back to article CentOS Stream: 'I was slow on the uptake, but I get what they are doing now,' says Rocky Linux founder

Greg Kurtzer, co-founder of CentOS and founder of Rocky Linux, has told The Register that despite the "negative effect" around the end of CentOS 8, he now believes that the focus on CentOS Stream is better for the community. Rocky Linux 8.4 Rocky Linux: now GA if you can manage without secure boot Last December Red Hat …

  1. Anonymous Coward
    Anonymous Coward

    Corporate rag?

    "the key to longevity for an open-source project is "having multiple companies involved and having a voice... it's going to create the stability that people need right now in open source,"

    Which companies are buying mouth peices by the word today? This guy is deep in the pocket, hope he sees that. The "stability people need"... I think Balmer mentioned that during one of his exercise videos.

    Whatever, I have to finish a FreeCAD project.

    1. Doctor Syntax Silver badge

      Re: Corporate rag?

      AFAICS he was dead right. If White Box had still been on the go and Scientific Linux hadn't been winding down maintaining their own build in favour of CentOS the abrupt EoL wouldn't have mattered very much; Red Hat might not even have pulled the move at all. Now we're back to multiple RHEL equivalents anyone who wants to go down that path knows that they have some assurance that the rug can't be pulled out from under them that easily now.

      1. Anonymous Coward
        Anonymous Coward

        Re: Corporate rag?

        You're probably right, but I don't think it's that he's dead right or dead wrong, it's that he generalized the statement for all of "open-source", not just exclusively to his project, RHEL or a specific type of software (ie. server). Company influence might be all he can see now as an answer, but he might want to stop from throwing all of open source into his view of needing more corporate control in open source. Which BTW, seems to be happening a lot more than he's aware of... a lot more and that's obvious to us all. The part where he states "people need" has to be narrowing the context to CentOS devlopers, but that is eerily compounded with corporate voices. I'm clearly paranoid, but something doesn't sit right with that for me, but I think it proves that Red Hat's move was going to happen no matter what (or at least that feeling was pressed upon him all the others, which adds up). But yeh, on the whole his statement to me seems like a corporate voice trying to put out fires :-/

        Assuming the context is open source and not strictly CentOS/RHEL/siblings, then longevity cuts both ways with corporate "voices", just look at the current state of Audacity.

        I mentioned FreeCAD because it's older than CentOS, has no company voices and is only getting better.

        1. Zolko Silver badge

          Re: Corporate rag?

          I mentioned FreeCAD because it's older than CentOS, has no company voices ...

          this is actually really becoming a problem.

    2. steelpillow Silver badge
      Trollface

      Re: Corporate rag?

      "the key to longevity for an open-source project is "having multiple companies involved and having a voice... it's going to create the stability that people need right now in open source,"

      Thank goodness Poettering is an alias for a large and stable community. SystemD had me worried for a minute, there.

  2. Jusme

    "Kurtzer said that Microsoft, which issues the certificates, had delayed things"

    Do these words not make anyone who cares about open and free software a little bit worried?

    The fact that _Microsoft_ have total and absolute control of what you are allowed to run on your hardware?"

    The may well be playing sort-of fair at the moment (but still dragging their feet and griefing a legitimate project), but they can raise the barrier whenever they want.

    And don't say "secure boot is totally optional, so it doesn't matter". It's a very small step to it becoming mandatory in the current paranoid climate...

    1. Doctor Syntax Silver badge

      Re: "Kurtzer said that Microsoft, which issues the certificates, had delayed things"

      It's something that needs to be handed over to an independent foundation ASAP.

      1. Alumoi Silver badge

        Re: "Kurtzer said that Microsoft, which issues the certificates, had delayed things"

        One composed of Microsoft, Apple, Intel, NSA, MI6 and...?

        1. tekHedd

          Boot consortium

          Don't forget Google, archenemy of self-signed certs.

          Once we can only boot approved OSs and launch approved apps from the official store, we can prevent "evil" software from viewing "bad" web content (signed certs only!). We and our children will finally be safe. Hooray.

        2. gregzeng

          Re: "Kurtzer said that Microsoft, which issues the certificates, had delayed things"

          Agreed. Looking now at the government of India & Twitter. Here in Australia, & our relationship with Google, Amazon, YouTube, etc. Similarly with Europe, China, Singapore, etc. And all their censorship, NSA, extradition laws, regulations, etc. Very complicated & messy. No final solution ever, since changes happen continuously.

          1. Roland6 Silver badge

            Re: "Kurtzer said that Microsoft, which issues the certificates, had delayed things"

            >Agreed. Looking now at the government of...

            Also leaving the door open to another Trump to instruct MS (a US company) not to issue certificates for OS abc from Chinese company xyz...

        3. YetAnotherJoeBlow Bronze badge

          Re: "Kurtzer said that Microsoft, which issues the certificates, had delayed things"

          I would bet a case of 25 yo scotch that at the very least the spooks have access to, not necessarily pocession of, the signing keys with (or without) M$ blessing.

          When you think about it, they would not be doing their job if they did not have that access.

          As bankers say know your customer, we say know your signer. If the key is not around your neck, it is not secure. If you want security, you need to own your BIOS and proto board. Sign it yourself - very easy to do I might add.

          1. Aitor 1 Silver badge

            Re: "Kurtzer said that Microsoft, which issues the certificates, had delayed things"

            They just demand google and M$ to give them the keys or sign, quietly. Probably they just have the keys.

            And this brings us to google not signing themselves the apps.. not suspicious at all.

  3. bombastic bob Silver badge
    Devil

    pulling source from the CentOS repo

    I was thinking about this a while ago, when CentOS Stream and Rocky first became "A Thing", that NOW we have a 'preview' release of the bleeding edge code, before it becomes a stable release. But to have RHEL also cut from the same preview distro (more or less) as Rocky means that Rocky should be at roughly the same point as RHEL as far as package versions and software updates and stability are concerned.

    So yeah, it's a good thing. RH may have done us a favor after all. (But they should've been more up front about it)

    1. rcxb1 Bronze badge

      Re: pulling source from the CentOS repo

      There's no reason they had to drop CentOS-8 stable to work on CentOS-8 Stream. Both were in the works, together. In fact controlling both sides, RedHat could have demonstrated the way forward to everyone rebuilding RHEL.

      So what was the point of killing CentOS-8 stable? If they didn't want to spend the money, they could have offered RHEL8 for free, unlimited, for anyone who doesn't need/want support.

      1. hoola Silver badge

        Re: pulling source from the CentOS repo

        To push people into buying a full RHEL license.

        I believe this has been all about money, the fact that many will simply just go to another distribution if they can does not appear to have occurred to them.

        As another comment eludes to the real danger is going to be if the OS ends up needing to be certified to run on the hardware. No key in the TPM, no run.....

        It will all be pushed as security as this then makes it appear legitimate but it will actually be a few big corporations forcing lock-in.

  4. gregzeng

    Centos Stream, equals Ubuntu Core.

    Rocky & RHEL are both equally downstream now from RHEL-Core ("Stream"). PC Linux OS (PCLOS) uses RPM packages, but has its own version of Synaptic Package manager, from the Debian versions. Most creators of Linux systems use Debian package manager, since RPM seems so difficult to create compatible binary codes: PCLOS, SUSE, etc.

    Linux knows this mess. Hence Snapd, Flatpak & Wayland, to try to assist 3rd party application development (hardware, software, networks, IoT, teachers, students, users). Linux has many common catch-ups (competitors, adversaries,... ): Microsoft, Apple, Android, Wear OS, etc. Other than servers, IoT, & cloud, will Linux defeat the more used trademarks?

  5. gregzeng

    Many governance options. Best?

    Open management governance is still a developing science, rather than a mature applied science, or a technology. The "Rocky" legal structure has chosen not to be as open as the old Centos, now agreed on as "Centos Stream".

    There are many "experiments" in open management. "The Linux Foundation", Wikipedia, and the constitution of many national nation-states, democratic or not. The pure science of human resources is still being researched. Factions, forks, appeals, QA, engineering tolerances, "etiquette", closed source binary bits, elections, etc.

    All this, seems to be in my version of Computer Intelligence, Cognitive Sciences, or "Artificial Intelligence" (AI).

  6. Anonymous Coward
    Anonymous Coward

    Biting the hand or Rockin the boat?

    I constantly wonder where this obsession to kill community OS projects comes from. Redhat promised not to kill Centos when they took over.... only to kill it later.

    Arent community contributions that drive innovation and discovery? Bringing things to market isnt that the last step involving Redhats "subscription" cost? Everything else gets built in the community .... So why kill that golden goose????

    1. Anonymous Coward
      Anonymous Coward

      Re: Biting the hand or Rockin the boat?

      I don't see that RedHat killed anything. If they don't want to maintain it anymore, someone else can step up...

      ...oh wait... Nothing seems to happen if RedHat doesn't pay for it.

  7. mark l 2 Silver badge
    Joke

    It was lucky the CentOS co-founder had a cool first name they could use for their new RHEL compatible distro, as I doubt it would have sounded as good if it was Keith or Brian Linux

    1. W.S.Gosset Silver badge

      Re: cool first name

      Choosing a good name can really make a difference.

      Karen Linux got absolutely nowhere.

      1. W.S.Gosset Silver badge

        Even a cool Marketing Slogan couldn't save it

        "Do you Karen uff?"

      2. UK DM

        Re: cool first name

        Nor to mention the renaming of the "Coq" programming language. Yes I agree naming things in IT is important.

        https://www.theregister.com/2021/06/15/coq_programming_language_change/

    2. Chris J

      Would have been better if his first name was "Relax"

      >> We need to change our servers' operating system software.

      Why?

      >> Something to do with upstream changes.

      OK, as long as it's a nice, calm, stable migration. What's the new software called?

      >> Rocky Linux

  8. LDS Silver badge

    "very large enterprises that were in the process of transitioning"

    Probably the ones IBM wanted to sell RedHat too... since they were just exploiting the free stuff...

  9. MarkSitkowski

    Stability? Bah, Humbug

    This word 'stability' that's being bandied around is a little overworked. The fact that an operating system is the vehicle fin which applications run should be a clue to the fact that it should not have a drastic change with each new release.

    Stability is what we had with SunOS 4, when each new release only contained minor improvements, which needed no changes to administrative procedures, and no need to recompile applications.

    Now, it seems that Linux has gone the way of Windows, where every version contains incompatibilities with other versions, and each new release contains crap that nobody needed, but that some developer decided was good for you.

    Now that there are dozens of things claiming to be 'Linux', which one do you choose, in the fond hope that it'll still be around in a few years? If you compile your product on one incarnation, are you sure it'll run on all the others?

    I stopped updating CentOS after 6.9, since it had all the features I needed, but it was becoming apparent that somebody had started to pretend it was an application, which needed more 'features'.

    Take a lesson from Boeing: If it ain't broke, don't fix it.

    1. Andre Carneiro

      Re: Stability? Bah, Humbug

      Nobody should be taking lessons from the current incarnation of Boeing, unless it is on how to NOT do things.

    2. MattPi

      Re: Stability? Bah, Humbug

      This word 'stability' that's being bandied around is a little overworked. The fact that an operating system is the vehicle fin which applications run should be a clue to the fact that it should not have a drastic change with each new release.

      You should check out RH's Application guide; they have fairly clear policies on what can change between major, minor, and patch releases. https://access.redhat.com/articles/rhel8-abi-compatibility

      Stability is what we had with SunOS 4, when each new release only contained minor improvements, which needed no changes to administrative procedures, and no need to recompile applications.

      Unless you do something strange, you're not not going to have to recompile your application within major releases of any distro that claims to be "Enterprise", that's the whole point.

      Take a lesson from Boeing: If it ain't broke, don't fix it.

      Progress: we've heard of it (and are very afraid)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like

Biting the hand that feeds IT © 1998–2022