Red Hat Advanced Server Gets DoD COE Certification 186
DaveAtFraud writes "CNET is reporting that Red Hat Advanced server has been certified as a 'Common Operating Environment' (COE) when running on an IBM server by the U.S. Department of Defense. Red Hat Advanced Server is the first version of Linux to receive this certification. The certification clears the way for broader use of Linux in governement computer systems. Its interesting to note that the certification effort was made for the more proprietary (and costlier) Red Hat Advanced Server and not the basic Red Hat distribution." This despite the best efforts of certain lobbyists.
Security? (Score:1)
Re:Security? (Score:5, Interesting)
Anyhow, all these distro's really have in common is the kernel code which makes them linux. The rest of the software (FTP, wm's, editors) bundled is up to the bundler. It is these choices that can make a distro more secure from another. EX: ssh v. telnet, std ftpd v. vsftpd, vi v. emacs (Sorry, I just had to ;-}) et al; The DOD is going to certify the whole bundle and not just individual pieces. Basically, they don't trust their admins (contractors mostly) to pick the right pieces on their own, so they will find a good bundle and certify that with special instructions.
Re:Security? (Score:5, Funny)
Thanks in advance.
Re:Security? (Score:1)
and
ftp://ftp.redhat.com/pub/redhat/linux/8.0/en/os/i3 86/RedHat/RPMS/emacs-21.2-18.i386.rpm
Re:Security? (Score:2)
Re:Security? (Score:3, Interesting)
As far as security goes, I doubt the government will worry much about the bundled software; they generally disable everything they're not interested in and install their own segments for the functionality they need. While that does mean that the production systems probably won't have my favorite applications (because they haven't been ported to DII COE segments), at least my development systems can have what I want and still closely match the production systems. Heck, I could even develop at home.
That said, getting *any* version of Linux certified is great for me. I expect most of the Solaris segments will run with very little modification, so my development environment can very closely match my production environment. An the performance benefits I get from running on x86 hardware -- not to mention cost benefits -- will be phenomenal. (Given the recent revelations concerning Java and Solaris, [slashdot.org] running under a different OS is welcome as well, since a large part of our software is affected.) I might even get to use bash! And vim! (And emacs, for the heathens. Or your editor of choice.) And gcc!
I expect Linux will win its place in the DII COE hierarchy, and sooner rather than later. In fact, at least one very important DII COE segment is already adding Linux support. My job is about to get a whole lot easier.
Re:Security? (Score:2)
That deal with all services being on by default is kinda misleading. The reason is that several steps later in the install you get a list of the possible startup services, most set on, and you can now deselect the ones you don't want running. If someone just blows by this very obvious screen, then yes, selected services will be running upon reboot.
Kinda hard to miss this screen however. I always turn off everything except sshd, postfix, and a few other nice services.
Re:Security? (Score:2)
It is more than just a security concern to become a Common Operating Environment. Coding custom applications is always risky business because the OS can be a moving target. Coding custom to Linux can be nightmarish because it is not "a floating target" but rather "multiple boagies". RH Advanced has a feature freeze to the distribution, every RHA Server has the same hooks and APIs as every other that more than anything is what did it for them. RH will not contact you next week and tell you that they changed their mind on the kernel version etc...instead in a year or so you might get RHA 2.0.
For development purposes this is good news.
Go read Part 11 from the FDA (Score:1, Informative)
The whole open-source model just don't fly.
The Notion (Score:1, Funny)
Of course they certify the expensive version (Score:5, Insightful)
Why is this even worth noting? Certification efforts aren't especially cheap. If you're going to expend time and resources getting a version of your product certified, why not put the effort into the version that is likeliest to generate enough revenue as a result of the certification to pay for the effort.
After all, while RedHat is in relatively good financial condition, it's not like they have around $40 billion in the bank (unlike some operating system companies). Certifying Advanced Server is a good use of limited resources.
That said, any government security certification is a Good Thing in the commercial marketplace, too - it helps when the engineers need to make a positive case to their PHB's, and gives one more "checklist item" that can get marked in their favor when comparing RH to other vendors.
Re:Of course they certify the expensive version (Score:5, Insightful)
Its interesting to note that the certification effort was made for the more proprietary (and costlier) Red Hat Advanced Server and not the basic Red Hat distribution
Yes, it costs more. But it's about the same as (or less than) support & licensing costs for "big UNIX" like Solaris.
