The Distributions Take a Stand on Standards
With all of the recent debate about standardization and the future of Linux standards, it's natural to wonder where the major Linux distributions and other key industry players stand on the subject. So, to find out, Linux Journal posed the following question: “What stance does your organization take on the subject of Linux standards and the growing standardization issue?” We received some very interesting responses with quite a variation in length from the major vendors. Here they are, in no particular order.
We at Red Hat are generally in favor of good standards that speak to existing as well as future problems. History has shown that adherence to standards can be very important and failing to do so can cause fragmentation that leads to a very unhealthy situation for all players involved. We do our best to make sure we adhere to useful standards such as the FHS (Filesystem Hierarchy Standard).
New standards for Linux are evolving, and we are working hard to be a part of that evolution. Standards are very important in maintaining compatibility across all Linux distributions. Compatibility is important to keep independent software vendors (ISVs) from seeing Linux as a fragmented mess that can't be supported. ISVs are important because they bring the applications to Linux. Applications are important because they bring users to Linux. As you can see, it's a trickle-down effect that has large implications.
That said, we are working hard to make sure the evolving standards are good ones. Bad standards can also be very harmful. So far, the Linux community has been very good at working out good standards. With a responsible community effort from all players, I fully believe the Linux community can maintain that trend. If so, you can expect Red Hat to participate fully with the standards that are created.
Thank you for the opportunity to respond on Caldera Systems' feelings about Linux Standard Base (LSB). Everyone probably has a slightly different definition of what they think LSB is and what it should be. I will take the liberty of telling you what I think it should be. LSB's main objective should be to solve the problem facing commercial ISVs. LSB should be an effort that would enable commercial software developers to port once and have their applications run on all major Linux distributions. If it does not solve this problem, Linux will have a major problem in the not too distant future. Nearly every ISV we have spoken to wants to remain “distribution agnostic”, but they do not want to support four or more versions to accommodate Linux. The current answer seems to be one of three options: publish the source code to the application and allow the community to support the different versions, pick a kernel version and a library version and allow the Linux providers to offer patches, or just pick one of the distributions to support.
I will address the problems with all three of these ideas. First, publish the source code to the application. This will work in some cases but not in the majority. Some of these industry players have millions if not billions of dollars tied up in proprietary software and hardware that will not allow them to publish their solutions. They do and will continue to support Linux and the open-source effort, but their board of directors, attorneys and stockholders will not allow them to publish source code at this time and may never allow it. Publishing the source opens up significant liabilities. Netscape published the browser source only to outsource it to another company. Publishing source has to be done after significant thought and consideration.
As to the second option of allowing the ISV to pick a version of the kernel and library, what if Oracle picks one and Informix picks another? Or if Corel and Oracle pick different versions and the customer cannot run one of these solutions without searching the Internet to find patches? How will Linux compete against Microsoft when they've claimed to be a one-stop shop? The commercial customer loses because he must know his way around to find the patches and fixes on the Internet. Even VARs and Systems Integrators who are technical enough to do so cannot afford to spend the time.
The third option is to port to just one distribution. This seems counterintuitive to the Linux and Open Source community that believes in choice. However, there are those who would support this option to solve the problem. The major concern with porting to only one distribution is you lose out on the innovations being made by others who are targeting different markets. Some of the leading distributions have targeted the developer as the principal customer, as developers have made up the majority of those purchasing Linux until now. Features like time-to-market are of vital interest to the developer. Packages are gathered from many different sources around the Internet to ensure the quantity and timeliness of delivery, and little concern is given to ensure that source and binaries match. After all, the developer knows enough to make it work.
Commercial concerns cannot deal with more than two releases a year, so time-to-market is not a feature but a liability. Caldera Systems has been focusing on the commercial or business market from its inception and has built features like self-hosting into the distribution. Self-hosting is the discipline to match all source to the binaries. It allows the commercial entity to set all of the compilation parameters for the entire distribution, maximizing performance and support options while limiting security and liability concerns. All the packages are tested and integrated as a single whole. Distributions focused on the developer may choose to take the time to add more packages which appeal only to the developer, or release a technology before it is stable so that developers have easier access to it. The bottom line is that the Linux community and the business customer will lose options and choice if a single distribution is used as the reference platform. Some ISVs may choose one and some another. The only real answer is for the Linux community and the current providers of Linux to collaborate.
Linux and the whole Open Source community have a great opportunity to become significant players in the commercial environment if they remain open-minded. If Linux and the Open Source community can make it easy for commercial players to interact with Open Source without incurring legal liabilities or major costs, Linux will be a significant player and the customer will win.
LSB can be a major step toward solving this problem and showing the industry that Linux is different, not only because it is published under an open-source license, but because its providers have vision. If the major Linux distribution providers can collaborate and support a common kernel and library version as well as the basic interfaces that enable an ISV to port once to Linux and support all Linux providers, everyone wins. If the Linux providers are irresponsible and choose not to cooperate but continue on with their own agendas, Linux is not as likely to fragment, but will fall significantly short of its potential to be the predominant computing platform, open source or otherwise, in the industry.
Linux is not as likely to fragment, as its cousin UNIX did in the OSF/UNIX International debacle, because it is Open Source. However, being Open Source will not completely solve the problem either. The premise that the best open-source technology always wins is not true. GNOME and KDE are prime examples. KDE is excellent technology that has matured faster than GNOME. The main reason GNOME was started was because the Qt libraries KDE depends on were not Open Source. Since Troll Tech has now published the libraries under an accepted open-source license, all concerns about KDE should be over. Instead, a significant public relations effort has begun to continue to spread uncertainty and doubt on KDE. Technologically, it is superior in all cases and is more mature. Why would someone persist in promoting false information about KDE? Because they have invested time, money and energy in GNOME and the KDE developers do not have the funds to fight back. Again, the Open Source community is not immune to the influences of the almighty dollar.
Clearly, if Linux is to achieve its potential as a major industry alternative, we cannot rely upon Open Source alone. All of the industry players must act responsibly. Caldera Systems has always wanted Linux to be a viable commercial alternative, so we believe the only real answer is to support LSB.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- BitTorrent Inc.'s Sync
- The Death of RoboVM
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The Humble Hacker?
- New Container Image Standard Promises More Portable Apps
- The US Government and Open-Source Software
- Open-Source Project Secretly Funded by CIA
- Canonical and BQ's Aquaris M10 Ubuntu Edition Tablet
- ACI Worldwide's UP Retail Payments
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide