I've heard rumors of this for quite some time now; but it's good to see something finally coming to light. IBM still hasn't adopted the idea of 'release early, release often'; but at least they're putting *some* stuff out there. ----------------- LINUX IS COMING! By Mel Beckman, NEWS/400 Senior Tech Editor Linux is coming! Linux is coming! The budget operating system sweeping bookstores and the Internet is finally arriving on the AS/400. Does it matter? Is it important? Who cares? It's FREE, FREE, FREE! Now that we've gotten some politically correct Linux cheerleading out of the way, how about some straight talk about cheap software? Just what the heck is Linux, and why is it coming to the AS/400? Who invited it, anyway? Does it run RPG? AS/400 users want to know, and I'm here to tell you. Linux, the open source version of Unix, will be running on AS/400s within a year -- with IBM's blessing (and assistance). Hyperbole aside, Linux promises important new capabilities for AS/400 users: new applications, faster e-commerce delivery, and a new mission for AS/400-iSeries hardware. To understand how Linux plays in the AS/400 space, you need to know about Linux's unique position in operating system history and the details of IBM's Linux implementation. You'll then be better able to decide whether the "L" word should be in your AS/400's vocabulary. Linux: What It Is In case you've been sleeping under your car for 10 years -- or have no teenage children -- Linux is the freeware variant of Unix developed by Linus Torvalds in 1992 to run on cheap Intel hardware. With Linux, Torvalds launched the open source software movement. Linux source code is freely available to anyone, and anyone can contribute to the Linux project by writing new code and making it available to the public. Because it's free, Linux became the darling of budget-minded network programmers who were, at about the same time, helping to build the underpinnings of the modern Internet. Linux's open source code let these programmers quickly adapt the operating system to a rapidly changing Internet, providing a cheap substrate for developing new applications. Just add labor, and you could do anything. But it wasn't until the last two years that Linux broke out of its nerdy shell to become a respectable OS in enterprise networks. Linux versions appeared for virtually every hardware platform, including mainframes and the IBM PowerPC. The advent of commercial distributions of Linux -- Linux prepackaged at low cost with some minimal support and documentation -- let non-techies install and operate the renegade OS. Eventually, major hardware vendors such as Sun and SGI began shipping Linux preinstalled on their computers. Combined with the also-free open source Apache Web server, a server running Linux is both faster and more reliable than a Windows-based equivalent. Linux on the AS/400 Rochester recently publicized its plans for Linux support, promising it in the next version of OS/400 (tentatively named V5R1). IBM believes the AS/400's robust hardware and fast copper-based processors make it an attractive and competitive platform for hosting Linux, although even IBM admits that the offering targets existing AS/400 customers rather than the general Linux marketplace. IBM won't distribute Linux itself but instead is putting hooks into OS/400 to support Linux cohabitation. IBM will then give the Linux source code for those hooks to major Linux distributors, such as RedHat and SuSE. Once you have V5R1, you'll have to buy an AS/400 Linux distribution and install it yourself. Although no distributor has yet set pricing, all say they expect to follow their existing pricing, typically well under $100 plus per-hour charges for technical support. Only the most recent multiprocessor AS/400 models, the n-way iSeries line, will be able to run Linux. That's because IBM's first incarnation of AS/400 Linux requires a dedicated processor in addition to a primary processor running OS/400. Linux runs under OS/400 logical partitioning (LPAR) as a completely independent operating system. IBM says this setup is an artifact of the Linux kernel, which requires complete control of the processor on which it's running. IBM hopes to overcome this requirement in a future release, letting you allocate part of one processor, or multiple processors, to one or more Linux instances running on the same box. For now, you'll be able to run as many Linux instances as you have additional processors. Each Linux system communicates with the controlling OS/400 processor through a new internal LAN that IBM calls Virtual Ethernet. VE runs at the processor bus speed, roughly equivalent to gigabit Ethernet, but isn't limited to that speed in future incarnations. A Linux instance gets access to AS/400 hardware resources such as memory, virtual disks, CD-ROM, network cards, and communication ports via VE communications with the OS/400 partition. OS/400 oversees secure allocation of these resources, ensuring that nothing done in one partition can adversely affect any other partition (including, of course, the OS/400 partition). Is it Safe? Linux's performance and reliability are two attractive upsides to the operating system. However, Linux is still Unix, inheriting all of the limitations of the abbreviated Unix security architecture. Unix's three-level security model -- with permissions for an object owner, a single group of users, and the general public -- lacks fine-grained access controls equivalent to OS/400's capability-based resource security. Moreover, Unix has a reputation for Internet security problems, as evidenced by the hundreds of security bulletins warning of the operating system's exploitable flaws. Many of these vulnerabilities -- more then 100 reported to Computer Emergency Response Team (CERT) this year alone -- afflict Linux as well. Here Linux's open source nature works against it, as hackers are free to study Linux source code for hidden flaws. Security questions naturally arise when you start talking about sliding Linux under the heretofore sacrosanct skin of an AS/400. Does OS/400 lose any of its protection when hosting Linux? Does Linux gain any of OS/400's security advantages when embedded in an AS/400? IBM's answer to both questions is "no." The interface between OS/400 and Linux is firmly under the control of OS/400. For example, when Linux accesses virtual disk storage, it's accessing a fully secured OS/400 object, which limits Linux to only the data it owns. Because IBM is running off-the-shelf Linux, however, the Linux partition itself is as vulnerable to penetration as any other Linux-based server if you don't take appropriate steps to lock down the system. Usually this means running behind a firewall or severely limiting Linux to only those TCP/IP services necessary to do its job. Why Linux on the AS/400? So why would you want to run Linux on your AS/400 rather than an external box? That's easy: total world domination. Linux running inside an AS/400 is easier to administer than multiple boxes, and the VE interconnect gives you very fast access to AS/400-resident databases and applications. You can run any of a world of Linux applications -- including many advanced e-commerce packages -- without having to deploy separate boxes and manage the networking between them. Linux-under-OS/400 also gives IBM a way out of its firewall dilemma, caused by the timely death of IBM's creaky OS/2-based Firewall for AS/400. Several state-of-the-art firewalls, Web caches, and load balancers run under Linux, letting the AS/400 operate with a modern Internet security architecture as a single turnkey system. Down the road, expect IBM to refine the Linux hosting facility, letting you run dozens -- or even hundreds -- of Linux instances on a single machine. As IBM eliminates the need to run one processor per Linux server, OS/400's Work Management component will come into its own as a cross-platform resource management tool. If you don't currently own an AS/400, will you buy one just to host Linux? Not yet. However, the AS/400's legendary reliability can only help Linux's reputation in the corporate world. It's possible -- once IBM refines the ability to run multiple Linux instances -- that AS/400 hardware may well take on a new mission as a deluxe Linux server. Carl Soderstrom -- Network Engineer Real-Time Enterprises (952) 943-8700