CentOS Project Administrator Goes AWOL 492
An anonymous reader writes "Lance Davis, the main project administrator for CentOS, a popular free 'rebuild' of Red Hat's Enterprise Linux, appears to have gone AWOL. In an open letter from his fellow CentOS developers, they describe the precarious situation the project has been put in. There have been attempts to contact him for some time now, as he's the sole administrator for the centos.org domain, the IRC channels, and apparently, CentOS funds. One can only hope that Lance gets in contact with them and gets things sorted out."
Peace (Score:4, Insightful)
If you read the message in TFA, it kind of seems like a cry for your ex-gf to get back together.
Joking aside, I dont think it's really a surprise for anyone that people have other things to do sometimes, or even getting interested in different stuff. I actually feel sorry for the guy that this got slashdotted and all. If he's on holiday, it's gonna ruin his day. If he's away doing other stuff, he probably dont want to hear his co-admins crying to get him back.
Really, give the guy a peace. I bet he has used serious amount of time on CentOS project and deserves some time off and respect.
Re:Peace (Score:5, Insightful)
Re:Peace (Score:3, Insightful)
He's a project leader with great power over the resources of the project. With great power comes great responsibility. Responsibility which this guy does not seem to be handling well, or in fact, at all.
If the guy is on vacation for a few weeks or will be pursueing other interrests temporarily or permanently, he should have notified others or helped transition some of his power.
medical problems (Score:5, Insightful)
As someone who recently had medical problems that sprung up over night, I can honestly say that there could be other reasons he's not responding. I guess an open letter is as good a way as any to try to get in touch with him, but the tone of the letter is beyond ignorant. It's more accusatory than anything (which may be justified), but it's certainly not a sign of professionalism. If anything, it shows that he may have been correct in managing the project without the petulant "help" of the other developers.
Re:Excellent example.... (Score:2, Insightful)
They see me trollin'...
BUT, I will respond anyway.
This is not a failure of open source, it is a failure of redundancy. We've learned this lesson countless times: There should never be "only one" person with protected access to a project. It's like kusanagi374 said above.
Re:Eggs. Basket. (Score:5, Insightful)
Does anyone know about his personal financial situation? It is not unknown for people to borrow against their business or organization to fix personal financial problems with a "promise" to pay it back "when things get better". Since he has not provided any financial statements from the organization, I'm leaning towards this.
Re:Excellent example.... (Score:5, Insightful)
As opposed to with closed source projects, where when someone walks away with all the passwords everything's just fucking fine and peachy, right?
Re:Eggs. Basket. (Score:5, Insightful)
Maybe he *was* hit by a bus.
Come on (Score:4, Insightful)
I like CentOS a lot, but still
It's open source, if anything goes _really_ wrong, fork. The source is there, all references to the "Proeminent Linux vendor" properly stripped, etc
It's less work than start from scratch again from the "proeminent linux vendor"
Re:Excellent example.... (Score:2, Insightful)
That's an excellent simple example of the advantages of Free Software:
Free Software X lost its developer/manager/whatever -> anyone can step in and replace him, or pay someone to do it.
Company Y decides to stop supporting its proprietary software Z -> you're screwed in the ass, big time.
Don't count on "stopping without notice"... from these kind of adverse situations that interesting new stuff emerges.
Re:Wait a little more (Score:3, Insightful)
"give it at least until Monday before publicly humiliating the guy."
Except they had been calling for 2 weeks to nothing but a busy signal, which alone might be sufficient cause for such an open letter, especially considering the financial and management concerns.
Oh, and nobody goes on holiday without contact for over 24 hours, do they? I bring a laptop and a smartphone with me wherever I go. Even when I visited Northern Africa, I made sure to get online at least once a day to check, act on, and reply to my email.
Re:Excellent example.... (Score:2, Insightful)
Three words... (Score:5, Insightful)
Follow The Money.
At first when I was reading the story, I was all like, "oh, guy with only keys to kingom hit by a bus?", then I saw how he controlled the funds and I was all like "he's so on a beach in the tropics threatening to burn the hotel down if he doesn't get his paper umbrella".
