|
Softpanorama
(slightly skeptical)
Open Source Software Educational Society |
May the
source be with you,
but remember the KISS principle ;-)
|
Red Hat Linux Enterprise and Oracle Unbreakable Linux
Red Hat exists in several incarnations:
-
RHEL
-
Oracle Unbreakable Linux. For all practical
purposes identical to RHEL Oracle supplies YAST as a management tool which is
a standard administration tool in Suse.
-
CentoOS. A community supported distribution
-
Fedora -- beta version of RHEL
Red Hat has released Enterprise Linux 5 with integrated
virtualization. The current version of RHEL is 5.2. Here is the
Red Hat Enterprise Linux 5.2 Deployment Guide
Release note for
Red Hat Enterprise Linux 5.2 state the following:
Some updates on Red Hat Enterprise Linux 5.2 may not appear in this version
of the Release_Notes. An updated version may also be available at the following
URL:
http://www.redhat.com/docs/manuals/enterprise/
Feature Updates
- Systemtap
- Systemtap is a GPL-based infrastructure which
simplifies information gathering on a running Linux system. This assists in
diagnosis of performance or functional problems. With
systemtap, the tedious and disruptive "instrument, recompile, install,
and reboot" sequence is no longer needed to collect diagnostic data.
Systemtap is now fully supported. For more information refer to
http://sources.redhat.com/systemtap.
- iSNS-utils
- The Internet storage name service for Linux (
isns-utils)
is now supported. This allows you to register iSCSI and iFCP storage devices
on the network. isns-utils allows dynamic discovery
of available storage targets through storage initiators.
isns-utils provides intelligent storage discovery
and management services comparable to those found in fibre-channel networks.
This allows an IP network to function in a similar capacity to a storage area
network.
With its ability to emulate fibre-channel fabric services,
isns-utils allows for seamless integration of IP
and fibre-channel networks. In addition, isns-utils
also provides utilities for managing both iSCSI and fibre-channel devices within
the network.
For more information about isns-utils specifications,
refer to http://tools.ietf.org/html/rfc4171.
For usage instructions, refer to /usr/share/docs/isns-utils-[version]/README
and /usr/share/docs/isns-utils-[version]/README.redhat.setup.
- rsyslog
rsyslog is an enhanced multi-threaded
syslogd daemon that supports the following (among
others):
- MySQL
- syslog/tcp
- RFC 3195
- permitted sender lists
- filtering on any message part
- more granular output format control
rsyslog is compatible with the stock
sysklogd, and can be used as a replacement in most
cases. Its advanced features make it suitable for enterprise-class, encrypted
syslog relay chains; at the same time, its user-friendly
interface is designed to make setup easy for novice users.
For more information about rsyslog, refer to
http://www.rsyslog.com/.
- Openswan
- Openswan is a free implementation of
Internet Protocol Security (IPsec) and
Internet Key Exchange (IKE) for Linux. IPsec uses
strong cryptography to provide authentication and encryption services. These
services allow you to build secure tunnels through untrusted networks. Everything
passing through the untrusted network is encrypted by the IPsec gateway machine
and decrypted by the gateway at the other end of the tunnel. The resulting tunnel
is a virtual private network (VPN).
This release of Openswan supports IKEv2 (RFC 4306, 4718) and contains an
IKE2 daemon that conforms to IETF RFCs. For more information about Openswan,
refer to http://www.openswan.org/.
- Evolution
- The Evolution update for this release
now features the following enhancements (among others):
- Bogofilter compatibility for
filtering junk mail.
- An option to receive pop-up notifications for new mail.
- Improved performance for downloading messages from a Microsoft Exchange™
server.
- A setup assistant to guide you through both backing up and restoring
data and settings.
- Thunderbird
- Thunderbird has been updated to version
2.0.0.12. This update applies the following features (among others):
- Message tags, which help organize email.
- Built-in support for Google Mail and .Mac mail.
- Find-as-you-type, which highlights and
filters message text as you type.
- An updated extension system, which provides enhanced security and
allows easier extension localization.
For more information about this update, refer to
http://www.mozilla.com/en-US/thunderbird/2.0.0.0/releasenotes/.
- Password Hashing Using SHA-256/SHA-512
- Password hashing using the SHA-256 and SHA-512 hash functions is now supported.
To switch to SHA-256 or SHA-512 on an installed system, run
authconfig --passalgo=sha256 --update or
authconfig --passalgo=sha512 --update. To configure
the hashing method through a GUI, use authconfig-gtk.
Existing user accounts will not be affected until their passwords are changed.
For newly installed systems, using SHA-256 or SHA-512 can be configured only
for kickstart installations. To do so, use the --passalgo=sha256
or --passalgo=sha512 options of the kickstart command
auth; also, remove the --enablemd5
option if present.
If your installation does not use kickstart, use authconfig
as described above. After installation, change all created passwords, including
the root password.
Appropriate options were also added to libuser,
pam, and shadow-utils
to support these password hashing algorithms. authconfig
configures necessary options automatically, so it is usually not necessary to
modify them manually:
- New values of the
crypt_style option
and new options for both hash_rounds_min
and hash_rounds_max are now supported in
the [defaults] section of
/etc/libuser.conf. For more information,
refer to man libuser.conf.
- New options
sha256,
sha512, and rounds
are now supported by the pam_unix PAM
module. For more information, refer to /usr/share/doc/pam-[pam
version]/txts/README.pam_unix.
- The following new options in
/etc/login.defs
are now supported by shadow-utils:
- OFED in comps.xml
- The group
OpenFabrics Enterprise Distribution
is now included in comps.xml. This group contains
components used for high-performance networking and clustering (for example,
InfiniBand and Remote Direct Memory Access).
Further, the Workstation group has been removed
from comps.xml in the Red Hat Enterprise Linux
5.2 Client version. This group only contained the openib
package, which is now part of the OpenFabrics Enterprise
Distribution group.
- system-config-netboot
system-config-netboot is now included in this
update. This is a GUI-based tool used for enabling, configuring, and disabling
network booting. It is also useful in configuring PXE-booting for network installations
and diskless clients. - openmpi
- In order to accommodate the use of compilers other than
gcc for specific applications that use
message passing interface (MPI), the following updates
have been applied to the openmpi and
lam packages:
Note that when upgrading to this release's version of
openmpi, you should migrate any default parameters
set for lam or openmpi
to /usr/lib(64)/lam/etc/ and
/usr/lib(64)/openmpi/[openmpi
version]-[compiler name]/etc/.
All configurations for either openmpi or
lam should be set in these directories.
- lvm2 Snapshot Volume Warning
lvm2 will now warn if a snapshot volume is
near its maximum capacity. However, this feature is not enabled by default.
To enable this feature, uncomment the following line in
/etc/lvm/lvm.conf:
snapshot_library = "libdevmapper-event-lvm2snapshot.so"
Ensure that the dmeventd section and its delimiters
({ }) are also uncommented.
-
- bash
bash has been updated to version 3.2. This
version fixes a number of outstanding bugs, most notably:
bash man page: updated to reflect the correct
behavior of special built-in commands (such as eval,
exec, and set.
In addition, the bash man page now includes
an explanation of the use of aliases in non-interactive scripts. - File descriptors now work as expected; in previous releases,
bash did not close file descriptors with two
or more digits.
- A bug in the way
bash handled certain multi-byte
strings is now fixed.
Note that with this update, the output of ulimit -a
has also changed from the Red Hat Enterprise Linux 5.1 version. This may cause
a problems with some automated scripts. If you have any scripts that use
ulimit -a output strings, you should revise them
accordingly.
Notes:
- This is a Spartan WHYFF (We Help
You For Free) site written by people for whom English
is not a native language.
Some amount of grammar and spelling errors should be
expected.
- The site contain some broken links
as it develops like a living tree...
Please try to use Google, Open directory,
etc. to find a replacement link (see
HOWTO search the WEB for details). We would appreciate
if you can
mail us a correct link.
|
|
|
|
Oracle+Sun has the power to seriously harm IBM. Solaris still has
the highest market share among proprietary Unixes. And AIX is only third
after HP-UX. Wonder if Solaris will
become Oracle's main development platform again.
