Fedora 10 is the latest version of the community-supported, Linux-based operating system that serves as the proving ground for future Red Hat software products. As a result, Fedora offers organizations and individuals early access to the state of the art in the Linux and open-source world.
For instance, Fedora 10 boasts what may be the broadest security framework available in any general-purpose operating system, with support for implementing mandatory access control and multilevel security through SELinux, as well as a full complement of firewall, privilege management and buffer overflow protection facilities.
What’s more, Fedora 10 ships with a new audit utility, called Sectool, which provides a set of system tests for detecting configuration issues regarding permissions, firewall rules and the status of other system security features.
Like its more staid sibling, RHEL (Red Hat Enterprise Linux), Fedora can be put to a variety of uses, from notebooks and netbooks to desktops and workstations to servers of both physical and virtual persuasions. Unlike RHEL, which is sold by annual, per-system subscription, Fedora can be freely downloaded and redistributed.
The catch is that while Fedora offers organizations and individuals a free ticket to the leading edge of Linux, the distribution requires that you stay on the edge once you arrive-and once you’re there, you can’t call on Red Hat for assistance. That’s because Red Hat offers no formal support for Fedora, and, since the security and bug-fix patch stream for each version runs dry after a year, users must upgrade their Fedora systems about once a year.
For example, Fedora 10 and the Fedora 9 release that preceded it both lack support for functioning as host operating systems for Xen virtualization. Fedora 8 can be used as a Xen host, but that version of the distribution is no longer supported. Pending upstream kernel changes, a future Fedora release will again function as a Xen host, but for now, the Fedora project counsels users who require this functionality to switch to RHEL or to RHEL clone CentOS.
In any case, Fedora 10 is well worth checking out as a means of checking in on (or taking part in) what’s to come from Red Hat and from the wider Linux world. What’s more, for Linux enthusiasts who don’t mind getting a little compiler grease on their hands, Fedora 10 can serve capably as a workstation or development server operating system.
Under the Hood with Fedora 10
I tested the x86 version of Fedora 10 on a Lenovo ThinkPad T60 and on virtual machines running under Linux’s KVM (Kernel Virtual Machine) facility and under Sun Microsystems’ VirtualBox 2.0 desktop virtualization application. I also tested the x86-64 version of Fedora 10 on a generic dual-core Advanced Micro Devices Athlon64 that we’d assembled in the lab.
The only hardware issue I experienced during these tests was with Fedora 10’s autodetection of the monitor for our x86-64 machine. Rather than start up its graphical interface, Fedora 10 presented me with a blinking cursor in the upper left corner of my display. I got back on track by switching to a different virtual terminal, installing the system-config-display tool from Fedora’s online software repositories and using the tool to chef up my own display configuration.
For one of my VM installations, I started out with a Fedora 9 installation that I then upgraded to Version 10. I was pleased to see that Fedora offers a utility, called “preupgrade,” for conducting in-place upgrades between Fedora versions.
Also regarding installation, it’s worth noting that Fedora does the best job of any Linux distribution I’ve tested of making it easy to install the distribution with hard drive encryption. Canonical’s Ubuntu 8.10 does not support encrypted configurations from its standard installer disk, and Novell’s OpenSUSE lacks any support for root and swap partition encryption.
Along similar lines, new in Fedora 10 is an encryption-by-default setting for the persistent home partition on the distribution’s live USB installations.
Fedora 10 has continued to progress in its PackageKit software installation and update system, which forms a graphical front end to the distribution’s Yum and RPM back-end software management tools. The best thing about PackageKit, at this point, is its integration with the PolicyKit permissions management framework that ships with Fedora 10. For instance, it’s possible to create a configuration in which certain limited-rights users are allowed to apply software updates signed with preapproved digital keys without entering an administrative password.
Red Hat has been steadily building out a complete open-source virtualization stack for the past several years, first based on Xen, and now centered most directly around KVM. In Fedora 10, Red Hat’s virt-manager hypervisor management and VM creation utility has picked up a handful of enhancements relating to creation of new virtual machines on remote hosts running Xen or KVM.
Another relatively small yet worthwhile Fedora 10 enhancement that I noticed is the addition of the “/usr/local/sbin,” “/usr/sbin” and “/sbin” locations to the default PATH established for normal users. A handful of command-line tools that can be useful to non-root users, such as the ifconfig command that provides network information, live in these “sbin” locations, and the PATH change enables users simply to type “ifconfig” (as opposed to “/sbin/ifconfig”) to run this command.
eWEEK Labs Executive Editor Jason Brooks can be reached at [email protected]