for sawmill, we're now including it in the main distrib; the default window manager depends on the desktop environment you choose.
I found it quite unsettling how much work it takes just to get a standard Red Hat 6.1 install to have decent security
This is fixed in 6.2. Have a look at the current beta. We're now disabling all questionable services by default. Also, the servers and clients are now separate packages so you don't need to install a finger server just to do a finger @finger.kernel.org.
<I>Are they EVER going to put/usr/local/bin in PATH</I>
Yes. 6.2. Look at the beta.
<I>some of the stuff they do is so brain-dead</I>
So why don't you <a href="http://bugzilla.redhat.com/bugzilla/">report these bugs</a>? We're always glad to be told about problems so we can fix them. Especially when you can even include a fix.
it seems like Mandrake is always a step ahead of Red Hat
Not necessarily. It's always a matter of when a release is made. Usually the one who made the last release is a steap ahead.;)
<I>if Red Hat acquires Mandrake, I'm honestly not sure if those type of innovations would continue</I>
I don't see this acquisition happening anytime soon (DISCLAIMER: I'm a programmer, not a business person. I don't know about future acquisition plans. I haven't said it won't happen, I haven't said it will.) - but even if it happened, innovations would go on. Check out all the work Red Hat has been doing in the past (and is doing right now - have you seen the new configuration tools we're working on? Check Raw Hide).
Just a correction - I've left Mandrake in September to join Red Hat.
To stop rumors before they start coming up:
My primary reason for joining Red Hat was getting the changes that (IMO) make sense to as many people as possible. People who decide to try Linux should get the best possible distribution right away... (Instead of getting a bad impression of Linux because of the flaws of one distribution)
Another reason was safety. With Red Hat Linux getting better all the time (and merging back changes from Mandrake), I don't know how long there's room for an extended version of Red Hat Linux.
It's not a "rat leaving the sinking ship" thing. There is nothing wrong with Mandrake. There's also nothing wrong with Red Hat and most other Linux distributions.
Please read the full press release. The stuff will NOT be included in normal Red Hat Linux, but in the Enterprise edition (meaning the version that's recommended for using Oracle and SAP). The normal version of Red Hat Linux is 99.9% opensource (Netscape being the only closedsource package), and will stay that way.
> IMO both nfs and coda are superior How did you arrive at that conclusion?
I'm aware of the fact that there are problems with NFS - but the SMB protocol (as used by samba) can't even handle something simple like file permissions.
I still don't understand how Microsoft's additions constitute 'pollution' of Java
Java was designed to be cross-platform - write once, run everywhere.
Microsoft added some stuff that is definitely not cross-platform, and works on Microsoft operating systems only. They did not clearly mark their incompatible modifications as such, and they even autogenerate non-portable code by default in J++.
Therefore, Microsoft basically killed one of the primary good points of Java with their products (So where's the advantage in using Microsoft Java over using C to write a tool, if it still will work on Windows only?) - it's what I'd call pollution.
Because the pre-compiled Red Hat is compiled for the lowest denomination CPU, you can't fairly compare out of hte box speeds to something like say, Mandrake, which is compiled for Pentiums
Not quite true. The speed of the TCP/IP stack, which was the limiting factor here, is exclusively a kernel issue. Red Hat does ship i586 and i686 versions of the kernel.
Another problem is that they just weren't familiar with Red Hat Linux. Among other things, they claim samba can be configured only through a "cryptic configuration file". First of all, I wouldn't call smb.conf cryptic - second, Red Hat Linux includes both linuxconf and swat (samba web administration tool), both of which can be used as simple frontends for editing samba configuration.
Also, if samba is their *only* idea about filesharing (IMO both nfs and coda are superior), they must be joking.
And that's not the only inaccuracy...
Also, did anyone else notice when Windows 2000 failed miserably, they contacted Microsoft and tried to get it fixed while they did not bother to ask Red Hat or anyone else if there's really no frontend for samba configuration?
That 530 message is not a real 530 message. They have posted it to fool you. [...] first you get back: 530-There are too many users... but next you get back a real 530 message 530 Login incorrect
Which is just what the ftp server they're using does when there are too many users. It first send some 530-Whatever-the-admin-puts, then a 530 Login incorrect. This is perfectly valid according to the RFCs, as long as all but the last line have a "-" after the 530.
I wrote the server program they're using, so rest assured I know how it behaves.
