Why should I use Fedora?

Because Fedora is the best collection of stable and innovative software available in the open source world.

Excellence: Choice

Fedora Core is built to provide choice. It includes the latest versions of many software packages, including both GNOME and KDE desktop environments. Fedora Extras, a repository built entirely by volunteers, provides thousands more packages, and is enabled for use by default.

Excellence: Security

Fedora is the thought and action leader in many cutting-edge Linux security initiatives. The following security features were developed by Fedora engineers. Because all of these security features have been pushed upstream, they are available to all Linux distributions who choose to take advantage of them.

• Exec-Shield -- Exec-Shield attempts to flag data memory as non-executable and program memory as non-writeable. It also randomizes the addresses here the parts of the running program are located. This blocks most buffer overflows because system crackers cannot predict where pieces of the executable will be in memory. Exec-Shield is for x86 systems.
• Position Independent Executables (PIE) -- Just as Exec-Shield allows for data memory to be moved to random locations, PIE allows a programmer to make the executable load at a different memory address each time it starts. Attackers cannot predict where the application will start, making it very hard or impossible to exploit.
• ELF (Executable and Linkable Format) Data Hardening -- These are changes to the file components that protect the structure of the file itself.
• SELinux -- SELinux was developed in partnership with the NSA and developers from projects such as Gentoo and Debian. Security Enhanced Linux protects users and processes by watching all actions on the system, from opening a file to using a socket. Users may write their own SELinux security policies according to their risk tolerance. By default, Fedora runs a targeted security policy that protects network daemons that have a higher chance of being attacked. If compromised, these programs are extremely limited in the damage they can do, even if the root account is cracked.

For example, Apache is protected in four different ways. The executable for Apache, httpd, is protected at compile time by PIE and Exec-Shield. The executable binary file on the system is protected by ELF hardening. Finally, SELinux policies are in place so that if httpd is cracked, it can only append to the Apache logs and mangle content in specific directories; it cannot roam around home directories or otherwise interact with the rest of the system.

Excellence: Easy and safe software management with RPM and yum

The yum utility requires no configuration, and you may add or remove software from Core or Extras as soon as the Fedora installation is complete. You may add a new package source by copying a simple text file into a directory, or by installing an RPM that does it for you.

Package operations safely abort if dependencies cannot be met. By default, yum requires all packages to pass a digital signature test before they may install to your system.

The yum utility is developed by system administrators for use on large production networks. Advanced administrative tasks are made easy. For example, you may manage software on disk images with the installroot feature, and recent versions provide an interactive shell to enable you to quickly carry out batches of commands.

You may create your own plug-ins for yum to add new features. Both plug-ins and the application itself are written in Python, making it simple to extend and integrate yum with other software. RPM supports Perl and Python scripting, as well as providing a library for C applications.

Excellence: Simple and flexible installation with Anaconda

Anaconda provides a well-designed installer with both a graphical and text based interface with safe defaults, to enable users to install a new system with minimal difficulty. The interface provides advanced customization options to more precisely control package selection, configure complex storage arrangements with LVM and RAID, and attach the system to network management services such as LDAP and Kerberos.

Anaconda supports installation from disc images, portable hard drives and network file shares. Any standard FTP, HTTP, or NFS server may act as an installation source. You may boot Anaconda from a pen drive or TFTP network boot service and perform an installation with no discs or CD drive at all, which is ideal for laptops and network terminals.

Fedora installation may be partially or fully automated with kickstart files. Fedora includes a utility for generating and editing kickstart files. As plain-text files, kickstart files may also be created and modified by a simple text editor. The system-config-netboot utility enables administrators to configure a network boot service that combines with kickstart files and a file server to provide completely automated network installations.

Excellence: Deep Analysis with Systemtap and Frysk

SystemTap and frysk, developed and sponsored by Red Hat in partnership with others such as IBM and Intel, provide a comprehensive framework to benchmark, analyse, and improve system performance. With SystemTap, developers and sysadmins can take a deep look into a running kernel. With frysk, developers and sysadmins can directly manipulate executables as they run.

Excellence: The Free Java Platform

Java is now possibly the most popular programming language in the world. Fedora provides a completely open source platform for developing and running Java applications. The combination of GCJ and the GNU Classpath libraries provide much of the functionality of Java 1.4.2 without a proprietary runtime. The Free Java platform is actively being developed to complete the missing functionality and finalize a Web browser plugin.

Supplied Java software includes the Eclipse development environment, the Tomcat applications server, the Struts Web application framework, and the Jakarta Commons libraries. Fedora Core also includes the Java-GNOME bindings, which enable Java developers to write GNOME and GTK+ desktop applications in pure Java. Fedora Java packages follow the JPackage standards, which enable the supplied applications to work alongside the dozens of Java packages provided by jpackage.org.

Excellence: Fedora Directory Server

The Fedora Directory Server is a robust, scalable, open source server designed to manage large directories of users and resources. It is based on an open systems server protocol called the Lightweight Directory Access Protocol (LDAP). The Fedora Directory Server was acquiredoriginally from Netscape and open sourced by Red Hat. It also forms the basis of the Red Hat Directory Server and is capable of serving the needs of any enterprise.

Excellence: Global File System (GFS)

GFS is a POSIX compatible cluster filesystem. Originally developed by Sistina, GFS was acquired and open sourced by Red Hat. It is now integrated and available as part of Fedora.

Excellence: Xen

Xen is a high performance and secure open source virtualization framework. Virtualization allows one to run many guest virtual machines on top of a host operating system such as Fedora. Using one computer, the user can mimic several individual computers and even run different operating systems in each of these virtual machines. Virtualization has been around for some time in products such as VMWare and VirtualPC; however, it has historically been resource intensive, with guest operating systems running at a significant performance hit. Xen uses a different approach; by being both a true hypervisor and a platform, Xen takes virtualization to a new level of performance and security.

• By using modified kernels, Xen can take advantage of certain capabilities that allow users to have all the benefits of virtualization, without incurring the huge performance penalty often associated with virtualization. Users can run guest operating systems at near native speeds with Xen.
• The security of the user environment can be enhanced by running different services in complete isolation, without resorting to the purchase of additional costly hardware. If servers are used to run a web server and an e-mail server together, these two services can now be isolated and run as though they were running on completely separate machines.
• Xen users can run multiple operating systems, all from one machine. An instance of Fedora can run in conjunction with more instances of Fedora, or with other operating systems such as FreeBSD or NetBSD, all simutaneously.