> Since the earliest days of Linux or MySQL, there were companies set up to profit from others’ contributions. Most recently in Linux, for example, Rocky Linux and Alma Linux both promise “bug for bug compatibility” with Red Hat Enterprise Linux (RHEL), while contributing nothing toward Red Hat’s success. Indeed, the natural conclusion of these two RHEL clones’ success would be to eliminate their host, leading to their own demise, which is why one person in the Linux space called them the “dirtbags” of open source.
> If there are any real parasites, it's Oracle Linux.
https://en.wikipedia.org/wiki/Oracle_Linux
> Oracle Linux (abbreviated OL, formerly known as Oracle Enterprise Linux or OEL) is a Linux distribution packaged and freely distributed by Oracle, available partially under the GNU General Public License since late 2006.[4] It is compiled from Red Hat Enterprise Linux (RHEL) source code, replacing Red Hat branding with Oracle's.
I had no idea that Oracle Linux was essentially RHEL with %s/Red\ Hat/Oracle/g and Oracle has a market cap of $330bn
I avoid anything Oracle. Their licensing model is hell. Their products are usually terrible compared to competition. Cloud products are subpar. Products tend to require a support contract since it’s proprietary dogshit.
Some tidbits of Oracle and Larry Ellison (founder, CEO):
- in the early days of Oracle DB, it was benchmarked and compared against other RDBMS and Oracle DB was found to have poor performance. Ellison and Oracle tried to get the professor fired and introduced language into their EULA preventing benchmarking [1,2]
- then there is the growing list of controversies documented on Wikipedia [3]
[1] https://web.archive.org/web/20150313140846/https://starcount... (2015, archive.org)
There are so many CVEs for Oracle specifically that are just bad default usernames and passwords, where they still dispute the CVE reports because it is "intended behaviour".
So ridiculous...
Or they argue to exhaustion that MySQL (not MariaDB) is totally fine for production, despite decades the company who now owns MySQL strangling companies to near death over minutia.
It boggles my mind.
That is not the case, RHEL is not possible with out the wider ecosystem, and to say Rocky Linux is a "dirtbag" for repacking RHEL, would be like saying RedHat is a "dirtbag" for packaging any number of free software projects they consume into their product.
It completely antithetical the free software movement for which Linux is Licensed
However it is perfectly on brand of the "Open Source" corporatist movement that seems to be supplanting free software
RHEL Clones: Take finished source code, rebuild, test, release.
RHEL: Work upstream to develop features / submit features upstream before inclusion in RHEL, maintain specific versions of upstream, test hundreds of upstreams together to make sure they can be shipped together as an operating system, develop "glue" software like Anaconda to install + manage the whole thing, take source, build, test, release, accept bugs, start over again for next minor release or major release as needed.
And, of course, this elides all the certification work that makes RHEL an attractive enough project to rebuild in the first place because people want very specifically a RHEL compatible distribution to run an application or applications on top of.
What people get pissed at Red Hat about isn't that they don't get to access the source. They're pissed they don't get the convenience. Largely speaking, the people who get pissed aren't concerned about Free Software, either - they just want easy to run binaries. As I understand it "get binaries for free" is not mandated by the four freedoms. The source code is still out there for people to study, change, use, and redistribute. That seems entirely compatible with the free software ethos - but incompatible with the freeloader ethos.
This has been happening on HN too. The vilification of GPL and AGPL as ”not free in the truest sense of the word”, the usage of RMS and his personal image to label the free software movement outdated/fanatical/toxic is a testament to how corporate rebranding efforts have succeeded in replacing free software with open-source — software that is conveniently licensed so that corporations can bake it into their product without a single concern for the longevity or well-being of the developer or the software itself.
GPL tries to guarantee an environment for user freedom (not developer convenience, like permissive licenses). It has builtin protection against someone closing the source. It doesn't protect against some company pulling an Internet Explorer on you (i.e. providing a free equivalent) with your own code, because this doesn't directly concern user freedoms. You don't have to be actively helping them though.
I think ultimately free-of-charge mirrors should exist, but I see good potentials in companies discovering business merits of GPL, and hopefully AGPL. We need more vigor for those, after getting lucky once with Linux. We cannot rely on good will of corporations (only enforced law works on them), so any sign of luring them into copyleft somehow is a good thing. This would be a long road, but who knows what could happen in the current "AI" chaos and regulation scares.
[1] Of course only have to assuming that you are not the original author and you're building on someone else's code received under GPL.
Given Oracle's rather well-earned reputation, that does not sound like an attractive proposal to me, but there's a chance orgs that are on the hook for anything Oracle already might not share that assessment.
IIRC, Oracle's move to eat part of Red Hat's lunch was considered the reason Red Hat stopped making the kernel source available in the form of mainline tree + patches, thus making it less convenient for Oracle's staff to provide support at the same level of expertise as Red Hat, but I don't think anyone working at Red Hat has commented on this on the record.
I have no love for Oracle but I would imagine one of the reasons Oracle embraced RedHat Enterprise Linux early on was the fact they could fork it if it was in their interest - this was tremendous value for RedHat for a time and helped its establishment as leading Linux for Enterprise.
Remember also what RedHat itself "stands on the shoulders of the giants" - there are a lot of packages which RedHat includes. Years ago when I worked at MySQL AB RedHat used to include MySQL packages, say they are covered by their "subscription" but have no revenue share with MySQL AB (as creators)
Note I'm not complaining I'm saying this is exactly how things upposed to work - MySQL got great value from being Open Source and allowing Linux distributions to include it (and make money on it) freely.
MySQL got great value
The "Unbreakable Enterprise Kernel" includes full btrfs, extensive device support (that is removed from the stock kernel), is tuned for the eponymous database, and is always more current. There are several scenarios where it is very attractive.
Oracle bought K-Splice several years ago, which was the first rebootless patch solution for Linux. It's only available with a premium license; Kernelcare is a lot cheaper.
Supported Oracle Linux versions are also available for WSL1 inside of Windows.
C:\>wsl.exe -l -o
The following is a list of valid distributions that can be installed.
The default distribution is denoted by '*'.
Install using 'wsl --install -d <Distro>'.
NAME FRIENDLY NAME
Ubuntu Ubuntu
Debian Debian GNU/Linux
kali-linux Kali Linux Rolling
Ubuntu-18.04 Ubuntu 18.04 LTS
Ubuntu-20.04 Ubuntu 20.04 LTS
Ubuntu-22.04 Ubuntu 22.04 LTS
OracleLinux_7_9 Oracle Linux 7.9
OracleLinux_8_7 Oracle Linux 8.7
OracleLinux_9_1 Oracle Linux 9.1
SUSE-Linux-Enterprise-Server-15-SP4 SUSE Linux Enterprise Server 15 SP4
openSUSE-Leap-15.4 openSUSE Leap 15.4
openSUSE-Tumbleweed openSUSE Tumbleweed
I'd never go for btrfs in anything enterprise.
But it does annoy me how RHEL moves normal open source software to the separate repos that are available with extra support packages, it just makes managing it annoying
CentOS was huge towards equipping smaller IT departments, startups and student on the RHEL ways, allowing them to jump on "real RH" when they got bigger. Alma Linux is the same. Rocky Linux does sell support, but even then it's still advertising RHEL.
However you may feel about Red Hat's actions, I'd trust that folks at Red Hat have done enough legwork to figure out that "CentOS as a loss leader for RHEL" wasn't working out the way people like to imagine it would.
(Note: I am a former Red Hat employee, but I do not have and haven't had specific access to any data estimating what CentOS Linux was expected to add to or subtract from the bottom line. But I feel pretty sure that many deals won and lost have been examined, many customers spoken to, and numbers crunched to inform their actions.)
And it turned out near-nobody did so they turned it into stream so you could no longer have "same as RHEL" version.
I'm reminded of the definition of a linux distribution: a package manager and a source repository.
(that said, unbreakable linux, yeah)
The only outcome I see for these "business models" at Oracle, Rocky, Alma, etc. is increasingly less availability of software for us regular users. Say what you might about RH but you can't argue that they put out massive amounts of open source code out there for all to use. Or they did anyway.
I can see their problem with Oracle, but Rocky linux is probably bringing them business.
If my job wouldn't mandate a specific distro, I would use Rocky Linux where the management doesn't want to pay for support, and RHEL whenever possible.
Because CentOS existed, I made sure most of my open source work would run just as well on all RHEL derivatives as it does on Debian.
If Rocky didn't exist, I would quickly drop all my RHEL support because operating thousands of test machines and containers based on UBI and having to keep up with their licensing game would cost too much of my time.
Rocky and Alma are the only reason devs like me still build anything for RHEL.
But other distros are much better IMO.
There's good reasons that a totally free distro like Debian is forked so much. It's just a really solid base. Software doesn't need to have a business model to be great.
I'd be a lot sadder to see Debian disappear than RHEL and its derivatives.
All I know is anecdotes. RHEL 7 and Ubuntu 14.04 came out around the same time. Around May, upstream QEMU started getting bug reports from Canonical developers that you couldn't reset a virtual machine that had been created in 12.04 and migrated to 14.04 due to some firmware incompatibility.
In RHEL we had started testing cross-version migration 6 months in advance.
Alma/Rocky aren't to my knowledge offering any support (and if they plan to, they shouldn't). Are customers cross-shopping RHEL with Alma? You either want support, and buy RHEL, or you don't, and you use something else (Alma/Rocky, or Debian/Ubuntu etc..)
They are not. Maybe this is how the YC/VC crowd sees everything. Dollar went in, two dollars come out. Two points:
1) RHEL is not an island. It uses (and contributes) upstream.
2) They undercut the spirit, if not the letter, of GPL by forbidding customers from releasing the sources. Don't want derivatives ? Don't use copyleft free software. Can't have your cake and use it too.
RHEL became the enterprise Linux distribution because it was the one used and supported by Oracle, back then, when many companies still used Oracle as their database.
I am talking about 15 years ago.
Even nowadays at work, we all use Ubuntu in our workstations, but the servers run CentOS (another repackaging of RH).
Without the support of Oracle, we all would be using SUSE in our servers, instead of a Red Hat based distro.
https://blog.prusa3d.com/the-state-of-open-source-in-3d-prin...
That's funny, because that's how I tend to feel about Red Hat.
> By July 2018, Phoenix has caused pay problems to close to 80 percent of the federal government's 290,000 public servants through underpayments, over-payments, and non-payments.
> Instead of saving $70 million a year as planned, the report said that the cost to taxpayers to fix Phoenix's problems could reach a total of $2.2 billion by 2023
Also note that IBM contributions to Linux kernel in 2000, was one of the reasons it actually took off.
And this is yet another part of the reason why I don't understand the big push for RedHat specific tooling. Podman comes up a lot. But, just like with everything RHEL it seems as though RedHat / IBM wants to be the Apple of Linux. I'm not a fan of that. I also don't believe IBM is a good steward of OSS based on how I've seen them try to sell it in the enterprise.
I'd wager it is driven by RH simply being "least worst" of the options which can be relied on to stick around long enough for enterprise users.
Canonical are doing their best to screw the pooch with snap and similar nonsense, leaving the only other option being cobbling together a collection of tools from fly-by-night small projects - which might go full unicorn-wannabe and adopt an open-core SaaS model any second.
IBM is doing the thing IBM knows how to do, which is have their internal politics, honed over a century or so, dictate the customer experience.
Some growth metric that can't be realized quick enough through innovation (new products or services), so the only recourse is to cut costs or get more revenue from existing products without improving them.
They bought it for Notes, Notes was good before IBM purchased it, rel 4 was pretty good. New Releases it got worse and worse. They finally dumped it I think two years ago and sold it to another company.
The worst part about the packaging work is, the tools used to create RPM packages is showing its age. RPM macros, the language for describing packages, is based on text substitution which makes it tricky to write. [1] RPM builds don't do build-time sandboxing, so a package won't build consistently across machines without extreme care taken in both the package descriptions and the build environment. Even if the package itself builds and runs on the same machine, it isn't guaranteed to run on other machines too because it lacks a way to ensure reproducibility.
[1]: For example, commenting out a macro might not work as expected because the expanded text might include a newline.
The issue is that there is no alternative. I'm not aware of any distro with its base and all its packages working seamlessly with SELinux enabled.
Setting up SELinux in any other distro is, in my experience, an uphill battle. You need to become an SELinux expert to do so.
> The worst part about the packaging work is, the tools used to create RPM packages is showing its age.
Most people don't really create RPM packages, they just install them. And in this area dnf[1] is cutting edge: file-level dependency solver, delta-package downloading, parallel downloading, ...
To reiterate:
> There are certainly cases where the stability of RHEL makes sense. But too often teams use them when they need latest versions of software, resulting in pointless packaging work.
DNF doesn't solve this specific problem.
RHEL has never used that, and Fedora has perennial discussions about killing it because the benefits rarely outweigh the costs anymore
Why is this a dealbreaker ? Ubuntu has apparmor which is similar. Maybe selinux is stricter/granular etc., but that's not a business level differentiator. Your company won't fail or succeed because of selinux.
I've been personally using Tumbleweed on my personal devices and it's been great. I've not had a single issue with stability and almost always gotten extremely recent versions of software.
I think it's phenomenal and worth a try (or multiple; I didn't get it the first or second time but now I wouldn't want to go back to something else). But if you go in expecting a traditional Linux distro, you will be disappointed/confused.
Red Hat could minimally perform this duty by providing the source only to those who download the binary releases. As there are several avenues for free downloads (developer, 16 free licenses for small business, etc.), the source will be available by that route.
If you read the original announcement, this is exactly the case
"For Red Hat customers and partners, source code will remain available via the Red Hat Customer Portal."
In theory nothing prevents Rocky and Alma from buying a license, downloading the sources, and rebuilding the packages from there. The terms of service restrict only redistribution of binaries, not sources, and the GPL dictates that those would remain available.
The article states clearly that they are doing this, no need to speculate.
I also wonder how it will go if AWS provides RHEL for a server, and you ask them for the source.
I don't think it will be much more difficult to obtain.
links to "SATPC0031698 Tab 04 SOW.pdf"
which has 2 line items,
- CIQ Rocky Enterprise Linux Per Person Advanced - Annual Subscription Service Period: June 1, 2023-May 31, 2024
- CIQ Rocky Enterprise Linux Per Person Advanced - Annual Subscription Service Period: June 1, 2024-May 31, 2025
Quantity of 3 for each of them.
https://news.ycombinator.com/item?id=36417968
Shouldn't be of relevance.
My guess is that IBM was so difficult to deal with that they decided to move away from RHEL wherever they could. Perhaps getting the actual support they purchased was too much of a challenge.
If IBM is pissed, they should take a good hard look in the mirror before they malign other distributions.
https://www.nas.nasa.gov/hecc/support/kb/news/transition-to-...
When NASA combined their disparate field center mail systems into one (OneNASA and later NOMAD) massive mail system in 2006-2008 they deployed everything that wasn't the squishy Exchange underbelly on SuSE Enterprise 10.
The field centers were very invested in RHEL. Mostly for scientific software and Oracle.
JPL has traditionally been separate from the rest of NASA and works with CalTech for their infrastructure.
All the drama in Linux with Wayland, RHEL sponsored init, snap/flatpak and now IBM/RHEL has been causing me to seriously evaluate the BSDs. I have been doing that for a couple of years.
I would be fully on OpenBSD now, but the hardware I have is one of those with 2 videos, integrated and Nvidia. And that system does NOT allow me to disable the Nvidia Chip.
When using Nvidia, that chip is correctly ignored by OpenBSD, but it gets so hot I can almost fry an egg on it. I have some mitigations in place, but it still gets rather hot, CPU and disk stays normal.
The same is true with NetBSD, I have not tried FreeBSD yet.
This RHEL thing may be the last straw, I may bite the bullet and see if the heat causes failures and if so evaluate this:
https://news.ycombinator.com/item?id=36292831
FWIW, I did add paste, a full cleaning. And this was purchased used rather cheaply 2 years ago. It is 9 years old now.
