Category Archives: Mandriva

rsec, msec, sectool.. hmmm… I smell opportunities

September 2, 2009

So I was approached by Eugeni, one of my former fellows at Mandriva, today about some collaboration in regards to Mandriva’s msec and my way-back-when fork for Annvix, rsec. He wrote a blog post about msec’s future and plans detailing the things he wants to do with msec in the future. So he dropped me a line to see how I’d feel about making msec and rsec play nice together so there wouldn’t necessarily be a need for both (since there is obviously some duplication of functionality, one being a fork of the other after all).

So I think this might be a good move. rsec is essentially a complete tool, but if we can swap in msec’s plugin functionality for the reports and make it so that is can be a standalone component separate from msec (be it that msec drops the reporting capabilities and adopts a refreshed rsec as a dependency, or whether msec permits building just the reporting capabilities separate from the msec stuff), then I’m definitely game. What might be interesting, however, is to see how msec and rsec can be merged with sectool in some way. To be honest, I’d never heard of sectool until Eugeni mentioned it… it’s a Fedora project so it might have a lot of Red Hat/Fedora-specific stuff in there, but if it is or could be more generalized to do what msec does as well as what rsec does, then maybe there’s a place for one tool to take the place of three tools and have a broader usage base and become a better tool.

The opportunity here to build a better tool out of two, or maybe even three, tools is quite interesting and one of the things I love about open source. Merging msec and rsec should be quite easy I think. Merging with sectool might be more difficult, but I see a lot of crossover in what msec and sectool both do already — there really is no reason to have a Mandriva-specific tool and a Fedora-specific tool that do the same thing. I suspect sectool might be good at creating decent reports which may even obsolete the need for rsec. Taking a closer look at sectool will help me determine if that is the case (and then it remains to be seen if there is a sectool build for EPEL or if it can be done since I’m currently using rsec on some Red Hat Enterprise Linux 5 and CentOS 5 systems).

Either way, I smell some possibilities here.

Also posted in Linux, Red Hat 0 Comments

Never a dull moment with Mandriva…

January 30, 2009

Well, today is my last day and so without much fanfare I say “adieu” to Mandriva.

As the title indicates, never a dull moment. You get spoiled with new stuff, then have to go back and re-setup old stuff. Part of this switch for Oden is that the build system goes with him, but of course it’s cheaper to just get him new equipment than to send my aging stuff. No problem there, and probably better. Except that my host was 2008.1, his is 2009.0 due to some problems with 2008.1 he was having. Then all kinds of crap started going sideways.

Fortunately, I managed to get it all sorted out. Unfortunately, it came in really close as Mandriva only gave me a week to get Oden up to speed. I leave him in Gustavo’s capable hands because, well, I had my hands full getting the new machine up to speed, nevermind Oden himself. Oh well. Another week would have been great, but we weren’t given it. I’m sure he’ll be able to get his head wrapped around it all. =) If nothing else, it all seems to be working.

So my last week at Mandriva was exciting, frustrating as hell trying to get chroots of Corporate Server 3 installed on a 2009.0 host, and mind-numbingly slow with massive rsyncs that will end up taking about 5 days to complete (still not done).

Unfortunately, I will probably have zero time to do much of anything with Mandriva after this and, quite honestly, I don’t know if there is any desire on my part to, or any desire on my new employer’s part either. I should probably be spending any “leisure” time farting around with Fedora or RHEL at this point.

So good luck all my many friends, past and present, at Mandriva and in the Mandriva community! Strange and (hopefully!) wonderful things lie in store for me, I think. I’m excited and nervous, but up for the change and challenge moving to Red Hat will give me.

Farewell!

4 Comments

Leaving Mandriva… again

January 23, 2009

Well, that cat is out of the bag now (finally). As noted here:

http://blog.mandriva.com/2009/01/23/goodbye-vincent-welcome-back-oden/

I am leaving Mandriva after almost 9 years. And I quote:

After nearly 9 years, Vincent Danen will be leaving Mandriva at the end of this month. Again we would like to thank him for his commitment and endeavour whilst at Mandriva. We wish him every success in his future activities. As he said himself, he was also largely “a pain in the developers’ collective backsides with his push for better security in the Mandriva products” and added that we may have forgiven him “because his heart was in the right place” :) .

“I have worked for Mandrakesoft/Mandriva since mid-2000. I was responsible for security updates for all released Mandriva products, and coordinated the release of all bugfix and enhancement updates as well. In addition, I tried to be creative and have initiative outside the scope of my “day-to-day” work and setup the old MandrakeSecure web site (a collection of security-related articles), the migration from Warlyzilla to Bugzilla 3.x, the migration from Twiki to MediaWiki and the merger of both official and community wiki’s into one single comprehensive community-driven-yet-official wiki. I also fondly remember many tussles with the other guys in R&D over security and security-related practices that made for interesting and aggressive conversations. =)
Linux-Mandrake was one of the first distributions I used seriously, and Mandriva is still my favorite. I will always have a soft spot for it, and fond memories of my co-workers and friends, and the community Mandriva is blessed to have.” said Vincent.

