Tag Archives: linux

Android: the free-ish mobile platform

I’ve been using Android for a while now, starting with the somewhat underpowered HTC Magic (G2) before moving up to a much snappier Google/Samsung Nexus S which is now my current model.

Whilst I’m a fan of the platform overall, I’m encountering more and more issues every day with the fact that Android is being positioned as the poster child of open source in the mobile space (with other alternatives like Meego and WebOS way behind in terms of market share and consumer awareness), yet Android is only partially open source, still relying on large proprietary chunks.

With the recent release of Android 4 (Ice Cream Sandwich), I decided I would run through the steps of compiling Android from source code – I’m a firm believer of only running things that you have the ability compile yourself, and have gone through the exercise of building Linux From Scratch and custom distributions in the past to gain understanding of how the Linux OS is assembled and functions.

Android’s open source release (AOSP) is available from source.android.com which provides instructions for downloading the (large!) source tree, tools and building them into a functional device.

Doing so was an interesting experience – some of the first issues encountered are:

AOSP is limited to working out-of-the-box with only a select number of devices – any official “Google” phones, like the Nexus S or Galaxy Nexus are supported, along with a couple additional vendor models (such as the Xoom tablet).
If you have a non-google supported phone, you’re on your own – depending on your vendor, it may be a simplish, painful or maybe impossible task to obtain the required binary blobs. And that doesn’t cover whether or not the phones have locked or unlocked bootloaders.
Even the Google AOSP supported phones can’t run a pure open source stack, proprietary downloads are supplied by Google for specific hardware components for each model and for a specific OS release. Should Google decide to stop supporting a device with future Android versions (as has happened with earlier devices, you won’t easily be able to support the hardware).
The source is big, the build is hungry and you’ll want some performance to build it. I allocated around 40GB for the checked out source and build space and used most of it, along with 8GB of RAM and a few cores on my Phenom. On the plus side, the build only took a few hours, not the days-long efforts some online had predicted.
Google’s build instructions are a bit lacking, given a week, even a Google intern would be able to make a massive improvement to it, I ended up finding many useful commands online that weren’t documented on AOSP’s home page – such as how to package a build into an OTA style .zip for deployment.
The Linux kernel isn’t compiled as part of the Android build process. Instead, Android used a supplied pre-build binary kernel and just includes it into the finished OS image. If you need to adjust the kernel, it must be built separately and then placed into the correct location in the Android sources. This process isn’t documented anywhere on the AOSP homepage that I could find.

The base AOSP build provided me with core functionality including:

Functional base operating system and all hardware (thanks to binary blobs from Google for my Nexus S).
Communications – calls, txts, wifi, bluetooth, internet browsing
Contacts/Address Book.
Ability to install applications from direct .apk download or transfer using adb from PC.
A generally working and usable device overall.

But I didn’t have a number of needed functions that are typical of off-the-shelf Android devices:

No support for Google Account synchronization – without this, I was unable to download synced contacts and any other information from the cloud account.
No android market, the only way to install applications is from third party markets, direct download of .apk files or self-compiling applications.
No google service-based applications – google maps, gmail, google talk, etc
No face unlock ability – I expected this would be part of ICS, but seems it’s part of Google’s application set…. this mix of having open source and proprietary components is one of the biggest problems with Android, you aren’t always sure what is or isn’t open source.

To get these other needed functions that are typical of an Android phone, you need the Google apps package (or at least the market application so others can be downloaded).

The killer part is that this package isn’t freely available. From what I’ve been able to find, it seems Google only provides their application package to vendors who pass their tests for Android compatibility to maintain quality.

Personally I think this is a lot of crap, considering the shocking quality of some Android devices that have come out – at the very least, the Android Market place application should be freely available, so users can at least choose to download applications, even if Google decides a particular vendor doesn’t deserve their Google apps.

In the end I managed to source a package of the Google applications for ICS thanks to the efforts of the Cyanogenmod team, but this is a shocking approach – not only is there an uncertainty about having the latest versions, but having users trawling through the internet to find tarballs on some forum is an easy avenue for attack and getting malware onto phones.