Why am I bothered by this ? This seems to be a weak first step of companies making Linux go proprietary. Already we need many proprietary blobs.
And funny, NASA just signed a contract with Rocky and CERN went with AlmaLinux,
We all want to love BSD, and it does get love in proprietary spaces like Netflix, Playstation and Apple, but those companies have the resources to actually create the pieces they need and do not have an obligation to share it. (E.g. MacOS is literally a certified UNIX, but the GUI layers are private.)
For non-corporate users, in some ways it is like what Debian faced when they realized they really did need to start including wifi firmware into the install media, because people were like, why doesn't this connect to the router? What's wrong with this? This is actually something that I've run into personally.
At the end of the day though, BSD isn't realistic as a desktop. OpenBSD disables stuff for security reasons which harms performance, so it wouldn't be first choice as a desktop. NetBSD is what Open forked off of many years ago and I recall NetBSD as one of those "let's try to make it install on anything" show and tell pieces, but not something you'd really be using for anything. FreeBSD was the only one that was reasonably usable. Dragonfly is another fork (this time off FreeBSD).
All of them have to port the Linux video drivers, Linux desktops, etc.
It's actually somewhat unusual that Linux is the one that won the battle for resources, because corporations hate sharing and being open.
I'm curious what role you think the LF plays here, or what they'd do to prevent Red Hat from "getting away" with doing something that is entirely within Red Hat's rights to do.
The Linux Foundation is a trade organization. It was created from the merger of the Open Source Development Labs (OSDL) and Free Standards Group. The OSDL was funded by several large corporations - including IBM, Intel, HP, Fujitsu and others.
LF wasn't "bought" by IBM and others. It was literally created by them. Granted, Microsoft is a newcomer (relatively speaking). But the LF is and always has been a trade organization that supports the interest of companies that want to do business with open source.
But the short version is Wayland does do everything I need, plus it is Linux specific.
The LF who fought attempts to hold VMware accountable for alleged GPL breaches?
In the past, customers have been able to redistribute the RHEL repos freely. I assume that will remain the case as long as CentOS Stream is open source.
Edit: Actually, it wouldn't surprise me if IBM put some content in the RHEL repo that is under restrictive licenses that couldn't be redistributed just to complicate things, but all the important parts will remain open source, due to close ties to CentOS Stream and Fedora. Rocky/Alma already have to replace trademarks, and this wouldn't be much different, but they would have to obtain access to the repos as customers themselves, or have another customer strip the bad stuff out before throwing it over the fence. We'll have to see how hostile they want to be about it.
There's a duality here. Yes, by the nature of the distribution, GPL, and licensing general, Red Hat cannot stop or prevent a customer from distributing RHEL packages and software to third parties. However, Red Hat reserves the right to terminate any existing subscriptions a customer may have as a result of their package distributing. IIRC, the Enterprise Agreement makes it pretty clear the services and offerings provided by the subscription are for the customer and the customer only. Going outside of that violates the subscription's terms, not the softwares' licenses, therefore allowing Red Hat to end business with said customer.
For those concerned about the final year of CentOS 7: it will not be touched. It will continue to see source exports to git.centos.org as there is no parallel CentOS Stream 7 platform. Also, git.centos.org is not EOL either because it is used by other groups than Red Hat, like CentOS Special Interest Groups.
I'm not so sure. They're obligated to release the GPL'd code, which of course covers Linux itself, but they're under no such obligation for the non-GPL'd software they include.
They could license their RHEL-specific backport patches for non-GPL'd software such that they could not be redistributed, and if that code gets merged into CentOS Stream it could just be dual licensed from that port forward (so Stream could stay open but RHEL would be locked down).
The whole point of RHEL is the long term support (the back-porting), which is what they're going to stop publishing.
Stream does have major versions so you can continue to use CentOS Stream 8 and get backports. You only lose anything if you're tied to some minor version of EL for some reason.
I still consider Fedora one of the best distros out there (bleeding edge and polished as much as possible) and I prefer to use the same-ish distro on my personal computers and on the servers but this is another nail in the RH-based distro coffin for me.
But it seems Debian unstable on desktops and Debian 12 stable on servers might work just fine. Truth be told, I only need a 5.x/6.x kernel with cgroups/namespaces/ebpf on my servers and flatpak on the desktops and I'm fine.
Red Hat did not fire the FPL. They laid off the Fedora Program Manager, which is a different role entirely. I would still say that was a lousy decision, but the FPL is a very different role that goes back a very long time and AFAIK remains filled by Matthew Miller.
I've seen the two roles conflated here and there so I figured it was worth correcting here so it doesn't continue to spread.
That is a violation of their terms of service and will result in a termination of your subscription unless I'm misreading it (section d):
Unauthorized Use of Subscription Services. Any unauthorized use of the Subscription Services is a material breach of the Agreement. Unauthorized use of the Subscription Services includes: (a) only purchasing or renewing Subscription Services based on some of the total number of Units, (b) splitting or applying one Software Subscription to two or more Units, (c) providing Subscription Services (in whole or in part) to third parties, (d) using Subscription Services in connection with any redistribution of Software or (e) using Subscription Services to support or maintain any non-Red Hat Software products without purchasing Subscription Services for each such instance (collectively, “Unauthorized Subscription Services Uses”).
https://www.redhat.com/licenses/Appendix_1_Global_English_20...
So the prohibition on "redistribution" in this context would be on the compiled binaries. i.e you could not pay for a subscription and then mirror the yum repos publicly.
In general though it is clear what RedHat does not seems to want to play Open Source game any more, at least when it comes to RHEL.
Similar to Amazon/AWS RedHat seems to be moving to Open Source of convenience, where you have portions of your software Open Source when it helps your business, and not so much if it does not.
I guess it’s quite pragmatic from the short- and even medium-term perspective, although it likely may become well poisoning in the long term.
There used to be an understanding that since Red Hat is making a lot of buck on the shoulders of contributors making FOSS available, they have an obligation of giving a considerable amount of goodwill in return. It looks like they are now pulling a Reddit, but making it a long game.
I mean, right now it looks like they are protecting their business (you really want to get paid for having to backport fixes to some library which has been EOLed and forgotten by its upstream half a decade ago, and for all stability promises no vendor is giving!), but it’s opening a way to shittier practices, if you get my drift.
Anything they please likely includes terminating your account if they sniff you using it to avoid the fees or enabling others to do so. If you are contemplating, say, using a Red Hat Individual Developer Access (or what they call it) to redistribute the sources, they have a provision in the terms you have to agree to just against such cases.
Our dedicated servers are about $100/month for pretty serious hardware (2 x 8-core CPUs, 64 GB RAM, 2 x 8TB HDD, 30TB transfer). Paying $349/year is a significant percentage of that. It is worse for smaller servers, and ludicrous for small virtual machines in the cloud.
I would not mind throwing them a bone to have e.g. security updates at some reasonable cost. Their official repositories don't have enough packages, so I end up having to use 3rd-party repos for normal things, e.g. Postgres. Having a more full-featured repo of up-to-date software would be useful to me.
I have been running CentOS 7, but when that is no longer supported, I will switch to something else like Ubuntu or Debian, whatever our hosting providers support. I am already using Debian or distroless for containers.
And then RHEL will be completely irrelevant to me. Good job, IBM.
Canonical's model is to ship the kitchen sink and wing it in case a customer wants support on something that is in a sorry state.
Different customers, different requirements.
I would prefer a variant of GPL which strictly forbids this (imo it should already be forbidden, these are clearly additional restrictions). Let's put "GPL v2 or later" to good use...
This wouldn't be the first time. The very origin of the DD-WRT router distro was a hard fork of SveaSoft's "if you share this, we cut off your access to updates" license.
The only issue is that many cloud providers don't have RHEL as an OS option, so you can't use it on your average cheap VPS.
That assumes you trust them not to do another rug pull (CentOS 8)
https://docs.aws.amazon.com/linux/al2023/ug/relationship-to-...