Enterprise Unix Roundup: Shopping for Peace of Mind at the SCO Store

by Michael Hall

SCO opened an online store this week to peddle Linux licenses, and peace of mind, to the masses. The NSA released the latest version of SELinux, a set of security-hardening patches for the Linux kernel; and Linux lead Linus Torvalds expressed his displeasure with Intel. To schedule one-time jobs for a future time, we introduce, 'at' as our tip for the week.

Page 1   Page 2
Main   Security Roundup
In Other News   Tips of the Trade

Now and then we like to take a stroll through the aisles of the local computer megamart, accompanied by nothing but the soft sounds of muzak and the murmur of eager salespeople trying desperately to upgrade confused customers from a "perfectly good" laptop to one that won't be "incompatible in a year." Ah, the sweet sound of FUD. We also like to poke around for Linux software, which comes and goes from store shelves based on moon cycles or tidal patterns. We can always turn up a few distributions, StarOffice, and a discounted game or two, but not much more.

But the times are a-changing. Now, we no longer have to leave home to shop for Linux stuff because SCO has opened up its online Linux license store. The store is peddling licenses to Linux, licenses SCO says are necessary to remedy the IP infringements it claims are widespread throughout the operating system.

So what's peace of mind going for these days? About $700 per CPU, according to SCO, with some discounts for those running 8-way systems (although there's an inexplicable $49 gouge over the base price of a single CPU once you go over eight processors).

SCO's also provided a handy FAQ to answer all of your questions, including some pressing ones raised by Free Software Foundation counsel Eben Moglen that we dutifully passed along a few weeks ago.

Perhaps the most alarming part of the FAQ is question number 17, which we're tempted to begin calling the "Teen Slasher Movie Clause." Here, SCO asserts its right to continue suing people even if IBM manages to deflect every one of its charges in the suit in which the two companies are embroiled. With Zen-like calm (or Jason-like implacability), SCO asserts that the IBM suit will not settle the issue of whether SCO's code is really in Linux or not. So that question, and thus the theory on which SCO is trying to sell licenses, seems like it might well involve another suit or two when SCO finally gets around to trying to enforce its license in the courts. That enforcement, by the way, is due "real soon now."

As one-stop handy as the SCO store is, though, we doubt many outfits will be biting. Between numerous indemnification programs being launched and the OSDL's $10 million defense fund, there's a certain sense that time is simply against the company, regardless of the merits of its case. Not to mention an industry largely unimpressed with the SCO's claims to this point.

In Other News

» The National Security Agency released the latest version of SELinux, a set of security-hardening patches for the Linux kernel. The big bonus for Linux in SELinux is the presence of "mandatory access control," (MAC) which creates a more fine-grained approach to who can run what applications on a system than the traditional Unix user/group paradigm. It so happens that a Roundup staffer wrote a rundown of what MAC is all about when the NSA first announced the project in 2001. The other bit of news about this particular release is that more Linux distributors are looking at it for use in their products: Expect to see Red Hat, SUSE, and Gentoo incorporating SELinux enhancements in their offerings.

» Last week we quoted an analyst who said HP might be getting a little itchy under the collar about all the attention attention Opteron and its x86-64 architecture are getting at the expense of Intel's Itanium, which HP is heavily invested in. This week, HP revealed it is introducing Opteron to its Proliant line. Don't look for HP/UX on Opteron, though: The company indicated that it's going to let Windows and Linux do the work on that platform. HP is keeping things friendly with Intel, and noted that it's also moving to support Intel's x86-64 extensions to the Xeon processor family in its product line.

» Linux lead Linus Torvalds was less than happy with Intel's unwillingness to acknowledge rival AMD, whose taillights it is largely perceived to be chasing on the issue of getting x86-64 extensions to market. Never one to mince words, Torvalds noted that "hours after the Intel announcement, people were still confused about whether the new intel [sic] chip was actually compatible with AMD's chips. Why the f--- not just come out and say so, and talk about it? It took people actually reading the manuals (which didn't mention it either) to convince some people on the architecture newsgroups that yes, 'ia32e' was really the same as 'amd64'."

Internally, Intel is said to be rallying the troops, claiming any signs of taillight-chasing are just the work of a tech media hype cycle run amok. It claims it's been looking into adding 64-bit extensions to its IA-32 line for years. From our hype-mongering perch, we don't mean to impugn Intel's obvious technical mastery, but we're pretty sure this is a clear-cut case of a giant missing a trend in anticipation of a peppier IT economy than exists at present.

» Canada-based Linuxant announced its DriverLoader software will now allow Linux systems to use standard Windows NDIS drivers to drive Centrino-powered systems, making the issue of native Linux drivers for the architecture much less pressing.

» The latest server revenue numbers from Gartner pin IBM in third-place in the Unix server market with revenue that grew 13 percent in 2003. Sun, in first place, saw its revenue drop 16 percent. HP remains in the middle of the pack, and its revenue shrank 4 percent. According to the research firm, the overall Unix server market shrank 4 percent, while the Linux server market grew 90 percent. Linux server revenue (which shouldn't be confused with overall deployment numbers), totalled slightly more than 10 percent of the Unix market's.

» The FreeBSD project announced the release of FreeBSD 5.2.1. The release notes have all the details.

» Microsoft's implementation of "e-mail caller i.d." might not seem like such a big deal to Unix admins, but Sendmail's agreement to include a plugin to implement the proposed technique in its own Unix MTA might be cause for a closer look. Sendmail might not be the final word in Unix MTAs, but it's prevalent enough to leave us curious about whether it will have an impact on other MTAs, such as postfix and exim.

» For an in-depth look at the new features in Linux 2.6, as well as a discussion on how to prepare to test the newest Linux release, check out Carla Schroeder's latest article on Crossnodes.

To Security Roundup
To Tips of the Trade

Page 1   Page 2
Main   Security Roundup
In Other News   Tips of the Trade

Security Roundup

  • A hole in the Linux kernel that could allow a local user to gain root access has been discovered and patched by a number of vendors. So far, Mandrake, Trustix, TurboLinux, Conectiva, Debian, and Red Hat/Fedora have issued patches.
  • Several additional vendors patched the problem with XFree86 we reported last week, including SUSE, Conectiva, and Debian.
  • In the "announced vulnerabilities" column, you'll want to be on the lookout for patches to Mailman, fetchmail, and the BSD kernel. These vulnerabilities are so recent that, as of press time, no patches had been announced.

Tips of the Trade

Sometimes, when something needs to happen over and over and over again, it's best to just schedule it as a cron job and forget all about it. But what about when you want to schedule something to happen at some point that's "not now," and it needs to happen only once? Consider at.

Where cron depends on a crontab file to decide when to run scheduled commands, at takes input from the command line. Output from an at-scheduled command is mailed to the user, and notification that the command executed (if it wouldn't ordinarily involve output) can be specified by adding on a -m switch.

at allows very specific time designations. So telling at to "run the shell script /home/joe/bin/verybigjob.sh at 3:38 p.m. three days from now" would look like this:

at 3:38pm + 3 days

at also accepts words like "midnight," "tomorrow," "noon," and even "teatime" (which is 4 p.m. -- we looked it up on the man page).

One common point of confusion: Once you issue the at command with its date qualifier, you'll be dumped into a prompt that looks like at>. At that point, you must enter the command (or commands) you want to run, followed by pressing the control and d keys to exit the command.

If you want to see which jobs are waiting to run, use the atq command; if you want to get rid of a job, use the atrm command. To use atrm, you must know the job number (which is returned when you exit at with ctrl-d), or by looking it up with atq.

To Main Analysis
To Other News

This article was originally published on Friday Feb 27th 2004
Mobile Site | Full Site