I think it's incorrect to label RHAS as "proprietary". It's based on a Red Hat Linux boxed set, but I believe they bundle in software from partners.
Each release of RHAS has a longer lifecycle (something like 14-18 months) so you don't have to upgrade every 6 months when the new Red Hat Linux comes out. You do get a "stepped-up" version of their Red Hat Network support, which we currently use on their boxed sets to stay up to date with erratas.
Re:Of course they certify the expensive version (Score:2, Interesting)
Re:Of course they certify the expensive version (Score:3, Interesting)
Besides, last I checked Sun was hawking Linux.
Re:Of course they certify the expensive version (Score:2)
Having managed both environments for several years, I came to the conclusion that Linux in general has a broken development. RHAS will hopfully stabilize that. As for RH Linux, I like Slackware much better.
(but I already said what I think re. Solaris vs. Linux)
Re:Of course they certify the expensive version (Score:2)
Allow me to grovel a bit and take my lashings for doubting your experience. You get so many folks who bitch about the one time they installed it on their mom's old 486 and try to extrapolate out.
I too have some issues with RedHat. I personally don't use the graphical tools. I hack the config files with my own home rolled Tcl/Tk scripts. I just like having a stable and supported set of binaries to build on. That and what project these days doesn't put out a RedHat compadible RPM.
Where I run into trouble is downloading the source and compiling it. I must have 4 different copies of Tcl installed on my system between the Tcl that comes with Linux, the development version I compile myself to write extensions, the version ActiveState puts out, and the somewhat self-contained one that is bundled with Tcl/Tk. (Not to mention a few other applications.)
I have also managed to shoot myself in the foot with trying to do it myself on package management. I have an automation that downloads the patches, and distributes them to my linux cluster for installation. The problem is that a few of the patches have royally crufted my network.
I also have to apologize for confusing Solaris with SGI. I have a bunch of O2's that are gathering dust because they are obsolete and a bitch to keep running. We have a pair of Solaris boxes for our Weather system and I have rather liked working on them.
Re:Of course they certify the expensive version (Score:4, Informative)
Comparing that to Solaris, I have no idea where you pulled out the 11.5 year life cycle. According to Sun's web page, it's 5 years from last ship date. Reference this page: http://wwws.sun.com/software/solaris/fcc/lifecycle .html [sun.com]
I will admit that 5 years from last ship is greater than 5 years from initial ship, but there's no way in hell it's an 8.5 year delta like you're trying to claim.
Ya know, "gobs of system management tools" and "a kernel many tricks up it's[sic] sleeve" don't exactly add to much of a review :-). I believe I can honestly claim that Red Hat Linux Advanced Server has "gobs of system management tools" and "a kernel with many tricks up its sleeve". Of course, this claim holds true for Windows too.
How you got moderated to 2 on your post is beyond me...
Re:Of course they certify the expensive version (Score:2)
Red Hat Linux Advanced Server 2.1:
General Availability: May 17, 2002
Full Support (including hardware updates): May 17, 2002 -- November 30, 2004
Deployment Support: May 17, 2002 -- May 31, 2005
Maintenance Support: June 1, 2005 -- May 31, 2007
However, the Solaris lifecycle, in the same terms (general availability to end of maintenance support) is 10 years [sun.com] which is twice the joy.
I will admit that these terms look much more favourably on RHAS, though. Thanks for the link.
Re:Of course they certify the expensive version (Score:2)
For example, Sun is still shipping Solaris 7 which first was shipped in 1998. At the LSD date of Solaris 7, it will be about five years since the first ship date.
Re:Of course they certify the expensive version (Score:3, Interesting)
RedHat might patch their 2.4.9 kernel to fix serious bugs, but they have only certified against the version that came out of the box.
I've been using AS2.1 for several months now, and I haven't been disappointed. If anything, now my employer "has someone to sue" if the OS doesn't work right. Wasn't that part of the hesitation for larger corporations in adopting Linux?
Re:Of course they certify the expensive version (Score:4, Informative)
What Red Hat calls 2.4.9 has hundreds of patches compared to what Linus called 2.4.9.
Re:Of course they certify the expensive version (Score:5, Insightful)
After all, while RedHat is in relatively good financial condition, it's not like they have around $40 billion in the bank (unlike some operating system companies). Certifying Advanced Server is a good use of limited resources.
Amen. Their "more expensive" verion is what makes them money, not the free version. Certification of Advanced server doesn't take away from the benefits of their downloadable version, or other distros in any way.
If Linux is going to take hold, SOMEONE has to make money with it. People just miss the point: OS software is free as in speech, NOT as in beer. OSS doesn't mean everyone just walks around and works for free. It means programmers contribute code for "free", but make money when they support this code (and the code others contributed "free") to end users. When they add value to it.
If the GPL did not allow anyone to make any money, in any way, we would not be here talking about Linux.
Re:Of course they certify the expensive version (Score:1)
"OS software is free as in speech, NOT as in beer."
Yes, that sometime is true of "open-source" software but free software [gnu.org] is free as in speech, AND as in free beer.
Re:Of course they certify the expensive version (Score:4, Insightful)
And it is not likely to ever get certified because there is no way to recover your costs.
The point being made here is Linux being certified, making it more able to compete with Microsoft in the marketplace. The point isn't to argue over symantics.
Re:Of course they certify the expensive version (Score:2)
It's only "unlikely", as you claim, if the US govt never changes the method of getting OS certification. Although it is currently expensive to get the certification for an OS in the US, the method may change and the costs may fall.
In some other countries,there is no certification process to go through and OS software and free software are already used in applications which in the US would normally require certification.
Re:Of course they certify the expensive version (Score:2)
>You say that like it's a good thing or something.
You say that like certification is necessarily a good thing.
Re:Of course they certify the expensive version (Score:1)
ordering [fsf.org] manuals, t-shirts and especially CD-ROMs from the FSF. Most of the FSF's funds come from selling copies of things that everyone is free to copy.
Re:Of course they certify the expensive version (Score:2)
Despite the fact that free software is sometimes sold, e.g. by the FSF, the Gnu General Public License [gnu.org] guarantees that free software has the legal property that nobody is allowed to prevent anyone from distributing any free software completely free-of-charge, even free software that is being sold by someone else.
GPL licence guarantees source availability (Score:2)
I think you missed the reason why the GPL licence is unique. Not all open-source software licences guarantee you have the right to redistribute source code without limitations. Some open-source licences are ambiguous on what, if any, rights you have to redistribute source code. Other open-source licences try in various ways to restrict your right to redistribute source code.
In contrast, the Gnu General Public License [gnu.org] guarantees in clear English that you, as well as everyone else, have the right to redistribute the source code free-of-charge, or if you prefer for no more than the reasonable cost of providing storage media etc.
There is no ambiguity about the meaning of the GPL licence. That's the real benefit of being able to have GPL-licensed free software as opposed to any other type of open-source software licence. I'm not saying one type of licence is better than the other for all purposes. However, if you value your right to redistribute source-code then the GPL licence is probably the best choice when considering which software to use.
Re:GPL licence guarantees source availability (Score:2)
"My point was that money is not the difference"
I think that's wrong. The GPL licence [gnu.org] implies fundamental financial differences between GPL software and open-source software. GPL software may be distributed by anyone in return for any amount of money, including no money at all. You may not want to release or distribute software that is under a GPL licence; your company may also choose not to do so; but if someone somewhere likes the GPL licence and wants to distribute free-of-charge a piece of software they have written as GPL software or to re-distribute free-of-charge existing GPL software written by somebody else, nobody else can stop them, without legal recourse.
- Financial issue #1:
- Financial issue #2:
Money is therefore a vital aspect of the way the GPL affects software usage and distribution. This is a major difference with respect to many types of open-source software licences.Anyone is always free to distribute GPL software free-of-charge. Nobody can prevent someone else distributing GPL software free-of-charge or for any amount of money, without legal recourse. By contrast, with certain open-source software the licence says everyone may not distribute it, whether free-of-charge or for money.
Anyone is always free to use GPL software free-of-charge. With GPL software nobody can stop someone else using it free-of-charge, without legal recourse. However, with certain open-source software the licence says everyone may not use it free-of-charge.
