Hacker News new | past | comments | ask | show | jobs | submit login

In the beginning, there was Red Hat Linux[1]. It was sold in boxes at stores such as CompUSA (remember?) but was also available for free download from Red Hat.

Then, Red Hat decided they could make more money by spinning off Red Hat Linux into a separate enterprise-only product called Red Hat Enterprise Linux (RHEL), which they declined to make available for free in a ready-to-install binary form. Fedora[2] was also spun off at this time, as the free successor to Red Hat Linux that was supposed to be only suitable for home users. Fedora development was/is sponsored by Red Hat but they did not offer end-user support, in contrast to RHEL.

Meanwhile, there was demand for a free version of RHEL. Since it was built with GPL software, Red Hat was obligated to make it available in source form, but their trademark policy prohibited anyone else from using the Red Hat name. Therefore, a group of volunteers took RHEL, removed Red Hat trademarks, and called it CentOS. To avoid confusion, CentOS explained the origins of the distribution on their web site. For their efforts, they were threatened by Red Hat's legal department and forced to remove all mentions of Red Hat and even links to Red Hat's web site from the CentOS web site. CentOS complied and began referring to its Red Hat derivations using the euphemism PNAELV[3].

Now, Red Hat has again decided they would benefit from being more directly involved in providing an open-source, freely-available enterprise Linux distribution. We've come full circle.

(Flippant depiction aside, I intend no antagonism, but merely find the history of these projects interesting.)

[1]: https://en.wikipedia.org/wiki/Red_Hat_Linux [2]: https://fedoraproject.org/en/about-fedora [3]: http://www.pnaelv.net

Red Hat is one of the most prolific single-entity contributors to open source in the history of open source. I find it really odd that some FOSS people regard Red Hat as some sort of evil corporation that should be the target of said FOSS people's flung shit.

By the way, what did Firefox do to live down its IceWeasel[1] infamy?

[1] http://en.wikipedia.org/wiki/GNU_IceCat

The Firefox trademark dispute is not the same thing. Red Hat was attempting to keep their product from the open-source homebrew market -- they wanted to charge money for their software, and did this as far as the license would allow. Red Hat was as hostile as legally permissible to anyone trying to circumvent this, like CentOS.

Mozilla simply claimed that the Firefox trademark cannot be applied to any codebase that Mozilla, the trademark owner, hadn't officially sanctioned. They began to actively prosecute those cases because some people were modifying the Firefox source to contain malicious code and calling it "Firefox", misappropriating Mozilla's trademark. Because Debian issues a version of Firefox that contains unofficial patches, they cannot legally call their distribution "Firefox", since Mozilla hasn't officially blessed that exact codebase.

tl;dr Red Hat was trying to make money from users, and Mozilla wasn't

Disclaimer: I personally fully support making money from users and reject freedom 2 as a true fundamental of "free-as-in-freedom software". I'm just explaining why some people in FOSS dislike Red Hat, as it pertains to the CentOS backstory, and why nobody cares about Mozilla's brief trademark dispute with Debian.

"Red Hat was attempting to keep their product from the open-source homebrew market "

Nothing would make Red Hat happier than having every hacker under the sun using Red Hat - what they were attempting to do was keep the enterprise customers, who were currently paying $1000+/CPU (or so) go with a free alternative and kill their company.

Simply removing three things allowed them to do that: (1) No RHN/Up2Date available for Centos, (2) No Support, (3) Most importantly, absolutely no mention or reference to "Redhat" Trademarks.

Centos had everything else.

(3) Most importantly, absolutely no mention or reference to "Redhat" Trademarks.

This is evil, because the law is supposed to allow referential use of trademarks as a fair use.

Otherwise, RedHat's existence is highly beneficial to Linux.

That's a self-imposed policy on CentOS' side, not something they were forced to do.

Yes, and the other big advantage of RHEL in enterprisey environments is their compatibility certifications with other vendors (e.g. Oracle Database).

Note that having patches from upstream doesn't stop Mozilla from being willing to license the "Firefox" trademark — they will still license it provided they are happy with all the patches. The bigger issue in the Debian case is that while they could distribute a modified version as "Firefox" (under license), some downstream couldn't then take that, modify it, and still call it "Firefox".