The fact that I’m so reliant on hackery to get key functionality back for my phone if I choose to build from source, rather than using my phone vendor’s build images is giving me solid reasons to consider the feasibility of dumping Google’s components from my phone and finding open source replacements for them all.

Whilst Google deserves credit for making the base OS comparability easy to build for users of Google-approved devices, the fact that they’ve allowed vendors to get away with binary blobbing drivers everywhere and keeping key functionality proprietary (market, etc) is pretty bad.

Chasing down binary blobs in order to get a device to work as expected is much more reminiscent of days spend pirating software, not of a healthy open source project and it makes Android feel much more hacky and crappy than it should be.

And the fact that the open source build will work with so few of the phones on the market out-of-the-box is just appalling for an OS that’s called open source – I should be able to go pickup any Android phone in the market and be able to compile AOSP for it and have all the hardware supported, not just select models.

Part of this is the fault of device manufacturers, but IMHO, Google should have put down some restrictions in the use of the Android trademark, so that a device could only actually be an “Android” device if it was fully open source and featured an unlocked bootloader.

I’d even accept a compromise where binary blobs are needed for specific hardware, as long as the blob wrapper can be compiled against different kernels and is free to redistribute (aka firmware style), so that I could buy a phone running Android 2 and happily go and build Android 4 for it and expect it to work.

Overall, I’m happy that I could build a functional image for my Nexus S without too much pain, but disappointed that so much of the feature set we are used to with Android isn’t actually open.

Custom CA certificates & Android

62 Replies

With the number of servers I have internally, I have setup my own Certificate Authority and sign all my internal SSL certificates against this private CA.

This offers the useful advantage of being able to import the one CA certificate into all my devices and then being able to validate all connections to remote systems – if you run more than one or two personal servers, I’d highly recommend this approach – certificate signing takes a little bit of getting used to, but it’s a good skill to have.

As I want to access a number of systems via my Android mobile, I needed to import this CA file – the following instructions were followed with ICS release 4.0.3, however it may apply to earlier/later releases as well.

If you’ve followed most typical instructions for building your CA, you will have an PEM encoded CA certificate file in ASCII format. This is fine for import into most browsers and desktop OSes, however Android is particularly fussy with it’s input and requires a binary format only.

You can convert the CA PEM format file with the following command:

openssl x509 -inform PEM -outform DER -in CA.pem -out CA.crt

Then transfer the generated CA.crt file to the sdcard – easiest is via adb:

adb push CA.crt /sdcard/

Once done, you will be able to tell Android to install the CA file via Settings -> Security -> Credential Storage and selecting “Install from storage” and following prompts.

To verify functionality, easiest test is to access an https website signed with your CA certificate via the browser.

Some commenters have had issues – here is me importing a valid CA cert in DER format.

Impatient Linux geek’s review of Win8 preview

2 Replies

As you undoubtedly know, I’m one of Microsoft’s biggest fans [1], so I eagerly downloaded the newly released Windows 8 Developer Preview to take a look at what they’re aiming to with Windows 8.

This post is just based on a quick look as someone who runs Linux 24×7 for everything, has a lot of familiarity with Windows XP as a user and admin, some Windows 7 user-level experience and without looking through the online resources or keynotes about new capabilities – a pure “fire it up and see what happens” test and figuring out things as I go along.

[1] OK, maybe not really. [2]
[2] OK, so maybe I hate the company, their proprietary products and culture of lock-in. [3]
[3] Fuck Em

Environment

To begin with, I downloaded the 32bit OS ISO – mainly because the memory requirements and download sizes are less than the 64bit release and I wanted to see how it would go with 1GB RAM – an amount not unreasonable to expect on lower power tablet computers currently on the market.

I installed it onto my RHEL 6-based Linux KVM server (Kernel-based Virtual Machine, a fantastic virtualisation platform shipped with the Linux kernel and packaged into a number of distributions such as RHEL 6).

I didn’t bother looking for any paravirtualised I/O or networking drivers for Windows 8, so the guest was running on emulated IDE hardware, thus ensuring that I/O would not have anything resembling performance, so I haven’t critiqued Windows 8 for performance at all in this review. :-)

Apparently a lot of people have had problems trying to run Windows 8 on VMWare, but Linux comes through again as an impressively capable platform for virtualisation. [4] :-)

[4] To date, KVM has virtualised for me: Linux, Windows, BSDs, Minix, HaikuOS, several large routing companies OSes and more. :-)

Installation

Installation was typical as per any OS installation from ISO media – virt-install read the ISO fine, launched the windows installer and proceeded to install with a very Windows 7 like installer.

