Those of you who know me will be familiar with the server configuration I used for just short of one year. I ran Fedora Core 4 on BigMomma on a 10K RPM SCSI disk. I’m really starting to wonder now: are the newer Red Hat operating systems (FC6/7, RHEL5, and non-affiliated RHEL clone CentOS 5) really as powerful as the older ones? Sure they are - for enterprises. I don’t need Xen virtualization (my server can’t handle it anyway) or clustered storage. I just need a LAMP web server, mail facilities, a local file sharing setup like NFS, and DHCP/DNS server apps. Fedora 4 did that just fine. So why did I move to CentOS 5?

One reason: security. The Fedora Legacy project is dead. Thus, according to Red Hat, Fedora Core 4 is dead. Since nobody is supporting it anymore, I’ve decided to stop using it under the excuse of keeping my server safe. Even worse, all of the update mirrors are shutting down because their content is becoming stale. That’s understandable, but wouldn’t it be a smart idea to keep at least at least two mirrors running, one in the U.S. and one in Europe? Otherwise, Fedora Core 4 and its predecessor Red Hat Linux 9 will be lost forever.

That’s a problem, because tons of servers still run FC4 - even a few Wikimedia servers. Sure a server can be secured even if the software is out of date, but what about vulnerabilities like the mod_rewrite hole in Apache about 9 months ago? I use mod_rewrite extensively - if that hole wasn’t patched in FC4 or RHL9, that leaves thousands of servers across the net vulnerable. To alleviate as many security fears as possible, I have downloaded the update repositories for FC4 and RHL9 in their entirety, but I have no plans to make these public because I have practically zero bandwidth.

Yes, my rant here also applies to Red Hat Linux 9. Underneath the Red Hat Network advertisements, it’s really quite nice because it’s so lightweight. I’m running it right now on a 200MHz box with 128MB of RAM, and while not suitable for daily use, it is usable, and can make a good slave server OS, where it acts as a MySQL slave and mounts Apache’s document root on an NFS share. If I wanted to, I could turn a pathetic 600MHz box into a worthwhile backup web server using RHL9. Shrike is also great because it’s a piece of Linux history - who’s ever going to forget Red Hat Linux, the first commercial Linux distribution? This is important software that is still in production use in a lot of places. Red Hat needs to get a grip and get Fedora Legacy or an acceptable replacement up and running again - or thousands of servers and a very important piece of Linux history will be stuck between a rock and a hard place.