The Gentoo Foundation Inc.s Gentoo Linux has quickly grown into one of the worlds most popular Linux distributions. However, Gentoos non-commercial status, as well as its reputation as a bleeding-edge distribution for Linux system tweakers, has so far dimmed its prospects for enterprise adoption.
That said, Gentoo Linux is maturing quickly, and the systems source code-based software installation mechanism makes Gentoo a flexible distribution and a good fit for testing the latest versions of key open-source software components.
At this point, eWEEK Labs would hesitate to recommend Gentoo for broad production use, but, based on our research and testing of Gentoo, its a distribution thats certainly worth keeping an eye on. (Administrators interested in learning more about Gentoo should check news.gmane.org/gmane.linux.gentoo.server.)
Most Linux distributions consume applications and updates in the form of binary packages that have been precompiled to work with a particular distribution version, such as with Red Hat Inc.s Red Hat Enterprise Linux 3 or the Debian Projects current Stable release. Customization is possible when a particular application requires libraries that are older, newer or compiled with options different from the ones the distributor chose, but this can lead to software dependency issues that can be difficult to manage.
Gentoo, in contrast, is for the most part a “from source” distribution. Gentoo Linux ships with a tool called Portage (based on FreeBSDs Ports tool) that lets administrators acquire and update software by downloading source code and compiling applications to suit their particular system.
However, with so much room for variation in a Gentoo system, Gentoo users depend on testing done by the upstream projects from which nearly all open-source software originates.
For the most part, this isnt a problem—weve had success with most Linux distributions when downloading, compiling and dropping in straight-from-the-source versions of major components such as the Linux kernel or KDE. However, as the number of customized components grows, so does the number of potential software conflicts.
Another major drawback of Gentoo and its compile-heavy software management mechanism is the amount of time compilation requires. The Gentoo project offers a few options for avoiding compilation, such as providing precompiled binaries tied to periodic Gentoo point releases, the last of which came in November.
In addition, Portage can gather software it has compiled for itself into software packages, which may be installed on other, similarly configured Gentoo machines. Portage provides a large assortment of software applications (more than 8,000) available for installation, including some proprietary applications such as VMware Inc.s VMware Workstation.
Portage uses bash scripts called ebuilds to manage the download and installation of applications. In the case of VMware Workstation, for example, Portage ebuild fetches the application directly from VMwares Web site, thereby avoiding the software redistribution issues that typically bedevil all-free Linux distributions.
Of course, after installing VMware Workstation on our test Gentoo system, we had to enter a serial number (either an evaluation serial number or a paid-for number) to use the software. However, Gentoo makes the process of obtaining the software more elegant than any other Linux distribution weve tested.
More important than the range of software available for a distribution is the frequency and timeliness of security updates. To test Gentoo on this measure, we made a list of the last 10 security updates issued for Red Hat Enterprise Linux 3 as of Feb. 10 and checked to see whether these vulnerabilities had yet been patched for Gentoo. Of the 10 vulnerabilities, six had been fixed, with security patches issued; two were in Gentoos bug-tracking system, with patches available but in testing; and one had been fixed upstream in KDE 3.0.5. (Gentoo ships with KDE 3.3.2.)
On the day we checked, we couldnt find a fix for the 10th vulnerability—an issue with mod_python 2.7.8, a module for Apache—but a patch was issued four days later.
Senior Analyst Jason Brooks can be reached at [email protected].