LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

LWN Weekly Edition

Front page
Security
Kernel development
Distributions
Development
Linux in the news
Announcements
->One big page

 

This page

Previous week
Following week

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Distributions

News and Editorials

Fedora: (another) proposal for extended support

By Rebecca Sobol
July 15, 2009

Fedora is a fast moving project. New releases are on a six month schedule and each release is supported for only 13 months. Every so often the topic of extending that support window is raised. LWN covered a lengthy thread on the fedora-devel mailing list last October. Now a new proposal from Jeroen van Meeuwen has cropped up on the mailing list.

Fedora's cutting edge desktop is attractive to many, even in corporate environments. For those corporations that run Red Hat Enterprise Linux (or a derivative thereof) on their servers, Fedora provides a more up-to-date, yet compatible, desktop. Many of these corporations are willing to update their desktops once a year so, on the face of it, the thirteen month support window seems like enough. One can run Fedora N for one year and have one month in which to chose to upgrade to Fedora N+1 or N+2 and remain supported. However, things happen. Every now and then you just can't upgrade during that one month window and that leaves you unsupported for as long as it takes to schedule that upgrade.

Having a slightly longer support window is attractive to many, so proposals keep cropping up, but it is hard to achieve in practice. Fedora Legacy was successful for a while, but eventually that project was abandoned. So one has to ask why another proposal would be successful now.

The Extended Life Cycle (ELC) wiki page lists some good reasons for the proposal, but is more vague on how it will be accomplished. The proposal targets Fedora 12 as the first ELC release and calls for an additional six months of security updates after EOS (End of Service), so F12 would receive security updates for a total of of nineteen months. This is about half of the time one would run a RHEL (or derivative) distribution, keeping the desktop much fresher. However the proposal also notes:

  • We do not guarantee binary compatibility with the versions of applications or libraries that were in the Fedora release before it became EOS [End of Support].
  • We do not guarantee a stable API or ABI to the applications and libraries that we provide security updates for.

Clearly those two points could create some problems. No one is suggesting that security fixes be backported, so some packages will break during those six months. If one of those packages happens to be Firefox or some other critical desktop component the whole ELC support falls apart. Of course different businesses will consider different applications to be "critical".

There are other practical issues such as mirror space, CVS commit access, bugzilla maintenance, and more, which are listed on the wiki.

Kevin Kofler notes on the mailing list:

We'd just need some minimal infrastructure effort, one person willing to do the pushes (like you're doing for the supported releases) and everything else would be "as is", if somebody wants something fixed, they'll have to push the fix, if nobody cares, it won't be fixed. It isn't supported after all. And no QA, if it breaks, you get to keep the pieces. Again, it's unsupported, that means what it means. I still think it's better than not getting any security fixes at all.

Kevin Fenzi adds:

I think it is worse. It causes people to have an expectation that something will get security updates, and when it doesn't happen and they get compromised, they will not be very happy.

According to the Fedora Objectives: "Fedora is not interested in having a slow rate of change, but rather to be innovative. We do not offer a long-term release cycle because it diverts attention away from innovation." Clearly any sort of ELC proposal goes against these stated objectives.

Jesse Keating takes a look at how this proposal differs from Fedora Legacy:

First off, I think this is different from Fedora Legacy, or has potential to. Legacy had a few very key fail points. 1) it was opt in. Users had to know about it and actively enable it. 2) it was completely done outside of the Fedora infrastructure. 3) Fedora's popularity was very hit and miss, the type of people that would best use a Legacy like service were too burned to give any Red Hat related offering a shot. 4) RHEL4 (and its clones) were new enough for most of the people that would use this service, and thus they went that way.

However he also notes (among other points) that there needs to be some clarification of what vulnerabilities will get security updates. Clearly a local denial of service is a far different beast than a remote privilege escalation. Updates need to be all or nothing. It can't be up to the developers to decide what applications are critical to all users.

Fedora infrastructure continues to evolve and it could possibly be made to work for this proposal without too many major changes. This proposal is less ambitious than its predecessors, which is a point in its favor. It is also clear that this topic will continue to come up periodically until some solution is achieved. Whether it is this proposal or not remains to be seen.

Comments (10 posted)

New Releases

Yellow Dog Linux v6.2 DVDs Now Available

Fixstars has announced the availability of Yellow Dog Linux version 6.2 on DVD. "This release offers an updated kernel v2.6.29 for 64-bit systems, OpenOffice 3.0, Firefox 3.0.6 and IBM Cell SDK v3.1.0.1, as well as the next generation of ps3vram, which now boasts speeds up to 50% faster than in YDL 6.1 and is automatically enabled as swap."

