Upload
tom-termini
View
217
Download
0
Embed Size (px)
Citation preview
8/7/2019 BD whitepaper gentoo
http://slidepdf.com/reader/full/bd-whitepaper-gentoo 1/20
www.bluedog.net 1 of 20
BlueDog White Paper
The Case for GentooThe case for a robust enterprise operating system
Secure: install only the operating system components
needed for the system.
High-Performance: kernel builds are optimized for the
CPU and other system hardware. Install only the
components necessary to reduce overhead.
Versatile and Reliable: the Gentoo Linux 2.4 version
kernel has been in wide use since 2003 and is used in
commercial Linux appliances, other federal agencies, and
driving many high-end systems.
Easy-to-Manage: the Portagé implementation of package
management means easy system maintenance that avoids
breaking working systems by checking/trackingdependencies. In the end, this is a flavor of Linux, so any
Unix system administrator should be right at home.
8/7/2019 BD whitepaper gentoo
http://slidepdf.com/reader/full/bd-whitepaper-gentoo 2/20
www.bluedog.net 2 of 20
The Gentoo Flavor of Linux
Gentoo is a distribution of GNU/Linux designed for
enterprise server environments, and is an open source
product. Gentoo is a special flavor of Linux that can be
automatically optimized and customized for just about any
application or need. Gentoo Linux is a source based
distribution, with a powerful package management system.
Extreme performance, configurability and a top-notch
developer and support community are all hallmarks of the
Gentoo experience.
Open Source Software are programs with licenses that giveusers the freedom to run the program for any purpose, to
study and modify the program, and to redistribute copies of
either the original or modified program (without having to
pay royalties to previous developers). There is also a
community of developers around the world who support
these types of applications – not for direct income, but
because they want to. Of course developers make money
off of Open Source Software the same way commercial
vendors do – through support, upgrades, enhancements
and customization.
Why should one consider Open Source an alternative to
closed, commercial systems in the first place? Besides the
obvious up-front cost savings, four factors contribute to
making Open Source just plain better: First, many users
don't just report bugs, as they would do with commercial
software, but actually track them down to their root causes
and fix them.
Second, many developers are reviewing each other's code,
if only because it is important to understand code before it
can be changed or extended. It has long been known that
peer reviewing is the most effective way to find defects.
8/7/2019 BD whitepaper gentoo
http://slidepdf.com/reader/full/bd-whitepaper-gentoo 3/20
www.bluedog.net 3 of 20
Third, the open source model seems to encourage a
meritocracy, in which programmers organize themselves
around a project based on their contributions. The most
effective programmers write the most crucial code, review
the contributions of others, and decide which of thesecontributions make it into the next release.
Fourth, open source projects don't face the same type of
resource and time pressures that commercial projects do.
Open source projects are rarely developed against a fixed
timeline, affording more opportunity for peer review and
extensive beta testing before "release."
8/7/2019 BD whitepaper gentoo
http://slidepdf.com/reader/full/bd-whitepaper-gentoo 4/20
www.bluedog.net 4 of 20
Purpose of This Paper
This white paper compares a commonly-used enterprise
operating system with a commonly-used proprietary one,
Solaris, to show that in certain situations and by certain
measures, Gentoo is at least as good or better than its
proprietary competition. This is not meant as a wide ranging
apology of Open Source -- some Open Source software is
technically poor, just as some proprietary software is
technically poor, and even very good software may not fit
specific needs. Although most people understand the need
to compare proprietary products before using them,
sometime others fail to even consider Open Source
products. This white paper is intended to explain why you
should consider Open Source as an alternative.
8/7/2019 BD whitepaper gentoo
http://slidepdf.com/reader/full/bd-whitepaper-gentoo 5/20
www.bluedog.net 5 of 20
Exhibit 1
Summary: Why Go Gentoo?