When you said, "those who view source redistribution to be a right, have invented a license to guarantee that right", you have misunderstood the way the "common law" legal system works in countries like the USA and the UK; unless there is a specific law that forbids you from doing something, then you are generally free in law to act as you choose so long as your actions do not harm anybody or anything else (which would create a tort). If you obtain a piece of software, that software is provided to you under a software licence which is interpreted according to the principles of contract law. Therefore, by default -- no need for any extra licence(s) -- you already have the legal right to do whatever you like with a piece of software unless the legal contract you enter when you accept a software licence explicitly removes your right to take certain actions.
Most commercial software licences take away rights that you would otherwise have by default. When you have rights by default, then a licence which takes away rights, whether willingly entered or not, must be correctly described as causing a loss of rights to the end user of the software. Whether the end-users' loss of rights is good or bad from the point of view of the software author/rights-holder depends on management strategy, shareholder expectations, market competition, etc. Nonetheless, I think the advantages of GPL software -- apart from price -- from the point of view of end users -- especially of end-users who are not interested in source-code availability -- are so strongly appreciated when explained in non-technical plain English, that any GPL software which has an adequate feature set and sufficient usability for end-users will eventually achieve greater distribution and usage than equivalent commercial software, whether open-source or not. This process will be damaging to commercial software companies that do not adapt and develop ways of cooperating with and harnessing GPL software for their benefit e.g. by selling correctly priced add-on services (no unsustainable "dot-com" marketing strategies).
Lastly, I think you can be a programmer and still find the distinction between closed-source software and open-source software to be absolutely vital in many senses. You cannot speak for all programmers. It depends on the situation, the programmer, the software, the licences, the business, the management, the costs, the benefits, etc.
Re:Of course they certify the expensive version (Score:1, Funny)
Re:Of course they certify the expensive version (Score:2, Informative)
However if you want support for it, it will cost you about $1200 per machine per year. This is cheaper than most other OS's.
Personally, I think you would be better served developing in house resourcs for the support, but that's just me.
I'm also not necessarily happy with RH's choices on some packages to include in AS. The one that jumps out at me is choosing to use a beta version of an ntp4 [ntp.org] release as opposed to simply using whatever was the stable version at the time.
And yes, I work somewhere that is probably going to implement hundreds of copies of RH AS, and pay for the support.
Re:Of course they certify the expensive version (Score:5, Informative)
The Advanced Server is released every one and a half year or so - the desktop OS every six months. Personally I find it a very agreeable deal - the free users get faster releases and contribute towards bug testing, the paying customers get what they want, slower but longer-supported (and now certified too) releases.
Re:Of course they certify the expensive version (Score:2)
Oops. Did I say that?
Re:Of course they certify the expensive version (Score:2, Interesting)
This isn't about some moron IT guy in a green/navy jumpsuit deciding to use NT because he likes it, it's about the moron IT guy having no choice in the matter because he HAS TO deploy a COE compliant system.
This is big news for Linux.
Re:Of course they certify the expensive version (Score:2)
You are too kind to these people jht! If they want the 40 dollar version certified, Slashdot whiners should start up a fund to PAY $$$$$$ for the certification (I am sure RedHat would be overjoyed that the Linux community would donate so much money to them) and while complainers on slashdot are about it, I would suggest a fund to get Debian certified too. DO I hear silence from whiners... I thought so.
Off-Topic my ass. (Score:2)
Sure DoD uses the regular version.... (Score:5, Interesting)
In our case it comes down to services. I work for the Commanding General and all he wants is "services not platforms".
I think maybe that has helped to bring in open source in our little corner of the military more than anything. IM talks about how they are M$ certified blah blah and I just bring out a new app coded in Perl that the green suiters can't live without.
Or better yet create one and let it run on one of my own outside servers and then demo it to them with a "Oh by the way, we need Linux to do this".
It's like heroin, get 'em hooked. They gotta have it. Superior services, not platforms.
As far as it being the more expensive version of RH that's certified, have you seen RH's stock price? You're still saving the military a lot more in the long run by getting the more expensive version.
Re:Sure DoD uses the regular version.... (Score:5, Insightful)
You say superior services, not platforms, but it sounds like you're taking programs that could otherwise be cross-platform using them to push Linux for its own sake. Or, are you doing something with perl that would tie it to Linux?
(Ready to be modded into oblivion for implying that Linux should exist just for its own sake...)