It did “feel” faster than a Windows 7 installation onto the same platform I did recently, however that is purely anecdotal and may be impacted by 32bit vs 64bit install size differences.

After the base installation, typical reboot happened, although it appeared to cause my VM to shutdown rather than reboot – after powering back on, Windows 8 proceeded to take me through the re-done setup screens.

Did you hear? Green is in this year!

It’s a big change from previous install screens – looks like Microsoft pretty much tossed out the UI and started again, basing everything around the colour green.

However it does appear they’ve lost some UI concepts in the process – for example, in the above screen I needed to set a computer name – but clicking in the name field didn’t display me a cursor, nor did the example text vanish, typical responses of most current OSes.

I also found that Windows 8 would refuse to take “devel-win8-pre32” as a hostname, considering it too long – this isn’t really a problem for your average home user, but drives a power user like me up the wall – I want hostnames that suit *my* desires damnit!

Taking a leaf from Apple, or even Google's Android, Microsoft is tying the OS to their online services - although the paranoid can bypass - for an average users, the synchronization features sound like a nice touch.

Not being a Windows Live user (I have an account lying about for occasional use, but not for anything important) I originally tried to bypass the Windows Live registration step, but found that the installer crashed out with an error later on when I did.

After retrying with an “advanced/custom” configuration behaviour and using Windows Live it worked successfully – or at least it didn’t complain about anything I entered, I’m still a little unsure as to whether it logged into an existing account or just created me a new one.

Some UI confusion there - Windows tells me it's creating my Windows live account, but that account already existed....

Being impatient with a GUI OS not giving me any nice console messages to read (like any nix geek really – everyone wants to know what the OS is busy doing!!) I started clicking impatiently and was rewarded with a nice placeholder screen:

Well at least it's not blue?

(It’s actually a major improvement – impatient clicking is the leading way I cause Windows desktops to fall into performance hell, many a time I have attempted to do too many tasks on a Windows XP system to have everything in the OS crawl to a halt, because it can’t handle the usage patterns I’ve picked up from my Linux environment.)

The Windows 8 UI did feel quite sluggish under the VM, but this is something I’ve noticed with Windows 7 as well – suspect it’s due to the newer UI/rendering in their GUIs which doesn’t play nicely with the un-accelerated 2D VM viewer sessions, rather than any actual fault with Windows.

Despite my best efforts to break it, it eventually completed and I ended up at the shiny new Windows 8 “Metro Style” home screen. :-)

Operation

Oh Hai Metro!

First impressions of Windows 8 is the new Metro style interface – it’s essentially a number of large clickable buttons in a minimalistic style UI – upon clicking a button, it’s application is launched in full screen mode – with a roll over application-specific popup below.

Metro-aware applications launching in fullscreen - in this case, IE accessing my site - note the minor scrollbar and the popup black bottom OS menubar.

The first thing you’ll notice is the very tablet inspired UI – whilst navigable with a mouse, more conventional UI designs are probably still faster/easier to work with – although this is something that may change after a lot of use.

However with touch, this must change a lot – it will be interesting to hear about detailed reviews from users of touch devices with Windows 8.

I did note the non transparent IE icon on the black bar sticking out awkwardly – maybe MS is still having trouble with image transparency in browsers…. :-P

The biggest issue I have with the UI is actually how to get out of it – I found that by moving my mouse to the bottom left corner, the windows start menu – or at least, what remains of it – pops up in a very web-like fashion and you can click to return to the main home page or perform a number of other tasks.

But not always – I managed to get myself trapped inside a paint program that kept blocking the mouse action to get the start menu – and without any windows keys, I was left only with CTL+ALT+DEL to rescue myself.

I'm the new start menu! Don't expect to find anything on me!

The other main issue for me with Metro, was that I *couldn’t* figure out initially how to actually launch conventional programs – since only new metro applications appear on the home screen.

