return to first page linux journal archive
keywordscontents

Product Review

Red Hat Linux 5.0

Red Hat 4.2--with its associated 30+ patches and upgrades--has been my standard operating system for all my clients since its release. Its ease of use, reliability, simplified install, corporate support and TheNextLevel X Window System interface have made it my preferred Linux. However, I was beginning to feel that 4.2 was getting exceptionally long in the tooth, over 6 months old--two Internet years. Therefore, I was overjoyed when 5.0 was released on December 1, 1997 and delighted when Red Hat started to ship Netscape 4.04 as standard in late January.

This review details my experiences with 5.0 in the two months since its release. I maintain 17 Linux machines, 5 of which are now running 5.0.

Red Hat 5.0 can be installed via CD-ROM, hard disk, NFS or FTP. Red Hat 4.2's SMB install option has been dropped. It's a simple matter to drop an FTP server onto a Windows 95 or NT box, so I can live without SMB support for installation.

I installed the commercial release of the Intel version from CD, and Retro installed the freeware release of the DEC Alpha version via FTP. Most of my computers support booting from CD-ROM, but the CD-ROM only booted on two of my most recently built machines.

The NFS and FTP installation options are best used on a file server on your internal network. Installing via FTP over a T1 line or less is painfully slow, so you are better off pulling down a mirror of the release overnight and installing from a local machine. If you have multiple machines to install or upgrade, NFS and FTP are convenient, allowing you to update or install new versions of Red Hat on several machines at the same time. (You should copy the distribution to the hard disk, as CD-ROMs don't handle concurrent access very well.)

Performing the base upgrade is simple, but getting everything working again is not so easy. The CD-ROM release with prebuilt installation floppies arrived in my mailbox. I inserted disk one into my first computer, but it wasn't needed--Red Hat booted from the CD-ROM. I selected automatic install, then upgrade. Red Hat then prompted me to override or add additional packages. Because I was unfamiliar with the packages already installed in this machine I decided to just take the defaults and go with the flow. I regretted this later. The remainder of the automated upgrade procedure took about 15 minutes on a 24x CD-ROM, then prompted me for X Window System and network information.

Rebooting was slow and fraught with errors. When the machine finally came up, it turned out the network interface was incorrectly recognized. No problem, I said, I'll just recompile the kernel with the correct options.

make xconfig; make clean; make dep; make zlilo
make modules; make modules_install
shutdown -r now
Here's where I have a beef with Red Hat--their penchant for ``pristine sources'' means that by default both /etc/lilo.conf and the /usr/src/linux/Makefile need to be modified for a new kernel to boot correctly--a very confusing thing for first timers. I recompiled and rebooted again: sendmail hung, AMD broke, httpd broke, Samba hung, Povray broke. The list of broken programs was quite long, and although fixing each problem took only a few minutes, it was days before I had a completely functioning system again. Now that the installation process is over, the boxes I have are very usable and stable, but I really don't want to have to go through that again for all my production machines.

Red Hat 5.0 features an automated scripting utility that allows you to upgrade or install on a number of machines. Unless I had a large number of very similar machines (like the rendering farm of Alphas used for the Titanic movie), I'd be leery of using an entirely automated installation script. I'd rather have problems upgrading a few machines at a time than have every one of my computers in an undefined state and the phone ringing off the hook.

Red Hat 5.0 Tweaks and Tips

New Features

With ``New VERSION 5.0'' written in friendly large blue letters on the cover and a rewritten installation section, the manual has grown significantly since the 4.2 release. Release notes and upgrades are available on the Red Hat web site, as well as on the CD-ROM. Just as I wouldn't recommend seriously using NT or Windows 95 without the associated resource kit, I recommend a companion book like Running Linux or the Linux Network Administrator's Guide from O'Reilly and Associates.

Glibc and Linux 2.0.31--A Line Drawn in the Sand

The biggest change in 5.0 is the switch to a different C library, Glibc. Linux 2.1.x kernel development is hopefully nearing the end of a long and exceptionally chaotic development cycle--the new dcache, finer grained SMP and a raft of new features and performance enhancements are causing trouble. This is nothing new for Linux, but it's been a long time since the last ``stable'' release of 2.1. On top of all the ongoing kernel changes is a new standard GNU C library, Glibc. Glibc has a clean threads implementation, transparent support for IPv4 and IPv6, improved linking and other incremental improvements that ultimately turn it into a whole new animal. The combination of new library plus new kernel code makes it harder to isolate bugs.

By biting the bullet now, choosing to bundle the new C library and stick with a proven release of the kernel, Red Hat is doing the world's Linux developers and ultimately its users a service. Threading is a standard feature of competing operating systems, such as NT and Solaris, and very important to Linux's new bleeding edge GUIs: KDE and Enlightenment. In the short term there will be a flurry of Red Hat 5.0 incompatible software which should be cleaned up by the time you read this article.

The Not So Graphical Desktop

The graphical on-line help system is still hopelessly crude. The tools (notably htdig) exist to make an excellent searchable archive of all the included html/text documentation, and it's too bad that the default help system is so slow and clunky. The Red Hat 5.0 network configurator now has support for configuring a PAP (password authentication protocol) PPP session, which saves some troublesome scripting.

Security, Patches and Upgrades

Red Hat 5.0 includes many security enhancements. Because of the change to Glibc, all of the applications had to be recompiled and relinked. As a result, it is hard to tell which programs have been upgraded or changed.

Yet, there are (as of this writing) 54 additional patches in http://www.redhat.com/support/docs/rhl/rh50-errata-general.html and 8 in Intel, including a critical kernel upgrade that blocks the Teardrop attack. The Teardrop Denial of Service attack immediately made the kernel (2.0.30) shipped with this release obsolete. Someone decided to hit me with Teardrop, crashing my servers every night for two weeks. The newest kernel (2.0.32) successfully detects, logs and blocks this attack.

You should immediately install a new kernel and many of the RPMs if you intend to use your 5.0 system on the Internet. On installing a new release, the first commands I run are:

mkdir /usr/local/rpms
cd /usr/local/rpms
ncftp -R -d 5 \
	ftp.redhat.com:/pub/linux/redhat-5.0/
rpm -i -upgrade *
Substitute your favorite mirror for the FTP address. The wget utility (available from the GNU archives) is slightly better for mirroring sites in this fashion, as it supports both FTP and HTTP, partial file/directory transfers, time-stamped updates and automatically uses PASV mode (necessary for FTP to work through a firewall).

The fact that patches for these problems are so readily available is a tribute to the flexibility of RPM and the hard working bunch of Linux folk who are countering the persistent cracking community.

Maximum RPMs

RPM's FTP and FTP proxy support are now documented on the man page, but to use RPM effectively to distribute your own software requires the book, Maximum RPMs, available from Red Hat.

The UNIX world needs a software installer of the caliber of the Windows 95/NT Installshield. RPM is a good, even great start, but Debian Linux's installer beats the RPM/GLINT combination for both interactivity and ease of use. An RPM/GLINT release combining the best features of RPM and Debian would be a good thing.

Linux Versus Microsoft NT

Commercial Features

The RedBaron web browser has been dropped--Netscape 4.04 is freely available and is a vastly superior product. You will have to download it from the Net, however, as it's not bundled on the CD--yet.

Metro-X boasts of a nice configuration screen, added card support and improved color depth, resolution and performance over the XFree86 release of the X server. In my case, Metro-X is of marginal utility--the XFree and S.u.S.E. drivers for my ET6000 and Mystique cards are as fast or faster and more reliable. You have to configure XFree in order to even try to configure Metro Link in many cases.

Metro Link has some excellent add-on libraries, notably OpenGL, which is experiencing enormous interest in light of the PC gaming phenomenon. If you intend to use OpenGL, the bundled Metro-X server saves you money against the purchase of the extra OpenGL libraries. Your other choice is the freely available OpenGL clone, MESA, which converts OpenGL calls into X code--which is, in theory, much slower.

The new backup program with the unwieldy name of BRU 2000-PE is straightforward enough for a single-user environment. In my environment, where I have to back up multiple machines to a single tape drive, through a firewall, the combination of cpio/dump and ssh works exceptionally well.

The newly bundled RealAudio 5.0 server and client are very sexy products. I've now hooked up my studio to my main Linux box so that I can broadcast live sessions to the Internet. The server operated flawlessly. The live encoder worked great once I had a working sound card and worked out the correct encoding rate. The 95/NT versions of the software have nicer interfaces, but I've already had months and months of uptime on my primary RealAudio server.

Favorite Features

The sendmail featured in this release has improved anti-spam protection. No longer is it possible for a random spammer to use your host as an unwitting e-mail relay.

TheNextLevel is an excellent front end to X, offering much the same look and feel as Windows 95 and NT 4.0. The Red Hat 5.0 release of TheNextLevel is much closer to the look and feel of Windows 95; in particular, the ``feature'' of having to click to gain keyboard focus is enabled by default now, so first-time Linux users feel more at home.

Corporate Support

Red Hat has announced a set of support plans and partnerships that should make Linux more acceptable in the corporate world. Also, Linux's distributed support model has recently won awards from Infoworld and other magazines for ``Best Technical Support''.

Conclusion

Over the course of these upgrades I did a number of things that are difficult, expensive or impossible to do with NT or Windows 95. Immediately after the base install was complete, I was able to exit the computer room. From the comfort of my own office, I completed the upgrades, added additional software, etc. From the comfort of my home, through two firewalls, I initiated a remote backup, did an A/B comparison of the new features of Red Hat via X in an ssh tunnel, wrote this review and installed, configured or updated even more of the Linux software. UNIX's enormous advantage in the remote administration area will probably continue into the age of high speed Internet access in the home.

Red Hat 5.0 is a solid core Linux distribution with a sharp eye out for the future. The new Glibc library implies a little risk and breaks some backward compatibility--expect to update this library a lot over the coming months as new bugs are found and fixed--however, the additional features are worth it. The future for both Red Hat and Linux looks very exciting--with the rapidly advancing KDE and GNOME/Enlightenment desktops and the release of Netscape source code.

But it's not all clover. During the installation, configuration and upgrade process there remain many problems which stopped two otherwise enthusiastic first time users and had me stumped more than once.

Due to the large number of patches and upgrades already required, I'm going to wait for 5.1 to put this release onto the rest of my production machines. I'm very concerned about potential security holes in Glibc. Red Hat 5.0 is an evolutionary release. Sometimes you have to take a step backward to take two steps forward. Red Hat 4.2 is a more mature, easier to use distribution than Red Hat 5.0. At this point I'd recommend 5.0 only to developers.

Red Hat is freely available from the Internet and in a commercial release that costs $49.95 US. It is also available bundled with books, manuals and/or applications.

Red Hat Alpha

Mike Taht is recovering from a two-year stint of running an ISP by writing, coding and surfing the Web from the comfort of his own ISDN line. He can be reached at mtaht@picketwyre.com.

 

Retro is into CGI/DBI programming, weird architectures and the EGCS project. He plans to disappear into the Santa Cruz Mountains with his laptop on March 31 and return with a working Netscape for Alpha Linux. He can be reached via e-mail at Retro@picketwyre.com.