Fedora Core 6: Innovations Continue

 
 
By Jason Brooks  |  Posted 2006-10-31
 
 
 
In its first five releases, Red Hats Fedora Core has represented the Linux technology vanguard. And so it is with Fedora Core 6.

During tests, Fedora Core 6 impressed eWEEK Labs with the progress it has made toward making Security-Enhanced Linux—and the dramatically improved security protections that SELinux helps afford—more palatable. We also liked the look of Fedora Cores new graphical and command-line tools for managing Xen virtual machines, although, as with every Xen product weve yet tested, plenty of rough spots remain.

On the desktop front, Fedora Core 6 ships with the latest GNOME, KDE and Xfce graphical environments, as well as the usual lineup of open-source desktop applications. The latter include the OpenOffice.org productivity suite and Firefox Web browser. We found Fedora Core 6s software management tools speedier and its selection of available software packages ample, but it lags behind Canonicals Ubuntu on the software management front.

Organizations with in-house Linux developers who wish to mold a Linux distribution to their will for desktop or server deployments will find Fedora Core 6 pliable, up-to-date and well-put-together. However, Fedora Core releases have a short life span, so companies deploying the distro will have to plan to upgrade about once a year. In addition, while Fedora Core is the work of Red Hat, Red Hat does not offer official support for the distribution.

Organizations that prefer a distribution with official vendor support should look to Red Hats RHEL (Red Hat Enterprise Linux) or Novells SLES (SUSE Linux Enterprise Server), each of which comes with per-server fees. Companies in search of a distribution that is more stable than Fedora Core but without per-system fees should look to CentOS, Debian or Ubuntu, all of which feature longer security-fix life spans than Fedora Core. Sun Microsystems Solaris, which runs most of the same applications as Linux, also offers a good balance of stability and support with its solid and freely available Solaris 10.

Solid security

One of Fedora Core 6s most distinctive features is its leading-edge support for SELinux, which bolsters the security of the Linux machines on which its deployed by meting out to applications and users only those rights explicitly granted by policy.

Fedora Core 6 ships with a targeted policy turned on by default. The targeted policy covers a limited number of system services, and we could enable or disable specific protections through Fedora Core 6s security-level configuration tool.

New in Fedora Core is a handy troubleshooting tool for SELinux. This tool prompted us from the notification area in our system tray when an application we ran triggered an SELinux denial. For example, we installed VMwares VMware Workstation on one of our test machines but hit a wall while creating a new VM. We found on VMwares Web forum a familiar solution to our problem—deactivate SElinux.

Instead, we installed Fedora Core 6s new troubleshooting tool, restarted our test box and ran VMware Workstation again. This time, the troubleshooter informed us that SELinux had prevented VMware Workstation from making its stack executable. We were able to turn off this portion of SELinuxs policy, and VMware Workstation then ran without problems.

Click here to read more about the arrival of Fedora Core 6.

However, there isnt always so straightforward a solution to clashes between SELinux and applications. We spent quite some time puzzling over why our Xen installations were failing on one of our other test systems before we installed the SELinux troubleshooting tool. We found that Fedora Core 6s own Xen implementation was running afoul of SELinux on a few policy points. This time, the troubleshooter explained, there was no simple workaround. We had to dig into the SELinux policy ourselves—not a simple proposition—or shut off SELinux until the Fedora Project fixed the conflict.

Xen improvements

Fedora Core Xen virtualization implementation shows continued progress with two new tools—the graphical virt-manager and the command-line virsh—for creating Xen VMs and monitoring their status, as well as for carrying out operations such as pausing VMs and saving their state.

We found virt-manager fairly easy to use, although the tool definitely shows its young age. For example, theres a promising-looking—but for now inactive—option for connecting virt-manager to a Xen system running on a remote server. Theres another inactive option for managing hypervisors other than Xen.

As virt-manager matures, wed like to see the tool offer more feedback when operations fail. Generally, when things didnt function as we expected, the tool was silent regarding error or troubleshooting messages.

Souped-up software

Fedora Core 6 sports a new task bar applet that notified us when updates were available. In addition, we noticed a speedup in Fedora Cores command-line-based software package installer, yum. This also paid speed dividends for the systems graphical yum front ends, Pup and Pirut.

We could install from Fedora Core 6s Extras software repository two other software installation and update applications, Smart and Yumex, each of which offers a more full-featured alternative to Fedora Cores fairly Spartan default software tools.

While we appreciated the speedups in Fedora Cores software tools, we still find them lacking when compared with the software tools built into Ubuntu and Debian. Both of these distros boast a broader range of functionality and, in our experience, perform better than Fedora Core 6.

At one point during our Fedora Core 6 testing, a yum operation we ran from the command line seemed to hang. After waiting several minutes for yum to unstack itself, we killed the process. After that, however, the system would not allow us to run a new yum command, complaining that a software management job was still running. We rebooted our test box to get back to work.

Were pleased by the continued growth of the Fedora Extras repository (fedoraproject.org/wiki/Extras), and we appreciated having the option of enabling this repository during the Fedora Core 6 installation process. However, wed like to see the Fedora Project become more active in bringing the efforts of independent volunteer Fedora packaging projects under the Extras umbrella. As it stands now—and as it has stood for some time—accessing much of the software packaged up for Fedora Core means hunting around through separate, and sometimes incompatible, packaging projects.

Weve also found that Fedora Cores relationship to proprietary software packages is rockier than it needs to be. Certainly, Fedora Core cannot ship with nonfree applications while maintaining its unfettered ability to be redistributed. However, many nonfree applications, such as Adobe Systems Flash Player, are vital for everyday work. Other free Linux distributions, such as Ubuntu, solve this problem through "restricted" repositories, from which users may download needed proprietary packages after installation.

A good example of Fedora Cores rough relationship with nonfree software can be seen in the distros handling of Java. The distribution works to tread an all-free Java path by offering up Java applications, such as the Eclipse IDE (integrated development environment), in versions compiled with the GNU Compiler for Java.

We installed the Java-based BitTorrent client Azureus on one of our test machines, but we chose not to install the all-free alternative for running Java Web applets, gcjwebplugin, because its security implementation is not mature enough for running untrusted applets. When we tried to install the official Java Runtime Environment from Sun, however, we hit a horde of dependency conflicts between Suns JRE package and the packages that backed our Azureus install.

Hardware support

Fedora Core 6 supports the x86, x86_64 and PowerPC platforms. eWEEK Labs tested the 64-bit version of Fedora Core 6 on a single-processor Advanced Micro Devices Athlon 64-based system with 1GB of RAM. We tested the 32-bit version of the operating system on a dual-processor AMD Opteron-based system with 3GB of RAM and on a Lenovo ThinkPad T41 with 1.5GB of RAM.

We were pleased to find that hibernation on our test notebook worked well without any tweaking, but we had no such luck with the suspend—also known as sleep—function. We also appreciated that the open-source driver for our laptops ATI graphics adapter managed to enable the adapters three-dimensional support without any config file tweaking. The 3-D support enabled us to experience some GL (Graphics Language)-accelerated eye candy courtesy of Fedora Core 6s AIGLX (Accelerated Indirect GL X) subsystem.

This approach differs from the Xgl approach that SUSE has taken toward a 3-D desktop in that AIGLX is part of the standard X.Org Foundation X11 server, while Xgl is a separate X11 server.

Advanced Technologies Analyst Jason Brooks can be reached at jason_brooks@ziffdavis.com.

Check out eWEEK.coms for the latest open-source news, reviews and analysis.

Rocket Fuel