Oracle is a top contributor to Linux and that might help to bridge the
gap in shell and packaging. Telecommunications and database administrators
always preferred Solaris over Linux.
Yahoo! Finance
Oracle Corp. snapped up computer server and software maker Sun Microsystems
Inc. for $7.4 billion Monday, trumping rival IBM Corp.'s attempt to
buy one of Silicon Valley's best known -- and most troubled -- companies.
... ... ...
Jonathan Schwartz, Sun's CEO, predicted the combination will create
a "systems and software powerhouse" that "redefines the industry, redrawing
the boundaries that have frustrated the industry's ability to solve."
Among other things, he predicted Oracle will be able to offer its customers
simpler computing solutions at less expensive prices by drawing upon
Sun's technology.
... ... ...
Yet Oracle says it can run Sun more efficiently. It expects the purchase
to add at least 15 cents per share to its adjusted earnings in the first
year after the deal closes. The company estimated Santa Clara, Calif.-based
Sun will contribute more than $1.5 billion to Oracle's adjusted profit
in the first year and more than $2 billion in the second year.If
Oracle can hit those targets, Sun would yield more profit than the combined
contributions of three other major acquisitions -- PeopleSoft Inc.,
Siebel Systems Inc. and BEA Systems -- that cost Oracle a total of more
than $25 billion.
A deal with Oracle might not be plagued by the same antitrust issues
that could have loomed over IBM and Sun, since there is significantly
less overlap between the two companies. Still, Oracle could be able
to use Sun's products to enhance its own software.
Oracle's main business is database software. Sun's Solaris operating
system is a leading platform for that software. The company also makes
"middleware," which allows business computing applications to work together.
Oracle's middleware is built on Sun's Java language and software.
Calling Java the "single most important software asset we have ever
acquired," Ellison predicted it would eventually help make Oracle's
middleware products generate as much revenue as its database line does.
Sun's takeover is a reminder that a few missteps and bad timing can
cause a star to come crashing down.
Sun was founded in 1982 by men who would become legendary Silicon
Valley figures: Andy Bechtolsheim, a graduate student whose computer
"workstation" for the Stanford University Network (SUN) led to the company's
first product; Bill Joy, whose work formed the basis for Sun's computer
operating system; and Stanford MBAs Vinod Khosla and Scott McNealy.
Sun was a pioneer in the concept of networked computing, the idea
that computers could do more when lots of them were linked together.
Sun's computers took off at universities and in the government, and
became part of the backbone of the early Internet. Then the 1990s boom
made Sun a star. It claimed to put "the dot in dot-com," considered
buying a struggling Apple Computer Inc. and saw its market value peak
around $200 billion.
Tabbed viewing was added
Adobe Reader 9.1 for Linux and Solaris x86 has been released today. Solaris x86 support was one of the most requested feature by users. As per the Reader team's announcement, this release includes the following major features: - Support for Tabbed Viewing (preview)
- Super fast launch, and better performance than previous releases
- Integration with Acrobat.com
- IPv6 support
- Enhanced support for PDF portfolios (preview)
The complete list is available here.
Adobe Reader 9.1 is now available for download and works on OpenSolaris, Solaris 10 and most modern Linux distributions such as Ubuntu 8.04, PCLinuxOS, Mandriva 2009, SLED 10, Mint Linux 6 and Fedora 10.
See also Sneak Preview of the
Tabbed Viewing interface in
Adobe Reader 9.x (on Ubuntu)
If you've ever typed a command at
the Linux shell prompt, you've probably already used
bash -- after all, it's the default command shell on
most modern GNU/Linux distributions.
The bash shell is the primary interface to the
Linux operating system -- it accepts, interprets and
executes your commands, and provides you with the
building blocks for shell scripting and automated
task execution.
Bash's unassuming exterior hides some very
powerful tools and shortcuts. If you're a heavy user
of the command line, these can save you a fair bit
of typing. This document outlines 10 of the most
useful tools:
- Easily recall previous commands
Bash keeps track of the commands you execute in a
history buffer, and allows you to recall previous
commands by cycling through them with the Up and
Down cursor keys. For even faster recall, "speed
search" previously-executed commands by typing the
first few letters of the command followed by the key
combination Ctrl-R; bash will then scan the command
history for matching commands and display them on
the console. Type Ctrl-R repeatedly to cycle through
the entire list of matching commands.
- Use command aliases
If you always run a command with the same set of
options, you can have bash create an alias for it.
This alias will incorporate the required options, so
that you don't need to remember them or manually
type them every time. For example, if you always run
ls with the -l option to obtain a detailed directory
listing, you can use this command:
bash> alias ls='ls -l'
To create an alias that automatically includes
the -l option. Once this alias has been created,
typing ls at the bash prompt will invoke the alias
and produce the ls -l output.
You can obtain a list of available aliases by
invoking alias without any arguments, and you can
delete an alias with unalias.
- Use filename auto-completion
Bash supports filename auto-completion at the
command prompt. To use this feature, type the first
few letters of the file name, followed by Tab. bash
will scan the current directory, as well as all
other directories in the search path, for matches to
that name. If a single match is found, bash will
automatically complete the filename for you. If
multiple matches are found, you will be prompted to
choose one.
- Use key shortcuts to efficiently edit the
command line
Bash supports a number of keyboard shortcuts for
command-line navigation and editing. The Ctrl-A key
shortcut moves the cursor to the beginning of the
command line, while the Ctrl-E shortcut moves the
cursor to the end of the command line. The Ctrl-W
shortcut deletes the word immediately before the
cursor, while the Ctrl-K shortcut deletes everything
immediately after the cursor. You can undo a
deletion with Ctrl-Y.
- Get automatic notification of new mail
You can configure bash to automatically notify
you of new mail, by setting the $MAILPATH variable
to point to your local mail spool. For example, the
command:
bash> MAILPATH='/var/spool/mail/john'
bash> export MAILPATH
Causes bash to print a notification on john's
console every time a new message is appended to
John's mail spool.
- Run tasks in the background
Bash lets you run one or more tasks in the
background, and selectively suspend or resume any of
the current tasks (or "jobs"). To run a task in the
background, add an ampersand (&) to the end of its
command line. Here's an example:
bash> tail -f /var/log/messages &
[1] 614
Each task backgrounded in this manner is assigned
a job ID, which is printed to the console. A task
can be brought back to the foreground with the
command fg jobnumber, where jobnumber
is the job ID of the task you wish to bring to the
foreground. Here's an example:
bash> fg 1
A list of active jobs can be obtained at any time
by typing jobs at the bash prompt.
- Quickly jump to frequently-used directories
You probably already know that the $PATH variable
lists bash's "search path" -- the directories it
will search when it can't find the requested file in
the current directory. However, bash also supports
the $CDPATH variable, which lists the directories
the cd command will look in when attempting to
change directories. To use this feature, assign a
directory list to the $CDPATH variable, as shown in
the example below:
bash> CDPATH='.:~:/usr/local/apache/htdocs:/disk1/backups'
bash> export CDPATH
Now, whenever you use the cd command, bash will
check all the directories in the $CDPATH list for
matches to the directory name.
- Perform calculations
Bash can perform simple arithmetic operations at
the command prompt. To use this feature, simply type
in the arithmetic expression you wish to evaluate at
the prompt within double parentheses, as illustrated
below. Bash will attempt to perform the calculation
and return the answer.
bash> echo $((16/2))
8
- Customise the shell prompt
You can customise the bash shell prompt to
display -- among other things -- the current
username and host name, the current time, the load
average and/or the current working directory. To do
this, alter the $PS1 variable, as below:
bash> PS1='\u@\h:\w \@> '
bash> export PS1
root@medusa:/tmp 03:01 PM>
This will display the name of the currently
logged-in user, the host name, the current working
directory and the current time at the shell prompt.
You can obtain a list of symbols understood by bash
from its manual page.
- Get context-specific help
Bash comes with help for all built-in commands.
To see a list of all built-in commands, type help.
To obtain help on a specific command, type help command, where
command is the command
you need help on. Here's an example:
bash> help alias
...some help text...
Obviously, you can obtain detailed help on the
bash shell by typing man bash at your command prompt
at any time.
