Enterprise Unix Roundup: Ring Side Seats to History – page 2

In Other News

» The latest beneficiary of the Department of Homeland Security's (DHS') funds? Open source software. Well, indirectly, anyway. Stanford University, Symantec and Coverity, a source code analysis firm that has been tracking Linux vulnerabilities for some time, received a DHS grant of $1.24 million to be paid out over three years called "Vulnerability Discovery and Remediation Open Source Hardening Project."

According to Coverity, which is making the most noise about the grant, more than 40 open source software projects, including Linux, Apache, FreeBSD, MySQL, PostgreSQL, and Mozilla, are expected to benefit from the effort. This DHS project is part of the broader DHS federal initiative to help secure and protect critical national communications and computer infrastructure.

We're feeling judgmental, but we'll reserve actual judgment until we've processed all of the information more carefully. You never know who's reading ...

» Speaking of security, Novell this week announced plans to open source its AppArmor framework under the GPL license, enabling it to compete directly with the NSA and Red Hat backed SELinux.

Unlike SELinux, which is notoriously difficult to configure correctly, AppArmor has a user friendly configuration system. This is largely because AppArmor, which has been in Novell's product portfolio since it acquired Immunix last May, takes a policy-based approach for application behavior enforcement that is intended to help prevent malicious activities via pre-built security profiles for commonly used applications.

Novell stresses there will be no functional differences between the AppArmor code currently shipping and the code to be open sourced.

AppArmor is available now via the Novell Forge development environment. It is also part of the OpenSUSE effort.

In addition, integrated packages are included with SUSE Linux Enterprise Server 9, Service Pack 3 and are expected to be included with the Jan. 19 SUSE Linux release. The binary code is already available in the SUSE Linux 10 and SUSE Linux Enterprise Server 9 Service Pack 3

For more information, LinuxPlanet takes a careful look at the announcement.

» The way Sun was hyping this week's employee town meeting we were expecting news akin to a merger or acquisition. It's not often press and analysts are strong-armed into attending, and the news that Oracle CEO Larry Ellison would be joining Sun Chairman and CEO Scott McNealy set our imaginations wild. As did the fact that it kicked off at 5 pm East Coast time.

Alas, Oracle has merely moved from being Sun's Best Friend to being its Bestest Friend, Ever.

The big news: Sun will distribute the Oracle Database Enterprise Edition with its Solaris operating system, along with one year of support from Oracle. The licensing deal is set up such that it is essentially free. Sun will also migrate the entire company to Oracle ERP software.

Oracle, in turn, named the Solaris operating system a preferred 64-bit development platform, and it will work to migrate its business applications to Sun's Java. Yet another 10-year license for Java has been taken out, and Sun's NetBeans technology has been endorsed.

The companies will work together on an aggressive "go-to-market" strategy to include joint outreach to developers, an upgrade program for Oracle Real Application Clusters on Sun hardware, and customer-ready systems, including hardware and software for key verticals and small to midsize businesses.

So, not quite what we were hoping for.

» Another pure Mac company bit the dust this week when Kerio Technologies announced its intent to purchase the WebSTAR product line from 4D SA, best known for its 4D_WebSTAR messaging suite.

The purchase emphasizes Kerio's desire to "put efforts into the SMB groupware space," Dusan Vitek, vice president of marketing, told ServerWatch.

4D also had FTP and Web server solutions, which Kerio is still undecided on how to integrate, Vitek said. However, the fact that Kerio will be releasing migration tools to move WebSTAR users over to Kerio Mail Server, doesn't bode well for loyal WebSTAR shops.

The WebSTAR customer base numbers in the thousands, Vitek said. The acquisition provides Kerio with access to 4D's customer base as well as its technology.

Although the Mac space doesn't seem an obvious place for growth, more than 20 percent of Kerio Mail Server's installed base are Mac users, Vitek said. Kerio Mail server has been on the market since 2002. A Mac version was released in 2003.

One of the integration challenges Kerio will face will be its policy of implementing all new features across all operating systems in its product lines. In addition to running on MacOS X 10.3 and 10.4, Kerio Mail Server is available for SUSE Linux 9, Red Hat Linux 9, Fedora Core Linux, and Windows 2000/XP/2003.

Terms of the acquisition were not disclosed, but the deal is expected to be complete within a month. Kerio will support the WebSTAR products through 2006.

» A new version of DragonFly BSD was released this week. Its main difference is a new package management system that pushes the project further away from its FreeBSD roots. It also contains the usual bug fixes and performance tweaks.

Version 1.4 does not use the FreeBSD PORTS package management system, as its predecessors did. It instead opted for the PKGSRC system that is part of the NetBSD OS. It is, however, still possible to migrate between FreeBSD and DragonFly BSD.

Elsewhere in the Corral

Recent relevant articles about enterprise Unix

• Learn all there is to know about Linux printing in this two part tutorial, "Queue Up Linux Printing."

• Buffer overflow exploits are one of the most interesting security vulnerabilities and are used in a majority of security attacks against Linux and Unix-like operating systems. The second installment in the Preventing Buffer Overflow Exploits Using the Linux Distributed Security Module looks at how DSM guards against such exploits.

• If you never get tired of hearing the answer to the question, "Is open source software ready for the enterprise," CIO Update commentator Steve Warren has an answer.

Tips of the Trade

Enterprise groupware products like IBM's Lotus Notes, Microsoft Exchange, and Novell's GroupWise have traditionally been expensive, complex, and inflexible. Customers are locked into closed proprietary platforms, data stores, and, in the case of Exchange, one of the most malware friendly clients (Outlook) on the planet.

As always, a number of Free or open source projects are worth investigating. Novell's OpenExchange is an excellent commercial groupware server that equals or outperforms the Big Three, for lower cost. It supports all popular mail clients, but the Web browser-based client provides the most features and easiest administration, as you can easily support users on any platform this way.

For sys admins on a budget, try either the commercial or the free-of-cost Open-Xchange server. Under the hood, you'll find many of the same pieces that go into Novell/SUSE's OpenExchange, like Postfix, OpenLDAP, Apache, Tomcat, and PostgreSQL. The free version lacks support, the pretty installer, and the nice Web-based maintenance console. Officially, the free-of-cost edition is intended as a developer's platform, but with a bit of tweakage it works fine. Anyone familiar with Postfix, OpenLDAP, and so forth, should have little trouble with it.

For whatever reason, users often cling to Outlook, Evolution, or whatever their favorite mail client is. These require specialized "connectors" to get full groupware features. For the sake of your sanity and the network security, just say no. Users will get full functionality in the Web browser interface: calendaring, e-mail, appointments, shared contacts — the works.

You can even get a liveCD for testing Open-Xchange without installing it. Visit these links for more information:
OpenXchange.com
SUSE OpenExchange

Carla Schroder writes the Tips of the Trade section of Enterprise Unix Roundup. She also appears on Enterprise Networking Planet and Linux Planet, covering Linux from the desktop to the server room. She is the author of the Linux Cookbook and the upcoming "Linux Networking Cookbook."

>> To Main