Ubuntu, meanwhile, was willing to accept this tradeoff and distribute blessed Firefox, as Ubuntu also has trademarks that downstream modifiers (like Mint) need to remove.

It would be nice if it was easy to remove said trademarks by something as simple as uninstalling a package, however unfortunately most marks are spread throughout the archive.

I thought there used to be such a package called firefox-branding that would turn Firefox into IceWeasel if removed?

At some point, yes, but the Ubuntu marks are still spread throughout dozens of different packages.

    Because Debian issues a version of Firefox that contains
    unofficial patches, they cannot legally call their
    distribution "Firefox", since Mozilla hasn't officially
    blessed that exact codebase.
There's a lot of sense to this. Consider the hacked up configurations of vim that ship with redhat and debian. The maintainers code intrusive personal-favourite settings into /etc/vimrc (e.g. settings that reformat your code). People get annoyed by the behaviour and think "vim sucks" whereas the default vim distro is conservative about intrusive behaviour.

Mozilla are happy for distros to put out their code - just not hacked up versions of it with the same name. Good for them.

There are some parallels, but I think customizing a default config is subtly different than code changes. Redhat and Debian likely have both, of course...

IIRC there was not any animosity between the firefox an dDebian teams though (there was plenty reported by people who saw the matter and misreported it, and Stallman waded in as is his style which didn't help the mis reporting ("RMS ponders whether Firefox is truly free" was reported as "entire open source community vs Firefox, fight at 11" by some)).

They started user the trademark thing to force some distributors who were adding patches they did not want to be associated with (either because they were just plain malicious or because they didn't want thie bug tracker filled with reports about code they had nothing to do with), the Debian people scanned the relevant legal details and decided that they either needed to stop using hte name or work put together an agreement that covered them. The latter would have been easy enough but was against their preferred WayOfThings(tm) as it would mean downstream of them would (legally speaking) need to make changes or separately arrange an agreement, so they chose a new branding instead.

Neither the Firefox team protecting their name or the Debian team stucking to their mission statement is wrong IMO (though of course some may desagree, depending on definitions of "free" and so forth, so they could be said to be wrong), but without the branding change the two are incompatible on a legal point that was only enforce to stop the malicious.

With the branding change the "conflict" is resolved, and no one is really unhappy or otherwise reasonably put out.

The RedHat/CentOS case is a bit different: the way CentOS were using the name in no way implied that RedHat was responsible for CentOS but did accurately represent how CentOS was built, so CentOS were probably on good legal ground but capitulated because they didn't want that particular fight. This, IMO, made RadHat somewhat bully-like in this case - though to be honest it takes more than one iffy commercial/legal wrangle to undo the pile of good that Redhat has (directly and otherwise) done for Linux and related projects over the years (and continues to do).

'...were modifying the Firefox source to contain malicious code and calling it "Firefox" ' - You put a little load in there. Not every Firefox patch is obscure, malicious or both.

He didn't say that - you conveniently left out the "some people" preceding your quote.

I find it really odd that some FOSS people regard Red Hat as some sort of evil corporation

Indeed, the success of Linux in the enterprise owes a lot to Red Hat, as they gave enterprises the sort of consistent, corporate-buzzword-compliant support agreements that removed a lot of the scariness that would otherwise impede use of Linux for "important" services.

It's not just the support agreements (though support agreements didn't hurt). It's that RHEL provided the sort of stable path for patches and upgrades that Linux traditionally did not, moving as quickly as it did.

It allowed ISVs to certify their software packages against a consistent OS built, hardware vendors to utiliza a long-term consistent driver interface, and end-users to not have to worry about upgrade cycles, sudden performance changes, and so on.

Basically it gave enterprises that had been dependent on Solaris and the like a comparable Linux alternative.

This was true in 1998. Cowardly companies that insisted on being able to pay support for anything they deployed were able to hand over $$$ to RedHat then tick the box of 'support'. However, as we all know, you get a Linux user/expert to fix the server, you don't call RedHat.