Oracle Management
Pack For Linux
Description
Available
exclusively for
Oracle Unbreakable
Linux Basic and
Premier support
customers, the
Oracle Management
Pack for Linux
provides an
integrated and
cost-effective
solution for
complete Linux
server lifecycle
management. Based on
Oracle Enterprise
Manager 10g,
the Oracle
Management Pack for
Linux delivers
comprehensive
provisioning,
patching, monitoring
and administration
capabilities via a
single, web-based
user interface—the
Enterprise Manager
Console,
significantly
reducing the
complexity and cost
associated with
managing Linux
operating system
environments.
Using these rich
Linux management
features along with
the complete Oracle
Enterprise Manager
product set,
customers can take
advantage of
enterprise-scale
service level
management,
automated change and
configuration
management, and
comprehensive system
and application
performance
management.
There are several different rescue CDs out there, and they
all provide slightly different rescue environments. The
requirement here at Red Hat Academy is, perhaps
unsurprisingly, an intimate knowledge of how to use the Red
Hat Enterprise Linux (RHEL) 5 boot CD.
All these procedures should work exactly the same way
with Fedora and CentOS. As with any rescue environment, it
provides a set of useful tools; it also allows you to
configure your network interfaces. This can be helpful if
you have an NFS install tree to mount, or if you have an RPM
that was corrupted and needs to be replaced. There are LVM
tools for manipulating Logical Volumes, "fdisk" for
partitioning devices, and a number of other tools making up
a small but capable toolkit.
The Red Hat rescue environment provided by the first CD
or DVD can really come in handy in many situations. With it
you can solve boot problems, bypass forgotten GRUB
bootloader passwords, replace corrupted RPMs, and more. I
will go over some of the most important and common issues. I
also suggest reviewing a password recovery article written
by Suramya Tomar (http://linuxgazette.net/107/tomar.html)
that deals with recovering lost root passwords in a variety
of ways for different distributions. I will not be covering
that here since his article is a very good resource for
those problems.
Start by getting familiar with using GRUB and booting
into single user mode. After you learn to overcome and
repair a variety of boot problems, what initially appears to
be a non-bootable system may be fully recoverable. The best
way to get practice recovering non-bootable systems is by
using a non-production machine or a virtual machine and
trying out various scenarios. I used Michael Jang's book,
"Red Hat Certified Engineer Linux Study Guide", to review
non-booting scenarios and rehearse how to recover from
various situations. I would highly recommend getting
comfortable with recovering non-booting systems because
dealing with them in real life without any practice
beforehand can be very stressful. Many of these problems are
really easy to fix but only if you have had previous
experience and know the steps to take.
When you are troubleshooting a non-booting system, there
are certain things that you should be on the alert for. For
example, an error in /boot/grub/grub.conf,
/etc/fstab, or /etc/inittab can
cause the system to not boot properly; so can an overwritten
boot sector. In going through the process of troubleshooting
with the RHEL rescue environment, I'll point out some things
that may be of help in these situations.
Intel Intel Core i7 (Nehalem) processor is now supported. That increases
scalability for database loads. Nehalem is a quad-core, hyperthreaded 45nM processor.
Unaudited results showing gains of 1.7x for commercial applications and gains
up to 3.5x for high-performance technical computing applications compared to
the previous generation of Intel processors.
The Nehalem architecture has many
new features. According to Wikipedia the most significant changes from the
Core 2 include:
- The new
LGA 1366 socket is incompatible with earlier processors.
- On-die memory controller: the memory is directly connected to the processor.
- Three channel memory: each channel can support one or two
DDR3 DIMMs. Motherboards for Core i7 have four (3+1) or six
DIMM slots
instead of two or four, and DIMMs should be installed in sets of three,
not two.
- Support for
DDR3 only.
- No
ECC support.
- The
front side bus is replaced by
QuickPath interface. Motherboards must use a chipset that supports QuickPath.
- The following caches:
- 32
KB
L1 instruction and 32 KB L1 data cache per core
- 256 KB L2 cache (combined instruction and data) per core
- 8 MB L3 (combined instruction and data) "inclusive", shared by all
cores
- Single-die device: all four cores, the memory controller, and all cache
are on a single die.
- "Turbo Boost" technology allows all active cores to intelligently clock
themselves up in steps of 133
MHz over
the design clock rate as long as the CPU's predetermined thermal and electrical
requirements are still met.
- Re-implemented
Hyper-threading. Each of the four cores can process up to two threads
simultaneously, so the processor appears to the OS as eight CPUs. This feature
was present in the older
NetBurst architecture but was dropped in
Core.
- Only one QuickPath interface: not intended for multi-processor motherboards.
-
45nm process technology.
- 781M
transistors for the quad core version.
- Sophisticated power management can place an unused core in a zero-power
mode.
- Support for
SSE4.2 & SSE4.1
instruction sets.
And now, it seems, after ten years at the company, Cox is
leaving Red Hat:
I will be departing Red Hat mid January having handed in my notice. I'm
not going to be spending more time with the family, gardening or other such
wonderous things. I'm leaving on good terms and strongly supporting the work
Red Hat is doing.
I've been at Red Hat for ten years as contractor and employee and now have
an opportunity to get even closer to the low level stuff that interests me most.
Barring last minute glitches I shall be relocating to Intel (logically at least,
physically I'm not going anywhere) and still be working on Linux and free software
stuff.
I know some people will wonder what it means for Red Hat engineering. Red
Hat has a solid, world class, engineering team and my departure will have no
effect on their ability to deliver.
A lazy sysadmin is a good sysadmin. Time spent in finding more-efficient
shortcuts is time saved later on for that ongoing project of "reading the whole
of the internet", so try Juliet Kemp's 10 handy tips to make
your admin life easier...
- Cache your password with ssh-agent
- Speed up logins using Kerberos
- screen: detach to avoid repeat logins
- screen: connect multiple users
- Expand Bash's tab completion
- Automate your installations
- Roll out changes to multiple systems
- Automate Debian updates
- Sanely reboot a locked-up box
- Send commands to several PCs
September 9, 2008 | http://itmanagement.earthweb.com
A few weeks ago, when I
wrote that, "forced to choose, the average FOSS-based business is going
to choose business interests over FOSS [free and open source software] every
time," many people, including
Mathew Aslett and
Matt Assay,
politely accused me of being too cynical. Unhappily, you only have to look at
the relations between Red Hat and Fedora, the distribution Red Hat sponsors,
during the recent security crisis for evidence that I might be all too accurate.
That this evidence should come from Red Hat and Fedora is particularly dismaying.
Until last month, most observers would have described the Red Hat-Fedora relationship
as a model of how corporate and community interests could work together for
mutual benefit.
Although Fedora was initially dismissed as Red Hat's beta release when it
was first founded in 2003, in the last few years, it had developed laudatory
open processes and become increasingly independent of Red Hat. As Max Spevack,
the former chair of the Fedora Board, said in 2006, the Red Hat-Fedora relationship
seemed a "good example of how to have a project that serves the interests of
a company that also is valuable and gives value to community members."
Yet it seems that, faced with a problem, Red Hat moved to protect its corporate
interests at the expense of Fedora's interests and expectations as a community
-- and that Fedora leaders were as surprised by the response as the general
community.
Outline of a crisis
What happened last month is still unclear. My request a couple of weeks ago
to discuss events with Paul W. Frields, the current Fedora Chair, was answered
by a Red Hat publicist, who told me that the official statements on the crisis
were all that any one at Red Hat or Fedora was prepared to say in public --
a response so stereotypically corporate in its caution that it only emphasizes
the conflict of interests.
However, the
Fedora announcements mailing list gave the essentials. On August 14, Frields
sent out a notice that Fedora was "currently investigating an issue in the infrastructure
systems." He warned that the entire Fedora site might become temporarily unavailable
and warned that users should "not download or update any additional packages
on your Fedora systems." As might be expected, the cryptic nature of this corporate-sounding
announcement caused considerable curiosity, both within and without Fedora,
with most people wanting to know more.
A day later, Frield's name was on another notice, saying that the situation
was continuing, and pleading for Fedora users to be patient. A third notice
followed on August 19, announcing that some Fedora services were now available,
and providing the first real clue to what was happening when a new SSH fingerprint
was released.