It's entirely possible, though, that they set a limit of 1 user and they have that one permitted connection opened for themselves - I can't get in either.
Why would a potential underwriter share the information about the complaint with the company?
To get their view on it? I'd do that (without mentioning his name though). It's always best to get the opinion from both sides, and maybe some neutral parties, before making a decision.
Most of the legal correspondence I've seen is certainly more format [...] seems to be an inflammatory statement
This was IMO an attempt to scare him of, not really a legal document. I don't know, if I were their lawyer (I'm not a lawyer though), I might have done the same to imply "Hi, we don't really want a lawsuit, we'd prefer an informal solution (just shut up!), but I'm a lawyer, so if you don't want to comply, we can get formal about it!" The only odd thing about it is the hotmail address...
They know their product sucks - they aren't using it on their server. The server is running Apache 1.3.11 (they're shipping 1.3.6), and a couple of days ago (before they blocked the telnet port), you got the/etc/issue.net of Red Hat Linux 6.0 when you tried to telnet in.:)
"Oh no! They used Redhat's distro, and removed reference to Redhat in the installer". The GPL allows that, no?
Not really. We aren't talking about code changes here (code changes are perfectly ok), we're talking about COPYRIGHT changes. s/(c) 1998 Red Hat/(c) 2000 LinuxOne/g is definitely NOT a change that is ok.
What the Mandrake people were doing in their 6.0 and 6.1 versions (Leave the Red Hat copyright in, adn add their own, along with some changes to the installer) is ok.
I just wonder if we really want them to acknowledge our copyright - after all "Oh, LinuxOne is (c) Red Hat. LinuxOne sucks, so Red Hat sucks.";)
Ok, merge this with all known root shell exploits and you have a real virus (that can infect the system if the user isn't stupid enough to run something unchecked as root) - if you do that, though, it'll be so large that the size difference becomes really noticable. (Wait, why is that 3-line shell script I just wrote 72 kB?)
A long long time ago, videogames were usually written by one person
This was IMO not necessarily a good thing - not everyone is good at everything. For example, I'd think I could write a game engine and decide about gameplay - but I'm horrible with graphics (the fact that I'm spending 99.9% of my time on the console and writing this with lynx should give you an impression;) ), so if I gave it a try, it might be a nice game, but it would look so horrible that nobody would really enjoy it.
Today, the games are developed by teams of people, sometimes past 100 members. There are programmers, artists, marketeers, and even people whose job it is to do nothing but manage the aforementioned people
Leave out the marketeers and managers, and you have a system that works. We're trying to do just that over at the Free Film Project - and from my experience there, I can say that we have some people who are excellent programmers, but who couldn't write a script, then we have script writers who couldn't even think of designing starship models,... - but all the people's individual qualitites added up give us the possibility to get something done.
Does that prevent it from being a work of art? I don't think so.
> The only affect should be on commercial > (closed source) code within the USA
Not exactly. Linux distributors in the USA will finally be allowed to add stuff using RSA (ssh,...) to the distributions. Along with the slightly improved export restrictions, this can be a real gain.
Slashdot Mirror
No, 6.2 is still with egcs for compatibility reasons.
7.0 will have a current gcc (whatever is current by then - probably either 2.95.4, 2.96 or 3.0).
why does redhat insist on upgrading the sendmail even if this package was uninstalled
<br>
Because you installed a broken qmail package.
You need a package that Provides: smtpdaemon, or the installer will resolve that dependency by installing sendmail.
The 6.1 installer was indeed a bit rushed - little more than expectable, considering it was completely rewritten.
6.2 fixes most known bugs.
In the mean time, you can download official Red Hat packages for both ssh and openssh from our German servers. ftp://ftp.redhat.de/pub/rh-addons/securi ty.
We'd like to include OpenSSH - but the stupid RSA patent doesn't allow it.
We're currently working on it.
If you've checked the beta, you've probably noticed the
wuftpd-config
printer-config
apache-config
squid-config
firewall-config
packages.
They're a start. There will be a central tool for them all, but we probably won't finish it in time for 6.2.
I had replaced sendmail with postfix, and the upgrade stomped on it, reinstalling sendmail.
Then you did something wrong.
You probably didn't rpm -e sendmail, so the installer saw sendmail was installed and needed to be updated.
Or, you installed a broken postfix RPM that doesn't provide smtpdaemon, so the installer saw there's no smtpdaemon and resolved that dependency by installing sendmail.
Actually it's not quite the same.