Area of
Importance
How
Gentoo Rates
Risks
Mitigated
Performance During the build process, Gentoo is automatically optimizedand customized the architecture, yielding extremeperformance and configurability. On a x86 architectureGentoo has proven to have among the fastest responsetimes in data input/output categories, real-world web andapplication serving situations, and other areas.Gentoo can be configured to utilize a feature of modernIntel-style chips. Intel (and AMD) CPUs support multiplepipelines, which essentially means they can do more thenone thing at a time. If you have two otherwise equivalentPentium-based machines, one running a program that keepsboth of its pipelines completely full, and the other running aprogram which only utilizes one, in theory the former willhave twice the performance of the latter. Combine that with
the fact that some optimizations speed up the program inother non-processor-dependent ways, and one may see thata multiplicative speed increase. In a multi-processorenvironment, the same gains are possible.Speed optimization is not the only a reason to run Gentoo.Because it allows the engineer to very easily customize thefeatures of all packages, you get a system designed for thejob at hand. Also it is very easy to apply custom patchesand still have the package managed by the portage(therefore knowing when there are a new versions orpatches available). Performance is easier to achieve in asystem customized for the task at hand. One of the drivingphilosophies is to know exactly what's installed on thesystem, and have nothing more.
For Java deployment, Gentoo is simply the best Linuxdistro: The major JREs are integrated in to the packagingsystem and the java-config utility allows developers toeasily switch from multiple JREs on the fly.
Leveraging thecost-effectiveDell (Intel)platform withits enterprise-class RAID, dualpower supplies,hot-swapdrives, andinexpensiveXeon multi-processorconfigurationmeans wringingthe mostperformancefrom theplatform.Gentoo beatsSolaris hands-down in thisarea.
Reliability Gentoo’s package library is well-tested. Security packagesare back-ported, keeping all packages in the distribution upto date.
Kernel-isolation means no reboots unless an emergedpackage addresses the Kernel specifically.Portage package management is kept reliable by rsync synchronization for the source tree and ftp and httpsynchronization for the distribution tree.
Whereas Solaris often runs up against hardwareincompatibilities, Gentoo mitigates driver problems with avast selection found in the portage.
Because theportal and webpresence arehigh visibilitysystems,reliability is akey issue. Whileany flavor of
Unix is highlyreliable, Gentoooffers an addedlevel of dependability.Patching everysubsystem (butthe kernel) canhappen with outa reboot.
8/7/2019 BD whitepaper gentoo
http://slidepdf.com/reader/full/bd-whitepaper-gentoo 6/20
www.bluedog.net 6 of 20
Summary: Why Go Gentoo?
Area of Importance
HowGentoo Rates
RisksMitigated
Support Because Gentoo is a distribution of Linux, it conforms to the“Unix-like” model of all the popular operating systems –Solaris, Linus, Irix, and OS X. Administrators comfortable inany of these environments can move freely to the others.
As Open Source, Gentoo Linux is a volunteer-drivendistribution and has a great Gentoo community that tests,helps and documents many aspects of the Gentoodistribution. Gentoo currently has over 200 developers andaccording to the group's statistics, "tens of thousands of users." It is not uncommon to direct support questions tothe Gentoo Forums, Gentoo Mailing lists or Gentoo ChatChannels; they represent a major part of the "common"knowledge about Gentoo Linux. The Gentoo Handbook
[http://www.gentoo.org/doc/en/handbook/index.xml ] is thestarting point for information about software.
Bugs and patches are reported and made available via theGentoo site and via the Portage.
In addition tothe resources of the NGITengineeringgroup, thePortal Team’sengineer, PerryGolden, willmanage theinstallation,configurationandmanagement of
the systems.Once built andcertified byScott Chudy forsecurity, thesystems will bemaintained byperiodic reviewsof the Portage,which can berun by any of the Unixadministrators.
