Red Hat is one of the most prolific single-entity contributors to open source in the history of open source. I find it really odd that some FOSS people regard Red Hat as some sort of evil corporation that should be the target of said FOSS people's flung shit.
By the way, what did Firefox do to live down its IceWeasel[1] infamy?
The Firefox trademark dispute is not the same thing. Red Hat was attempting to keep their product from the open-source homebrew market -- they wanted to charge money for their software, and did this as far as the license would allow. Red Hat was as hostile as legally permissible to anyone trying to circumvent this, like CentOS.
Mozilla simply claimed that the Firefox trademark cannot be applied to any codebase that Mozilla, the trademark owner, hadn't officially sanctioned. They began to actively prosecute those cases because some people were modifying the Firefox source to contain malicious code and calling it "Firefox", misappropriating Mozilla's trademark. Because Debian issues a version of Firefox that contains unofficial patches, they cannot legally call their distribution "Firefox", since Mozilla hasn't officially blessed that exact codebase.
tl;dr Red Hat was trying to make money from users, and Mozilla wasn't
Disclaimer: I personally fully support making money from users and reject freedom 2 as a true fundamental of "free-as-in-freedom software". I'm just explaining why some people in FOSS dislike Red Hat, as it pertains to the CentOS backstory, and why nobody cares about Mozilla's brief trademark dispute with Debian.
"Red Hat was attempting to keep their product from the open-source homebrew market "
Nothing would make Red Hat happier than having every hacker under the sun using Red Hat - what they were attempting to do was keep the enterprise customers, who were currently paying $1000+/CPU (or so) go with a free alternative and kill their company.
Simply removing three things allowed them to do that: (1) No RHN/Up2Date available for Centos, (2) No Support, (3) Most importantly, absolutely no mention or reference to "Redhat" Trademarks.
Note that having patches from upstream doesn't stop Mozilla from being willing to license the "Firefox" trademark — they will still license it provided they are happy with all the patches. The bigger issue in the Debian case is that while they could distribute a modified version as "Firefox" (under license), some downstream couldn't then take that, modify it, and still call it "Firefox".
Ubuntu, meanwhile, was willing to accept this tradeoff and distribute blessed Firefox, as Ubuntu also has trademarks that downstream modifiers (like Mint) need to remove.
It would be nice if it was easy to remove said trademarks by something as simple as uninstalling a package, however unfortunately most marks are spread throughout the archive.
Because Debian issues a version of Firefox that contains
unofficial patches, they cannot legally call their
distribution "Firefox", since Mozilla hasn't officially
blessed that exact codebase.
There's a lot of sense to this. Consider the hacked up configurations of vim that ship with redhat and debian. The maintainers code intrusive personal-favourite settings into /etc/vimrc (e.g. settings that reformat your code). People get annoyed by the behaviour and think "vim sucks" whereas the default vim distro is conservative about intrusive behaviour.
Mozilla are happy for distros to put out their code - just not hacked up versions of it with the same name. Good for them.
There are some parallels, but I think customizing a default config is subtly different than code changes. Redhat and Debian likely have both, of course...
IIRC there was not any animosity between the firefox an dDebian teams though (there was plenty reported by people who saw the matter and misreported it, and Stallman waded in as is his style which didn't help the mis reporting ("RMS ponders whether Firefox is truly free" was reported as "entire open source community vs Firefox, fight at 11" by some)).
They started user the trademark thing to force some distributors who were adding patches they did not want to be associated with (either because they were just plain malicious or because they didn't want thie bug tracker filled with reports about code they had nothing to do with), the Debian people scanned the relevant legal details and decided that they either needed to stop using hte name or work put together an agreement that covered them. The latter would have been easy enough but was against their preferred WayOfThings(tm) as it would mean downstream of them would (legally speaking) need to make changes or separately arrange an agreement, so they chose a new branding instead.
Neither the Firefox team protecting their name or the Debian team stucking to their mission statement is wrong IMO (though of course some may desagree, depending on definitions of "free" and so forth, so they could be said to be wrong), but without the branding change the two are incompatible on a legal point that was only enforce to stop the malicious.
With the branding change the "conflict" is resolved, and no one is really unhappy or otherwise reasonably put out.