What's the last time you downloaded a free update from Windows NT 4.0 to Windows 2000? If you need to update to Red Hat Linux 6.2, just go to ftp.redhat.com. We don't force anyone to buy anything.
Also, the issue is definitely not a bug. It's a questionable preconfiguration (enabling everything by default). How would you want to "fix" older versions? Re-Release 5.2 with a different installer?
For real problems (bind rootshell exploit), Red Hat has issued updated RPMs for versions down to 4.2.
As for bug reporting, nobody (including both Red Hat and Microsoft) can fix bugs/add changes they aren't aware of. Reporting a bug is always a good idea.
The difference here is that, last time I checked, Microsoft didn't even have the beginnings of a bug reporting system. That's part of why they never get some trivial bugs fixed.
Most Linux distributors do have a working bug reporting system - and most bugs reported there WILL get fixed (or at least you'll get the reasons why they won't be fixed).
I wouldn't condemn Microsoft for telling their users to report bugs (if they had a bug tracking system) - actually that would be a good idea.
They are not really bugs, but our bugzilla has an option to report enhancements.
Just because something has been a certain way forever doesn't mean it's the right way. (And of course we always have the option to just add the comment "we won't do this because it's not a good idea" and close the bug report).
As for sawmill, we're now including it in the main distrib; the default window manager depends on the desktop environment you choose.
I found it quite unsettling how much work it takes just to get a standard Red Hat 6.1 install to have decent security
/usr/local/bin in PATH</I>
t these bugs</a>? We're always glad to be told about problems so we can fix them.
This is fixed in 6.2. Have a look at the current beta. We're now disabling all questionable services by default.
Also, the servers and clients are now separate packages so you don't need to install a finger server just to do a finger @finger.kernel.org.
<I>Are they EVER going to put
Yes. 6.2. Look at the beta.
<I>some of the stuff they do is so brain-dead</I>
So why don't you <a href="http://bugzilla.redhat.com/bugzilla/">repor
Especially when you can even include a fix.
it seems like Mandrake is always a step ahead of Red Hat
;)
Not necessarily. It's always a matter of when a release is made.
Usually the one who made the last release is a steap ahead.
<I>if Red Hat acquires Mandrake, I'm honestly not sure if those type of innovations would continue</I>
I don't see this acquisition happening anytime soon (DISCLAIMER: I'm a programmer, not a business person. I don't know about future acquisition plans. I haven't said it won't happen, I haven't said it will.) - but even if it happened, innovations would go on.
Check out all the work Red Hat has been doing in the past (and is doing right now - have you seen the new configuration tools we're working on? Check Raw Hide).
Red Hat IS a place for innovation.
Just a correction - I've left Mandrake in September to join Red Hat.
To stop rumors before they start coming up:
My primary reason for joining Red Hat was getting the changes that (IMO) make sense to as many people as possible. People who decide to try Linux should get the best possible distribution right away... (Instead of getting a bad impression of Linux because of the flaws of one distribution)
Another reason was safety. With Red Hat Linux getting better all the time (and merging back changes from Mandrake), I don't know how long there's room for an extended version of Red Hat Linux.
It's not a "rat leaving the sinking ship" thing. There is nothing wrong with Mandrake. There's also nothing wrong with Red Hat and most other Linux distributions.
Please read the full press release.
The stuff will NOT be included in normal Red Hat Linux, but in the Enterprise edition (meaning the version that's recommended for using Oracle and SAP).
The normal version of Red Hat Linux is 99.9% opensource (Netscape being the only closedsource package), and will stay that way.
> IMO both nfs and coda are superior
How did you arrive at that conclusion?
I'm aware of the fact that there are problems with NFS - but the SMB protocol (as used by samba) can't even handle something simple like file permissions.
I still don't understand how Microsoft's additions constitute 'pollution' of Java
Java was designed to be cross-platform - write once, run everywhere.
Microsoft added some stuff that is definitely not cross-platform, and works on Microsoft operating systems only.
They did not clearly mark their incompatible modifications as such, and they even autogenerate non-portable code by default in J++.
Therefore, Microsoft basically killed one of the primary good points of Java with their products (So where's the advantage in using Microsoft Java over using C to write a tool, if it still will work on Windows only?) - it's what I'd call pollution.
Because the pre-compiled Red Hat is compiled for the lowest denomination CPU, you can't fairly compare out of hte box speeds to something like say, Mandrake, which is compiled for Pentiums
Not quite true.