Turns out you now “search” for the programs that you want, or be presented with an alphabetically sorted list – it will be interesting to see how it looks after a user installs 50 conventional applications with half a dozen menu items each, but search does seem to be the way that a number of user interfaces are pushing people towards.

I guess I’m a somewhat old school user who likes my hierarchical menus rather than search – for that reason even some of the newer Linux GUIs cause me pain – but I can respect that the design of these UIs probably aren’t aimed towards people like me.

This is your punishment for loving Google too much, all your UIs will be replaced by search boxes! Mwhahah, search everything! Eventually you'll be searching for search tools to do your searching!

Oh and BTW – don’t rely on the search box – I tried to search for “shell” but didn’t get either traditional command line nor Powershell – not sure what’s happening there….

What is interesting is what happens when you launch a conventional application – I found myself suddenly watching some page flipping graphic animation and being taken to a familiar friend:

I'm a geek, let me tweak something dangerous! >:-D

This probably highlights my single biggest complaint with Windows 8 – it’s not that they changed things, it’s that they didn’t change things _enough_.

IMHO, Microsoft should have thrown out the 1995 derived user interface and gone full on into this new Metro design – with a bit more work, I’m sure it could handle all the same needs just as well.

It’s like Microsoft was split into two teams – one wanting a design for 2011 and one wanting to retain the good old tried and tested design, but instead of either side winning, ended up with this weird dual mode operation.

Of course I’ve always argued that Microsoft should have moved to a BSD based backend like Apple did with MacOS – take the best from the open source world and then build their Windows libraries and APIs ontop of that platform – increase stability, reduced development in the low lever space and ability to move on from win32.

In terms of classic application UIs, a few old friends have had some UI changes, although maybe not so much for command line which has managed to survive a remarkable number of Windows releases whilst looking ugly as fuck.

More graphical wiz in task manager to make sure it runs even slower when your system is crashing.

And of course, the controversial file manager UI changes feature:

Sadly the send to box still lacks "send to pirate bay" or "scp to a real computer" :-(

Whilst I’m sure many readers will lynch me for this, I actually find the new ribbon style interfaces great – I suspect this is because I only really started using MS Office heavily with 2007+ and I found learning with the ribbon easier than with the traditional menu style layout.

Users having to learn new habits will probably hate it though and consider me mad for liking it. They should just harden up and use a CLI, always faster for a power user anyway.

Speaking of which….

Command Line, Fuck Yeah

Apparantly Microsoft has had an improved shell around for a while to replace CommandLine, called Powershell – I won’t go into too much detail about it as it’s not really new to Windows 8, but do want to make some comments because it’s the first time I’ve had an actual play with it:

It essentially looks like they took some of the UNIX concepts and built a new shell for Windows that doesn’t entirely suck like the older one – hey, it even has a “ps” command and has other nix-isms like ls and pwd.

Sadly they didn’t implement the “uptime” command so you can’t compare days online without blue screens nor is there a “uname -r” for kernel version boasting contests. And as a helpful addition, I found a remarkable lack of –help parameter understanding.

Hi, I'm windows! I've finally evolved to where UNIX was in 1980 :-P

Over all, it’s actually pretty nice – doesn’t stack up next to a modern Linux CLI, but miles better than the horror know as cmd.exe :-/

TBH, with Windows 8 they should dump the bloody command shell already and make people get with the program and adopt powershell – at worst it might break a couple batch files or some legacy launchers, but with the massive advantage that Linux geeks like me won’t be able to mock the crappy primary CLI so much. [5]

[5] I’m sure I’ll still find a way to mock Windows. :-)

Conclusion

Over all I found it an interesting system – it feels like they’re halfway between building a new style of desktop OS yet still have that legacy windows feel stuck behind it they just can’t shake.

I would often find myself dumped back to a somewhat Windows 7-like environment but with a funny acting start menu.

I did find the newer UI a bit more mouse intensive – having to cursor down and pause to get the start menu popup – however I suspect people with bad keyboards [6] will find that the Windows keys might make life easier to launch it.

[6] anything not an IBM Model M

We don't need no frigging Windows key! This household only has real keyboards boy!

I have yet to get into the real guts of the OS to see how it’s networking performs, how much memory it eats and how well legacy applications run – this might be tricky without paravirtualised drivers, since the emulated drivers do make an impact on performance.

In terms of quick checks at memory and CPU usage – with only a couple basic OS applications running, the VM was using about 400-500MB out of 1GB assigned and minimal CPU – probably around the same as a Windows 7 install, although maybe a bit less CPU wastage.

And in the hour I spent playing with it, I didn’t cause any nasty crashes – of course, once given real workloads and a variation of different applications and drivers, stuff will get more interesting. :-)

I’m genuinely optimistic about where MS is heading with Windows and their development in general – this is the first Windows release that I believe is accessible for the general public to download and play with, a more public development model will certainly pay off for them with community feedback, bug finding and also just general awareness and free marketing about Microsoft’s new capabilities.

Having said that, for a power user, there’s no way I’d move off Linux to Windows 8, even ignoring the philosophical differences, I still find the Windows architecture too restricting for my liking.

And developing for the new metro interface sounds like a trap for the unwary with restrictions similar to mobile application stores – not everyone shares my concern, but I’m extremely worried about heading into a future where the majority of commercial operating system vendors can control what applications are allowed to be released for their platforms.

In terms of the tablet audience, it will be interesting to see how it fares – whilst the iPad and Android tablets are going to pull off the tablet experience slicker/better (IMHO) the ability to run regular windows programs as the line between PC and tablet converges will certainly be attractive to some – and unlike Microsoft’s past forays into tablet computing, they’ve actually done more work than just slapping a touch screen onto a laptop and calling it done.

And that’s me for now – I may come back with some more on Windows 8 in the next few days, but I’ll prob be moving on to doing some reviews of weird *nix style operating systems I’ve been playing with.

IPv6 Enabled :-)

1 Reply

A while ago I deployed IPv6 to my flat and have been having fun learning and experimenting with the new addressing methods – at some stage I’m sure I’ll write a few bits up, but there’s mountains of information about IPv6 around already – sometimes the problem is that there is *too* much information.

Thanks to the efforts of my employer and colocation provider, my publicly reachable server now has a /56 IPv6 range which I have just started assigning to various VMs and services. :-D

My first step has been to enable the webserver hosting jethrocarr.com with IPv6 – and as of today, you can now reach this site via IPv4 or IPv6. :-)

[jethro@snagglepuff ~]$ host www.jethrocarr.com
www.jethrocarr.com has address 202.170.163.203
www.jethrocarr.com has IPv6 address 2407:1000:1003:1:216:3eff:fe49:df4e
[jethro@snagglepuff ~]$

If you’re unsure whether you’re reaching via IPv6, try accessing ipv6.jethrocarr.com to check – if it works, you are :-D

[jethro@snagglepuff ~]$ host ipv6.jethrocarr.com
ipv6.jethrocarr.com has IPv6 address 2407:1000:1003:1:216:3eff:fe49:df4e
[jethro@snagglepuff ~]$

Next steps will be to setup mail, XMPP and all other sites and services with dual stack IPv4 and IPv6 for my production servers, I’m sure I’ll post again once complete so that you can all start hammering my services and breaking things. ;-)

Once production is sorted, my following tasks will be replacing the Hurricane Electric tunnel at my flat, with another tunnel to my colocation server, since it means reduced latency for all my IPv6 browsing.

I started off my IPv6 learning with the services provided by Hurricane Electric who provide not only a free IPv4 to IPv6 tunnel service, but also an automated online test platform to check your configuration and test access to your systems.

This has enabled my flat to connect to any IPv6 only resources and the few sites that have IP6 available in production services, but isn’t the greatest since it means all my traffic goes out to the US, adding considerable latency.

(I understand there is now a more local gateway in NZ, provided by SixXS which is also an option, but I figure setting up a 6to4 tunnel at both ends to be an interesting learning curve).

DHCP, I/O and other virtualisation fun with KVM

4 Replies

I recently shifted from having two huge server racks down to having a single speedy home server running KVM virtual machines, with the intent of packaging all my servers – experimental, development, staging, etc, into a single reliable system which will reduce power and maintenance costs.

As part of this change, I went from having dedicated DHCP & DNS servers to having everything located onto the KVM host.

The design I’ve used, has the host OS running with minimal services – the host just runs KVM, OpenVPN, DHCP and a DNS caching nameserver – all other services run as guest VMs, with a virtual network for the guests and host to communicate over.

Guests run as DHCP clients – this makes it easy to assign or adjust addressing if needed and get their information from the host OS.

However this does mean you can’t get away with hammering the host too badly – for example, running an I/O and network intensive backup can cause some interesting problems when you also need the host for services, such as DHCP.

Take a look at the following log messages from a mostly idle VM – these were taken whilst another VM on the server was running a bonnie++ process to test performance:

Mar  6 10:18:06 virtguest dhclient: 5 bad udp checksums in 5 packets
Mar  6 10:18:27 virtguest dhclient: DHCPREQUEST on eth0 to 10.8.12.1 port 67
Mar  6 10:18:45 virtguest dhclient: DHCPREQUEST on eth0 to 255.255.255.255 port 67
Mar  6 10:19:00 virtguest dhclient: DHCPREQUEST on eth0 to 255.255.255.255 port 67
Mar  6 10:19:07 virtguest dhclient: DHCPREQUEST on eth0 to 255.255.255.255 port 67
Mar  6 10:19:15 virtguest dhclient: DHCPREQUEST on eth0 to 255.255.255.255 port 67
Mar  6 10:19:15 virtguest dhclient: 5 bad udp checksums in 5 packets

That’s some messed up stuff – what you’re seeing is that the guest VM is trying to renew the DHCP address with the host server – but the host is so sluggish with having to run the I/O intensive virtual machine that is actually corrupting or dropping the UDP packets, preventing the guest VM from renewing it’s address.

This of course raises the most important question: What happens if the guest can’t renew it’s IP address?

In this case, the Linux/CentOS 5 guest VM actually completely lost it’s IP address after a long period of DHCPREQUEST attempts, fell off the network entirely and caused my phone to go nuts with Nagios alerts.

Now of course in any sane production environment, nobody would be running a bonnie++ processes on a VM on an active server – however there’s some pretty key points still made here:

The isolation is a lie: Guests are only *somewhat* isolated from one another – one guest can still mess with another and effectively denial-of-service attack the other VMs by utilising all the available resources.
Guests can be jerks: Organisations running KVM (or some other systems) with untrusted guest VMs should carefully consider how they are going to monitor and protect the service from users running crazily resource intensive processes. (after all, there will be someone who wants to bonnie++ test their new VM simply for the lols).
cgroups to the rescue? Linux cgroups does have an I/O controller (blkio-cgroup) although whilst this controls read/write flow, it won’t restrict seeks which can also badly impact spinning rust based servers.
WTF DHCP? The approach of the guests simply dropping their DHCP address after losing contact with the DHCP server is a pretty bad design limitation – if the DHCP server is unreachable, it should keep the original address (of course if the “physical” ethernet connection dropped, that would be a different situation, and it should drop it’s address to match).
Also: I wonder what OSes/distributions have the above behavior?

I’m currenting running a number of bonnie++ tests on my KVM server and will have a blog post in the near future detailing these findings in more detail, I’m also planning to look into cgroups and other resource control and limiting functions and will report back on how these fare when you have guest VMs running heavy processes.

Overall it made my weekend of geekery that bit more exciting. :-D

CentOS, RHEL and future possibilities?

10 Replies

Those who know me will know that I’m a long term CentOS user – this actually started from my love of RHEL, back in my early Linux using days when I was running Red Hat 8.0.

Whilst it made financial sense for Red Hat to switch to making their product only available in binary form for their customers, at the same time I can’t help but feel this has damaged the appeal of Red Hat for geeks like myself – I’m no longer able to setup friends, family or customers without the funds for RHEL with a quality, enterprise-grade free (as in beer + freedom) distribution.

I do wonder if this contributes to reduced market awareness in the small business space and also whether it reduces the likeliness of geeks like myself promoting the software – after all, if I can’t run RHEL myself, I’m likely to look at other distributions and options and end up promoting those.

With the lack of a free Red Hat enterprise-grade distribution, there are only a couple options for wanting a Red Hat-style experience:

Fedora – the community developed distribution that forms the future base of RHEL, a fantastic distribution in it’s own right, but with only 12 months support per release, not suitable for server deployments.
CentOS – the community free re-spin of RHEL with their trademarks removed to make it legally redistributable.

I’ve been using CentOS heavily on my servers and Fedora on my workstations, however there are a number of security delays that are concerning me about CentOS which have been recently highlighted in an LWN article.

Essentially, the core problem is that the latest version of CentOS is still only 5.5, whilst Red Hat have had 5.6 out for some time, with numerous security updates in it that have yet to be released for CentOS…..

Having systems vulnerable to known exploits with no upstream patches is always a pretty serious concern to any system administrator…. this is leading me to re-think my usage of CentOS and to consider whether I should consider other platforms.

I’ve never been a huge fan of Debian in the past, but I’m considering giving it a more detailed look and try – Debian has the advantages of a strong community (like Fedora has) but without the limitation of a short support life – although then again, Debian’s releases and support spans are a little less rigid than Red Hat, which is somewhat annoying.

There’s a few server platforms that come to mind – Ubuntu LTS, Mint Linux, Debian, Open/SuSe or of course, Fedora.

The other option is that I could spin my own distribution – based on the number of custom RPMs I already build, rebuilding Red Hat’s update packages for my own needs wouldn’t be too hard, but I really don’t want to get caught up in distribution maintenance for the next 5 years plus it’s not suitable for customer deployments – so even if I decide that a custom built system is best for me, it still doesn’t solve the “what do I install for others?” question.

Maybe I need Fedora LTS – long term support for specific versions of Fedora – 3 or 5 years would be wonderful and meet the needs of server administrators.

This was tried once before, with the Fedora Legacy project, but it didn’t last long – possibly the goal of supporting *all* the releases was too much to reasonably handle, so an approach of selection even/odd number releases only might make it more feasible – I know that I’d certain be willing to contribute.

Anyway, this is a late night concerned system administrator brain dump about the problem, interested in thoughts and comments from others here about distributions they use/would consider in the server environment.

PHP Podcast Interview

Leave a reply

Whilst at was at linux.conf.au I got interviewed by Steve from the Coding by Numbers podcast series, along with @LGnome about PHP, some of it’s background, future and general thoughts.

Listen to episode 23 interview regarding PHP.

LCA2011: Day 07

Leave a reply

OK, technically there is no LCA day 07, but seeing as it was the last day in Brisbane I figured I could get away with it, without needing to create a separate heading. ;-)

Firstly, I found an awesome pic of me by Andrew McMillian aka Karora on Flickr which clearly demonstrates my need for a haircut:

Me at the Professional Delegates Networking Session (pic by karora)

I spent the morning catching up on sleep and then after packing, I headed into Brisbane Times Square to attend a Fedora meeting at the library.

After that, I headed back to Urbanest by walking from the library, across a bridge and then along southbank back to the accommodation.

Hai Gais! (pic by @chrisjrn on a very awesome high quality lens)

Photoshop the bottle & caption if you dare ;-) (pic via @chrisjrn)

I then caught the AirTrain with @chrisjrn and another guy to the Brisbane Airport – I have to say, I love the AirTrain – it’s fast, easy, comfortable and cheap to get to/from the airport or any station along the gold coast.

I'm on a train!!! (pic by @chrisjrn)

Fast train is fast!

Travelling in style!

Brisbane Airport is pretty decent, didn’t take long to get through security, although I got explosive tested *again* which I find somewhat amusing, since they test for explosives far more often than drugs and I’d bet good money as to which one 20-something European males typically carry….

Flight was delayed a little, but made it to Melbourne with 30mins to spare to connect to the Melbourne-Hobart flight.

One oddity from arriving in Hobart was the way they advertise their seal touristy things:

Baggage seal watches you get security scanned!

LCA2011: Day 06

Leave a reply

Technically the conference finished yesterday, however I went along to the open day event today to visit some of the stalls and people from the conference.

After re-grouping at the conference venue, we hit the town for lunch and then proceeded to bar hop our way back to the conference accommodation at Urbanest.