It was only on August 22 that Frields was permitted to announce that, "Last
week we discovered that some Fedora servers were illegally accessed. The intrusion
into the servers was quickly discovered, and the servers were taken offline
. . . .One of the compromised Fedora servers was a system used for signing Fedora
packages. However, based on our efforts, we have high confidence that the intruder
was not able to capture the passphrase used to secure the Fedora package signing
key."
Since then, plans for changing security keys have been announced. However,
as of September 8, the crisis continues, with Fedora users still unable to get
security updates or bug-fixes. Three weeks without these services might seem
trivial to Windows users, but for Fedora users, like those of other GNU/Linux
distribution, many of whom are used to daily updates to their system, the crisis
amounts to a major disruption of service.
A conflict of cultures
From a corporate viewpoint, Red Hat's close-lipped reaction to the crisis
is understandable. Like any company based on free and open source software,
Red Hat derives its income from delivering services
to customers, and obviously its ability to deliver services is handicapped (if
not completely curtailed) when its servers are compromised. Under these circumstances,
the company's wish to proceed cautiously and with as little publicity as possible
is perfectly natural.
The problem is that, in moving to defend its own credibility, Red Hat has
neglected Fedora's. While secrecy about the crisis may be second nature to Red
Hat's legal counsel, the FOSS community expects openness.
In this respect, Red Hat's handling of the crisis could not contrast more
strongly with the reaction of the community-based Debian distribution when a
major security flaw was discovered in its
openssl package last May. In keeping with Debian's policy of openness, the
first public announcement followed hard on the discovery, and included an explanation
of the scope, what users could do, and the sites where users could find tools
and instructions for protecting themselves.
That's sad -- RHN was compromised due and some troyanised OpenSSH packages were
uploaded.
22nd August 2008
Last week Red Hat detected an intrusion on certain of its computer systems
and took immediate action. While the investigation into the intrusion is on-going,
our initial focus was to review and test the distribution channel we use with
our customers, Red Hat Network (RHN) and its associated security measures. Based
on these efforts, we remain highly confident that our systems and processes
prevented the intrusion from compromising RHN or the content distributed via
RHN and accordingly believe that customers who keep their systems updated using
Red Hat Network are not at risk. We are issuing this alert primarily for those
who may obtain Red Hat binary packages via channels other than those of official
Red Hat subscribers.
In connection with the incident, the intruder was able to get a small number
of OpenSSH packages relating only to Red Hat Enterprise Linux 4 (i386 and x86_64
architectures only) and Red Hat Enterprise Linux 5 (x86_64 architecture only)
signed. As a precautionary measure, we are releasing
an updated version
of these packages and have published a list
of the tampered packages and how to detect them.
To reiterate, our processes and efforts to date indicate that packages obtained
by Red Hat Enterprise Linux subscribers via Red Hat Network are not at risk.
We have provided a shell script which lists the
affected packages and can verify that none of them are installed on a system:
The script has a detached GPG signature from the Red Hat Security Response
Team (key) so you can
verify its integrity:
This script can be executed either as a non-root user or as root. To execute
the script after downloading it and saving it to your system, run the command:
bash ./openssh-blacklist-1.0.sh
If the script output includes any lines beginning with "ALERT" then a tampered
package has been installed on the system. Otherwise, if no tampered packages
were found, the script should produce only a single line of output beginning
with the word "PASS", as shown below:
bash ./openssh-blacklist-1.0.sh
PASS: no suspect packages were found on this system
The script can also check a set of packages by passing it a list of source
or binary RPM filenames. In this mode, a "PASS" or "ALERT" line will be printed
for each filename passed; for example:
bash ./openssh-blacklist-1.0.sh openssh-4.3p2-16.el5.i386.rpm
PASS: signature of package "openssh-4.3p2-16.el5.i386.rpm" not on blacklist
Red Hat customers who discover any tampered packages, need help with running
this script, or have any questions should log into the
Red Hat support website and file
a support ticket,
call their local
support center, or contact their Technical Account Manager.
This is new syslog daemon used by RHEL.
About: Rsyslog is an enhanced multi-threaded syslogd. Among others,
it offers support for on-demand disk buffering, reliable syslog over TCP, SSL,
TLS, and RELP, writing to databases (MySQL, PostgreSQL, Oracle, and many more),
email alerting, fully configurable output formats (including high-precision
timestamps), the ability to filter on any part of the syslog message, on-the-wire
message compression, and the ability to convert text files to syslog. It is
a drop-in replacement for stock syslogd and able to work with the same configuration
file syntax.
Changes: IPv6 addresses could not be specified in forwarding actions,
because they contain colons and the colon character was already used for some
other purpose. IPv6 addresses can now be specified inside of square brackets.
This is a recommended update for all v2-stable branch users.
Oracle claims that it continues to pick up users for its Linux offering
and now is set to add new clustering capabilities to the mix.
So how is Oracle doing with its Oracle Unbreakable Linux? Pretty well. According
to Monica Kumar, senior director Linux and open source product marketing at
Oracle, there are now 2,000 customers for Oracle's Linux. Those customers will
now be getting a bonus from Oracle: free clustering software.
Oracle's Clusterware software previously had only been available to Oracle's
Real Application Clusters (RAC) customers, but now will also be part of the
Unbreakable Linux support offering at no additional cost.
Clusterware is the core Oracle (NASDAQ: ORCL) software offering that enables
the grouping of individual servers together into a cluster system. Kumar explained
to InternetNews.com that the full RAC offering provides additional components
beyond just Clusterware that are useful for managing and deploying Oracle databases
on clusters.
The new offering for Linux users, however, does not necessarily replace the
need for RAC.
"We're not saying that this [Clusterware] replaces RAC," Kumar noted. "We
are taking it out of RAC for other general purpose uses as well. Clusterware
is general purpose software that is part of RAC but that isn't the full solution."
The Clusterware addition to the Oracle Unbreakable Linux support offering
is expected by Kumar to add further impetus for users to adopt Oracle's Linux
support program.
Oracle Unbreakable Linux was
first announced
in October 2006 and takes Red Hat's Enterprise Linux as a base. To date, Red
Hat has steadfastly denied on its quarterly investor calls that Oracle's Linux
offering has had any tangible impact on its customer base.
In 2007, Oracle and Red Hat both publicly
traded barbs
over Yahoo, which apparently is a customer of both Oracle's Unbreakable Linux
as well as Red Hat Enterprise Linux.
"We can't comment on them [Red Hat] and what they're saying," Kumar said.
"I can tell you that we're seeing a large number of Oracle customers who were
running on Linux before coming to Unbreakable Linux. It's difficult to say if
they're moving all of their Linux servers to Oracle or not."
That said, Kumar added that Linux customers are coming to Oracle for more
than just running Oracle on Linux, they're also coming with other application
loads as well.
"Since there are no migration issues we do see a lot of RHEL [Red Hat Enterprise
Linux] customers because it's easy for them to transition," Kumar claimed.
Ever since Oracle's Linux first appeared, Oracle has claimed that it was
fully compatible with RHEL and it's a claim that Kumar reiterated.
"In the beginning, people had questions about how does compatibility work,
but we have been able to address all those questions," Kumar said. "In the least
15 months, Oracle has proved that we're fully compatible and that we're not
here to fork Linux but to make it stronger."
Learn how to work with RBAC in SELinux, and see how the SELinux policy, kernel,
and userspace work together to enforce the RBAC and tie users to a type enforcement
policy.
The package also contain Solaris binary of
chpasswd clone, which is extremely
useful for mass changes of passwords in mixed corporate environments which along
with Linux and AIX (both have native chpasswd
implementation) include Solaris or other Unixes that does not have chpasswd
utility (HP-UX is another example in this category). Version 1.3.2 now
includes Solaris binary of chpasswd
which works on Solaris 9 and 10.
cgipaf is a combination of three CGI programs.
- passwd.cgi, which allow users to
update their password,
- viewmailcfg.cgi, which allows users
to view their current mail configuration,
- mailcfg.cgi, which updates the mail
configuration.