The speed of the TCP/IP stack, which was the limiting factor here, is exclusively a kernel issue. Red Hat does ship i586 and i686 versions of the kernel.
Another problem is that they just weren't familiar with Red Hat Linux.
Among other things, they claim samba can be configured only through a "cryptic configuration file".
First of all, I wouldn't call smb.conf cryptic - second, Red Hat Linux includes both linuxconf and swat (samba web administration tool), both of which can be used as simple frontends for editing samba configuration.
Also, if samba is their *only* idea about filesharing (IMO both nfs and coda are superior), they must be joking.
And that's not the only inaccuracy...
Also, did anyone else notice when Windows 2000 failed miserably, they contacted Microsoft and tried to get it fixed while they did not bother to ask Red Hat or anyone else if there's really no frontend for samba configuration?
I wonder how much Microsoft paid for this.
That 530 message is not a real 530 message. They have posted it to fool you. [...] first you get back: 530-There are too many users ... but next you get back a real 530 message 530 Login incorrect
Which is just what the ftp server they're using does when there are too many users.
It first send some 530-Whatever-the-admin-puts, then a 530 Login incorrect.
This is perfectly valid according to the RFCs, as long as all but the last line have a "-" after the 530.
I wrote the server program they're using, so rest assured I know how it behaves.
It's entirely possible, though, that they set a limit of 1 user and they have that one permitted connection opened for themselves - I can't get in either.
Why would a potential underwriter share the information about the complaint with the company?
To get their view on it?
I'd do that (without mentioning his name though).
It's always best to get the opinion from both sides, and maybe some neutral parties, before making a decision.
Most of the legal correspondence I've seen is certainly more format [...] seems to be an inflammatory statement
This was IMO an attempt to scare him of, not really a legal document.
I don't know, if I were their lawyer (I'm not a lawyer though), I might have done the same to imply "Hi, we don't really want a lawsuit, we'd prefer an informal solution (just shut up!), but I'm a lawyer, so if you don't want to comply, we can get formal about it!"
The only odd thing about it is the hotmail address...
They know their product sucks - they aren't using it on their server. /etc/issue.net of Red Hat Linux 6.0 when you tried to telnet in. :)
The server is running Apache 1.3.11 (they're shipping 1.3.6), and a couple of days ago (before they blocked the telnet port), you got the
"Oh no! They used Redhat's distro, and removed reference to Redhat in the installer". The GPL allows that, no?
;)
Not really. We aren't talking about code changes here (code changes are perfectly ok), we're talking about COPYRIGHT changes.
s/(c) 1998 Red Hat/(c) 2000 LinuxOne/g is definitely NOT a change that is ok.
What the Mandrake people were doing in their 6.0 and 6.1 versions (Leave the Red Hat copyright in, adn add their own, along with some changes to the installer) is ok.
I just wonder if we really want them to acknowledge our copyright - after all "Oh, LinuxOne is (c) Red Hat. LinuxOne sucks, so Red Hat sucks."
Ok, merge this with all known root shell exploits and you have a real virus (that can infect the system if the user isn't stupid enough to run something unchecked as root) - if you do that, though, it'll be so large that the size difference becomes really noticable. (Wait, why is that 3-line shell script I just wrote 72 kB?)
A long long time ago, videogames were usually written by one person
;) ), so if I gave it a try, it might be a nice game, but it would look so horrible that nobody would really enjoy it.
... - but all the people's individual qualitites added up give us the possibility to get something done.
This was IMO not necessarily a good thing - not everyone is good at everything.
For example, I'd think I could write a game engine and decide about gameplay - but I'm horrible with graphics (the fact that I'm spending 99.9% of my time on the console and writing this with lynx should give you an impression
Today, the games are developed by teams of people, sometimes past 100 members. There are programmers, artists, marketeers, and even people whose job it is to do nothing but manage the aforementioned people
Leave out the marketeers and managers, and you have a system that works.
We're trying to do just that over at the Free Film Project - and from my experience there, I can say that we have some people who are excellent programmers, but who couldn't write a script, then we have script writers who couldn't even think of designing starship models,
Does that prevent it from being a work of art?
I don't think so.
> The only affect should be on commercial
...) to the distributions.
> (closed source) code within the USA
Not exactly. Linux distributors in the USA will finally be allowed to add stuff using RSA (ssh,
Along with the slightly improved export restrictions, this can be a real gain.