Due to the success of Ubuntu you have user/experts in small to medium sized companies that have 'given Linux a go' and got some good experience of Ubuntu. They might prefer the Ubuntu ways of doing things, e.g. the 'no root' security model, the modern, up to date packages (e.g. latest version of PHP), the ultra easy firewall and plenty else.

However, due to the perception that Red Hat is 'enterprise' and that small to medium companies re cheapskate, the CentOS rip-off gets specified by micro-managers because they have heard it is more 'enterprisey'. 'They know best' and go with the turgid CentOS regardless of whether any developers on the team would prefer something else.

You then have a lot of hosting companies pushing CentOS because they think it is more 'enterprisey' and what their customers want. Non-technical managers listen to them and then blame their team for any server problems.

Sure, if you know your way around Red Hat it is the greatest thing since Windows 3.0, you can get it to do what you want just fine. But, actually, if you are not an expert yet then very little about Red Hat is obvious. Far too many answers to common problems are guesswork in forum answers that you come across. Furthermore any serious claim to better security goes out the window as soon as you add random repositories that you might need just to get your work done.

Red Hat has had its day. CentOS has been a mere rip off of Red Hat and it has not added to the state of the art. I know it has its fans but I wish it would just go away.

From someone who's day job it is to manage thousands of Linux servers and has professionally worked with SLES, RHEL, Fedora, Debian, Ubuntu, and a custom Linux from Scratch internal Linux distribution, you couldn't be farther from reality if you tried.

"""Due to the success of Ubuntu you have users/experts in small to medium sized companies that have 'given Linux a go' and got some good experience of Ubuntu""". I'm sorry, but there are very few Linux professionals I've ever met I'd consider themselves "experts" who would recommend Ubuntu for their environment. Pretty much 0 except the one guy I work with on the board of Software in the Public Interest (nonprofit that runs Debian). Ubuntu did the smart thing and got onto the "cloud" bandwagon very early. As a result, Ubuntu is likely one of the more pervasive operating systems within that community. The cloud environment is a very small part of the entire Linux ecosystem and doesn't equate at _all_ with the high end "enterprise/hpc" industry. Don't believe me? Take a look yourself at the top 500 supercomputer breakdown by operating system. Exactly 0 Ubuntu clusters. Ubuntu with high end sans such as EMC/Hitachi/etc? Nope, it plays massive second fiddle to RHEL where those companies first certify their hardware for.

Ubuntu is better than Debian regarding security (almost exclusively from the excellent work of Kees Cook, who now works on security for the ChromeOS project at google and hardens the Linux kernel. However, it still can't hold a candle to the proactive security features of RHEL (and hence the awful cheapskate CentOS as you call it). Don't believe me? Look up the gcc stack smashing protector and fortify source patches. Look at the glibc canary code that also helps (in tandem with the gcc patches) to prevent buffer overflows, execshield (from Ingo Molnar, a redhat employee) before NX bits on cpus were super common, the first mainstream distribution of Linux to include a mandatory access control framework (SELinux) enabled by default. Are some of these features in Ubuntu now? Sure. Why? Because Redhat employees wrote them and got them into upstream software, which downstream distributions like Ubuntu which do precious little engineering have adopted.

CentOS is more enterprisey than Ubuntu. Why? Because it is based on the enterprise standard when it comes to Linux, Redhat Enterprise Linux. Ubuntu still sucks with big enterprise SAN gear, it also sucks with some of the more high end networking kit (infiniband on Ubuntu, possible, but a royal PITA and the vendors laugh at you), it is terrible for realtime stuff, but it is fantastic if you want the same interface on your desktop, tablet, and phone. If you don't know your way around Linux (your comment about not knowing your way around Redhat), perhaps you shouldn't be managing Linux servers and you're helping contribute to the list of botnet nodes due to not having a clue what you're doing? Again, I work on Linux fulltime and have for awhile, the major serious differences between Redhat and Ubuntu/Debian:

    - /etc/network/interfaces vs /etc/sysconfig/network-scripts/ifcfg-*

    - /etc/default vs /etc/sysconfig

    - metapackages for everything vs yum groups

    - dpkg/apt vs rpm/yum

    - Building debs vs building rpms (I could rant for a day on how much ridiculously easier it is to build redhat packages)

    - Preseed vs Kickstart (wth was Ian Murdoch thinking here? Preseed is still years behind kickstart in being awesome)

If you know Linux, you can learn those differences well in less than a week. Linux isn't obvious, it requires a lot of reading and experience. My whole point is basically that you are completely wrong and quite clearly don't realize you are wrong because you don't seem to have an idea of what you're even talking about. I do personally think Mark Shuttleworth and the Canonical crew are doing wonderful things for desktop Linux, and general Linux marketing, but they've done tons less when it comes to Linux engineering compared to what Redhat has done.

Sorry for the rant. It isn't normally my style, but this is just ridiculous. Feel free to downvote this, but please do some reading and learn Linux. You'll realize I'm likely right.

well then how would you compare Redhat Enterprise with the Gentoo distribution and other more custom type distros? what exactly is the 'enterprise standard? It seems like Redhat enterprise is used in corporations because it has become a so called 'standard rather then being superior to other Linux choices. it took a long time to even get Linux into the corporate world because other Unix's were 'standards.

Please forget enterprise. It is used and misconstrued until it means nothing. Lets talk about manageability. How do you (easily) manage 1000 gentoo (or arch linux) servers? You could have a distcc farm to build your base distro from stage1 (if you needed to) or just copy down the binary stage 3 builds and then bootstrap using binary ebuilds, but it is still a whole lot more difficult than a full binary distribution such as Redhat or Debian. Dealing with large clusters of servers, the tools that they include or write and then open source are what really blow me back.

Just a few in no particular order:

- the RHEL kernel. Redhat has consistently topped the list of Linux kernel contributors for years. The first google hits for it were http://lwn.net/Articles/451243/ and http://lwn.net/Articles/507986/, but that hasn't changed for a looooong time. They basically have as much of a monopoly on core Linux kernel develops as is possible in such a large complex project. Quite literally, there isn't a company in the world with more Linux development chops than Redhat. If you run critical applications on Redhat servers (think banking or wall street exchanges like NASDAQ or hospital systems that downtime could result in real problems), Redhat will be able to fix it if anyone can. I'm not pretending working with Redhat support is fun, but they are better equipped from an engineering standpoint than virtually anyone. The numbers back that up. Due to this, the Redhat kernel is an interesting hybrid of slightly older and battle tested stable with newer features backported. This is achieved because super often the people who write the features upstream tend to be redhat employees, so they do both. If I was asked to pick one thing that set RHEL / Redhat / CentOS apart, it would be the work that goes into their kernel for QA and testing / backporting. Look at a company like Canonical, they have a bit more than a dozen (https://wiki.ubuntu.com/KernelTeam) kernel developers. They simply can't compete on engineering resources due to their limited number of engineers. As a result (and a smart business move) the are more consumers of patches from upstream than producers. Also, look at the lwn "who wrote linux X.YY" articles. You'll rarely and almost never find Canonical on that list except for when they got the apparmor patches merged (props to them!).

- sssd[1] - a solid implementation that essentially unifies pam ldap/kerberos, pam_ccreds/nslcd/nscd/pam_access all in one very nice implementation. This makes (for instance) joining your Linux nodes into an Active Directory domain (without using commercial software from likewise or some other cruddy vendor) just work out of the box. It also makes single-sign-on and migration from standard ldap to kerberized ldap (a very hard problem) super duper simple.

- cobbler[2] (and now the foreman[3]) - These tools along with redhat's kickstart make pxebooting a cluster of 500 new servers very trivial to turn into 500 new ready to use for production servers. Gentoo has nothing I'm aware of that allows installing completely automated like kickstart, but someone please enlighten me via a reply if this is incorrect. Michael Dehaan (big HN commenter and wrote the ansible config management tool) wrote cobbler.