Ease of Maintenanceand Controlof the Build
Portage is the heart of Gentoo Linux, and performs manykey functions. For one, Portage is the software distribution system for Gentoo Linux. Gentoo's portage downloads thesources off a mirror and compiles them for your system,automatically solving dependencies.
To get the latest software for Gentoo Linux, you type onecommand: emerge sync. This command tells Portage toupdate your local "Portage tree" over the Internet. Yourlocal Portage tree contains a complete collection of scriptsthat can be used by Portage to create and install the latestGentoo packages. Currently, we have nearly 7000 packages in our Portage tree, with new ones being added all the time.
Portage is also a package building and installation system.When you want to install a package, you type emerge
packagename, at which point Portage automatically builds acustom version of the package to your exact specifications,optimizing it for your hardware and ensuring that theoptional features in the package that you want are enabled -- and those you don't want aren't.
Portage also keeps your system up-to-date. Typing emerge
-u world -- one command -- will ensure that all thepackages that you want on your system are updated
Emergingpackages formthe Portagemakesmaintenancemuch easierthan Solaris.
Control of thebuild matchesthe needs of theparticularserver to theoperating
systemcomponents.
8/7/2019 BD whitepaper gentoo
http://slidepdf.com/reader/full/bd-whitepaper-gentoo 7/20
www.bluedog.net 7 of 20
Summary: Why Go Gentoo?
Area of Importance
HowGentoo Rates
RisksMitigated
automatically.
Because you only install what you choose, you get a better
security posture and a less bloated system.Gentoo's Portage system enables the building of a customLinux installation from a tree of over 6,000 maintainedpackages. Gentoo’s from-source approach and totalflexibility means that it takes very little effort to deliver thekind of customized system an enterprise environmentrequires.
8/7/2019 BD whitepaper gentoo
http://slidepdf.com/reader/full/bd-whitepaper-gentoo 8/20
www.bluedog.net 8 of 20
Linux vs. Solaris -- A Complex
Issue
The situation with Unix is complex; today’s Unix systems
include many Open Source components or software
primarily derived from Open Source. Comparing a single
proprietary Unix system to Open Source is often not as
clear-cut. We will use the term “Unix-like” to mean systems
intentionally similar to Unix; both Unix and GNU/Linux are
“Unix-like” systems. For example, Apple's MacOS OS X
presents the same kind of complications; older versions of
MacOS were wholly proprietary, but Apple’s OS has been
redesigned so that it’s now based on a Unix system with
substantial contributions from Open Source (BSD, most
notably). Indeed, Apple is now openly encouraging
collaboration with Open Source developers in the form of
Darwin.
Open Source is All Around Us
Some might think that a product is only a winner if it has
significant market share. While such logic is flawed, there is
a seed of rational discourse within the argument that can be
appropriate. Operating systems, for example, with big
market share get applications, trained users, and
momentum that reduces future risk. Some may argue
against Open Source in general or GNU/Linux specifically as
“not being mainstream”, but this view reflects the past, not
the present. There is no shortage of evidence that Open
Source has significant market share, and is in wide use at
many organizations:
• The most popular web server has always been OpenSource since such data have been collected. Forexample, Apache is currently the number one webserver with over twice the market share of its next-
8/7/2019 BD whitepaper gentoo
http://slidepdf.com/reader/full/bd-whitepaper-gentoo 9/20
www.bluedog.net 9 of 20
ranked competitor. Netcraft’s statistics on web servershave consistently shown Apache dominating the publicInternet web server market ever since 1996. Itspredecessor was number one prior to that.
• Sendmail, an Open Source program, is the leading emailserver. A survey between September and October 2001
by D.J. Bernstein of one million random IP addressessuccessfully connected to 958 SMTP (email) servers(such servers are also called mail transport agents, orMTAs). Bernstein found that Unix Sendmail had thelargest market share (42% of all email servers),followed by Windows Microsoft Exchange (18%), Unixqmail (17%), Windows Ipswitch IMail (6%), Unix smap(2%), UNIX Postfix (formerly VMailer, 2%) and UnixExim (1%).