All programs use PAM for user authentication. It is possible to run a script
to update SAMBA passwords or NIS configuration when a password is changed. mailcfg.cgi
creates a .procmailrc in the user's home directory. A user with too many invalid
logins can be locked. The minimum and maximum UID can be set in the configuration
file, so you can specify a range of UIDs that are allowed to use cgipaf.
[Dec 21, 2007]
LXER interview with
John Hull - the manager of the Dell Linux engineering team
The original sales estimates for Ubuntu computers was around 1% of the
total sales, or about 20,000 systems annually. Have the expectations been met
so far? Will Dell ever release sales figures for Ubuntu systems?
The program so far is meeting expectations. Customers are certainly showing
their interest and buying systems preloaded with Ubuntu, but it certainly won't
overtake Microsoft Windows anytime soon. Dell has a policy not to release sales
numbers, so I don't expect us to make Ubuntu sales figures available publicly.
"When you take them out of the big buildings, without the imprimatur of Hewlett-Packard,
IBM and Oracle, or HP around them, they just didn't hold up."
Szulik, who took over as CEO from Bob
Young in 1999 just a few months
after its initial public offering, said
he's stepping down because of family
health issues.
"For the last nine months, I've struggled
with health issues in my family," and
that priority couldn't be balanced with
work, Szulik said in an interview. "This
job requires a 7x24, 110 percent commitment."
Szulik, who remains chairman of the
board, praised Whitehurst in a statement,
saying he's a "hands-on guy who will
be a strong cultural fit at Red Hat"
and "a talented executive who has successfully
led a global technology-focused organization
at Delta."
On a conference call, Szulik said
Whitehurst stood "head and shoulders"
above other candidates interviewed in
a recruiting process.
He was a
programmer earlier in his career and
runs four versions of Linux at home,
he said.
Moreover, Szulik said he wasn't satisfied
with more traditional tech executives
who were interviewed.
"What we encountered was in many
cases was a lack of understanding of
open-source software development and
of our model," he said. During the interview,
he added about the tech industry candidates,
"When you take them out of the big buildings,
without the imprimatur of Hewlett-Packard,
IBM and Oracle, or HP around them, they
just didn't hold up."
The surprise move was announced as
the leading Linux seller announced results
for its third quarter of fiscal 2008.
Its revenue increased 28 percent to
$135.4 million and net income went up
12 percent to $20.3 million, or 10 cents
per share. The company also raised estimates
for full-year results to revenue of
$521 million to $523 million and earnings
of about 70 cents per share.
.. In fact, Coekaerts has to say this often because Oracle is widely viewed
as an opportunistic supporter of Linux, taking Red Hat's product, stripping
out its trademarks, and offering it as its own. Coekaerts says what's more important
is that Oracle is a contributor to Linux. It contributed the cluster file system
and hasn't really generated a competing distribution.
Yet, in some cases, there is an Oracle distribution. Most customers Coekaerts
deals with get their Linux from Red Hat and then ask for Oracle's technical
support in connection with the Oracle database. But Oracle has been asked often
enough to supply Linux with its applications or database that it makes available
a version of Red Hat Enterprise Linux, with the Red Hat logos and labels stripped
out. Oracle's version of Linux has a "cute" penguin inserted and is optimized
to work with Oracle database applications. It may also have a few Oracle-added
"bug fixes," Coekaerts says.
The bug fixes, however, lead to confusion about Coekaert's relatively simple
formulation of Oracle enterprise support, not an Oracle fork. And that confusion
stems from Oracle CEO Larry Ellison's
attention-getting way of introducing Unbreakable Linux at the October 2006
Oracle OpenWorld.
When enterprise customers call with a problem, Oracle's technical support
finds the problem and supplies a fix. If it's a change in the Linux kernel,
the customer would normally have to wait for the fix to be submitted to kernel
maintainers for review, get merged into the kernel, and then get included in
an updated version of an enterprise edition from Red Hat or Novell. Such a process
can take up to two years, observers inside and outside the kernel process say.
The pace of bug fixes "is the most serious problem facing the Linux community
today," Ellison explained during an Oracle OpenWorld keynote a year ago.
When Oracle's Linux technical support team has a fix, it gives that fix to
the customer without waiting for Red Hat's uptake or the kernel process itself,
Ellison said.
Red Hat's Berman argues that when it comes to the size of the problem, Oracle
makes too much of too little.
When Red Hat learns of bugs, it retrofits the fixes into its current and
older versions of Red Hat Enterprise Linux. That's one of Red Hat's main engineering
investments in Linux, Berman said in an interview.
Coekaerts responds, "There are disagreements on what is considered critical
by the distribution vendors and us or our customers."
Berman acknowledges that several judgment calls are involved. Some bugs affect
only a few enterprise customers. They may apply to an old RHEL version. "Three or
four times a year" a proposed fix may not be deemed important enough to undergo
this retrofit, he says.
But Coekaerts told InformationWeek: "Oracle customers encounter this problem
more than three or four times a year. I cannot give a number, it tends to vary.
But it does happen rather frequently."
Berman counters that when Oracle changes Red Hat's tested code with its own bug
fixes, it breaks the certification that Red Hat offers on its distribution, so it's
no longer guaranteed to work with other software. "Oracle claims they will patch
things for a customer. That's a fork," he says.
What Red Hat calls a fork is what Oracle calls a "one-off fix to customers at
the time of the problem. … If the customer runs version 5 but Red Hat is at version
8, and the customer runs into a bug, does he want to go into [the next release with
a fix] version 9? Likely not. He wants to minimize the amount of change. Oracle
will fix the customer's problem in version 5…" Coekaerts says.
I think it's fair to characterize what Oracle does as technical support, not
a fork. There's no attempt to sustain the aberration through a succession of Linux
kernels offered to the general public as an alternative to the mainstream kernel.
But the Oracle/Red Hat debate defines a gray area in a fast-moving kernel development
process. Bugs that affect many users get addressed through
the kernel process or the Red Hat and Novell (NSDQ:
NOVL) retrofits. That still may not always cover a problem for an individual
user or a set of users sitting on a particular piece of aging hardware or caught
in a specific hardware/software configuration.
If Oracle fixes some of these problems, I say more power to it.
But if they are problems that are isolated in nature or limited in scope, as
I suspect they are, that makes them something less than Ellison's "most serious
problem facing the Linux community today."
Ellison needed air cover to take Red Hat's product and do what he wanted with it.
In the long run, he's probably increasing the use of Linux in the enterprise and
keeping Red Hat on its toes as a support organization. That's less benefit than
claimed, but still something.
Oracle Enterprise Linux became more compatible with Suse
Yet Another Setup Tool. Yast helps make system administration
easier by providing a single utility for configuring and maintaining Linux systems.
The version of Yast available
here is modified to
work with all Enterprise Linux distributions including Enterprise Linux and
SuSE.
Special note to
Oracle
Management Pack for Linux users:
Oracle hasn't "talked about how our Linux is better than anyone else's Linux.
Oracle has not forked and has no desire to fork Red Hat Enterprise Linux and
maintain its own version. We don't differentiate on the distribution because
we use source code provided by Red Hat to produce Oracle Enterprise Linux and
errata. We don't care whether you run Red Hat Enterprise Linux or Enterprise
Linux from Oracle and we'll support you in either case because the two are fully
binary- and source-compatible. Instead, we focus on the nature and the quality
of our support and the way we test Linux using real-world test cases and workloads."
data=writeback While the writeback option
provides lower data consistency guarantees than the journal or ordered modes,
some applications show very significant speed improvement
when it is used. For example, speed improvements can be seen
when heavy synchronous writes are performed, or when applications create and
delete large volumes of small files, such as delivering a large flow of short
email messages. The results of the testing effort described in Chapter 3 illustrate
this topic.
When the writeback option is used, data consistency is similar to that provided
by the ext2 file system. However, file system integrity is maintained continuously
during normal operation in the ext3 file system.
In the event of a power failure or system crash, the file system may not
be recoverable if a significant portion of data was held only in system memory
and not on permanent storage. In this case, the filesystem must be recreated
from backups. Often, changes made since the file system was last backed up are
inevitably lost.
August 7, 2007 |
KernelTrapSubmitted by
Jeremy on August 7, 2007 - 9:26am.
In a recent lkml thread, Linus Torvalds was involved in a discussion about mounting
filesystems with the noatime option for better performance,
"'noatime,data=writeback' will quite likely be *quite*
noticeable (with different effects for different loads), but almost nobody actually
runs that way."
He noted that he set O_NOATIME when writing git, "and
it was an absolutely huge time-saver for the case of not having 'noatime' in
the mount options. Certainly more than your estimated 10% under some loads."
The discussion then looked at using the
relatime
mount option to improve the situation, "relative atime only updates the atime
if the previous atime is older than the mtime or ctime. Like noatime, but useful
for applications like mutt that need to know when a file has been read since it
was last modified."
Ingo Molnar stressed the significance of fixing this performance issue, "I
cannot over-emphasize how much of a deal it is in practice.
Atime updates are by far the biggest IO performance deficiency
that Linux has today. Getting rid of atime updates would give us more everyday Linux
performance than all the pagecache speedups of the past 10 years, _combined_."
He submitted some patches to improve relatime, and noted
about atime:
"It's also perhaps the most stupid Unix design
idea of all times. Unix is really nice and well done, but think about this a
bit: 'For every file that is read from the disk, lets do a ... write to the
disk! And, for every file that is already cached and which we read from the
cache ... do a write to the disk!'"
31 Jul 2007 | www.ibm.com/developerworks
If you manage systems and networks, you need Expect.
More precisely, why would you want to be without Expect? It saves hours common
tasks otherwise demand. Even if you already depend on Expect, though, you might
not be aware of the capabilities described below.
Expect automates command-line interactions
You don't have to understand all of Expect to begin profiting from the tool;
let's start with a concrete example of how Expect can simplify your work on
AIX® or other operating systems:
Suppose you have logins on several UNIX® or UNIX-like hosts and you need
to change the passwords of these accounts, but the accounts are not synchronized
by Network Information Service (NIS), Lightweight Directory Access Protocol
(LDAP), or some other mechanism that recognizes you're the same person logging
in on each machine. Logging in to a specific host and running the appropriate
passwd command doesn't take long—probably only a minute, in most
cases. And you must log in "by hand," right, because there's no way to
script your password?
Wrong. In fact, the standard Expect distribution (full distribution) includes
a command-line tool (and a manual page describing its use!) that precisely takes
over this chore. passmass (see Resources)
is a short script written in Expect that makes it as easy to change passwords
on twenty machines as on one. Rather than retyping the same password over and
over, you can launch passmass once and let your desktop computer
take care of updating each individual host. You save yourself enough time to
get a bit of fresh air, and multiple opportunities for the frustration of mistyping
something you've already entered.
The limits of Expect
This passmass application is an excellent model—it illustrates
many of Expect's general properties:
- It's a great return on investment: The utility is already written, freely
downloadable, easy to install and use, and saves time and effort.
- Its contribution is "superficial," in some sense. If everything were
"by the book"—if you had NIS or some other domain authentication or single
sign-on system in place—or even if login could be scripted, there'd be no
need for
passmass. The world isn't polished that way, though,
and Expect is very handy for grabbing on to all sorts of sharp edges that
remain. Maybe Expect will help you create enough free time to rationalize
your configuration so that you no longer need Expect. In the meantime, take
advantage of it.
- As distributed,
passmass only logs in by way of telnet,
rlogin, or slogin. I hope all current developerWorks
readers have abandoned these protocols for ssh, which
passmasss does not fully support.
- On the other hand, almost everything having to do with Expect is clearly
written and freely available. It only takes three simple lines (at most)
to enhance
passmass to respect ssh and other options.
You probably know enough already to begin to write or modify your own Expect
tools. As it turns out, the passmass distribution actually includes
code to log in by means of ssh, but omits the command-line parsing
to reach that code. Here's one way you might modify the distribution source
to put ssh on the same footing as telnet and the other
protocols:
Listing 1. Modified passmass fragment that accepts the
-ssh argument
...
} "-rlogin" {
set login "rlogin"
continue
} "-slogin" {
set login "slogin"
continue
} "-ssh" {
set login "ssh"
continue
} "-telnet" {
set login "telnet"
continue
...
In my own code, I actually factor out more of this "boilerplate." For now,
though, this cascade of tests, in the vicinity of line #100 of passmass,
gives a good idea of Expect's readability. There's no deep programming here—no
need for object-orientation, monadic application, co-routines, or other subtleties.
You just ask the computer to take over typing you usually do for yourself. As
it happens, this small step represents many minutes or hours of human effort
saved.
[Jul 30, 2007] Due to problems on high loads in Linux
2.6.23 kernel the Linux kernel process scheduler has been completely ripped out
and replaced with a completely new one called Completely Fair Scheduler (CFS)
modeled after Solaris 10 scheduler.
This is will not affect the current Linux distributions (Suse 9, 10 and RHEL
4.x) as they forked the kernel and essentially develop it as a separate tree.
But it will affect any future Red Hat or Suse distribution (Suse 11 and RHEL
6 respectively).
How it will fair in comparison with Solaris 10 remains to be seen:
The main idea of CFS's design can be summed up in a single sentence: CFS
basically models an "ideal, precise multi-tasking CPU" on real hardware.
Ideal multi-tasking CPU" is a (non-existent) CPU that has 100% physical power
and which can run each task at precise equal speed, in parallel, each at 1/n
running speed. For example: if there are 2 tasks running then it runs each at
exactly 50% speed.
Of course if you go with a cloned
RHEL, while you get the code goodies, you don't get Red Hat's support. Various
Red Hat clone distributions, such StartCom AS-5,
CentOS, and
White Box Enterprise
Linux, are built from Red Hat's source code, which is freely available
at the Raleigh, NC company's
FTP
site. The "cloned" versions alter or otherwise remove non-free packages
within the RHEL distribution, or non-redistributable bits such as the Red Hat
logo.
StartCom Enterprise Linux AS-5 is specifically positioned as a low-cost, server
alternative to RHEL 5. This is typical of the RHEL clones.
These distributions, which usually don't offer support options, are meant for
expert Linux users who want Red Hat's Linux distribution, but
don't feel the need for Red Hat's support.
With RHEL 5, Red Hat has shuffled its SKUs around a bit—what had previously
been the entry-level ES server version is now just called Red Hat Enterprise
Linux. This version is limited to two CPU sockets, and is priced, per year,
at $349 for a basic support plan, $799 for a standard support plan and $1,299
for a premium support plan.
This version comes with an allowance for running up to four guest instances
of RHEL. You can run more than that, as well as other
operating systems, but only four get updates from, and may be managed through,
RHN (Red Hat Network). We thought it was interesting how RHN recognized the
difference between guests and hosts on its own and tracked our entitlements
accordingly.
What had been the higher-end, AS version of RHEL is now called Red Hat Enterprise
Linux Advanced Platform. This version lacks arbitrary hardware limitations and
allows for an unlimited number of RHEL guest instances per host. RHEL's Advanced
Platform edition is priced, per year, at $1,499 with a standard support plan
and $2,499 with a premium plan.
There is more to Red Hat Enterprise Linux 5 (RHEL5) than Xen. I, for one, think
people will develop a real taste for
YUM (Yellow dog Updater Modified),
an automatic update and package installer/remover for RPM systems.
YUM has already been used in the last few Fedora Core releases, but RHEL4
uses the up2date package manager. RHEL5 will use YUM 3.0. Up2date is used as
a wrapper around YUM in RHEL5. Third-party code repositories, prepared directories
or websites that contain software packages and index files, will also make use
of the Anaconda-YUM combination.
|
... ... ...
Using YUM makes it much easier to maintain groups of machines without having
to manually update each one using RPM. Some of its features include:
- Multiple repositories
- Simple config file
- Correct dependency calculation
- Fast operation
- RPM-consistent behavior
- comps.xml group support, including multiple repository groups
- Simple interface
RHEL5 moves the entire stack of tools which install and update software to
YUM. This includes everything from the initial install (through Anaconda) to
host-based software management tools, like system-config-packages, to even the
updating of your system via Red Hat Network (RHN). New functionality will include
the ability to use a YUM repository to supplement the packages provided with
your in-house software, as well as plugins to provide additional behavior tweaks.
YUM automatically locates and obtains the correct RPM packages from repositories.
It frees you from having to manually find and install new applications or updates.
You can use one single command to update all system software, or search for
new software by specifying criteria.
|
(SeekingAlpha) Eric Savitz submits: Red Hat customers are mulling their
options. But they can be bought.
That’s one of the takeaways from a fascinating report today from
Pacific Crest’s Brendan Barnicle based on a survey he did of 118 enterprise
operating system buyers, including 86 Red Hat support customers. The goal of
the survey was to see how Linux users are responding to the new offerings from
Oracle (ORCL)
and the Microsoft (MSFT)/Novell
(NOVL)
partnership.
Reading the results of the study, you reach several conclusions. One,
most customers are seriously considering the new offerings. Two,
Red Hat can hold on to most of them, if they are willing to cut prices far enough.
And three, customers seem a little more interested in the Microsoft/Novell
offerings than those from Oracle.Here are a few details:
- Asked whether they would consider switching from their current Linux
support provider to Oracle, 26% said they definitely would not; 29% said
they definitely would consider it. For Microsoft/Novell, 17% would definitely
not consider switching, 27% definitely would consider it.
- Asked who they would chose as a provider if they were to switch Linux
support, 29% of Red Hat customers named Microsoft/Novell; 20% named Oracle.
- The survey asked, what price discount would your current provide have
to offer to keep you as a customer. Among Red Hat customers, 31% said they
would need a discount of 50%-74%; 37% said they want a discount of 25%-49%;
27% said they would stay for a discount of 1%-24%.
- The survey asked, how important would a discount be in order to keep
you as a customer? Among Red Hat customers, 64% said “very important.” Just
3% said “not at all important.”
We have suffered from that image in the past. And
some of our competitors have played up the fact
that the JBoss guys are behaving like a sect. When, in fact,
if you look at the composition of our community, we have an order of magnitude
more committers than our direct
open-source competitors.
But the perception is still there.
Bull even said something about that perception. And we'd been thinking about
opening up the governance. So when Bull provided us with a great study case,
we decided to put the pedal to the metal. But make no mistake this is not going
to be a free-for-all. We care a lot about the quality of what gets committed.
We invest very heavily in all our projects. We're serious about this so we expect
the same level of seriousness from our collaborators.
There is going to be a hybrid model where there is an opening up of
the governance. In terms of code contributions it's always been there. But now
it's been made explicit instead of implicit and open to attacks of "closedness."
JBoss has always been an open community, but we've
hired most of our primary committers.
Well, you seem more willing to compromise and evolve your stance on things.
Like SCA [Service Component Architecture]—initially you were against it, but
it seems like you've changed your mind.
Well, yeah, the specific SCA stance today is there is no reason for
us to be for or against it. If it plays out in the market, we'll support it.
And I think Mark Little [a JBoss core developer] said it very well that
the ESB implementations usually outlive standards.
So what you're seeing from us is mostly due to Mark Little's influence.
Mark has been around in the standards arena and has seen all these standards
come and go. So it's not about the standards, it's about our implementation
in support of all these standards. And it's not our place to be waging a standards
war. It's our place to implement and let the market decide and we'll follow
the market.
So where I'll agree with you is that it's less of a dogmatic position
in terms of perceived competition and more focus on what we do well, which is
implementations.
Another thing is JBoss four years ago was very much Marc Fleury and
the competitive stance against Sun and things like that. Today I don't do anything.
In fact, I actively stay out in terms of not getting in the way of my guys.
So it's both a sign of maturity and of a more diverse organization.
I'm representing more than leading the technical direction these days. And that's
a very good thing.
You said you approached David Heinemeier Hansson, the creator of Ruby
on Rails, to work at JBoss. What other types of developers are you interested
in hiring?
Yeah, we did approach him. There is a lot of talent around the Web
framework. One of the problems is it's a very fragmented community at a personal
level. You have one guy and his framework. Though, this is not the case with
Ruby on Rails. But there's a lot of innovation that's going on that would benefit
from unification under a bigger distribution umbrella and bigger R&D umbrella.
And I think JBoss/Red Hat is in a position to offer that. So we're always talking
about new guys.
One of the things I like to do is talk to the core developers and
say, "Where are you in terms of recruitment?" And we're talking to scripting
guys. I think scripting is the next frontier as
[Ruby on Rails] has showed. We have a unique opportunity of bringing
under one big branded umbrella a diverse group of folks that today are doing
excellent work, be it the scripting crowd, REST, Web framework, or the Faces,
or the guys integrating with Seam. All of the work we're doing is going to take
more people and we're always on the lookout for the right talent and the right
fit.
|
|
... The Red Hat Enterprise Linux 5 Beta 1 release contains
virtualization on the i386 and x86_64 architectures as well as a technology
preview for IA64.
... ... ...
Aside from Xen, Red Hat Enterprise Linux 5 Beta 1 features AutoFS and
iSCSI network storage support,
smart card integration, SELinux security,
clustering and a cluster
file system, Infiniband and RDMA support, and Kexec and Kdump, which replace
the current Diskdump and Netdump. Beta 1 also incorporates improvements to the
installation process, analysis and development tools SystemTap and Frysk, a
new driver model and enablers for stateless Linux.
The goal of this IBM Redbook is to provide a technical planning reference
for IT organizations large or small that are now considering a migration to
Linux-based personal computers. For Linux, there is a tremendous amount of “how
to” information available online that addresses specific and very technical
operating system configuration issues, platform-specific installation methods,
user interface customizations, etc. This book includes some technical “how to”
as well, but the overall focus of the content in this book is to walk the reader
through some of the important considerations and planning issues you could encounter
during a migration project. Within the context of a pre-existing Microsoft Windows-based
environment, we attempt to present a more holistic, end-to-end view of the technical
challenges and methods necessary to complete a successful migration to Linux-based
clients.
[Jun 24, 2004] Open Source Blog: Open Sourcery
by
Blane Warrene
I recently spent some time speaking with a popular
Yankee Group analyst who covers the enterprise sector in the US, focusing in
on open source and where the movement may go in the next few years.
Just to be clear, I differentiate, as most industry
watchers do, between Linux and open source. While Linux is open source, the
primary Linux distributors have caught on to how they need to position themselves
for success and are starting to run their businesses just as any proprietary
software company does.
Red Hat and SUSE make prime examples, realizing
the path to long term success and revenue streams resided in proving themselves
enterprise worthy to larger businesses and institutions, have shifted business
models or been acquired by organizations with roots in the enterprise.
Her views, while not always popular in the open
source community. are right on point if open source seeks widespread adoption
and a permanent seat at the table for longer term financial success.
There are a few obstacles open source proponents
need to accept and move forward on:
- It will be more costly for a company
to migrate away from Windows to Linux, even in light of slightly reduced
ongoing maintenance and improved security and uptime. While I have
not always agreed that the costs are higher, having migrated corporate systems
to Linux in the past, their research showed it to be true in many cases
-- especially when migrating beyond standard web hosting and email systems.
The costs are higher when factoring in re-certifying drivers, application
integrity and training.
- To truly become entrenched as a viable
financially-rewarding option (meaning open source companies make money and
create jobs), a shift toward commercial software models is necessary.
This does not mean forgoing open source, however, what it does mean is developing
a structure for development, distribution, patching and support that passes
muster with corporate IT managers who could be investing substantial amounts
of money in open source.
What it boils down to is that while open source
has definitely revolutionized software, and it is found internationally in companies
large and small, businesses still pick software because it provides a
solution not just because it is open source.
The fact that it is cheaper or free simply
means the user will save money, but this does not win the favor of those buyers
who could be injecting millions into open source projects rather than proprietary
software makers.
I would use Firebird as a model. In an interview
with Helen Borrie, forthcoming in my July column on SitePoint, she noted that
since many Fortune 500 companies are using an open source database like Firebird
speaks volumes to the maturing of their project and open source at large.
The reason as I see it, is due to the treatment
of Firebird like an enterprise scale proprietary software project. They have
a well managed developer community and active support lists, commercial offerings
for support through partnerships with several companies, and commercial development
projects for corporate clients.
If more open source projects looked at Borrie's
team model and discipline in development and support, we just might see more
penetration that attracts longer and more profitable contracts and work for
those like us in the SitePoint community.
(Post
a comment)
Comments
HP Throws Weight Behind MySQL,
JBoss
By
Clint Boulton
HP (Quote,
Chart) stepped up its commitment to open source software Monday by pledging
to offer and support the MySQL database server and JBoss application server
software in its servers.
The Palo Alto, Calif. systems vendor said it
has inked agreements with those open source purveyors to certify and support
MySQL and JBoss software on its servers.
Jeffrey Wade, manager of Linux Marketing Communications
at HP, said the certifications factor in the company's Linux reference architecture
is a software stack that covers everything from the hardware to the operating
system, drivers and management agents.
Deployed on HP ProLiant servers, the open source
Linux Reference Architectures are based on software from MySQL, JBoss, Apache,
and OpenLDAP. The company's commercial Linux Reference Architectures are based
on product from Oracle, BEA and SAP.
Both MySQL and JBoss will join the HP Partner
Program and receive joint testing and engineering support on HP's hardware systems.
Wade told internetnews.com the added
layer of MySQL and JBoss support addresses one of the largest concerns customers
have today in opting to pick open source technology over mainstay proprietary
products such as Microsoft (Quote,
Chart)Windows, Sun Microsystems' (Quote,
Chart) Solaris or UNIX.
"We can provide support for that entire solution
stack and we're also now giving our customers flexibility in choice and the
types of solutions they want to deploy whether that's a commercial or open source
application," Wade said.
Bob Bickel, vice president of strategy and corporate
development at JBoss, said commercial use remains somewhat constrained because
a CIO doesn't know whom they can turn to for support.
"They don't know who they can turn to for indemnification,"
Bickel told internetnews.com. "Yeah, it works great and it's cheap but
what happens in the middle of their big selling season if something goes down.
Who do they turn to and get it from. What HP's doing is taking an all encompassing
view of this with certification and testing."
Testing keeps customers from guessing what version
of a Java virtual machine, operating system, MySQL or JBoss product can all
work together in a guaranteed way, Bickel explained.
MySQL Vice President of Marketing Zack Urlocker
said companies such as Sabre are using an open source stack for business applications.
Partnering with HP, then, provides great validation for MySQL and JBoss software.
"A couple of years ago the big knock on open
source was that it might be good on the periphery or Web applications, but was
not quite ready for business critical applications," Urlocker told internetnews.com.
"Now, the No. 1 issues have been support. People who have had a lot of success
with Linux are now looking at how to use a whole open source stack."
The deal is truly symbiotic. While MySQL and
JBoss get backing from a technology driver such as HP, HP gets the added credibility
of being cozy with open source, a label many enterprises and HP rivals, such
as IBM (Quote,
Chart) and Dell (Quote,
Chart), are working toward.
Linux sales are trending tall regardless; according
to recent hardware server and database software studies from high-tech research
outfit Gartner.
Despite legal threats from SCO Group and competition
from Microsoft, Gartner
said Linux continued to be the growth powerhouse in the operating systems
server market, with a revenue increase of 57.3 percent in the first quarter
of 2004.
Gartner also
found that Linux siphoned market share from UNIX in the relational database
management system (RDBMS) market, a niche that grew 158 percent from $116 million
in new license revenue in 2002 to nearly $300 million in 2003.
In case of broken links
please try to use Google search. If you find the page please notify
us about new location
Red Hat 5.2 Enterprise
Linux Documentation
| Document |
Published |
PDF Download |
|
Software Package Manifest |
May 21, 2008 |
PDF |
|
Deployment Guide |
May 21, 2008 |
PDF |
|
Installation Guide |
May 21, 2008 |
PDF |
|
Virtualization Guide |
May 21, 2008 |
PDF |
|
Cluster Suite Overview |
May 21, 2008 |
PDF |
|
Cluster Administration |
May 21, 2008 |
PDF |
|
LVM Administrator's Guide |
May 21, 2008 |
PDF |
|
Global File System |
May 21, 2008 |
PDF |
|
Using GNBD with GFS |
May 21, 2008 |
PDF |
|
Linux Virtual Server Administration |
May 21, 2008 |
PDF |
|
Using Device-Mapper Multipath |
May 21, 2008 |
PDF |
| Tuning and Optimizing Red Hat Enterprise
Linux for Oracle 9i and 10g Databases |
Nov
PDF |
Building
Applications with the Linux Standard Base
RedHat Solaris to Linux porting guide
Solaris to Linux porting guide: Intel perspective
[PDF]
Migrating from Solaris to the Linux Standard Base
Oracle Migration from Solaris to Linux
Solaris to Linux migration guide
Redbook - Solaris to Linux Migration: A Guide for System Administrators
Guide to porting from Solaris to Linux on POWER
Guide to porting from Solaris to Linux on x86
Migration toolkits
-
redhat.com | Solaris Migration Center
-
developerWorks : Migration station: Linux track
-
Solaris Containers for Linux Applications
-
Porting and Migration Tools - DeveloperNet
- Migration From Linux
- Chapter 3, "Migrating From Linux to the Solaris Operating System" of
Migration Resource Guide (pdf):
This covers the similarities and differences between the two environments:
architecture, memory management, system calls. Also provides information
on the Linux and Solaris application development environments.
-
Inside OpenSolaris: Solaris Driver Programming: Author describes Solaris
device drivers in terms that a developer of Linux device drivers will understand.
Basically, the article attempts to answer the question, "A Linux driver
does xxx. How does the Solaris OS do it?"
-
Solaris-to-Linux transition toolsApplication transition - HP Dev Resource Central
The Solaris-to-Linux transition tools help you move your application from Solaris
8 on SUN SPARC to RedHat Enterprise Linux v3.0 or SUSE Linux ES 9.0. HP provides
three such tools to assist with your transition:
- Solaris-to-Linux
binaryScan: The Solaris-to-Linux
binaryScan utility is used during the planning phase of the
transition. binaryScan scans any dynamically linked executables
on the Solaris operating system and produces a report that highlights the
number and nature of compatibility issues with Linux. The database included
in binaryScan for the Solaris-to-Linux transition covers more
than 90 libraries and 14,000 APIs.
- Solaris-to-Linux Software Transition Kit (STK): Used
as a more detailed planning tool, as well as a guide through the porting
phase of the transition, the Solaris-to-Linux STK includes a software utility
which scans source code developed on the Solaris operating system, produces
a report that highlights the compatibility issues with Linux and provides
recommendation on how to resolve them. The Solaris-to-Linux STK includes
technical reference documents as well as more than 190 impact statements
offering detailed porting information on major libraries, including
libc, libsocket, libthread, and
libpthread.
-
Solaris-to-Linux Porting Kit (SLPK): As a complement to the
STK during the porting effort, the HP SLPK provides a migration environment
that includes header files and API implementations to address platform differences,
driver programs to allow use of Solaris development environment tool options
on Linux, and Solaris compatible
make utility on Linux.
Note: The use of the Solaris-to-Linux transition tools is restricted
to transitions to Linux on HP platforms. For information on how
to obtain these tools, contact your HP representatives and ask them to send
us a
feedback form, using the "Solaris-to-Linux" qualifyer in the subject
line.
Copyright © 1996-2008 by Dr. Nikolai Bezroukov.
www.softpanorama.org was
created as a service to the UN Sustainable Development Networking Programme (SDNP)
in the author free time.
Submit
comments This document is an industrial compilation designed and created
exclusively for educational use and is placed under the copyright of the
Open Content License(OPL).
Original materials copyright belong to respective owners. Quotes are made
for educational purposes only in compliance with the fair use doctrine.
Standard disclaimer:
- The statements, views and opinions presented on
this web page are those of the author and are not endorsed by, nor do they necessarily
reflect, the opinions of the author present and former employers, SDNP or any other
organization the author may be associated with.
- We do not warrant the correctness of the information provided or its
fitness for any purpose
- In no way this site is associated with or endorse cybersquatters
using
the term "softpanorama" with other main or country domains (e.g. softpanorama.com) with
bad faith intent to profit from the goodwill belonging to
someone else.
Last modified:
April 20, 2009