- abrtd[4] / faf[5] - abrtd will collect crash reports (segfaults, coredumps, python tracebacks, kernel oopses, etc) and parse the info / store the relevant bits locally or forward on to a faf server. It will allow you to things (for example) like figuring out easily every single system that is reporting a specific kernel oops, which is then tracked down to a specific type of hardware and kernel combination. Sure there are tools like crash and netdump, but abrtd is simply a very modular management tool ontop of all of those things. The public fedora project faf is located at: https://retrace.fedoraproject.org/faf/problems/hot/. faf is good stuff

- freeipa[6] - Honestly up until this project, Linux never had anything that competed with Microsoft's Active Directory for a turn key easy to setup and manage kerberized ldap user and group / policy management product. IPA changes that and integrates very well with Microsoft AD through a kerberos level trust. sssd (above) is the ipa client. It allows true single sign on between Linux and Windows clients, something that is still elusive for most companies.

- standards. Linux's biggest strength is also it's achilles heel. Not having package standards or kernel standards (or stability) prevented a lot of companies from using Linux or certifying their software for Linux early on. Being very conservative in what they will support and supporting it for very long periods of time allowed companies like Oracle (as a horrible example) to port their database to Linux and certify that things are good. Try getting big complex commercial pieces of software working on a build your own distro. It is possible, but is buyer beware. Redhat made this their business model and has done a great job of it. At this point, Debian has also done a wonderful job at standardizing things and being consistent, albeit different, from Redhat.

TL;DNR: Redhat is building tools that make Linux easier to deploy and easier to manage in large "enterprise" environments. These tools make it equally easy to manage in smaller environments. No single entity has pushed Linux further in the "enterprise" than Redhat. I could list plenty more, but this hopefully answers your question fully. If not, click through to my profile, find my resume, and from it shoot me an email.

[1] https://fedorahosted.org/sssd/

[2] http://www.cobblerd.org

[3] http://theforeman.org

[4] https://github.com/abrt/abrt/wiki/ABRT-Project

[5] https://github.com/abrt/faf

[6] http://www.freeipa.org/page/Main_Page

Speaking as someone who has "given Ubuntu a go", but has no expertise whatsoever... can you explain what your list of RHEL/Ubuntu pros & cons mean?

I have no idea why one arrangement of /etc/ is preferable to another, for example. Is it just security, isolation, and better package management?

Please read again. Those are not "pros&cons", but mere list of differences between the two distro families.

Exactly. They are just the differences. If you'd want a technical pro/con of Ubuntu/Debian vs Redhat/Fedora, that is an entirely different post equally as large (perhaps more-so). In summary, from an ease of sysadmin standpoint for large numbers of servers, redhat and the redhat ecosystem (cobbler, pulp, freeipa, sssd, abrtd, kickstart) just beats the living pants off of anything Ubuntu/Debian have. It is much easier to manage thousands of Redhat machines (without building everything custom like google) than it is thousands of Ubuntu/Debian machines. I know this because I've done both as part of my day job.

> I find it really odd that some FOSS people regard Red Hat as some sort of evil

Why do you find it odd when it is succinctly explained in the comment to which you are replying?

GP doesn't "explain" why RH is evil. Discomfiting legal maneuvers do not cancel their thousands of commits to the Linux kernel, init.d, GWT, Cygwin (!), etc.

> GP doesn't "explain" why RH is evil.

It explains why some people in the FOSS community think of them that way.

There seems to be a problem here of people not being able to understand that it is possible for people to have a different point of view, and no amount of "explaining" is going to fix that.

An attempt to "explain" why is in GP's 3rd link:


True but Redhat ditching support for home users was pretty lame. I had bought a boxed copy with support two weeks before they made the announcement. I had already downloaded it, I just wanted to support the company. Luckily I knew the manager at best buy, and she let me exchange it for Suse. That being said, I think much of the resentment towards Redhat comes from memories of dependency hell before yum was reliable.

As far as IceWeasel, I asked a Mozilla employee about it a few years ago. He said they generally approved of it, and were just glad that people were using the code.

Debian modify Firefox and so can't package it as an official build.

Actually, under the GPL, Red Hat is only obligated to make sources available to its customers. What they have done is make the sources available to everyone on the Internet for free [1]. So CentOS would have to pay for RHEL were it not for Red Hat's openness. Probably not a big deal. However, Red Hat is under no obligation to make its non-GPL packages (e.g., python, ruby, apache, postgresql, ssh, etc.) available to anyone in source form, including their customers. These, too, are available free of charge to the general public. Finally, Red Hat is under no obligation to make any of the source of their own internally-developed projects (e.g., package management, OS installer, and all of the other projects that differentiate the distribution from a software perspective) available under an open source license, but they do (admittedly, this was not always the case). Finally, Red Hat employs many developers who work full time on critical projects (kernel, gcc, gnome, etc.). They are pretty model open source citizens whose business model is not to use open source as a gateway to their own proprietary products like IBM and Oracle.

If they wanted to shut down CentOS, it would be very easy to stop distributing the source of their own projects and of permissive license packages. Hopefully sponsoring CentOS is not just a play to exert influence on the project and retard its progress, but I am willing to give Red Hat the benefit of the doubt here.

[1] http://ftp.redhat.com/redhat/linux/enterprise/6Server/en/os/...

> Actually, under the GPL, Red Hat is only obligated to make sources available to its customers.

That is true, but the GPL allows their customers to freely distribute the GPL source they receive. Not saying Red Hat doesn't help or isn't doing good here, but it's not quite as altruistic as you make it out to be. I thank the GPL for that.

Note that I'm a huge fan of Red Hat and preferred their distribution since the RH 4 days, I don't want to denigrate Red Hat in any way. Also a huge fan of CentOS as well.

> they were threatened by Red Hat's legal department and forced to remove all mentions of Red Hat and even links to Red Hat's web site from the CentOS web site.

Doesn't trademark require you to enforce your trademark (or you lose it)?

Also, Oracle did/does the same thing as CentOS, and sells support for it. There is also ScientificLinux too.

I believe RedHat would get a lot more followers, and a lot more support money if they did two things:

- have support contracts that make sense, and trust their customers. Let their customers choose which server they want to put under contract etc...

- have more software in their default repo (like, I don't know... Ubuntu)

They managed to corner the market for pay-for software (to a certain extent, Suse has managed to capture a piece of that market), but they make support and lack of standard software so bad, that people go to extreme length tu run on CentOS and ScientifiLinux, and have a single server running Ubuntu.

Every time a market collapse is hanging over the finance world, they know their customers will do what a prior employer does/did: put support on 1 of 1000 servers.

It's sad, but this wasn't at a .com rev3 company, this was an old-school hedge fund with billions under management. IT support is just something that gets neglected if there isn't a contract that is enforceable. Clearly the company could afford a thousand systems worth of support, and could make it worth the money (autofs bugs galore!). There is a something missing in making the social contract of open source pay for the people needed to maintain open source.

People do that today.

I know of a few companies which tried to pay for 24 hour support for prod servers, email for QA servers and no support for dev servers, and RedHat insisted on making them pay for anything running RedHat, all or nothing... Companies switched to CentOS and SL, and bought contract for one RedHat server.

I wonder if they are also doing this so they can get an idea of who the user base of CentOS is and also try to convert them to paying customers.

My guess is they are feeling the hit from Oracle Linux's business model and wanted the flexibility to compete directly.

Oracle Linux's distribution model is that you can take CentOS, change a couple repositories and make it Oracle Linux. Then if you want support, you can pay for it. With Red Hat, RHEL and CentOS before today were separate products with separate release schedules and separate userbases. This move gives Red Hat the opportunity to act more like Oracle Linux if they choose to.

Surely no one uses Oracle Linux unless they are running Oracle?

It' almost certainly designed to take advantage of enterprise customers that are already paying Oracle support dollars in some fashion or other, with the slightly advantageous notion of being able to collapse another support provider.

Oh, wow, I didn't even know that. This sounds much more likely. Thanks!

I think RH recognized that

* CentOS has significant market share

* people sometimes want to switch from CentOS to RH, but not vice versa (natural evolution in growing companies)

Thus they will cooperate with CentOS, with the end result that switching from CentOS to RH will become easier.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact