Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Registration Opens For Software Freedom Day 2011

timothy posted more than 3 years ago | from the barter-is-ok-though dept.

GNU is Not Unix 16

An anonymous reader writes "For those of you who think technology and more importantly software should be open and shareable, the annual celebration of Software Freedom Day has opened its registration and you have about 10 days to get a free team pack to help you with your own event organization. SFD represents about 500 teams worldwide organizing events to discuss about the importance, benefits and usage of Free and Open Source Software on the same day: September 17th this year! It's also an opportunity to preach to your local community and gives them ideas and reasons about why they should care and use FOSS."

Sorry! There are no comments related to the filter you selected.

damn hippies (1)

Anonymous Coward | more than 3 years ago | (#36859068)

and their open source software.... haven't we learned by now that closed source is much better?

creepy mascot (0)

Anonymous Coward | more than 3 years ago | (#36859076)

What is that terrible mascot on the front page? It's looks like some of the later Sonic the Hedgehog characters all gang-banged a penguin.

Re:creepy mascot (2, Funny)

Anonymous Coward | more than 3 years ago | (#36859256)

It's a wildebeest. Richard Stallman found one in his beard one day.

First point says the problem with free software (1)

Meshach (578918) | more than 3 years ago | (#36859130)

I didn't get any help from anyone so...

I am a huge fan of open source and Free Software but beyond some higher profile projects (Kernel, KDE, Python...) it is hard to rally people to work for free. For every open source success there are ten projects that just die from inertia / lack of interest.

Re:First point says the problem with free software (0)

Anonymous Coward | more than 3 years ago | (#36859668)

Free as in Freedom, not price. You can charge money for software that is GPL'ed if you wished to.

Re:First point says the problem with free software (0)

Anonymous Coward | more than 3 years ago | (#36859924)

Yes, you can. But you can't expect more than one person to pay - they can simply pass it on for free.

Re:First point says the problem with free software (0)

Anonymous Coward | more than 3 years ago | (#36862588)

Yes, you can. But you can't expect more than one person to pay - they can simply pass it on for free.

Gee, I wonder who that one person is who is paying Red Hat a cool Billion dollars every year...

Yes a Billion with a B, take a looksie at []

Re:First point says the problem with free software (1)

Anonymous Coward | more than 3 years ago | (#36864548)

Gee, I wonder who that one person is who is paying Red Hat a cool Billion dollars every year...

Yes a Billion with a B, take a looksie at []

They're selling support and engineering services, not the software. Lots of organizations who don't need RH's services use CentOS, a free-to-download RHL clone distribution, proving the GP's point.

Re:First point says the problem with free software (2)

CustomDesigned (250089) | more than 3 years ago | (#36860336)

For every commercial success, there are ten projects that just die from lack of funding / lack of sales / patent trolls.

I'm getting a "Weasel Stomping Day" vibe from this (1)

Hsien-Ko (1090623) | more than 3 years ago | (#36859184)

and I don't know why. Is it the matching lyrical syllables to the Weird Al song title?

Free Software? (1, Troll)

Vecanti (2384840) | more than 3 years ago | (#36859358)

Nice. Will they be handing out copies of Photoshop, Maya, or Lightwave by chance?

55 Days (1)

westlake (615356) | more than 3 years ago | (#36860622)

To launch a successful event of any kind can take months of planning and orgaization. You really need to be thinking at least a year in advance.

You need to stay ahead of the game.

Your campus event on the 17th comes too late.

School isn't out quite yet, but Microsoft already has an ace up its sleeve when it comes to this fall 's back-to-school shopping season. The company announced that anyone buying a Windows 7 PC worth $699 or more will automatically get an Xbox 360 Arcade system for free, no rebates involved. That's right --- completely free.

All you need to do is buy a new computer and provide your .edu e-mail address. If you're shopping at a brick and mortar Microsoft Store or Best Buy, just flash your student ID, and you'll walk out with your new computer and an XBox 360. The promo will run between May 22nd and September 3rd in the United States, and Canadian and French shoppers will get in on the fun later in the summer.

Microsoft back-to-school deal gives away XBox 360s free with new PCs [] [May 19]

The problem with FOSS (2)

exomondo (1725132) | more than 3 years ago | (#36866732)

FOSS is a great initiative and one of the best things is that proprietary software doesn't have to die for FOSS to succeed, it can all come down to who has the better product but to have the better product you need more than just great engineers, you need great designers and marketers, you also need to avoid this FOSS stereotype [] .

And some opinons from me, Mr. Joe Shmoe (1)

djfuq (1151563) | more than 3 years ago | (#36867284)

Free software is nice, it also changes too frequently, has many defects, each distro tuning things differently, a rag tag fleet of options and configs in funny places. It is rough around the edges, but somewhat customizable if you have the coding skills and time to work for free. It is a kluge to be recognized for what it is, a toolbox of shoddy but working rugged tools that were home crafted by academics and software devs to correct some issue or to improve a design flaw or add some awkward new ability to the tools you have now, by use of esoteric conditional band aids and command line hacks.

Here are a few things I have to give as examples by the way of anecdotal observation. I know its alot but please mod me up, I have taken time to write something controversial, interesting and informative - and I have terrible karma. :-)

LDAP is fully capable of being a customizable platform to manage accounts computers and the organizational tree of resources. it replaces NIS as the tool of choice for authentication in a production Linux environment. For those who had to roll with this drastic change, it is not trivial to convert a NIS environment to ldap, but isn't too bad for an expert in both with the right method to do it. That takes experience though. However, ldap implementations, howtos and structure all vary widely depending on who set it up, on what distro, and which version of ldap and its schema. It has a awful command line syntax to do essential tasks such as adding a user or adding a group or searching for a account or anything else. I think that major omission to the opendap project. Heres the default way:

        $ ldapmodify -r -D 'cn=foo,dc=bar,dc=com' -W /tmp/user.ldif
        Used to delete entries
        $ ldapdelete -D 'cn=foo,dc=bar,dc=com' -W 'cn=user,dc=bar,dc=com'
        Used to search ldap servers
        $ ldapsearch -L -D 'cn=foo,dc=bar,dc=com' 'objectclass=posixAccount'd

This is a deterrent to people thinking of adopting ldap.

To ease the pain, you can acquire ldapscripts (Google it) that is a humble project that makes setting up accounts etc less painful than using ldap add syntax. Oh yeah, you need to customize that too.
Then you can add a user like:

ldapadduser foo foogroup
(enter name)
(enter password)

Now if you ever had to use ldap doesnt that seem like it should be a part of the openldap package?

Then there is ldapvi which you should get because you need to be able to view the "database" and correct things, again this is tedious and user unfriendly using ldap tools that come with openldap. Oh you can set up and alias in bash, that allows you to log into your ldap using ldapvi to edit it without having to do some annoying cmd line options and the admin user DN - so more customizations need to be made to make things usable. Once you get past all the time it takes to standardize your ldap's organizational hierarchy and what the best way to classify things would be.

Do you want auto-mounter, did you happen to notice it is hokey to set up in ldap compared to NIS? Should you have an email attribute for each user to appease web applications and mailer scripts to derive the email address for a user account? Were you insane enough to want to add the samba schema there for authentication from a samba server? It will need to rehash all your passwords (samba doesn't have the ability to auth against an ldap server without it.. needs samAccount crap, passwords rehashed.
So add an additional attribute or two per user to add the the pile of little minutia that you need to add to the mix... to inter operate properly across disparate software implementations that need to authenticate to ldap in their own special and hokey ways. Does that work with ldapadduser? Will I need to customize it to facilitate samba stuff being created?

Did you know that svn server needs to use the super popular SASL auth service to for svn to authenticate with ldap when users log in to the svn? Did you know that almost every how to on the subject is awkward? Did you know that setting up sasl is awkward? Did you know it is also used on other rare occasions? All it is doing is assisting something that is too dumb to do something most other things can do such as ssh authenticating against ldap. Do it yourself, the tools are there - do it because its free.