• A survey in the second quarter of 2000 found that 95%of all reverse-lookup domain name servers (DNS) usedbind, an OSS/FS product. The Internet is built from
many mostly-invisible infrastructure components. Thisincludes domain name servers (DNSs), which takehuman-readable machine names (like “yahoo.com”) andtranslate them into numeric addresses. Bill Manning hassurveyed (in April 2000) the in-addr domain and foundthat 95% of all name servers performing this importantInternet infrastructure task are some version of “bind.” This includes all of the DNS root servers, which arecritical for keeping the Internet functioning. Bind is anOSS/FS program.
• Tomcat is the popular open source Servlet enginefrequently used during application development, and is
widely deployed, with market share just behindWebSphere and WebLogic.
• GNU/Linux is the second-most-popular web servingoeprating system on the public Internet (counting byphysical machine), according to a study by Netcraftsurveying March and June 2001. Some of Netcraft’ssurveys have also included data on OSes; two 2001surveys (their June 2001 and September 2001 surveys)found that GNU/Linux is the numerb two OS for webservers when counting physical machines (and has beenconsistently gaining market share since February 1999).As Netcraft themselves point out, the usual Netcraft webserver survey counts web server hostnames rather thanphysical computers, and so it does not measure suchspecifics as the installed hardware base. Companies canrun several thousand web sites on one computer, andmost of the world’s web sites are located at hosting andco-location companies.
• According to a 1999 survey of primarily European andeducational sites, GNU/Linux is the number one serveroperating system on the public Internet (counting by
8/7/2019 BD whitepaper gentoo
http://slidepdf.com/reader/full/bd-whitepaper-gentoo 10/20
www.bluedog.net 10 of 20
domain name), according to a 1999 survey of primarilyEuropean and educational sites. This survey (Zoebelein,April 1999) found that, of the total number of serversdeployed on the Internet in 1999 (running at least ftp,news, or http) in a sample of domain names, the mostused was GNU/Linux at 28.5%. It’s important to note
that this survey used existing databases of servers fromthe .edu and the RIPE databases, so this is not really asurvey of “the whole Internet” (it omits “.com” and“.net”). This is a count by domain name (e.g., the textname you would type into a web browser for a location)instead of by physical computer, so what is beingcounted is different from the Netcraft studies. Also, thisstudy counted servers providing ftp and news services(not just web servers).
Perhaps the simplest argument that GNU/Linux will have a
significant market share is that Sun is modifying its Solaris
product to run GNU/Linux applications, and IBM has already
announced that GNU/Linux will be the successor of IBM’s
own AIX. In fact, Sun has announced plans to move Solaris
into the Open Source model. Sun wants to foster a better
internal software development process, work more closely
with the community and then be able to drive innovation
outside its own organization.
[http://www.eweek.com/article2/0,1759,1647606,00.asp ]
8/7/2019 BD whitepaper gentoo
http://slidepdf.com/reader/full/bd-whitepaper-gentoo 11/20
www.bluedog.net 11 of 20
How does Gentoo measure up?
Gentoo compares favorably to Solaris and other enterpriseoperating systems, such as Red Hat’s enterprise
distribution.
Similarities
Solaris and Gentoo can be thought of as different flavors of
Unix. File system structure, location of binaries, command
line interface, and other elements of each are either
identical or very similar. Unix, in all its variations (including
Linux), is a powerful computing environment,; to maximize
productivity users and administrators should understand the
"Unix way" of getting work done. Once mastered, the “Unix
way” is universal.
A moderately experienced Unix administrator can transfer
knowledge required to work with file and directory
permissions, user and group accounts, backups, device files,and peripherals with little effort.
Performance
Gentoo provides the means to fine tune installation on
specific hardware configurations to wring the highest
performance from the CPU, I/O channel, and other
subsystems. Overall, GNU/Linux offers better performance;
with Gentoo’s customization, we can expect the highest
performance.
In performance tests by Sys Admin magazine, GNU/Linux
beat Solaris (on Intel), Windows 2000, and FreeBSD. The
article “Which OS is Fastest for High-Performance Network
8/7/2019 BD whitepaper gentoo
http://slidepdf.com/reader/full/bd-whitepaper-gentoo 12/20
www.bluedog.net 12 of 20
Applications?” in the July 2001 edition of Sys Admin
magazine examined high-performance architectures and
found that GNU/Linux beat its competition when compared
with Solaris (on Intel), FreeBSD (an OSS/FS system), and
Windows 2000. They intentionally ran the systems “out of the box” (untuned), except for increasing the number of
simultaneous TCP/IP connections (which is necessary for
testing multi-threaded and asynchronous applications).
They used the latest versions of OSes and the exact same
machine. They reported (by OS) the results of two different
performance tests.
Note: FreeBSD developers complained about these tests, notingthat FreeBSD by default emphasizes reliability (not speed) andthat they expected anyone with a significant performance needwould do some tuning first. Thus, Sys Admin’s re-did the tests forFreeBSD after tuning FreeBSD. One change they made wasswitching to “asynchronous” mounting, which makes a systemfaster (though it increases the risk of data loss in a power failure) -- this is the GNU/Linux default and easy to change in FreeBSD, sothis was a very small and reasonable modification. However, theyalso made many other changes, for example, they found andcompiled in 17 FreeBSD kernel patches and used various tuningcommands. The other OSes weren’t given the chance to “tune” likethis, so comparing untuned OSes to a tuned FreeBSD isn’t reallyfair.
Here are the results of two performance tests by Sys Admin
magazine:
• Their “real-world” test measured how quickly largequantities of email could be sent using their emaildelivery server (MailEngine). Up to 100 simultaneoussends there was no difference, but as the numberincreased the systems began showing significantdifferences in their hourly email delivery speed. By 500simultaneous sends GNU/Linux was clearly faster thanall except FreeBSD-tuned, and GNU/Linux remained atthe top. FreeBSD-tuned had similar performance toGNU/Linux when running 1000 or less simultaneous
sends, but FreeBSD-tuned peaked around 1000-1500simultaneous connections with a steady decline notsuffered by GNU/Linux, and FreeBSD-tuned had troublegoing beyond 3000 simultaneous connections. By 1500simultaneous sends, GNU/Linux was sending 1.3 millionemails/hour, while Solaris managed approximately 1million, and Windows 2000 and FreeBSD-untuned werearound 0.9 million.
8/7/2019 BD whitepaper gentoo
http://slidepdf.com/reader/full/bd-whitepaper-gentoo 13/20
www.bluedog.net 13 of 20
• Their “disk I/O test” created, wrote, and read back10,000 identically-sized files in one directory, varyingthe size of the file instances. Here Solaris was theslowest, with FreeBSD-untuned the second-slowest.FreeBSD-tuned, Windows 2000, and GNU/Linux hadsimilar speeds at the smaller file sizes (in some cases
FreeBSD-tuned was faster, e.g., 8k and 16k file size),but when the file sizes got to 64k to 128k the OSesbegan to show significant performance differences;GNU/Linux was the fastest, then Windows 2000, thenFreeBSD. At 128k, FreeBSD was 16% worse thanWindows 2000, and 39% worse than GNU/Linux; allwere faster than FreeBSD-untuned and Solaris. Whentotaling these times across file sizes, the results wereGNU/Linux: 542 seconds, Windows 2000: 613 seconds,FreeBSD-tuned: 630 seconds, FreeBSD-untuned: 2398seconds, and Solaris: 3990 seconds.