Seriously though, I hope it's simply a case of needing a break, not something more ominous. I like CentOS, and I'd hate to see the project fall apart due to losing one key person.
Re:Not the first time... (Score:2, Insightful)
Re:Wait a little more (Score:5, Insightful)
Oh, and nobody goes on holiday without contact for over 24 hours, do they? I bring a laptop and a smartphone with me wherever I go. Even when I visited Northern Africa, I made sure to get online at least once a day to check, act on, and reply to my email.
Its not a vacation if you can find me.
I leave my cell, laptop, etc home. For my last trip, I told my co-workers what park I would be in and that if something went south that they can call the park ranger and then hope that they can find me.
I want to get away from the the regular grind, not bring them with me :-)
Re:Peace (Score:4, Insightful)
Indeed, however afaict centos is a volunteer project. When the shit hits the fan in more important aspects of someones life then such volunteer projects become the last thing on someones mind. Hell for all we know he could be dead or hospitalised.
The real problem is the lack of an organisational structure that can survive it's founder dissapearing. Sadly this is all too common in FOSS projects. It's made worse by the fact that such projects are usually done remotely and so often noone on the project will know any of the person who dissapeared's real life family and friends.
Re:Peace (Score:5, Insightful)
Not an atypical problem (Score:5, Insightful)
i don't think that this an atypical problem, neither inside or outside the
open source community. We have people giving ressources of to projects
(e.g. time, money). Usually they expect something in return (e.g. recognition,
influence). Normally those expectations are never stated explecitely. So what
happens: Someone sees his expectations not met, so he cuts the ressources he
gives. Usually this goes together with hurt feelings as well, so he tries to
get a refund by keeping assets (domains, money, passwords, etc.).
Same thing happened with other OSS projects (e.g. Blastwave) and non
profit organisations (e.g. Hannelore Kohl Stiftung here in germany).
You cannot fix this. When you try to fix it, you need a board and a charta
right at the beginning. Too many projects would already die here and would
never get to the stage where a quitting founder brings a crisis. In the worst
case now: they have to start at the current status again under a new name.
CU, Martin
P.S. This shell not be a factual description, what happened in this project.
This is only a description of things i observed elsewhere and would expect
to find here too.
Re:Peace (Score:4, Insightful)
I agree. There's a reason why Red Hat is corporation oriented -- If you need something critical to your systems, go with those who are more reliable to provide the support and isn't so much volunteer projects.
Re:Peace (Score:5, Insightful)
They really need to stop advertising themselves as being "enterprise-class" then.
Re:Peace (Score:2, Insightful)
They should have multiple people who can play the same role and able to share the duties.
Is This Bus Syndrome? (Score:1, Insightful)
This is actually an interesting point. This could be a case of 'bus syndrome'. What happens to a critical project when only one person has all the knowledge, but gets hit and killed by a bus on the way to work? After we find out whether he put on clean underwear like his mother told him, the project gets hit by the same bus. The project might be a little more resilient but it still gets seriously hurt.
I don't have any sympathy for anyone involved with a project where this happens. It is so preventable. As time has gone on, I have been getting more vocal in work situations when I see this kind of thing happening. It's a pain in the ass when the Asperger King or Queen decides to leave because they don't like to share. And half the time they don't use any sort of recognizable organizational structure to what they do, so it takes longer for others to figure what's there, which makes a bad situation even worse.
I hope the guy wasn't hit by a bus, or hurt in any way. In any case, this should be an eye opener for the other members of the project and any people who rely on CentOS for critical systems. To throw gas on the fire, I think it is also a good reason to go with a 'for profit' company like Red Hat, Ubuntu (Canonical), or Suse if you need to use an OS for mission critical systems (or even their pressure cooker products). A for profit company has a lot more incentive to make sure these kinds of issues don't happen, and the resources to make sure these kinds of issues don't happen.
I personally won't use software produced by projects like CentOS. My belief is that projects like CentOS are there because people want to skate on the backs of people and companies who have spent time and money making a good product, just because they don't want to pay for that hard work. I believe this is the flaw in the GNU license, and not open source in general. It is like stealing money from those who created the original work. Redhat spends a lot of money to develop their product, and others just copy it and give it away for free. I think the idea of open source was to be able to modify drivers and software so that it better meets your needs. I don't think it was so you could take other people's ideas and sell them as your own. If Redhat were just starting and were still on the edge of financial stability, and a 'CentOS' product started giving away Redhat's product for free, the for profit company could fail. We periodically see companies trying to make open source products switch to closed source for this very reason. The service support paradigm only works for products that are too big and complicated for the 'little guy' to take on. And even then it is a risky proposition until the code base is reasonably stable, since the time and money going into stabilizing the code can outweigh the money coming in from sales and support work. Even CentOS and others like it rely on Redhat to fix bugs and copy those updates too. While legal, I think it is morally wrong. As a note, every couple of years I will go out and purchase a copy of a Linux distribution. We all rely on them to create our Linux installs. How many out there who spout all the GNU propaganda actually try to contribute this way so that these distributions are able to continue? While some may contribute code, which I believe counts for just as much as contributing financially, I really doubt that more than an extremely small handful of people even do this for the distros. Most just want the free as in beer software and feel like they're cool because they aren't using MS or Apple. Yes I am getting more cynical as I get older... and I was pretty damned cynical when I was young. :)
Re:Is personality driven development part of free? (Score:3, Insightful)
it forces people to put aside their differences
tjstork, meet office politics!
when there is cash, people can accept quite a bit of abuse and still produce something.
Oh, you've already met! Taking abuse is not "putting aside your differences" it's "desperation for the next paycheck in this economy". The only thing unique in what transpired between Linus and Alan was the public nature of it. People get chewed out for things they feel were unfair all of the time, and sometimes they even quit over it.
Imagine all the whiz kids in trouble now (Score:3, Insightful)
Wow. Imagine all those whiz kids who told their bosses they'd save mad money changing RHEL to CentOS.
This reminds me of the Xircon IRC chat client software from a few years ago.
Sometimes people just pull the plug, I guess.
Re:Is personality driven development part of free? (Score:4, Insightful)
Where to begin. . . on commercial projects, *I'm sure* that there are problems with developers all the time. They leave, they get fired, whatever. The corporate structure provides both continuation (hire another developer to replace them), and discreteness (you never actually *hear* in public, about the differences between developers, flame wars, immaturity, etc, but that doesn't mean they aren't there).
Also, companies go out of business and commercial software does get abandoned, just like open source.
So, commercial software has, usually, a corporate structure which provides continuity. What does open source have? A few things. . . the chief one being access to the source code. Maybe the project will have to change names, but I'm pretty sure it will continue. In a *well run* Open Source project, there wouldn't be a single point of failure - one guy holding all the keys. Instead, you'd have things split up among 2 to 3 people who can control things like the domain name, irc channels, etc. Additionally, for a *very well run* open source project (though most probably wouldn't go this far), you'd have a non-profit foundation with a board of directors who is the 'owner' of things like domain names, servers, etc.
That way, if the person(s) controlling key assets like servers or domain names goes 'rogue', the non-profit foundation can exert it's ownership, and sieze control back from that person who was designated as the 'administrator'. That may require going to court, but if the organization is on record as being the 'owner' of those assets, and can prove it, the court will use its power to restore control of those assets to the rightful owner.
Unfortunately, since most Open Source projects start out as one guy or gal, they often seem to never get around to the stage of maturity of making the project independent of that person - I think part of that is ego on the part of the project founder. They are too small minded, often, to think of the project in terms bigger than themselves, and give up control.
Which brings us back to the source. AT LEAST, we always have the source, which means no Open Source/Free Software project can ever truly die, unless nobody cares about it, then it doesn't matter if it does die. (If anybody was *using* an Open Source project, and it was vital to them, then they'd care enough about it to either maintain it themselves if they must, or get someone else to maintain it [which might mean spending some cash, but that's life]).
Re:Peace (Score:5, Insightful)
I'm in a online TF2 clan, and we have the Real Names, addresses, phone numbers, and work phone numbers, of the 10 highest ranking members. The top two members have shared all important info so a absence of one is annoying, but completely survivable. Perhaps its because we have so many active duty military in our group, but I would expect everyone to take such basic precautions.
