Since its first version, in 2003, Red Hat's Fedora Linux has been the best place to track what's on the leading edge of Linux and open-source software. Of course, the trouble with running on the leading edge is that it's easy to get cut, and the Fedora distribution's fast development pace has required a certain amount of bug-squashing tolerance from its users.
Fedora 13, which began shipping in late May, boasts many of the leading-edge enhancements—and few of the rough spots—that I've come to expect from the popular Linux-based operating system. In particular, I appreciated the work the Fedora team has done in the area of security and permissions, with progress toward more granular rights management through Fedora's PolicyKit framework, and an implementation of the SELinux (Security-Enhanced Linux) framework that remained, for the most part, tucked away unobtrusively in the background.
In addition to serving as a sort of first look at the latest and greatest in Linux and open-source software in general—and future Red Hat Enterprise Linux (RHEL) releases in particular—Fedora 13 can serve in a full gamut of Linux roles, as long as Fedora-embracing users are prepared to upgrade their systems about once a year.
For this reason, smoother edges notwithstanding, enterprises in search of a more long-lived Linux distribution for production roles would do best to turn to RHEL, or, for organizations prepared to provide their own support, the freely available RHEL clone CentOS.
The fast-moving nature of Fedora 13 fits best with desktop and developer workstation roles, where users are most likely to appreciate the up-to-date versions of the desktop-oriented open-source software that ships with the distribution, including Version 2.30 of the GNOME desktop environment, Version 3.2 of the OpenOffice.org productivity suite and Version 3.6.3 of the Firefox Web browser.
Fedora 13 is available as a free download from http://fedoraproject.org/get-fedora, with separate versions that support the x86 and x86-64 platforms. Beginning with Fedora 13, the Power PC CPU architecture has been reduced to secondary architecture status, where its ongoing development will depend on volunteer efforts.
Fedora 13 in the Lab
I tested the x86-64 version of Fedora 13 on a Lenovo ThinkPad T60 and on virtual machines running under Fedora 13's implementation of the Linux KVM (Kernel-based Virtual Machine) virtualization host.
The x86 and x86-64 versions are available as DVD or CD images that comprise the entire distribution, as well as in Live CD and Live USB images that may be used to try out Fedora without modifying your hard drive. With the Live USB images, it's possible to save data from the live sessions on USB sticks, which makes them more convenient to use than the CD images.
Fedora 13 ships with a new, optional user management utility, called AccountsDialog, which will eventually replace Red Hat's system-config-users tool. The new tool puts a graphical face on some of the work that Red Hat has been doing to whittle away at the all-powerful superuser account in favor of more granularly parcelled permissions. For instance, where the existing utility runs as the root user from the get-go, the new tool launches without requiring administrator rights and asks for rights elevation as needed.
Red Hat has been moving in this direction over its past few releases, removing the requirement for administrative applications to run entirely with superuser rights, and tapping the PolicyKit framework to handle the permission-granting. What caught my eye in the new user tool is the option to configure users as Standard, Administrator or Supervised, with the unfamiliar-looking Supervised bucket as the default.
While the primary user account I'd created remained in the Supervised bucket, applications that supported the PolicyKit framework would ask for my system's root password when they required rights elevation. When I shifted my account to the Administrator class, the system asked instead for my account password. This change in permissions management sets the stage to give certain administrative rights to certain users, thereby allowing for finer-grained control over the system.
The move toward embracing PolicyKit within Fedora is still going on, and many tools still require root permissions. I used a command line utility, pkexec, to elevate my permissions to run some of these applications, but this tool does not work with graphical applications. For more information on the changes involving the user management tool and PolicyKit, see this mailing list thread: tinyurl.com/23d8xxq.
Elsewhere in the release, I was pleased to find that Red Hat's handy network management framework, cleverly known as NetworkManager, has picked up a command line interface to go along with the graphical tools to which it's been limited so far. The new utility, called cnetworkmanager, should be a welcome sight for those who work with headless Fedora servers and would like to use the same network configuration tool they've become accustomed to on GUI-based systems.
Another cool Fedora 13 feature that caught my eye was BFO, a Fedora take on the BKO (boot.kernel.org) project that enables administrators to boot a machine from a very small disc image and run or install Fedora from the network. I installed one of my test VMs using a svelte 626KB BFO image and found the process more streamlined than with previous Fedora network installation attempts. I recommend editing the boot command from the GRUB (Grand Unified Bootloader) screen to point to a nearby mirror of Fedora. I typically opt for the kernel.org mirror here in San Francisco.
I mentioned at the top of this review that my tests using Fedora 13 were nearly free of SELinux issues: The mandatory access control framework, which comes enabled on Fedora, typically gives me some trouble during tests. This time around, all was smooth until I hit Bug 566332 while connecting to my BlackBerry 8330 phone via Bluetooth. On the bright side, this snag gave me the opportunity to see Fedora's new SELinux trobuleshooter panel icon, which is modeled after an automobile's check engine light. (source: Jason Brooks - eweeks.com)
No comments:
Post a Comment