(typo) (Score:1)
Re:Sure DoD uses the regular version.... (Score:3, Insightful)
Don't mistake me for a Unix zealot, if MS came out with something better I'd use it in a heartbeat. But I live in the real world, and I solve real problems under real time and budgetary constraints. Unix lets me solve those problems on spec, on time, and under budget... NT doesn't.
Majorly wrong there bub (Score:3, Insightful)
How do these things relate to Linux? No one's arguing that it isn't a good development environment, but perl runs in Win32 fairly easily.
Have you tried to use perl on windows?
It just isnt the same. Perl proggies typically make heavy use of syscalls such as "fork" and "pipe".
Performance of these under windows is atrocious, not to mention that the whole windows filesystem/exec is shockingly low performance.
(Its not designed to be used in the way perl programs typically use it)
perl is seemingly perfect for linux, with its low forking overhead (comparable to creating a thread or lwp on other OSen) and its I/O subsytem performance.
Programming, even in high level languages, is a totally different ballgame under windows, if you want performance. You have to do it differently.
From the Red Hat site (Score:5, Informative)
Read the RH press release here [redhat.com].
Sorry to be a spoilsport, but... (Score:5, Informative)
Re:Sorry to be a spoilsport, but... (Score:4, Informative)
Re:Sorry to be a spoilsport, but... (Score:3, Interesting)
Re:Sorry to be a spoilsport, but... (Score:2)
Are those only valid if NT is NOT connected to any network? Isn't that the only configuration that was certified? Or do I have some facts incorrect?
Re:Sorry to be a spoilsport, but... (Score:2, Informative)
You are correct
Micro$oft's marketroids have been making a Big Deal out of their C2 certification for years, but have never bothered to mention that their systems only pass C2 if they're not connected to a network, are in a locked room with armed guards outside the door, and are powered off.
OK, just kidding about the last two criteria. But the part about not being connected to a network is no joke.
Re:Sorry to be a spoilsport, but... (Score:3, Informative)
Re:Sorry to be a spoilsport, but... (Score:2)
Re:Sorry to be a spoilsport, but... (Score:3, Insightful)
It's simply a barrier to entry that has to be dealt with. This only means that there is one less bullsh*t excuse for someone to not use Linux.
Wait wait NT has COE too? (Score:1)
This program has commited a General Protection Fault and will fire ICBMs at DC. If the problem persists, quit calling Microsoft a monopoly.
Not seeing it. (Score:2, Informative)
I can find only one relevant page [disa.mil] on DISA that pertains to Linux/COE. This page has a link to a draft of COE Compliance Critera for Linux. The information on this page hasn't changed in several months, AFAICT.
So, what's new here? Can anyone point me to a place on DISA that substantiates the claims made by the news.com article? Where is the "real", final COE Compiance Critera for Linux?
Re:Not seeing it. (Score:2)
If we could find segments like that, we could actually consider running Linux in our project. Until then, it will have to be Solaris and a 280R.....
COE Segments (Score:3, Informative)
"Segments" are basically customized software installs for COE. This includes Government produced software (Government Off the Shelf, GOTS) and commercial software (Commercial Off the Shelf, COTS). For instance there is a "segment" that installs Netscape.
These segment installs basically install the software such that it conforms to the COE environment. For example, applications must live in a certain path, follow a certain naming scheme, use certain environment variables to find things, only put user data in a certain place, etc, etc. Think "rpms" or FreeBSD packages - segments are just big tar balls with a standardized format and install scripts
The segments are available via DISA to those programs that are developing COE software - you have to show proof of need and sponsorship (i.e. somebody has to pay somewhere along the way for you to have access). Basically if you are developing applications for the DoD, you can get them - we have to get them through a certain chain of command. I think vendors can get access, but you have to talk to the DISA folks about how that works.
better link to the story... (Score:5, Interesting)
http://news.com.com/2102-1001-984202.html [com.com]
COE? Here's the link to their homepage:
http://diicoe.disa.mil/coe/ [disa.mil]
Admins! Get your fucking heads out of your asses and check to see if something is linkspam before posting it. This isn't the first time. Someone is making money from the click through.
Fuck them.
Re:better link to the story... (Score:1)
DII -COE compliance is a pain (Score:2, Insightful)
How to get it? (Score:3, Interesting)
Is there a way to get the
Re:How to get it? (Score:1)
They also have AS running in the HP Test Drive site (http://www.testdrive.compaq.com/). Unfortunately, it appears that Test Drive registration is disabled until the end of this week.
-fp
Re:How to get it? (Score:4, Informative)
Anyone can download it for free from Red Hat.
You just don't get the support for free.
Mirrors: http://www.redhat.com/download/mirror.html
Check the "enterprise" directory.
Re:How to get it? (Score:3, Interesting)
-fp
Re:How to get it? (Score:3, Informative)
RedHat is under no obligation to provide free binaries, just free source files.
Hey, they even helped you a bit by providing SRPMS instead of Tar files.
SRPMs only (Score:1, Informative)
Have you actually tried this? There's nothing but source RPMs.
No .isos for enterprise just source RPMs (Score:3, Informative)
Re:How to get it? (Score:3, Informative)
- Download
- rebuild all the SRPMS on Red Hat Linux 7.2 (seemed to be the closest)
- look at the errors from missing devel packages
- install *-devel rpms
- rebuild again
- rpm -Fvh *.i386.rpm
- rpm -ivh the redhat-release package
No installer seemed to be included.
Then repeat every time a patch SRPM is released!
Maybe it's worth the $800.
SRPMs are available (Score:4, Insightful)
Re:SRPMs are available (Score:1, Redundant)
Re:How to get it? (Score:3, Informative)
--
Re:How to get it? (Score:2)
I hope it's not too late to cancel our order.
This is great (Score:5, Insightful)
I never thought I would say this, but I've gotten accustomed to using RH. I was a die hard Debian fan, and in philosophy still am. But when it comes to 3rd party support, and announcements like this, I have to say that RH is the distro right now, and probably will be for some time to come (at least in the US).
For all of the advancements that RH has done for Linux, and in spite of itself, including RPM. I would like for them to get a better package system. Yes, I know theres the apt-rpm or whatever its called, but I'm talking something that already comes with the distro and works on all architectures supported by RH. Someday...
Re:This is great (Score:4, Interesting)
That said, why DON'T we just package the source tarballs instead of the binaries? I mean, back in the day it took forever to compile something on a beat up old 486. But today I can build Tcl/Tk in a little under 7 minutes, and the Linux Kernel in 20 or so. As the machines get faster and the compilers get more efficient tracking the binaries is going to seem downright silly after a while.
My US0.02
Re:This is great (Score:1)
I have no problem with stuff being compiled from source, it's just that in some cases it's more time-efficient (OO, for example) to have a binary, and in others, it prevents having to worry about the subtle differences between systems that prevent code from compiling.
Re:This is great (Score:2)
You want me to compile what?
I have a hacked version of PBS [openpbs.org], a stock version of Maui [supercluster.org], and a number of scientific libraries/applications that are compiled from source. I think thats enough
Re:This is great (Score:4, Insightful)
That said, why DON'T we just package the source tarballs instead of the binaries?
Source doesn't fix the packaging problem - it just moves it around a little. You still have basically the same problem removing, replacing or upgrading a package with a source based package as you do with a binary
The killer of this idea for me is that I produce service systems which are designed for a particular (set of) function(s). Part of the philosophy I use is that the systems have only the software I need on them - which makes them more secure (fewer packages to have security bugs, easier to audit). In the case of service boxes they do not have compilers or tool chains on them - don't need anyone fiddling with stuff, if you need to do fixes those are done on a development machine, moved to a test machine and then deployed. Adding a compiler, and the associated tool chain, and the (development - then run times are probably already there) libraries to make stuff build makes my package set much bigger and consequently increases the maintenance task.
Don't do it that way. (Score:4, Insightful)
The production boxes will still use debs or rpms but the compilation boxes can easily use something like checkinstall to make packages. This won't work in a potpurri environment but it would be fine if there's lots of identical machines. You mentioned that you wanted only particular software on your machines. With source compilation, you can even specify that the software only have certain options compiled in.
Since the dev toolchains are confined to a few boxes, maintaining those shouldn't be onerous either.
Re:This is great (Score:2)
Re:This is great (Score:2)
I'm downloading a copy as we speak. I feel like I've found the holy grail or something.
