More Letters

Red Hat and Cygnus unify

Today marks a significant day in the history of Cygnus, Red Hat, Free Software, and open source software. Both Cygnus and Red Hat have long admired each other's organization and innovative leadership in engineering, promoting, and maintaining Linux software. We are both proud of the fact that the software developed and maintained by our companies has become fundamental to the free software and open source communities, and is becoming fundamental to the larger commercial markets as well. We are also mindful of the fact that we did not get to this point alone.

Having spent a lot of time over the past few months contemplating and discussing a possible merger, we have amicably and willingly signed a definitive agreement to merge. To say that we are excited about the possibilities is the understatement of the decade. We believe that by enabling developers from both companies to work together more closely, with a common and larger purpose, we can drive the open source revolution faster and further than otherwise would be possible.

We hope you will continue your support of both organizations as one and help us move open source even further. Please don't hesitate to email myself or anyone else you know at either company if you have any questions, concerns, or suggestions about how we can make this merger a Good Thing for everybody.

—Donnie Barnes and Michael Tiemann

Re: Red Hat and Cygnus Unify

I have two concerns that I would like publically addressed.

The first is that Cygnus traditionally has addressed groups well beyond Linux. Other versions of Unix, other types of embedded systems, Windows. Many of these areas directly compete with Linux. I think that people who rely on Cygnus in these areas will want to hear a guarantee that the new combined company will continue to support them

The second is quality control. Red Hat is gaining an unfortunate reputation for having poor quality control. Cygnus has traditionally been trusted and depended upon to deliver quality. The switch to the EGCS code base (no matter how good the reasons for it) has already caused issues with people who want to know that they can trust their compiler to act predictably, this move will raise more question marks.

I have more private concerns (eg a personal distaste for this land grab) but I would not expect those issues to be publically addressed.


Re: Red Hat and Cygnus unify

It's a sad day when the employees of a company have to read a public forum to learn about what's going on in their own companies. This is the first I'd heard about this (aside from the “rumor” on Slashdot), and since it's being announced in this forum, I'm replying in this forum (trying to keep my focus on the relevence to this forum, of course).

> we have amicably and willingly signed a definitive agreement to
> merge.

Sigh. What happened to the “good old days” when companies had pride in their success, and fought to retain their independence? Is this a sign that neither Cygnus nor Red Hat feel that they were being successful enough? That, in the long run, money is more important than corporate morals, goals, and identity? Is it the goal of all companies, fsbs or otherwise, to merge into the biggest conglomerates they can?

> To say that we are excited about the possibilities is the
> understatement of the decade.

I would replace “excited” with “concerned” myself. I think smaller companies can maintain focus better, will retain their links with the free software community better, and in general be more in tune with their corporate health. I've worked for large companies, and I felt they couldn't even keep track of their own factions, let alone the outside community.

> We believe that by enabling developers from both companies to work
> together more closely, with a common and larger purpose, we can
> drive the open source revolution faster and further than otherwise
> would be possible.

Is that a good thing? I didn't realize we were in such a hurry to overturn the world order. The free software movement has been about people doing the job right, not doing it quickly. We see what happens when companies (MS) push for speedy delivery instead of quality work. Is this the fate of free software also?

—DJ Delorie,

Is Gnome the Answer?

I just finished reading Phil Hughes editorial, “Is KDE the Answer?”, where he suggests that GNOME developers should jump on the KDE bandwagon in order to speed up development. I disagree. In my opinion, the GPL is the best of the Open Source licences, in that it ensures that all future development efforts must also remain free software. In the long run, this helps the growth of free software. Consequently, when choosing between software projects, I favour those with a GPL licence (as I'm sure do many others).

—Darryl Plank,


In the latest (Nov.) issue, I noticed the SI prefix “tera-” misspelled as “terra-” in three places: p.9 (item 22); in the Arkeia ad on p.21; and in the second column on p.88.

Please note that the prefix is spelled with only one “r”; it is derived from the Greek “teras” (monster), the same stem as in “teratology”. (See any good modern dictionary, or—or any of many other reliable sources.)

Editors are supposed to know stuff like that. Please wise up.

—Andrew T. Young,

Very embarassing, I admit. I have no idea how we let that one get by us. Sorry.

Interesting info about so-called “SEC IPO quiet period”

Kind Greetings to All,

I sent this email for no particular reason other than I thought you might find it both interesting and enlightening, especially since the alleged “SEC IPO quiet period” has received frequent mention in the press in recent months.

I also sent this information along to a few other people I thought would also find it interesting.

About two months ago I viewed a financial program on CNN which among other subjects, briefly discussed the infamous IPO “quiet period.” A senior Bloomberg financial analyst pointed out that the alleged SEC mandated IPO “quiet period” is entirely myth.

According to popular belief, the SEC quiet period is touted as an SEC requirement that is mandated by SEC regulations which require the parties involved in the IPO to remain silent for a specified period of time with respect to almost anything pertaining to business being conducted by the involved parties, their respective business entities, and the IPO itself.

The Bloomberg analyst explained that there are no SEC regulations which mandate and regulate this so-called IPO quiet period. The analyst pointed out the SEC does require all parties involved in an IPO to fully disclose all relevant business information in a responsive fashion at all times, including during an IPO, but to do so in a responsible way that fully and accurately represents all the related business facts without hype, speculation, manipulation, etc. That is, “just the facts, ma'am.”

Being curious I directly queried the SEC myself. Below is the question I posed followed by the email response from the SEC:

[My question, submitted by email:] What is the truth of this alleged SEC mandated IPO quiet period? Is it a myth, a law, rule, regulation or recommendation? What are the factual details? Please!

—Steven M. Ward,

[The SEC email reply to my query:]
Re: Does the so-called “IPO Quiet Period” SEC rule really exist?

Mr. Ward

Thank you for contacting the SEC. Our Division of Corporation Finance provides the information below in order to explain what is a “quiet period.”

Al Lapins

In Securities Act Of 1933 release no. 5180 (Guidelines for the Release of Information by Issuers Whose Securities are in Registration - August 16, 1971), the Commission has emphasized that there is no basis in the securities acts or in any policy of the SEC which would justify the practice of non-disclosure of factual information by a publicly held company on the grounds that it has securities in registration under the Securities Act of 1933. Disclosure of factual information in response to inquires or obligations under the antifraud provisions of the securities acts at a time when a registered offering of securities is contemplated or in process, can and should be done in a manner that will not unduly influence or facilitate the sale of securities in the proposed offering.

It is incumbent on issuers to establish internal procedures designed to avoid problems relating to the release of corporate information when in registration.

[end of SEC email reply]

SCO FoxBase

I would like to suggest that we pester SCO into releasing SCO FoxBase+ to the Open Source Community. Or, port it to Linux, Please!

As an old xBase hound [What is the “PIP” Command], I made a living coding apps in SCO FoxBase+ running on SCO Xenix/Unix. I was a SCO beta tester and had FoxBase beta #2. In about a week I had six users and two printers hanging off an Arnet I/O box attached to an IBM AT running SCO Xenix-86. We hacked SBT modules and made them multi-user. Guess what - that client still runs SBT today.[Yeah, Foxpro 6.0 on Netware] And, the code evolved right along.

I still have a few 10yr+ old apps running on SCO Unix V on Fox. Linux would be an ideal OS for FoxBase. Fox is slim, trim, and really fast. It would make a perfect “back end” for a web transactor too. If anyone has some info, or knows how to get some traction with SCO, let me know.

—Andy Thornburg,

So Many Pictures of Linus

I always look forward to my monthly Linux Journal. With great articles, lots of helpful hints, I even appreciate the ads specificly for Linux hardware. I however am wondering about the infatuation with Linus. Yeah, I realize how important the fella is to Linux and he seems to be a smart human being but I counted 9 pictures of him in this last issue. Some that bordered on a if I dare say it a “Teen Beat” kind of look. (Notice the almost center fold like picture of him sitting -all you needed was the bear skin rug and fire place).

Anyway keep up the great magazine,but please find other people to high-light fifty billion times a year besides Linus. Better yet maybe a person of color. That would be a really cool, novelle and trend setting kind of thing to do. There are people of color in the high tech industry . Many that I am sure who would or who have contributited to linux.


Comment about a 'best of technical support' response...

In the nov 99 issue, the best of technical support covered a 'multiple authorized users' q&a.

The gist of it goes (or my interpretation of it):

system uses lilo, don't want regular users to access lilo.conf which contains authorization passwords, don't want students to gain priviledged access to the machines, lab crew to access but not modify it..

My solution to this problem is simple....

chown root:root /etc/lilo.conf
chmod 400 /etc/lilo.conf
As root you have access to it when you reinstall the boot loader. The permissions are set up to read only by root and no one else which is the best you can really do. If you have access to the root user, you can change the permissions to writable and mess with the file. Option 1 of using a floppy is just as insecure as an unscrupulous person could copy the file to the h.d. and mess with it before reinstalling lilo. Option 2 creates a static password which makes it more difficult to change the password if it has been compromized.

My solution may not be much better, but it at least makes it more convenient and addresses the original problem of users other than root gaining access to the file. If a users gains root access, then you have other security issues to deal with. If the lilo/bios password has been compromized, it is easier to modify:

chmod u+w /etc/lilo.conf
vi /etc/lilo.conf
chmod 400 /etc/lilo.conf

—Paul-Emile Gaudet,

Re: Synchronizing Clocks

With respect to the November issue of Linux Journal, John Morley asked about how to synchronize his clocks. I thought I'd provide my $.02. If this should be sent to the letters section, maybe you could forward it for me.

I've got two Linux boxes and an SGI O2. One Linux box is connected to the internet via a cable modem. The other two boxes are on my private LAN.

I installed xntp3-5.93-2 from the RedHat CD-ROM (RH 5.1). It was quite simple to set up. I found three sites who were level 2 ntp servers on the internet, spread out around the country. Each of these sites are supposed to be synced up with level 1 ntp servers which, in turn, are supposed to be synced up with an atomic clock site.

I sent e-mail to the administrators of these sites and told them I was going to be using their ntp services (not always necessary). Then I added these servers to the /etc/ntp.conf file.

I used chkconfig to enable xntp on boot up and the gateway system was now synced up.

On the gateway machine, I modified /etc/rc.d/rc.local to have the following lines:

   echo "Starting timed:"
   echo "  /usr/sbin/timed -n local-net -M -F gateway-host"
   /usr/sbin/timed -n local-net -M -F gateway-host
Where: local-net is a network I defined in /etc/networks which is the netmask of my local network. gateway-host is the hostname of the gateway host.

This starts the timed daemon as the master (since the gateway machine is locked to the ntp sites, it should have a reliable clock so I want it to be the master). The -n option keeps timed on the local network so it doesn't try to respond to time requests on the internet. The -F option tells the timed daemon to trust only itself.

On both of my other machines, I started timed the same way, by adding the same lines to the /etc/rc.d/rc.local file except with the following options:

   /usr/sbin/timed -n local-net
This makes the other machines slaves to the master. Now, all the machines are synced to the gateway machine which is synced to ntp servers which are synced to an atomic clock.

I don't know if others are interested in this, but you're welcome to print it if you want.

—Chris Carlson,

Feedback on November issue

This issue was generally quite good, but I was quite disappointed in some of the articles:

- the Linus interview was interesting in covering his background, but had too little technical content - I'm more interested in what Linus does and how he thinks than how he grew up!

- the MySQL article was excellent, giving a good overview of why it is how it is - I would like more detail on why they omitted transactions, which are IMO one of the key reasons to use a DBMS!

- the EMU article was excellent, more like this please!

- the client/server and diald article was also very good - I hadn't realised some of the limitations of diald before.

- the VA workstation review was OK, but please put basic material such as the intro to L1 and L2 cache and SDRAM in a call-out box! Most PC users know what these users are, never mind Linux users! These are probably useful for some people, but best done in a separate box.

- the DB2 review was so short it should not have been published - it hardly reviews any of the features of the product, and reads as if the writer ran out of time - it should have been held over until completed.

- the RAID controller review was great, exactly what's needed.

Overall, I think you could benefit from more stringent editing - stories that relate real world experience or investigate products in depth are preferable. The ones I find really fascinating are where someone has applied Linux in a real world environment, learning about Linux and project problems on the way.

I am now a subscriber BTW, hope you go from strength to strength!

—Richard Donkin,

Interview with Linus

I find it odd that I would write to a computer journal about religion, but then I find it odd that a computer journal would express opinions on religion.

Marjorie Richardson and Linus Torvolds seem to me to completely misunderstand what separation of state and religion are about. It is NOT, as they imply, that religion, or religious views, are not to play a role in politics. Rather it is that the US government was not meant to establish any official religion or denomination.

Many of the founding fathers of the USA were deeply religious men, and their religious values played a central role in the writing of the constitution. The idea that religion should be kept out of politics would have been strange to them. Many people came to the new land to escape religious persecution - persecution from denominations that had become part of the government of the countries they came from. They wished to found a land were people could be free to express and practice their religious beliefs, without interference from the government. But today that notion has been reinterpreted to say that the government should proceed without interference from religion.

As a native of England, I find America's deep connection to religion endearing. Linus is living in the USA because the economy and opportunities have created an environment in which interesting companies like Transmeta can be formed. I believe that this strength of America comes from its religious background, and that if America begins to ignore its religious roots, that it will cease to be the power that it is today.

I would also like to take the opportunity to compare the founding of America with another event of that time, the French Revolution. The French Revolution was more atheistically inclined than the American Revolution. While the American Revolution has lead to a powerful nation that has in many ways championed the rights of men and women over the whole world, the French Revolution was taken over by the despotic Napoleon, and followed by many bloody revolutions, lasting over a century.

—Stephen Montgomery-Smith,

Wasted Opportunity

The interview with Linus Torvalds (November 99) was a waste of time, ink and space. Who really cares about his politics, religion, family or anything else that has absolutely nothing do with Linux? This was an opportunity for probing his mind about anything related to Linux instead we are treated to soft questions and New Age psycho-babble. This 'interview' passes for real journalism? I thought this magazine was a serious forum for the Linux community. I was mistaken.

—Gopi Shah,

lilo/silo passwords (in BTS)


I just noticed your question about LILO/SILO passwords in Linux Journal.

This is actually trivial to do; the ease follows from the fact that only root runs LILO. (I assume the it would be similar for SILO.)

Based on the above assumption, the following commands would make lilo.conf unreadable by normal users:

   chown root /etc/lilo.conf  # probably a no-op
   chmod 600 /etc/lilo.conf
Assuming that both the hardware is secured (BIOS passwords, locked covers etc.) and the “restricted” and “password” LILO options are set, this is IMHO better than “hard-coding the password in /sbin/lilo and making it mode 0700”.

—Ambrose Li,