Full Story (comments: none)

Distribution News

Fedora

New meeting logging facility available

Fedora developers Kevin Fenzi and Jon Stanley have integrated the MeetBot into zodbot to help log IRC meetings. "This plugin was developed by our friends over at Debian, who are using it to record their meetings as well. We would like all Fedora meetings to be recorded using this mechanism, such that there's one format for all of the logs."

Full Story (comments: none)

Fedora Board Recap 2009-07-09

Click below for a recap of the July 9, 2009 meeting of the Fedora Advisory Board. Topics include Sponsorship follow-up, Review of security notification plan, gnaughty issue, Fedora target, Domain licenses, and List monitors.

Full Story (comments: none)

Fedora 9 End of Life

Fedora 9 has reached its end of life for all updates.

Full Story (comments: none)

Slackware Linux

Slackware for ARM

Slackware has a new official port for the ARM architecture. ARMedslack has recently released the port of Slackware version 12.2.

Comments (none posted)

Ubuntu family

Announcing OpenJDK 6 Certification for Ubuntu 9.04 (jaunty)

The Ubuntu Java development team has announced completed certification of OpenJDK 6 for Ubuntu 9.04. "This certification means that the OpenJDK 6 package included with Ubuntu 9.04 now passes the rigorous testing of the Java SE Test Compatibility Kit (TCK) and is compatible with the Java(TM) SE 6 platform on the amd64 (x86_64) and i386 (ix86) architectures."

Full Story (comments: none)

Minutes from the Ubuntu Technical Board meeting

Click below for the minutes of the July 14, 2009 meeting of the Ubuntu Technical Board. Among several other topics, the board agreed to increase its membership. Nominations are open until July 28, 2009.

Full Story (comments: none)

Other distributions

Hardening CentOS (Bofh Hunter)

Jim Perrin looks at hardening CentOS. "I've started a page on the CentOS wiki (Hardening CentOS) that will very likely turn into its own section in the future. This page uses Steve Grubb's RHEL hardening guide, as well as the NSA's RHEL 5 security guide as the basis for locking down the operating system in a reasonably secure fashion. I do not claim it to be all-powerful, nor will everything there apply to everyone in all instances. Take from it what you need to. What is covered on the page is the basis for locking down a system with very minimal impact to distribution standards or package changes. I'll continue to add to this page, and break out other pages to encompass securing the distribution provided httpd, mysqld, etc as I get time."

Comments (none posted)

New Distributions

Jolicloud preview (Cimi's Official Blog)

Cimi has a weblog post about a new distribution called jolicloud. "Basically Jolicloud is a [derivative] of Ubuntu Netbook Remix with wide Prism usage across the desktop environment: the majority of "applications" you have seen in the screenshots are small packages which provide an independent Prism session on a specific website: for example, if you install the twitter application you will get a new icon inside your application list, that icon will start a new fullscreen Prism session for twitter.com. Common desktop applications are also included, like Firefox or VLC, but it is highly focused on web services."

Comments (none posted)

Torinux

Torinux is an Italian distribution from the city of Turin. It is based on sidux (a Debian derivative) that aims to be an easy to use desktop featuring KDE 3.5.10. Torinux comes on an installable live CD.

Comments (none posted)

Distribution Newsletters

DistroWatch Weekly, Issue 311

The DistroWatch Weekly for July 13, 2009 is out. "In the news this week, Slackware finally adopts ARMedslack as the official port for the project, while Ubuntu founder Shuttleworth talks about Karmic Koala, the release scheduled for October this year. We also link to an interview with Jono Bacon, the project's Community Manager. Our feature this week takes a nostalgic look back at some great Linux distributions that failed to survive. Elsewhere in the free software world, Google has announced their own Linux based operating system for netbooks and the BSD Magazine survives some tough times to continue printing. Have a great Monday and the rest of the week!"

Comments (none posted)

Fedora Weekly News 184

The Fedora Weekly News for July 12, 2009 is out. "Here are a few highlights from this week's issue. This past week marked the end of life for Fedora 9, and the launch of a new logging tool to help facilitate reporting for Fedora IRC meetings. In news from the Fedora Planet, an overview of the development changes for Fedora 12, and several posts around Mono in light of Microsoft's recent Community Promise. In Ambassador news, coverage of recent Fedora release events in Vancouver, Washington, Malaysia and India. In Translation news, a new Fedora 11 Users' Guide is now available in Bosnian, changes in Transfix, and new members of the Fedora Localization Project. In Design news, details on a new Gallery test instance for development of in-process works by the Art Team. Also some new wallpapers, and more theming discussion around Fedora 12 'Constantine.' The issue rounds out with news from virtualization-related efforts, including news of more device support in virt-manager, announcement of a new list for discussion of "libguestfs/guestfish/virt-inspector discussion/development." These are but a sampling of this week's Fedora Weekly News -- we hope you enjoy it!"