The RedHat/CentOS case is a bit different: the way CentOS were using the name in no way implied that RedHat was responsible for CentOS but did accurately represent how CentOS was built, so CentOS were probably on good legal ground but capitulated because they didn't want that particular fight. This, IMO, made RadHat somewhat bully-like in this case - though to be honest it takes more than one iffy commercial/legal wrangle to undo the pile of good that Redhat has (directly and otherwise) done for Linux and related projects over the years (and continues to do).
'...were modifying the Firefox source to contain malicious code and calling it "Firefox" ' - You put a little load in there.
Not every Firefox patch is obscure, malicious or both.
I find it really odd that some FOSS people regard Red Hat as some sort of evil corporation
Indeed, the success of Linux in the enterprise owes a lot to Red Hat, as they gave enterprises the sort of consistent, corporate-buzzword-compliant support agreements that removed a lot of the scariness that would otherwise impede use of Linux for "important" services.
It's not just the support agreements (though support agreements didn't hurt). It's that RHEL provided the sort of stable path for patches and upgrades that Linux traditionally did not, moving as quickly as it did.
It allowed ISVs to certify their software packages against a consistent OS built, hardware vendors to utiliza a long-term consistent driver interface, and end-users to not have to worry about upgrade cycles, sudden performance changes, and so on.
Basically it gave enterprises that had been dependent on Solaris and the like a comparable Linux alternative.
This was true in 1998. Cowardly companies that insisted on being able to pay support for anything they deployed were able to hand over $$$ to RedHat then tick the box of 'support'. However, as we all know, you get a Linux user/expert to fix the server, you don't call RedHat.
Due to the success of Ubuntu you have user/experts in small to medium sized companies that have 'given Linux a go' and got some good experience of Ubuntu. They might prefer the Ubuntu ways of doing things, e.g. the 'no root' security model, the modern, up to date packages (e.g. latest version of PHP), the ultra easy firewall and plenty else.
However, due to the perception that Red Hat is 'enterprise' and that small to medium companies re cheapskate, the CentOS rip-off gets specified by micro-managers because they have heard it is more 'enterprisey'. 'They know best' and go with the turgid CentOS regardless of whether any developers on the team would prefer something else.
You then have a lot of hosting companies pushing CentOS because they think it is more 'enterprisey' and what their customers want. Non-technical managers listen to them and then blame their team for any server problems.
Sure, if you know your way around Red Hat it is the greatest thing since Windows 3.0, you can get it to do what you want just fine. But, actually, if you are not an expert yet then very little about Red Hat is obvious. Far too many answers to common problems are guesswork in forum answers that you come across. Furthermore any serious claim to better security goes out the window as soon as you add random repositories that you might need just to get your work done.
Red Hat has had its day. CentOS has been a mere rip off of Red Hat and it has not added to the state of the art. I know it has its fans but I wish it would just go away.
From someone who's day job it is to manage thousands of Linux servers and has professionally worked with SLES, RHEL, Fedora, Debian, Ubuntu, and a custom Linux from Scratch internal Linux distribution, you couldn't be farther from reality if you tried.
"""Due to the success of Ubuntu you have users/experts in small to medium sized companies that have 'given Linux a go' and got some good experience of Ubuntu""". I'm sorry, but there are very few Linux professionals I've ever met I'd consider themselves "experts" who would recommend Ubuntu for their environment. Pretty much 0 except the one guy I work with on the board of Software in the Public Interest (nonprofit that runs Debian). Ubuntu did the smart thing and got onto the "cloud" bandwagon very early. As a result, Ubuntu is likely one of the more pervasive operating systems within that community. The cloud environment is a very small part of the entire Linux ecosystem and doesn't equate at _all_ with the high end "enterprise/hpc" industry. Don't believe me? Take a look yourself at the top 500 supercomputer breakdown by operating system. Exactly 0 Ubuntu clusters. Ubuntu with high end sans such as EMC/Hitachi/etc? Nope, it plays massive second fiddle to RHEL where those companies first certify their hardware for.
Ubuntu is better than Debian regarding security (almost exclusively from the excellent work of Kees Cook, who now works on security for the ChromeOS project at google and hardens the Linux kernel. However, it still can't hold a candle to the proactive security features of RHEL (and hence the awful cheapskate CentOS as you call it). Don't believe me? Look up the gcc stack smashing protector and fortify source patches. Look at the glibc canary code that also helps (in tandem with the gcc patches) to prevent buffer overflows, execshield (from Ingo Molnar, a redhat employee) before NX bits on cpus were super common, the first mainstream distribution of Linux to include a mandatory access control framework (SELinux) enabled by default. Are some of these features in Ubuntu now? Sure. Why? Because Redhat employees wrote them and got them into upstream software, which downstream distributions like Ubuntu which do precious little engineering have adopted.
CentOS is more enterprisey than Ubuntu. Why? Because it is based on the enterprise standard when it comes to Linux, Redhat Enterprise Linux. Ubuntu still sucks with big enterprise SAN gear, it also sucks with some of the more high end networking kit (infiniband on Ubuntu, possible, but a royal PITA and the vendors laugh at you), it is terrible for realtime stuff, but it is fantastic if you want the same interface on your desktop, tablet, and phone. If you don't know your way around Linux (your comment about not knowing your way around Redhat), perhaps you shouldn't be managing Linux servers and you're helping contribute to the list of botnet nodes due to not having a clue what you're doing? Again, I work on Linux fulltime and have for awhile, the major serious differences between Redhat and Ubuntu/Debian:
- /etc/network/interfaces vs /etc/sysconfig/network-scripts/ifcfg-*
- /etc/default vs /etc/sysconfig
- metapackages for everything vs yum groups
- dpkg/apt vs rpm/yum
- Building debs vs building rpms (I could rant for a day on how much ridiculously easier it is to build redhat packages)
- Preseed vs Kickstart (wth was Ian Murdoch thinking here? Preseed is still years behind kickstart in being awesome)
If you know Linux, you can learn those differences well in less than a week. Linux isn't obvious, it requires a lot of reading and experience. My whole point is basically that you are completely wrong and quite clearly don't realize you are wrong because you don't seem to have an idea of what you're even talking about. I do personally think Mark Shuttleworth and the Canonical crew are doing wonderful things for desktop Linux, and general Linux marketing, but they've done tons less when it comes to Linux engineering compared to what Redhat has done.
Sorry for the rant. It isn't normally my style, but this is just ridiculous. Feel free to downvote this, but please do some reading and learn Linux. You'll realize I'm likely right.
well then how would you compare Redhat Enterprise with the Gentoo distribution and other more custom type distros? what exactly is the 'enterprise standard? It seems like Redhat enterprise is used in corporations because it has become a so called 'standard rather then being superior to other Linux choices. it took a long time to even get Linux into the corporate world because other Unix's were 'standards.
Please forget enterprise. It is used and misconstrued until it means nothing. Lets talk about manageability. How do you (easily) manage 1000 gentoo (or arch linux) servers? You could have a distcc farm to build your base distro from stage1 (if you needed to) or just copy down the binary stage 3 builds and then bootstrap using binary ebuilds, but it is still a whole lot more difficult than a full binary distribution such as Redhat or Debian. Dealing with large clusters of servers, the tools that they include or write and then open source are what really blow me back.
Just a few in no particular order:
- the RHEL kernel. Redhat has consistently topped the list of Linux kernel contributors for years. The first google hits for it were http://lwn.net/Articles/451243/ and http://lwn.net/Articles/507986/, but that hasn't changed for a looooong time. They basically have as much of a monopoly on core Linux kernel develops as is possible in such a large complex project. Quite literally, there isn't a company in the world with more Linux development chops than Redhat. If you run critical applications on Redhat servers (think banking or wall street exchanges like NASDAQ or hospital systems that downtime could result in real problems), Redhat will be able to fix it if anyone can. I'm not pretending working with Redhat support is fun, but they are better equipped from an engineering standpoint than virtually anyone. The numbers back that up. Due to this, the Redhat kernel is an interesting hybrid of slightly older and battle tested stable with newer features backported. This is achieved because super often the people who write the features upstream tend to be redhat employees, so they do both. If I was asked to pick one thing that set RHEL / Redhat / CentOS apart, it would be the work that goes into their kernel for QA and testing / backporting. Look at a company like Canonical, they have a bit more than a dozen (https://wiki.ubuntu.com/KernelTeam) kernel developers. They simply can't compete on engineering resources due to their limited number of engineers. As a result (and a smart business move) the are more consumers of patches from upstream than producers. Also, look at the lwn "who wrote linux X.YY" articles. You'll rarely and almost never find Canonical on that list except for when they got the apparmor patches merged (props to them!).
- sssd[1] - a solid implementation that essentially unifies pam ldap/kerberos, pam_ccreds/nslcd/nscd/pam_access all in one very nice implementation. This makes (for instance) joining your Linux nodes into an Active Directory ___domain (without using commercial software from likewise or some other cruddy vendor) just work out of the box. It also makes single-sign-on and migration from standard ldap to kerberized ldap (a very hard problem) super duper simple.
- cobbler[2] (and now the foreman[3]) - These tools along with redhat's kickstart make pxebooting a cluster of 500 new servers very trivial to turn into 500 new ready to use for production servers. Gentoo has nothing I'm aware of that allows installing completely automated like kickstart, but someone please enlighten me via a reply if this is incorrect. Michael Dehaan (big HN commenter and wrote the ansible config management tool) wrote cobbler.
- abrtd[4] / faf[5] - abrtd will collect crash reports (segfaults, coredumps, python tracebacks, kernel oopses, etc) and parse the info / store the relevant bits locally or forward on to a faf server. It will allow you to things (for example) like figuring out easily every single system that is reporting a specific kernel oops, which is then tracked down to a specific type of hardware and kernel combination. Sure there are tools like crash and netdump, but abrtd is simply a very modular management tool ontop of all of those things. The public fedora project faf is located at: https://retrace.fedoraproject.org/faf/problems/hot/. faf is good stuff
- freeipa[6] - Honestly up until this project, Linux never had anything that competed with Microsoft's Active Directory for a turn key easy to setup and manage kerberized ldap user and group / policy management product. IPA changes that and integrates very well with Microsoft AD through a kerberos level trust. sssd (above) is the ipa client. It allows true single sign on between Linux and Windows clients, something that is still elusive for most companies.
- standards. Linux's biggest strength is also it's achilles heel. Not having package standards or kernel standards (or stability) prevented a lot of companies from using Linux or certifying their software for Linux early on. Being very conservative in what they will support and supporting it for very long periods of time allowed companies like Oracle (as a horrible example) to port their database to Linux and certify that things are good. Try getting big complex commercial pieces of software working on a build your own distro. It is possible, but is buyer beware. Redhat made this their business model and has done a great job of it. At this point, Debian has also done a wonderful job at standardizing things and being consistent, albeit different, from Redhat.
TL;DNR: Redhat is building tools that make Linux easier to deploy and easier to manage in large "enterprise" environments. These tools make it equally easy to manage in smaller environments. No single entity has pushed Linux further in the "enterprise" than Redhat. I could list plenty more, but this hopefully answers your question fully. If not, click through to my profile, find my resume, and from it shoot me an email.
Exactly. They are just the differences. If you'd want a technical pro/con of Ubuntu/Debian vs Redhat/Fedora, that is an entirely different post equally as large (perhaps more-so). In summary, from an ease of sysadmin standpoint for large numbers of servers, redhat and the redhat ecosystem (cobbler, pulp, freeipa, sssd, abrtd, kickstart) just beats the living pants off of anything Ubuntu/Debian have. It is much easier to manage thousands of Redhat machines (without building everything custom like google) than it is thousands of Ubuntu/Debian machines. I know this because I've done both as part of my day job.
GP doesn't "explain" why RH is evil. Discomfiting legal maneuvers do not cancel their thousands of commits to the Linux kernel, init.d, GWT, Cygwin (!), etc.
It explains why some people in the FOSS community think of them that way.
There seems to be a problem here of people not being able to understand that it is possible for people to have a different point of view, and no amount of "explaining" is going to fix that.
True but Redhat ditching support for home users was pretty lame. I had bought a boxed copy with support two weeks before they made the announcement. I had already downloaded it, I just wanted to support the company. Luckily I knew the manager at best buy, and she let me exchange it for Suse. That being said, I think much of the resentment towards Redhat comes from memories of dependency hell before yum was reliable.
As far as IceWeasel, I asked a Mozilla employee about it a few years ago. He said they generally approved of it, and were just glad that people were using the code.
By the way, what did Firefox do to live down its IceWeasel[1] infamy?
[1] http://en.wikipedia.org/wiki/GNU_IceCat