First off, this is _not_ an anti-Ubuntu e-mail. I not only and regularly deal with supporting Ubuntu in corporate environments, but I run Xubuntu on older hardware myself.
Secondly, a lot of commentary here has surrounded trying to reach contributors. There is a lot of complaints on everything from the agreements to workflow, and the fact that sometimes (although not as often anymore with APT/YUM being so commonplace) that contributors bark about the security hoops.
Third, I have long commended how the Fedora Project (like Red Hat Linux before it) has always addressed "what must be done, no exceptions," even though many things lead to complaints. Some things just cannot budge, and no matter how you try to explain such things to people, some just aren't going to care.
Fourth, as I have repeatedly stated, Conical will find itself in the same positions as Red Hat has more and more. Conical will address those situations much like Red Hat, and suffer the same, misguided but not so uncommon, "demonizations" as a result -- especially as it becomes less and less "new" to people.
"Ubuntu Servers Hijacked, Used to Launch Attack" http://www.eweek.com/article2/0,1895,2171318,00.asp
On Fri, 17 Aug 2007, Bryan J. Smith wrote:
First off, this is _not_ an anti-Ubuntu e-mail. I not only and regularly deal with supporting Ubuntu in corporate environments, but I run Xubuntu on older hardware myself.
Secondly, a lot of commentary here has surrounded trying to reach contributors. There is a lot of complaints on everything from the agreements to workflow, and the fact that sometimes (although not as often anymore with APT/YUM being so commonplace) that contributors bark about the security hoops.
Third, I have long commended how the Fedora Project (like Red Hat Linux before it) has always addressed "what must be done, no exceptions," even though many things lead to complaints. Some things just cannot budge, and no matter how you try to explain such things to people, some just aren't going to care.
Fourth, as I have repeatedly stated, Conical will find itself in the same positions as Red Hat has more and more. Conical will address those situations much like Red Hat, and suffer the same, misguided but not so uncommon, "demonizations" as a result -- especially as it becomes less and less "new" to people.
"Ubuntu Servers Hijacked, Used to Launch Attack" http://www.eweek.com/article2/0,1895,2171318,00.asp
One thing I would say about the Fedora / Red Hat partnership:
There are some things that a Community does well, and there are some things that a Company does well.
Security audits and the like are Boring, Painful, and No Fun At All. But they are necessary. And Companies are far better suited to deal with things that are Boring, Painful, and No Fun At All because Companies can compensate people with Actual Money.
It is the duty of the Company (in our case, Red Hat) to be Responsible for these Boring, Painful, and No Fun At All duties, in order to enable the Community (in our case, Fedora) to do what they do well: production, experimentation, and innovation.
Now, in Fedora, we're very lucky; the Fedora Infrastructure team, which is fairly well divided between Community and Company resources, is absolutely top-notch. But the recent misfortunes of Ubuntu (and the less publicized misfortunes of Gentoo) are a stark reminder that we must not become complacent. There, but for the grace of God and a vigilant FI team, go us.
--g
Greg Dekoenigsberg gdk@redhat.com wrote:
Now, in Fedora, we're very lucky; the Fedora Infrastructure team, which is fairly well divided between Community and Company resources, is absolutely top-notch.
As a self-admitted "Red Hat apologist," there is no end to the demonizations I hear of Red Hat's "overriding decision making" on Fedora. Rumors fly about and when I hear them, I repeatedly find myself saying, "oh, that makes sense because of ..." of which I "just become the target," etc... ;)
But the recent misfortunes of Ubuntu (and the less publicized misfortunes of Gentoo) are a stark reminder that we must not become complacent. There, but for the grace of God and a vigilant FI team, go us.
There is no guarantee there will not be compromise of Fedora, let alone even Red Hat, resources on the Internet. That's just fact. In fact, the worst thing is to be compromised and not know about it (let alone under attack and not mitigate it before it reaches the state of compromise).
But one thing I don't think I'll see is that it is the result of an overlooked process, poorly considered implementation or some lack of "due process" or, more directly yet, "due enforcement" in the Fedora model. Nay-sayers be damned, while it's not perfect, I consider it to "be the standard."
In fact, just yesterday I had to explain to someone how the core approach and balance of community-company in Fedora is no different that what I saw in Red Hat Linux prior -- from the submission, test, release, etc..., including the build and security approaches. Fedora has just become a more formal, more open, more transparent enabler to the community, which is what I had always hoped it would become.
With all that said, the few bits I've been getting on the Conical side shows they have actually been trying to address this for some time. And as I said before, Conical will run into more and more of these community-company considerations in the future. In fact, just last week I heard my first, "Conical is becoming like Red Hat." I neither consider that an insult of or a problem with consideration for the Ubuntu community or development. ;)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Bryan J. Smith wrote:
Greg Dekoenigsberg gdk@redhat.com wrote:
Now, in Fedora, we're very lucky; the Fedora Infrastructure team, which is fairly well divided between Community and Company resources, is absolutely top-notch.
As a self-admitted "Red Hat apologist," there is no end to the demonizations I hear of Red Hat's "overriding decision making" on Fedora. Rumors fly about and when I hear them, I repeatedly find myself saying, "oh, that makes sense because of ..." of which I "just become the target," etc... ;)
But the recent misfortunes of Ubuntu (and the less publicized misfortunes of Gentoo) are a stark reminder that we must not become complacent. There, but for the grace of God and a vigilant FI team, go us.
There is no guarantee there will not be compromise of Fedora, let alone even Red Hat, resources on the Internet. That's just fact. In fact, the worst thing is to be compromised and not know about it (let alone under attack and not mitigate it before it reaches the state of compromise).
But one thing I don't think I'll see is that it is the result of an overlooked process, poorly considered implementation or some lack of "due process" or, more directly yet, "due enforcement" in the Fedora model. Nay-sayers be damned, while it's not perfect, I consider it to "be the standard."
In fact, just yesterday I had to explain to someone how the core approach and balance of community-company in Fedora is no different that what I saw in Red Hat Linux prior -- from the submission, test, release, etc..., including the build and security approaches. Fedora has just become a more formal, more open, more transparent enabler to the community, which is what I had always hoped it would become.
With all that said, the few bits I've been getting on the Conical side shows they have actually been trying to address this for some time. And as I said before, Conical will run into more and more of these community-company considerations in the future. In fact, just last week I heard my first, "Conical is becoming like Red Hat." I neither consider that an insult of or a problem with consideration for the Ubuntu community or development. ;)
It's Canonical. Not Conical
Cheers,
Clint
- -- Clint Savage Fedora Ambassador
Utah Open Source Conference September 6-8, 2007 http://www.utosc.org
Bryan J. Smith wrote:
Fourth, as I have repeatedly stated, Conical will find itself in the same positions as Red Hat has more and more. Conical will address those situations much like Red Hat, and suffer the same, misguided but not so uncommon, "demonizations" as a result -- especially as it becomes less and less "new" to people.
I noticed that you always misspell Canonical as Conical. You might want to fix that before anyone mistakes it as some sort of deliberate insulting slang.
I agree with the basic assertion that Red Hat is better off because it already gone through the transition pain and succeeded in creating a business and larger community model that worked for the advantage of both. Whether it is the "best model" for either is anyone's guess. The things that touch upon control (be it for business, security or any other reasons) vs enabling enabling the community are just details of the larger view. The merge of core and extras has turned the level of package wrangling from repository management to ACL's as an current engaging example of this.
What Canonical is striving for is not something new and they have deliberated followed a Red Hat Linux like business strategy of a single product with optional support and services. It wins over a substantial number of users but unless the market is substantially changing they might end up rediscovering that pure support without product tie-up isn't very sustainable. It is good that they have the luxury of experimenting with this without the pressure of a being a public organization. We will get to know the success (or lack of it) in a few years.
Rahul
Rahul Sundaram sundaram@fedoraproject.org wrote:
I noticed that you always misspell Canonical as Conical. You might want to fix that before anyone mistakes it as some sort of deliberate insulting slang.
Ack! Thanx for pointing that out! Heck, for years I used to spell Red Hat as RedHat (no space).
What Canonical is striving for is not something new and they have deliberated followed a Red Hat Linux like business strategy of a single product with optional support and services. It wins over a substantial number of users but unless the market is substantially changing they might end up rediscovering that pure support without product tie-up isn't very sustainable.
And with releases every 6-10 months (05.10, 06.06, 07.04), but a promised 3 years (5 years on server) Long Term Support (LTS), I tend to agree that is going to be rather hard to sustain once 3 years (5 years on server) of support turns into 5+ releases (possibly 7+ in the case of server ;).
I don't know how many times I have to point out to complainers of Red Hat that the distro they are supporting has never supported a distro has yet to support a distro as long as they claim they will, let alone as long as Red Hat. Not trying to "argue" with them, just point out the fact that they should just "leave Red Hat be" and focus on their own distro.
In reality, the same people who complained about Red Hat have turned to complaining about other distros. As I eluded to, "one the newness wears off," often as the company realizes there's more to supporting 3-5 years than just a statement, those same people tend to just start complaining there too.
It is good that they have the luxury of experimenting with this without the pressure of a being a public organization. We will get to know the success (or lack of it) in a few years.
The thing is that I've seen the "in a few years" too many times now. ;) I know more people are using Linux, and the volumes are greater now, but people who fund those distros (or lack thereof) haven't changed the basic "economies-of-scale" concept.
marketing@lists.fedoraproject.org