Full Story (comments: none)

The Mint Newsletter - issue 88

This issue of the Mint Newsletter covers the release of Mint 7 KDE RC1, the June monthly stats, and more.

Comments (none posted)

OpenSUSE Weekly News/79

This issue of the OpenSUSE Weekly News covers the availability of openSUSE 11.2 Milestone 3, Sascha Manns : How to create an Userpage, Thomas Biege: SELinux on openSUSE 11.2, what will be?, openSUSE Forums: Top 3 Applications You Wish Existed in Linux, Linux.com/Rob Day: Howto for Kernelmodules Newbies, and more.

Comments (none posted)

Ubuntu Weekly Newsletter #150

The Ubuntu Weekly Newsletter for July 11, 2009 is out. "In this issue we cover: Ubuntu 6.06 LTS Desktop Edition reaches end-of-life, Community Council: Nominations, MOTU Council, Call for testing: KVM in Jaunty proposed, Ubuntu LoCo Systems admin lessons: Massachusetts LoCo, Ubuntu Forums Tutorial of the Week & Community Interview, The Ubuntu Museum, Karmic Wallpapers, Ubuntu Podcast #30, Ubuntu User Magazine, Ubuntu Netbook is released by Archos, Ubuntu Server Team Meeting Summary, and much, much more!"

Full Story (comments: none)

Interviews

Koala will be 'a definitive shift' for Ubuntu Linux (TechRadar)

TechRadar covers a Linux Format interview with Mark Shuttleworth. "MS: There's some extraordinary work that's been done [on Koala], mostly pioneered by the Intel/Moblin team, the X team, and the kernel team (kernel mode setting), so I think that's going to be a definitive shift for us. I'm really hopeful we get that in."

Comments (none posted)

Ubuntu's Jono Bacon: Open Source Code Priority Should Begin at Security, then Quality, then Performance

The Coverity weblog features an interview with Jono Bacon, Ubuntu community manager. "JB: Ubuntu is used in a variety of industries, from software to engineering to government to retail and more, and has become a general purpose Operating System that can offer competitive productivity and information management tools as well a wealth of specialized tools that are available for download. It's a definitive channel for software developers. Ubuntu has a solid desktop, a good server and mobile experience and an exceptionally large community that refines, extends and supports us. Ubuntu is one of the most popular Linux distributions available, and as such, is ideal for delivering applications."

Comments (none posted)

Distribution reviews

Distro Review: Fedora 11 (Adventures In Open Source)

Dan Lynch has posted a review of Fedora 11 on his weblog. "To sum up then, I think F11 is a good release and well worth a few days of anyone's time. I've never really felt comfortable with Fedora on my home desktop until now. I have everything set up as I need it and I'd be happy to stay here longer. The community has grown in strength, there's lots of help available out there. I think things are really looking up in the Fedora world. They have lots of innovative features and things that will no doubt end up in future releases of other distros. This is where they see themselves, the ground breakers or pioneers who explore new things on behalf of the rest of us. The developers have done a great job on Fedora 11 and I encourage you to take a look at it and let me know how it works for you."

Comments (none posted)

Review: Linux Mint 7 Is Glorious (OSnews)

OSnews has a review of Linux Mint version 7, "Gloria". "Linux Mint 7 is not only shiny and pretty, but well organized and easy to use. It has its slow moments while running on typical netbook hardware, but it still runs snappily for most netbook uses. It has some very viable advantages over Ubuntu in its ease of use and customized system applications, and I believe people who are new to Linux would find Mint much more desirable than Ubuntu in most circumstances. It could definitely use some power consumption optimization as well as some optimization to speed up what it still runs slow. As with most user-installed Linuxes, Mint doesn't exactly like the wireless card on the EeePC 1000 HE, and better wireless support for all distributions is a very major necessity to attract more users. All in all, I have a little crush on Linux Mint 7 and like it better than Ubuntu; I personally give it a 9/10. However, the way it runs on my netbook calls for a score nearer to 7/10, disappointingly. I do look forward to future releases and hope they may be more optimized for netbooks."

Comments (none posted)

Page editor: Rebecca Sobol
Next page: Development>>

Copyright © 2009, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds