David L. Willson
DLWillson at TheGeek.NU
Wed Nov 21 18:47:13 UTC 2007
I'll bet Soren is rather more in touch with the corporate direction for
Ubuntu Server than either of us. Let's speak only on our own part.
Here's my opinion: I'll be sad to see "Ubuntu Server" become jeOS. I
liked the fact that Ubuntu had both poles, the best (most featureful)
Linux Desktop, and the best (smallest group of core components) Linux
Server. Now, jeOS will be the best Linux Server by my definition, and
Ubuntu Server will really be Ubuntu Server for Beginners.
Questions about this avahi dependency thing:
Is the main problem the added risk from the unneeded service or
Why is the small business owner putting his Ubuntu SBS in the cloud,
instead of running it behind a firewall? Or, is the Ubuntu server the
firewall? In either case, how is avahi available to users outside the
company? Or is this not a security thing?
Last I checked, small biz owners don't give a fuzzy futz about security,
they care about ease of use. That's avahi, and any number of similar
things in Windows.
Documentation. Small biz owners don't give a fuzzy futz about
documentation, either. They're not going to read it, they're going to
hire someone to read it, or they're going to click madly around until it
works or breaks entirely. They almost never read the documentation,
unless it's two sentences at the top of a dialog box, and only then if
it's really needed to differentiate between the buttons on the dialog.
GUI. Run the Desktop, then, and drop the things you don't want, and add
the things you want. Or wait until next version when, as I understand
it, Ubuntu Server will have a GUI. One more thing, you're not out of
luck when the server's GUI hammers, you're out of luck when the ssh
daemon hammers, because until then you can (and arguably should) do your
GUI stuph with "ssh -X" from an administrative desktop. I do exactly
this in small businesses and it works great. In medium-sized
businesses, I run "real" Linux servers, no monitor, no keyboard, no
mouse, and gdm is disabled.
My main point? There is no default, secure server. You have a secure
server that you customized, or you have a default server that has
services you don't really need. There is no other way as far as I know.
On Wed, 2007-11-21 at 11:43 -0600, Loye Young wrote:
> > I really don't understand why you want to install desktop
> > on your server and refuse to disable avahi?
> [Loye banging head against desk]
> I don't know what more I can say that will enable you to see the world
> through the eyes of small business owners, who are my customers for
> server products.
> I personally know how to set up a minimalistic, command-line, server
> environment. I also know how to roll my own desktop that doesn't drag
> in avahi, so I never have to disable it. (BTW, your simplistic
> solution to "disable" avahi doesn't work over the long haul. Yes, it
> stops it from starting on the next reboot. But experience has taught
> me that it doesn't stay disabled over any reasonable number of
> software updates. The real solution is never to install it in the
> first place.)
> The small businesses who are the best candidates for Ubuntu SE find a
> desktop environment on a server to be irresistible, even required. The
> learning curve to administer a server is too steep without a GUI to
> assist the admin. Besides, why should the customer be put to the
> choice between (a) an insecure, unstable, but intuitive server OS (MS
> Server) and (b) a secure, stable, but inscrutable server OS (Ubuntu
> SE)? There is no reason NOT to give the administrator the security,
> stability, and standards-compliance of Linux with an intuitive,
> documented GUI in the spirit of Ubuntu.
> > MO instead of using gtk apps to setup a server, ebox
> > (http://ebox-platform.com/index ) would be a better alternative.
> Again, you are looking at the world through the eyes of one who
> already knows.
> eBox is great if you already know how to set up a webserver using the
> command line and a text editor. But if the webserver itself gets
> messed up (e.g., the admin forgot to put "/Directory" at the end of
> the site configuration block and apache won't start), the admin is
> Instead, we need a desktop GUI to administer Apache, too. There is a
> project to port YaST to Ubuntu (https://wiki.ubuntu.com/YaST), which
> is a step in the right direction. See also
> http://content.techrepublic.com.com/2346-22_11-93051.html. I'd prefer
> a gtk tool in order to minimize the number of dependencies, but the
> concept is the right one.
> Loye Young
> ubuntu-server mailing list
> ubuntu-server at lists.ubuntu.com
> More info: https://wiki.ubuntu.com/ServerTeam
More information about the ubuntu-server