Please don't tell me my TF2 group is more organized than CentOS, (Please!)
Re:Is This Bus Syndrome? (Score:5, Insightful)
If RedHat doesn't want to share their code, then they should build their own OS, instead of just working on the pre-existing huge resource that is Linux/GPLed code. See how that works? They agreed to CentOS-style reuse of their work in exchange for THEIR for-profit reuse of decades worth of OTHER people's work; that's the price of the GPL, and they pay it willingly, because what they get is so valuable.
And speaking of cynicism: anyone stop to think that maybe some overaggressive RedHat executive with a suitcase full of cash is behind Lance's disappearance? Follow the money: CentOS looks unreliable ==> RedHat cashes in....
Re:Is This Bus Syndrome? (Score:5, Insightful)
I personally won't use software produced by projects like CentOS. My belief is that projects like CentOS are there because people want to skate on the backs of people and companies who have spent time and money making a good product, just because they don't want to pay for that hard work. I believe this is the flaw in the GNU license, and not open source in general. It is like stealing money from those who created the original work. Redhat spends a lot of money to develop their product, and others just copy it and give it away for free.
You do realize that technically Redhat is just skating by on the free give-aways of others, too, don't you?
I mean, as I understand the whole Linux thing. Feel free to correct me.
Comment removed (Score:5, Insightful)
Re:Wait a little more (Score:3, Insightful)
The difference there is that your work was already delegated, you notified them of your intentions, AND you did give a somewhat plausible way to be found.
If they called and a park ranger needed to search a million acres of wilderness for some computer geek just because a server went down, it may not happen. They may not be quite as anxious about trying to find you, as say you went missing for 2 weeks in the woods with only 2 days worth of supplies.
One of my guys told me "I'm taking a 1 week vacation. I'm going in the woods with the clothes on my back, a pup tent, canteen and hunting knife." Either he was going to come out of the woods hungry, or he may not come out at all. He always managed to show up after the vacation happy, so who was I to complain. :)
He was "essential" to smooth operations, in that it was very helpful to have the full team working. If he never showed back up, we would have continued normally, and replaced him when we were confident he wasn't coming back.
Re:Is This Bus Syndrome? (Score:2, Insightful)
"Redhat spends a lot of money to develop their product, and others just copy it and give it away for free. "
You conveniently forgot the fact that Redhat, in their "product", contains 99% stuff that was developed by others for free. It is *not* like stealing money from those who created the original work, because the vast majority of that work had nothing to do with Redhat.
Re:Peace (Score:5, Insightful)
There is no need to disable updates, I don't think. All of the updates that I've seen on the centos-announce mailing list come from two people, and I believe those are the people with the GPG keys on the packages, too.
If Lance is still around, it is safe to say that he has had all of his access removed. If he has both access to the repositories and the GPG keys, I'd worry (assuming his intent is malicious, which I somewhat doubt would be the case) -- but until the current developers who rebuild/push the updates advise that we kill updates, I definitely will not be doing so. A great example was the BIND vulnerability a day or two ago.
Seriously, if you are a centos administrator, you should do a couple things:
1) Sign up for the centos-announce list, here: http://lists.centos.org/mailman/listinfo/centos-announce [centos.org]
2) Watch it like a hawk.
It is safe to say that the existing developers will use it if they have a huge need to communicate an apocalypse situation where it would be wise to stop updating.
Comment removed (Score:3, Insightful)
Re:Wait a little more (Score:3, Insightful)
Man, sounds like you got managers or coworkers that don't respect you vacation. I think I've been called up twice on my vacation, once because a server password was missing in action and the second briefly discuss a change I'd worked with that had caused a serious regression. If you call me on my vacation it'd better fill this three criteria:
1) It's serious
2) I won't need any laptop, VPN or any remote access
3) There's good reason why you need exactly my input
4) It'll go to voicemail and I answer on my schedule
I absolutely go on vacation, but I don't put total absolute limits on it just like I'll answer a call from work in the evenings/weekends. It's a privilidge, don't abuse it and you don't bother me about recieving the occasional personal call during working hours and we're even. I call that a win-win situation, the day they become hardass I'll drop off the face of the earth when I go home.