Benchmarks comparing Sun Solaris x86 and GNU/Linux
found many similarities, but GNU/Linux had double the
performance in web operations. Tony Bourke’s October
2003 evaluation Sun Versus Linux: The x86 Smack-down
gave a general review comparing Sun Solaris x86 and Red
Hat Linux. [http://www.osnews.com/
printer.php?news_id=4867] He found that “Performance
was overall similar for most of the metrics tested, perhaps
with Linux in a very slight lead. However, with the web
operations test (arguably the most important and relevant),
Linux is a clear winner.” He found that, given the same web
serving programs and configuration, GNU/Linux supported
over 2,000 fetches/second while Solaris x86 supported less
than 1,000 fetches/second.
Reliability
An important reason to choose Gentoo over Solaris is
reliability.
There is quantitative data confirming that mature Linux
distributions are often more reliable than their commercial
counterparts.
8/7/2019 BD whitepaper gentoo
http://slidepdf.com/reader/full/bd-whitepaper-gentoo 14/20
www.bluedog.net 14 of 20
• A University of Wisconsin analysis measured reliabilityby feeding programs random characters anddetermining which ones resisted crashing and freeze-ups. This approach is unlikely to find subtle failures, yetthe study authors found that their approach stillmanages to find many errors in production software and
is a useful tool for finding software flaws. Finally, thisapproach is extremely fair and can broadly applied toany program, making it possible to compare differentprograms fairly.
• They found that Linux had higher reliability by thismeasure. In section 2.3.1 they reported that, "It is alsointeresting to compare results of testing the commercialsystems to the results from testing “freeware” GNU andLinux. The seven commercial systems in the 1995 studyhave an average failure rate of 23%, while Linux has afailure rate of 9% and the GNU utilities have a failurerate of only 6%. It is reasonable to ask why a globally
scattered group of programmers, with no formal testingsupport or software engineering standards can producecode that is more reliable (at least, by our measure)than commercially produced code. Even if you consideronly the utilities that were available from GNU or Linux,the failure rates for these two systems are better thanthe other systems."
• IBM studies have found GNU/Linux to be highly reliable.IBM ran a series of extremely stressful tests for 30 and60 days, and found that the Linux kernel and other coreOS components -- including libraries, device drivers, filesystems, networking, IPC, and memory management --operated consistently and completed all the expecteddurations of runs with zero critical system failures. Linuxsystem performance was not degraded during the longduration of the run, the Linux kernel properly scaled touse hardware resources (CPU, memory, disk) on SMPsystems, the Linux system handled continuous full CPUload (over 99%) and high memory stress well, and theLinux system handled overloaded circumstancescorrectly. IBM declared that these tests demonstratethat “the Linux kernel and other core OS componentsare reliable and stable ... and can provide a robust,enterprise-level environment for customers over longperiods of time.”
• A study by Reasoning (www.reasoning.com) found thatthe Linux kernel’s implementation of the TCP/IP Internetprotocol stack had fewer defects than the equivalentstacks of several proprietary general-purpose operatingsystems. It equaled the best of the embedded operatingsystems.
Reasoning’s study compared six implementations of TCP/IP. Besides the Linux kernel, three of the
8/7/2019 BD whitepaper gentoo
http://slidepdf.com/reader/full/bd-whitepaper-gentoo 15/20
www.bluedog.net 15 of 20
implementations were part of commercial general-purpose operating systems, and two were embedded incommercial telecommunications equipment. The studywas not commissioned by any of the GNU/Linux vendorsor companies who might be competing with GNU/Linux,and thus should be free of bias.
The company used automated tools to look five kinds of defects in code: Memory leaks, null pointerdereferences, bad deallocations, out of bounds arrayaccess and uninitialized variables. Reasoning found 8defects in 81,852 lines of Linux kernel source lines of code (SLOC), resulting in a defect density rate of 0.1defects per KSLOC. In contrast, the three proprietarygeneral-purpose operating systems (two of themversions of Unix) had between 0.6 and 0.7defects/KSLOC; thus the Linux kernel had a smallerdefect rate than all the competing general-purposeoperating systems examined.
