Enterprise Unix Roundup: Duck, Duck, Goose! With SCO
Some time in the misty past of two weeks ago, we promised to "keep you posted" about the ongoing SCO/IBM flap "as that case moves out of discovery and into actual litigation." Perhaps this stemmed from a naive belief that there wouldn't be much more to see until the two companies actually squared off in court. Michael Hall discusses what SCO's been up to the past two weeks, and notes Sun's been busy as well, with Solaris v9 8/03 challenging CDE and a looming release date for Mad Hatter. In the security realm, PHPGroupware revealed cross-site-scripting vulnerabilites; and Red Hat Linux, Mandrake, and Conectiva announced kernel updates.
Since then, however, SCO has added another wrinkle by announcing it registered assorted copyrighted material (the first step to making enforcement in court more likely) and followed up with news of a licensing "deal" to existing corporate Linux users running systems with the 2.4 kernel series.
The pricing on the license hasn't yet been set, but SCO claims it will be in line with what it charges for UNIXWare licenses, which are currently fixed at around $700 a seat. For an operating system widely deployed as glue and infrastructure (and in some instances even thrown onto a machine precisely because it cost next to nothing), that's an outrageous sum. We hasten to note, by the way, that the license is aimed at corporate users, not noncommercial outfits.
The announcement has set off a war of analysts. Gartner, which tends to be cautious in its assessments, is featured on the SCO Web site being, well ... cautious, but alluding to how SCO could cause a lot of trouble if it wins its case. Other analysts have come down on the other side, labeling the licensing plan as "nonsense."
What's clear so far is that 1) SCO has shown a few people the source code it says was misappropriated, 2) those people have come away appearing convinced, but 3) no one's going to know what the court thinks until some time in 2005. All of this begs the question a Slashdot reader recently asked: If SCO loses and it never had the right to charge for a license to code that wasn't misappropriated after all, do the cautious people who bought one anyhow get a refund?
In Other News:
- CDE, beloved of old-school Unix desktop users and largely unheard of among younger "freenix" types, is getting some competition in Sun's Solaris Version 9 8/03, which has introduced GNOME 2 as a user interface option. Other enhancements, perhaps of more interest to server admins, include the extension of Solaris' filesystem to support upward of 16 TB of data, faster Live Upgrade Software, and a change to the Solaris Volume Manager that will enable the conversion of devices formatted for the Veritas Volume Manager into the Solaris Volume Manger format. The new version of Solaris begins shipping August 13.
- Red Hat has released a beta of its latest Enterprise Linux product. Supported platforms include i686/Athlon 32-bit, Intel Itanium2 64-bit, AMD64 64-bit, IBM iSeries and pSeries 64-bit, IBM S/390 31-bit, and IBM zSeries 64-bit.
- Sun's on-again, off-again Linux distribution is apparently on again as the foundation of "Mad Hatter," a Linux desktop distribution aimed at corporate users and priced somewhere between $50 and $100 a unit. Why spend the resources on an internal distribution when Red Hat which and others have done the heavy lifting? We don't know, but we'll be sure to ask. Look for Mad Hatter this fall.
- Despite the introduction of two new Irix workstations, reported in our previous column, SGI may be looking to move to a predominately (some rumors have it as "exclusively") Linux-oriented business. Something to watch.
- Novell has announced a beta test program of its eDirectory product for HP UX. Interested parties can contact Alison Tate at Novell for more information.
- PHPGroupware, a popular Web-based groupware suite, reported
cross-site-scripting vulnerabilities, a common class of issue with
Web apps. Several vendors have issued updates to the newest
version (0.9.14.005). SecurityCorporation.com
has the details.
- Red Hat Linux, Mandrake, and Conectiva announced kernel updates to patch several recently announced vulnerabilities. If you aren't using your vendor's update tool, be sure to check, even if your tool of choice isn't reporting an available patch: Some third-party software (like Ximian's Red Carpet, last we checked) prefer to avoid kernel upgrades in the list of available packages since there's the potential for disrupting a heavily customized production system.
Tips of the Trade
In the previous edition, we talked about the very useful "hier" and "filesystem" man pages and how they can help you figure out which files go where. But we neglected to mention how we figured out which command it was for Solaris system. How do you figure out which man page to read when you know what your problem is about, but aren't sure where to go to read up on it? That's where the apropos command comes in.
Available in most Unix flavors, apropos provides a way to look for a keyword in a system's collection of man pages. For example, if you're not sure how you might go about formatting a floppy disk or which man page would tell you how, typing the command apropos floppy will give you a list of potentially appropriate man pages and a brief description of what each covers. In this case, we noticed the line:
fdformat (8) - Low-level formats a floppy disk
On some systems, including the switch -w in the command allows you to search for shell-style wildcards instead of the default regular expressions, which some Unix novices find frustrating.