This departure will not leave empty chair, as security is something essential for distribution. We would like to thank oden Eriksson who will be in charge of security team. Welcome back Oden!

Not much more to say than that. I am, actually, extremely happy with how this worked out (Oden coming back). I think it’s fantastic that my leaving makes way for Oden to come back. The only thing I’d like to add is that I’m leaving on my own terms… I have *not* been laid off (again). So this one actually is a good thing (well, maybe not so good for Mandriva, but…). Anyways, to make a long story short… I’ll still be doing security work, and open source stuff, but with a different company. I’ll be wearing a different hat, so to speak. I’ll leave it to the enlightened to figure out what that means. =)

7 Comments

Mandriva update statistics

December 17, 2008

Some statistics, before I go on holidays until the end of the year.

Looking at bugfix updates, we’ve seen a steady increase since I’ve kept track (going back to 1999, although I think in 1999 it was only a half-year of doing updates).

  • 1999: 13
  • 2000: 24
  • 2001: 25
  • 2002: 27
  • 2003: 44
  • 2004: 64
  • 2005: 65
  • 2006: 67
  • 2007: 144
  • 2008: 214 (to-date)

For security updates, it’s not quite as drastic, at least not in the last few years (but compared to 1999… wow):

  • 1999: 18
  • 2000: 108
  • 2001: 120
  • 2002: 102
  • 2003: 143
  • 2004: 176
  • 2005: 249
  • 2006: 251
  • 2007: 262
  • 2008: 263 (to-date)

I have nothing really to say other than I like numbers and my last “statistical analysis” met with so much success (hi Adam!) =)

Anyways, I find it fascinating and it really indicates why I’ve spent so little time on development in the last few years. When the number of advisories were half what they currently are, or less, I was much more active in cooker, writing documentation, etc. Now, it’s hard enough just keeping up with the security updates and you guys are determined to keep me busy with these bugfix updates!

9 Comments

Sad metrics on community decline

December 5, 2008

I’ve been saying it for a while, but never really put hard evidence to it. Our community has declined and by the numbers I’ll produce, I’m going to say it declined a lot. I just wrote a quick shell script to parse the number of messages posted to each given list (cooker, expert, and newbie) since 2003 (takes the total for each month and adds them together to get the yearly total). Of course, we still have 3.5 weeks in December, but I doubt that will make the numbers any more “impressive”.

Of course, to put things into perspective, some of this has likely been off-loaded to the Club forums. I have no idea how many posts are there and how they change from year to year. It also looks like 2005->2006 was extremely significant, but my memory is hazy and I don’t remember what happened there (well, I’m too lazy to try and figure out what happened there… something negative anyways).

EDIT: Well, a few comments have put this more into perspective, especially for the cooker list. Anne reminded me that all the bugzilla mails used to go to cooker@ and they don’t anymore (having the bugs@ list). That accounts for the massive drop in “activity” on the cooker list. And it seems like forums are becoming so much more popular that the mailing lists are dying as a result (not necessarily a bad thing, but at the same time… maybe shut down the “support” lists and go for a straight-forum model?) Anyways, I’ll leave the numbers up as food for thought, but it’s not such a “sad metric” as I first said. My bad. =)

For cooker, the main development list:

  • cooker-2008: 14288
  • cooker-2007: 40088
  • cooker-2006: 52681
  • cooker-2005: 52225
  • cooker-2004: 51977
  • cooker-2003: 51180

For the expert list, which is a community-driven support list:

  • expert-2008: 2274
  • expert-2007: 5667
  • expert-2006: 5798
  • expert-2005: 16090
  • expert-2004: 22190
  • expert-2003: 22085

And for the newbie list:

  • newbie-2008: 1460
  • newbie-2007: 2342
  • newbie-2006: 4860
  • newbie-2005: 13687
  • newbie-2004: 2823
  • newbie-2003: 35134

Something else to chew on.

21 Comments

Do we matter?

December 3, 2008

A good friend of mine has over the last little while been feeding me some really great books that have made me re-evaluate a lot of things. The first book is “PresentationZen” (ISBN: 978-0-321-52565-9) which gives some really great ideas regarding presentation design and delivery of presentations. While it primarily focuses on design pertaining to things like powerpoint, the “rules” the author talks about (be they rules of design or rules of how humans look at and interact with things) are powerful and applicable to everything, including software design/presentation, or web sites, or anything you *look* at.

The second book, which I haven’t quite finished yet, but which absolutely blew me away, is “Do you matter? How great design will make people love your company” (ISBN: 978-0-13-714244-6). This book is freaking amazing.

Speaking in the context of Mandriva, this is a book every developer, manager, and CEO needs to read. It’s no revelation that we’re in a bit of a tough spot and I think (although I don’t know for sure) that the CEO is seeking to reinvent Mandriva in some way to make us profitable. Nothing wrong with the idea, but the execution may be up for debate. I have no doubt that he can do it (his track record shows he’s done it before), but the dynamics are different with this kind of company compared to a traditional company. Which makes the ideas and things brought up in “Do you matter?” especially relevant.

The basic premise is that “design” is the be-all and end-all, and the ultimate indicator of good design is customer experience and, more importantly, customer *emotion*. So much so that the first goal and focus, above all else, should be the customer experience/emotion. It’s no surprise to anyone that without customers, no company can survive. But without happy and satisfied customers, no company can *thrive*.

To use one of the authors examples, look at Microsoft vs Apple. In Microsoft’s case, there is extremely poor design… in all aspects of the company (we’re not just talking software here, but the whole “culture” — everything that brings the customer an experience, whether it’s good or bad). The basic consensus of people when they think of Microsoft is like that of the utility company — they don’t really like them, but they need them. Contrast that to Apple where most people love the products, be it the iPod, iPhone, hardware, OS… whatever. Apple takes the design-driven company all the way. From presentations at WWDC, to the box you get your iPod in, to the ease-of-use and look-n-feel of Mac OS X, the customer experience is the first thing in their minds. And this is why they can charge a premium on their stuff, and people will willingly pay it. For the *experience* the end user gets and the emotions it creates (think warm fuzzies).

You can contrast this to anything. If you had a rotten experience at one hotel, do you go back? Or do you try something that is more expensive and find a great experience there? In the future, do you save a few bucks for a crappy experience, or spend a few more for a great experience? What about the store you buy groceries from? Where you buy coffee? Sure, for some people price rules, but for many people it’s all about the experience. If you buy a car, and it’s a really great price and turns out to be utter crap, do you buy another car from this company? Or do you spend more to buy a better car, with a better experience? And what is your perception of the first company? That they sell crappy cars, have poor customer service, and you’re damn well going to tell everyone you know to avoid them like the plague.

So… bottom line is the customer experience and the emotions that experience generates.

I’ll probably blog more about this and break it up into a few pieces, but let me leave you with a few questions asked in the book “Do you matter?”

  • Who are you?
  • What do you do?
  • Do your customers care if you live or die?

These are potent questions.

Who are you? An open source company? How about something deeper than that. An open source company that provides a Linux distribution? Still pretty vague. Who are you *really*? An open source Linux company that aims to bring the best possible Linux-based desktop experience? That sounds pretty good… but is that who we actually *are*?

What do you do? Provide a Linux distribution. Not deep enough. Think about it. What do we *do*? What is the actual end *goal*?

Do your customers care if you live or die? This is the real question. With the many blog posts, articles, forum threads, and so forth I have to say that yes, our customers/users care. Would their lives diminish somewhat if we weren’t around? I’d like to think that yes, it would. But would it *really*? There’s always Ubuntu. Always Fedora. I hear OpenSUSE is pretty decent. What distinguishes *us* from *them* to the point that there would be the equivalent of an online “riot” if Mandriva all of a sudden disappeared?

I don’t have the answers to these questions. I do know that we used to have pretty clear goals and really strove to meet them. And we also had a massive community then too. Extremely active mailing lists, you name it… Mandrake was *the* distro. And somehow, somewhere, we lost our way. Maybe we lost our focus on the customer experience. I don’t know. I do know that it can be turned around… it’s not too late. I think one solution is to become a design-driven company and put the user experience first and foremost, above everything else. And then design our technology, methodology, philosophy, business practices, etc. around it. It wouldn’t be easy, but it could work.

For anyone running a company, or starting a company, or even anyone involved in any kind of organization or community, I *highly* recommend reading “Do you matter?”. It provides insight into things I never before thought of and answers the one nagging question I’ve had for years: Why is Ubuntu so popular when it’s technologically inferior? I don’t mean to start a flamewar or anything here, but the tools Mandriva has blow away anything Ubuntu has. I’ve tried it, and didn’t like it (possibly because I’m jaded by too much Mandriva exposure, who knows). But that doesn’t change the fact that Ubuntu has had such wild success that to many people Linux == Ubuntu.

Makes you wonder… there are a number of tissue-creating companies out there… Scotties, Kleenex, the no-name brands you find at the grocery store. Yet what is a tissue commonly called, without even thinking? Kleenex.

I’ll leave that for you to chew on.

Also posted in Linux 7 Comments
« Older posts