A quick survey of the Solaris x86 packages finds a host of
niggling problems. By way of example, here are some
common ones: ACPI interface problems on Solaris are
solved by disabling the feature, versus working configs in
the Gentoo distro. Solaris places fixed limits on different
areas of the disk, meaning you have to guess the space
allocation by directory you think you will need. Solaris
duting installation does not require a default route out of
the segment so DNS does not work if you don't have a DNS
server in your LAN. The installer expects to find an A-record
matching the hostname and domain you entered into the
DNS configuration. If it can't query the DNS server or it gets
NXDOMAIN, an error is thrown and you can't configure DNS
while installing. Installing to pre-formatted partition can
throw an exception; the bug is known but has gone unfixed.
The solution to many hardware problems is to discard the
offending hardware. Overall, Solaris seems to have seriousdeficiencies: little hardware driver support; limited or no
USB, video card or PCMCIA support; slow boot times; slow
performance.
8/7/2019 BD whitepaper gentoo
http://slidepdf.com/reader/full/bd-whitepaper-gentoo 16/20
www.bluedog.net 16 of 20
Support
Unix administrators can support the platform. The
differences in the command sets between the flavors of Unix
are minimal and easily adjusted for by consulting the MAN
pages or a quick Google search. Innovative thinking in the
FOSS community even engenders commercial endeavors
such as Starnet’s Linux support [http://www.starnet.com/
linux_support/], where you can get Gentoo support for free.
Patches are handled typically via the Portage system.
Developers can also deploy their applications by employing
their own secure portage server, pushing binaries to
subscribing (and authenticated) servers over SSH.
Vulnerabilities, bug tracking, and upgrades are managed at
the Gentoo web site.
Gentoo's package management system is so robust and
powerful that there is currently an effort to port it to Solaris
( http://forums.gentoo.org/viewtopic.php?t=113387 ,
http://supportforum.sun.com/sunos/index.php?t=msg&goto
=1716&rid=0#msg_1716 ). The converse is not true.
The Portage package management system maintains the
latest stable secure code for the operating system and
allows for easy distribution with the issue of a few simple
commands. Solaris does not offer any such system.
Gentoo's "from source" system philosophy allows for code
to be compiled to take advantage of an architectures every
feature. In doing so binaries can be built to run optimally
for Xeon only processors whereas the binaries and kernelfor Solaris must maintain x86 backward compatibility
making them larger and slower.
The portage system mitigates much system management,
including addressing security vulnerabilities. As an example,
the month of September has seen two critical buffer
8/7/2019 BD whitepaper gentoo
http://slidepdf.com/reader/full/bd-whitepaper-gentoo 17/20
www.bluedog.net 17 of 20
overflow vulnerabilities in Solaris Apache, whereas Gentoo's
"standards based" distribution of Apache saw one low rated
and one normal rated, both of which are mitigated simply
by running the current version in the portage repository.
Gentoo’s Handbook offers the most comprehensive
documentation on this distribution.
Gentoo will be providing periodic stable forks of the Portage
tree on a regular basis; a new quarterly release structure
unifies the releases. There is a snapshot of the Portage tree
every three months with the packages in it being very
stable. Gentoo's developers offer guaranteed support for
those packages including elements like security fixes for the
lifetime of that version.
Commercial Support Provider Contact Information
Direct System Support Inc.http://www.directsystemssupport.com/
Corporate Office9020 Kenamar Dr. Suite 201San Diego, CA 92121-2431P(858)[email protected]
IBM PartnerInterland Inc.http://www.interland.com
Interland, Inc.P.O. Box 406980Atlanta, GA 30384-69801.877.504.0091
IBM PartnerIneo Concepts Inc.http://store.ineoconcepts.com/ 923 Pheonix Ave. Ste 1
Peekskill, NY 10566Phone: (914) 737.4032
Cornerstone Systems Inc.http://www.csihome.com
Services, Security & Applications27200 Tourney Road, Suite 315Valencia, California 91355661-799-3200
IBM ParnerComputer Applications Specialists, Inc.http://www.comappspec.com
6201 Chevy Chase DriveLaurel, MD 20707301.776.3400
IBM Partner
8/7/2019 BD whitepaper gentoo
http://slidepdf.com/reader/full/bd-whitepaper-gentoo 18/20
www.bluedog.net 18 of 20
Alabanza Corp.http://www.alabanza.com 10 East Baltimore Street
Suite 1500Baltimore, MD 21202(410) 779-1400
IBM Partner
8/7/2019 BD whitepaper gentoo
http://slidepdf.com/reader/full/bd-whitepaper-gentoo 19/20
www.bluedog.net 19 of 20
Who Uses Gentoo?
Like many distributions of Linux, Gentoo is in wide use –
from individual developers to Federal government agencies,
cross-national corporations, and non-government
organizations. Here’s a sampling with brief descriptions.
Organization In What Environment?
National SecurityAgency
Gentoo Linux was chosen as the platform for this workbecause its growing success and open developmentenvironment provided an opportunity to demonstrate that the
"Secure Enhanced" promoted by NSA and DoD functionalitycan be successful in a mainstream operating system and, atthe same time, contribute to the security of a widely usedsystem. Additionally, the integration of these security researchresults into Gentoo may encourage wide-spread adoption maylead to additional improvement in system security.
U.S. Dept. of Homeland Security(formerly Healthand HumanServices)
Operating system for portal to provide emergency responsepersonnel in 120+ cities with (sometimes classified)information on fire, police, EMT and other emergencyresponse plans related to anti-terror activities. High levels of security required for sub-topic areas pertaining to National
Pharmaceutical Stockpile and other important national quick-response assets.
World Bank –General ServicesDivision
Intranet portal servers that provide access to SAP R/3deployment, department-specific work flow applications (printand multimedia job production tracking, digital assetmanagement, knowledge base).
U.S. Dept. of Defense
Installations at the Naval Research Lab - The Navy's corporatelaboratory. NRL conducts a broadly-based multidisciplinaryprogram of scientific research and advanced technologicaldevelopment directed toward maritime applications of newand improved materials, techniques, equipment, system, andother technologies.Related : A report commissioned by the U.S. military concludesthat open source and free software should play a greater partin the infrastructure of the world's remaining superpower.Mitre Corporation's 152-page study addresses the extent of FOSS-licensed (Free and Open Source Software) software usein various branches: "…It's all over the place already, concludethe authors, and there should be more of it . . ."
U.S. Department of Portal applications and web services run on Gentoo
8/7/2019 BD whitepaper gentoo
http://slidepdf.com/reader/full/bd-whitepaper-gentoo 20/20
www bluedog net 20 of 20
Organization In What Environment?
Justice appliances. Provides services to 1,200 internal users and 10sof thousands of external (general public) users.
Banca Populari diVicenze (Italy) Web-based banking solution running Gentoo for web andapplication tiers. High-availability, high-throughout andlocked-down systems were the main drivers in choosingGentoo Linux.
Other CommercialInstallations
Tek Alchemy chose this distro because by itself Gentoo Linuxis one of the most advanced GNU/Linux distributions available.The Portage software management system delivers a greatdeal of power and convenience for administrators who need tokeep software up-to-date for security reasons. A simple cronjob can download and install updates for the base distributionplus whatever else you have installed. In many ways Gentoois a lot like other flavors of Unix; the installation,configuration, and maintenance are very similar in practice.
Seven L Networks uses Gentoo Linux on almost all of its backroom production servers as well as most of the hosting anddedicated servers that it rents out. It runs its mail servicesand its own company Web site, and stores all of its databackups on Gentoo-based computers.