Re:This is great (Score:2)
Re:and how much do they pay you? (Score:2)
Frankly the .NET adds on Slashdot turn my stomache.
I thought Tinfoil Hat Linux was the way to go? (Score:1, Funny)
Command and Conquer Conspiracy? (Score:1, Redundant)
Don't think this was easy. (Score:5, Interesting)
The efforts by DISA and Red Hat were started because the little program that those people worked on provided the customer for the product. Sure, there was a lot of "anecdotal" demand for Linux, but this was the first formal acquisition program that was committed to it. The guinea pig, so to speak.
Let's give proper respect to RH (those involved know who he is) at Red Hat, who took that first call and pitched it to his management, even though it looked like all the risk was on Red Hat.
peanuts (Score:1)
the business of government contracting (Score:3, Interesting)
In a free market economy the consumer has the option of making choices based on any number of factors including price, quality, speed/efficiency, convenience, and just plain old personal taste. However, in any system that shuts out all but the most deep pocketed (and well connected personally) companies then you had better be willing to pay more for less. Furthermore if the weights of the value of a product, service or the company that renders it has moved from the above factors (price, quality, etc) to that of the prettiest proposals, the slick talkingest (reverting to my Yosemite Sam mode) company personnel and the prettiness of words and documents presented then you will inevitably end up with less quality. Competition has then moved completely to the realm of draft picks for the cheerleader squad. It doesn't matter if they do nothing but look pretty and say stupid repetitive cheers... hey! they look pretty.
Bullshit artistry is _THE_ factor in government contracting, as a track record of proven quality does not factor in. Now to be fair, there is the SEI system in place (Systems Engineering and Integration) which mostly inherits from the ISO 9001 system. With five levels (1 - 5, no zero... 1 is granted to anyone whether they can find their ass with either hand or not) you have a criteria of process quality by which you can judge an organization. However, with all the money and obvious effort that went into creating and maintaining this system the Achilles heel is no different than in any other of the "best laid systems and plans" to date. That my friend is the factor of non-compliance to the very processes that define who is granted what level. In other words, they don't use it like it was intended thus rendering it as just another acronym. The ironic thing (but typical in entrenched bureaucracy) is that even though pretty much anyone will admit (if you ask them lightly in the break room over coffee) that the system is rather broken most of those will still puff up with pride (if contractor) if they are a talking head of an organization with higher than SEI Level 2 or will speak with awe and wonder (if government) of an organization with SEI Level 2 or higher.
What I fail to understand is why some will defend this bastardization on the grounds that those organizations with an undeserved SEI level are "Working Towards it." Well, that is good... really, however that is illogical when you look at the fact that the SEI system is not a projection but a grant of current operational status. I somehow doubt that there would be much validity in being granted a good bill of health after being shot 10 times if it was based on the fact that the surgical staff would "Soon fix me up good." No, instead I should be labeled as "In Critical Condition" and any other status be viewed as such. (Hmmm, is THAT what STAT comes from... meaning right NOW? I sure don't know) Back to IT work, if I was the customer then I would not care one damn bit of a system in place that is not consistently applied. The minute it becomes acceptable practice to arbitrarily award the SEI Levels is the same instance that such levels loose their meaning.
Now some might say (who lack working neurons) that this is exactly what happens with capitalist Evil Corporations (TM) yet in reality we see that it is the government itself that creates this system. If the government would place individuals in decision making roles that had both a sense of ethics as well as refined professionalism then you would find that requirements would soon show a dramatic shift towards the quality of the products and services rendered. Networked people are important, to that there is no question. Yet a professional organization will correctly view those connected personnel as one of the many factors involved in doing business. ("Professional" defined here not just as "they get paid to do X" but referring the the ethical and motivational set of standards and practices they employ) Some actually believe that without business developers sliming their way through the system, charming the customer and confusing them when they question bad quality, that there would be no business. Perhaps in some cases there would be less, but there have been entirely too many cases in history (large and small) that show that if there is a need on one end and a supplier on the other than things can work out just fine. The middle man is nothing more than a facilitator of this process... a catylist (sp) but since they themselves do not do any real work they are expendable in reality. Before them business happened at perhaps a slower rate. Without them business adapts. Without those providing the actual product and service than there is nothing to be made of the best of deals. Take out the bullshit artists in the government and soon you will find that their contractual counterparts will begin to vanish as well.
On a different but very much related note: Has anyone ever done a study of the percentage of commercials split up by radio, television and print (including the net) that actually advertise the uniqueness of the product, its advantages over competitors and why you should buy it? Don't get me wrong, I LOVE those beer commercials usually. However when so many commercials have become little sitcoms or tools of the "arteest" then I really fail to see how I as a consumer am supposed to do anything but ignore them and focus on doing research (to include ratings). I rarely see any commercial that is useful however that could just be where I live.
Sounds just like Guardent (Score:2)
Will the Green Berets use Red Hat? (Score:2, Funny)
GPL vs RHAS License... (Score:2)
Re:GPL vs RHAS License... (Score:3, Informative)
http://www.redhat.com/licenses/rhlas_us.html [redhat.com]
It looks like each copy of RHAS installs with proprietary client to the RedHat network. This client is not GPL. It is "RedHat Intellectual Property". That's apparently what's licensed.
Re:GPL vs RHAS License... (Score:2)
The GPL has a "mere aggregation" clause, which basically states that you can distribute GPL code alongside proprietary code, without affecting the licensing of the proprietary code, as long as the proprietary programs are separate programs. The distributor has to make source available to all of the GPL components, but can apply traditional rules to the proprietary components.
So no, the RH-AS license does not conflict, and Red Hat follows the GPL. The same is true of the other Linux distros that include proprietary components: supplying source to the GPL and LGPL components is all that is required, and you can forbid people from copying the proprietary components.
Re:GPL vs RHAS License... (Score:2, Informative)
AS has a stack of support and services that require a fee for use, reality is that no one will stop you from building your own or installing on multiple machines. But you won't get full support,
Only part of the value of AS lay in the bits.
Other Linuxes? (Score:2)
why not openbsd or freebsd? (Score:2)
but for the most stable servers running free unix, how can you beat the BSDs? and with CVSup et al, you can be sure you're really really up to date and secure.
I'm a linux user since the 1.x kernels and a freebsd user since maybe 2 yrs ago. these days I use linux on the desktop and bsd on my servers. so I know and love both for the right purpose.
linux has name recognition, but for ultimate stability, I'm just not sure its the right choice here...
linux kernel, redhat distro (Score:1)
Re:linux kernel, redhat distro (Score:3, Informative)
Starting from a bare system, you first install the COTS (Common Off The Shelf) OS (RHAS, in this case). This will likely be a "custom" install since it will likely have some strange partition requirements.
On top of this, you would then install the COE "kernel". This is a core set of COE services, scripts, utilities, etc. Part of this process is the creation of several user accounts (sysadmin, etc) as well as a general lockdown of the box (no root logins allowed, lots of permission changes, etc.) This step will also likely involve installation of package updates to close various security holes.
From there, one would install the various "segments" (COE name for packages) needed to set the box up for a specific usage.
Personally, I'm curious to see if the COE kernel will load on top of a regular RH 8.0. I can see having RHAS for target systems, but it would be nice to be able to use the regular version as a development platform.
Re:Microsft Internally using Linux and Java (Score:1, Insightful)
Re:Sadly, RHAS isn't very good. (Score:2)
Xinetd is more secure then inetd. It is also completely compatible with regular inetd (I'd like to see how you can write an inetd that isn't compatible). The configuration is different, but I don't see anyone advocating that Linux perfectly duplicate the configuration of AIX or Solaris (and then, which would you pick, they're both different as well).
Finally, IBMs JDK works on the pSeries and zSeries systems. I'm sure it supports SMP just fine.
Re:Sadly, RHAS isn't very good. (Score:2)
2) Perhaps that is true, I dont use IBM's JDK.
3) Linux is different. This isn't just an issue with inetd vs xinetd. Linux defaults to bash as a shell, Solaris to csh. People shouldn't encourage Red Hat to include the less capable, less secure piece of software to appease people who find other more glaring differences anyways. The admins will have to learn to cope. Or get some Linux admins, it's not like there aren't some out there looking.
Re:Sadly, RHAS isn't very good. (Score:2)
Re:SELinux (Score:2)
In any case, the loadable security module sounds like a better bet for the future as it minimises what has to be a permanent part of the kernel (gets it past Linus) and concentrates the changes in one place for an easy audit.