Did you figure out about the whole nested groups thing? Did you know that /etc/group doesn't handle this but in theory openldap does? That could make permissions for files much more manageable.. the idea is hey if only I could have one department called sw-eng and i want them to contain sw-contractors and sw-employees -- then i dont have to add all the same users to sw-employees and sw-contractors twice (minus a few) in order to set permissions in a way the group can collaborate properly in a filesystem, but with restrictions for a few only, which has been somewhat band aided by the getfacl and setfacl kludge of usability but still is messy and time consuming.

It takes some time to figure out that you may want two groups to see a folder, and the rest not to, and that chmod and chown dont cut it in the real world.
They "fixed that". They have setfacl, now you can add to groups to a folder or file and deny one user access. Make sure you have ACLs (an obvious feature?) enabled in your filesystem. Hahah
Did you set up NFS? Oh boy I cant wait to complain about NFS....
Oh wait, now you have to use a totally new utility call nfs4-setfacl with completely different, and more verbose and complicated syntax!
They didn't simply merge that fixes into setfacl, no they reinvented the wheel so you would need both tools, but for the same use case, just across different filesystems on the same computer.

About NFS... did you notice how you can hack into any account in an NFS and LDAP environment and gain access to files you shouldnt be able to with the su command if you can become root? I can become root with physical access to a linux box with no tools required, just a reboot into grub. Know what the best practice is for that? Setting up kerberos, (correctly hah) and having ldap be ssl encrypted (it isnt by default, not even is TLS by default usually - yep most ldaps have plain text passwords over the wire folks) and monitoring root access... hmm what else? Well all of that is again a lot of customization, howtos badly written, and kludge after kludge. And you still cant protect NFS because it is a file server protocol that doesnt supply its own authentication, and the security is perimeter based, and a cop out.

Do you get the sense here that I have spent a fair amount of time with this subject matter? Well yes, but no. I am still never going to be an expert doing things correctly as there is no correct method prescribed for setting up ldap and what the gotchas and spec adjustments are for and what you really need to add on. You only find out later that something wasn't mentioned, or that something is different in the way it uses ldap, that will need to be modified too. There is just simply no known best practices bible for this easily searchable and free. It is all a kludge of cheap armchair engineers muttering stuff to be helpful online on forums, or on their blog on how they did it, barely filling the requirements needed at that point in time.... and sharing it so the next poor bastard can copy paste the same haphazard and incomplete implementation.

All these stream of consciousness examples are just the tip of the iceberg and are representative of most tasks involving Linux and free open source based software.

Guess what. that was a lot to write about, but now I need to drive the point home, with some observations of the same features that are bundled in a operating system that isn't promoted here a lot.

If I buy Windows crap, active directory is a no brainier, it is set up out of the box, it is secure out of the box, the best practices are there by default, and they document the process well and consistently should you need to change it or add customization. Everything can authenticate, it is as secure as possible and frequently updated and attacked. Single sign on is standardized across the board with correct and finished kerberos implementation, and its only active directory that is really ldap, the same thing has gone unchanged yet improved since Windows NT. Authentication for CIFS and other things that are must haves in a operating system are seamlessly integrated together due to one company making the whole damn thing to suit almost every known business need. Sharing files needs to be secure by default. Passwords shouldn't be readable over the wire, permissions are set thoroughly with the same very capable tool within windows explorer in all use cases. Complexity of passwords are enforced out of the box, brute forcing a active directory is prevented by default as accounts are locked when retries are made to frequently. The way I see it now, is when you buy this OS you are paying to avoid screwups that can happen with one man has to set everything up from scratch with unreliable and incomplete information.

In active directory the admin sets up an account, all the needed attributes in the account have been standardized and make sense, the most common go into the AD manager UI which easily allows you view the ldap in a tree format to represent hierarchy without all the scrolling. Its been well thought out, and avoids the tinkering and twiddling and patching and cobbling together of junk academic code projects to make something secure and user and admin friendly.

So there you go, some pretty damning examples of the time that is wasted, creating an implementation of authentication and file sharing and security of a closed source company product, versus a FOSS methods to get the same implementation both using the same standards, and trying to accomplish the same tasks.

So, its up to us to finally put down the cash for the time spent either way.

Good luck fanboys!

Comment FAIL (0)

Anonymous Coward | more than 3 years ago | (#36874626)


Sorry, you lose.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?