Re:Peace (Score:3, Insightful)
Re:Wait a little more (Score:3, Insightful)
Re:Is This Bus Syndrome? (Score:3, Insightful)
Really? CentOS is robbing Redhat of their hard work and giving it to selfish, cheap people? Really? You've clearly misunderstood the very basic concepts of OSS.
And who cries for the people that made the software that Redhat freely uses in their distros? Lest you forget, while they've contributed a great deal, Redhat has contributed less than they distribute. Same for SuSE, Ubuntu, et al.
Re:Is This Bus Syndrome? (Score:5, Insightful)
It is like stealing money from those who created the original work. Redhat spends a lot of money to develop their product, and others just copy it and give it away for free.
Not to diminish the contribution by Red Hat, which is pretty extensive, the above argument is invalid. Red Hat did not create the products included in their distributions. They take existing free software, package it, and sells it as part of a complete package, including support. The software is still free.
Some projects whose products are included in Red Hat distributions were created by Red Hat and staffed by Red Hat personnel. They chose the GPL anyway. They have even purchased several companies and relicensed the products of those companies under the GPL. Do you really think that Red Hat would have done this if they thought that this would severely impact their business?
We periodically see companies trying to make open source products switch to closed source for this very reason.
Those companies are in a very different situation. They own the copyrights to their entire code base, and are thus able to change the license to a proprietary one if they think that it will create an advantage. Companies like Red Hat cannot do this, since many of the components of their products are free software. They could have done it with those components that they have written themselves, or acquired the producers of, but they mostly haven't.
While legal, I think it is morally wrong.
Why? Not even Red Hat think so. They argue that people or organizations that have little or no money are not their target market, and thus, it doesn't impact them that those instead use free rebuilds of their product. In fact, it is a better option for them than to use a completely different distribution, such as a Debian one, since using CentOS means that you are already used to their distribution, and may become a customer in the future when you have acquired the financial capabilities, as well as the demand for commercial support contracts.
Re:So go take over. (Score:1, Insightful)
So tell me exactly why this is a problem for a bunch of geeks?
this pesky little thing called the law?
Re:Is This Bus Syndrome? (Score:3, Insightful)
Re:Is This Bus Syndrome? (Score:1, Insightful)
Redhat is on record as being perfectly okay with what CentOS is doing. In fact they've helped them from time to time.
Redhat is at this very moment pointing out their now very obvious value-add.
Re:An Alternative (Score:3, Insightful)
There is, however, something stopping anyone else from accessing the (allegedly) thousands of Euros of donations which went directly into the hands of one now missing person every month.
When you try to 'fork' a bank account, sometimes the people at the bank get a little upset.
Re:Peace (Score:5, Insightful)
Perhaps it would be better if people stopped deluding themselves into thinking that "Enterprise Class" means anything beyond buzzwords.
Re:Is This Bus Syndrome? (Score:5, Insightful)
The way I see it, it's their company. They can either keep me around forever, and appreciate the work I do, or let me go. Either way, I did a good job while I was there.
As I heard it through the grapevine, they spent an absolute fortune redoing everything I did. They switched the servers away from Linux to FreeBSD. They didn't optimize things as well as I had, so that left them in a situation where things simply didn't work as well. They rewrote a lot of my software. Some was trivial, and some was very intricate. I strongly suspect they were trying to defeat my back doors that they were never able to find. The funny part was, I didn't leave any back doors. If I leave a back door for myself, that means there's a back door for someone else to exploit. I spent enough time watching the front door for trouble, why should I have to double my work? :)
The only contact I've maintained is watching their Alexa score drop. It's nothing related to anything I did, but I strongly suspect there have been some nasty technical issues, since some people have called and emailed me saying that the site was suddenly unavailable, or throwing weird errors. I know what the weird errors were. Misconfigured servers, because they were deviating from my well constructed and tested plans. Some of them were obvious. They put into production what I had already tested and decided were not satisfactory for that environment. C'est la vie. I moved on to better things, and they were stumbling over old hurdles. It seems that happens a lot. Places like to second guess the work of old staff just for the sake of trying to make him/her look bad. Sometimes it's just to justify why they got rid of him/her, even years after he could care less. :)