July 30, 2004

Can GNU ever be Unix?

Author: Jem Matzan

When AT&T balkanized its Unix holdings in 1993, two different companies ended up walking away with pieces of the original Unix. Novell originally bought it all, then decided to keep the Unix source code and sell the Unix trademark -- the name, in other words -- and the Single Unix Specification standards to the X/Open Company. The Open Group, as it is now called, has since learned to use these assets profitably by offering qualification testing and certification for operating systems. If your OS meets certain requirements, passes the qualification tests, and you pay the fees, you get to call it Unix. Should GNU/Linux get certified?

The purpose of the Single Unix Specification, version 3, also known as Unix 03, is to ensure that an operating system behaves, operates, and communicates in a standard fashion so that it can be trusted in critical environments. In order to reach that goal, the operating system has to have certain predefined parts and achieve a reliable and predictable level of functionality.

So what's involved with the Unix standard certification? Basically you download some test programs and the The Open Group audits the results to ensure that they meet a collection of guidelines on designing a portable, interoperable, networked operating system.

Currently there are no products certified to the latest version of the standard, which was released in January 2002, in the list provided by The Open Group, and the company doesn't comment on products currently undergoing certification. You'll find IBM AIX 5L; Sun Solaris 8, 9, and Express; and Compaq Tru64 5.1A in the Unix 98 list, which was the previous standard.

Notice something missing? That's right, there are no SCO products that have passed the Unix 03 or Unix 98 standards. To find UnixWare you have to go back to the Unix 95 standard, where you'll find a handful of other Unixes, including SGI's IRIX and HP's HP-UX. To find SCO OpenServer you have to go all the way back to Unix 93, a standard ten years out of date.

You also won't find GNU or BSD in the list anywhere, even though at a glance the BSDs appear to qualify and most GNU/Linux distributions could be easily modified to become compliant. So what's keeping them from being certified?

In researching this article I met with hurdles that almost made me give up on writing it. For instance, the first step in Unix certification is agreeing to a 54-page license agreement that makes a company accountable for its operating system. Generally, a license, whether free or proprietary, exempts the manufacturer and/or distributor from liability claims by end users. Operating systems that qualify for and use the Unix brand name are held liable by The Open Group to continue conformance to the specified standards through upgrades, bug fixes, patches, and other modifications. If a certified product is found to be non-compliant, the manufacturer or distributor has to bring it back into compliance within a certain timeframe.

What SCO doesn't want you to know

Since you don't need any of the original AT&T Unix source code to certify your operating system and use the Unix trademark, you do not have to license anything from the SCO Group to call your operating system Unix. As a matter of fact, SCO has to pay The Open Group to use the Unix and UnixWare trademarks, and The Open Group is not very happy with SCO's obnoxious and unprofessional public behavior.

SCO only has the right to license the Unix source code that they have control over; basically what they bought from Novell, which was sold to them first by AT&T. SCO does not control the patents to the Unix source -- those also remain with Novell -- and whether or not SCO controls the copyright to the code is currently a matter of debate; SCO says it controls the copyright and Novell claims that it still retains those rights. Either way, the SCO Group actually controls very little so-called "intellectual property" with regard to the Unix operating system.

Another interesting SCO-related point is the company's claim that Linux contains code similar to bits found in SVR4 Unix. GNU/Linux and the BSDs strive for standards compliance on many levels, and that means following the prescribed Open Group, ISO, and IEEE standards as much as possible. SCO has shown little proof of copyright infringement thus far, but has claimed that some Linux files, such as ctype.h and errno.h, are "copied" from its proprietary code. In reality, the similarity is likely due to the fact that in both SVR4 and Linux these files were designed according to published standards. SCO does not own the standard or the material in the standard; it is either trying to intentionally mislead people to give the appearance of credibility, or was not thorough enough in its research on the matter.

Aside from the required responsibility of the vendor, a potential customer thinking of using a trademarked Unix operating system also has the advantage of having a standard set of APIs and a standard interface throughout all Unixes. So from a buyer's perspective, the Unix brand has a lot of value for mission-critical environments.

Standards and requirements

The first Unix standard that The Open Group used was Unix 93, but that was more or less an inheritance from AT&T and only applied to OSes that predated the Single Unix Specification. The first Unix standard to to be developed by The Open Group was Unix 95, followed by Unix 98 and now Unix 03. These standards are often also referred to as versions 1, 2, and 3, respectively.

Interestingly enough, as of the Unix95 standard, an operating system does not have to use or license any of the original AT&T Unix source code in order to be certified as a trademarked Unix. IBM's OS/390 V2R4, for instance, is Unix 95-certified, yet it contains none of the Unix System V Release 4 code. This means that the BSDs and GNU operating systems (Linux and HURD), being free of source code from the original AT&T Unix and in spite of the fact that GNU's Not Unix, could become certified Unix operating systems. So could Microsoft Windows, theoretically, although it would take much more work and effort to make Windows conformant to Unix 03 standards.

How much work would it take to get one of the GNU or BSD variants up to standard? There are pages of specific requirements to read over in order to find out, but here are the basic requirements that an OS must meet to be compliant, with links to in-depth descriptions of what they really mean:

Think your OS is up to snuff? First run down the checklist, then try running it through The Open Group's list of standard test suites to determine compliance.

The fees

Let's assume that some GNU/Linux distribution was able to meet all of the Single Unix Specification standards and pass all of the tests. The lawyer for the distro developers has read through the license and explained it his clients, who have filled out all of the forms and are ready to go. How much does certification cost?

The exact cost depends on how many units the developer deploys per year; with all costs added up, the range is between roughly $45,000 and more than half a million dollars when the process is finished. There are enough factors involved with the process that it's impossible to guess what it would cost for any specific operating system or distribution. Some of the costs are one-time-only, while some are annual or periodic. The Open Group maintains a complete fee schedule online.

Unix and the Linux Standards Base

When I asked Novell why SUSE Linux isn't certified for the Single Unix Specification, a spokesman replied in such a way as to show that the company had no idea what I was talking about. I repeatedly tried to contact Red Hat, IBM and the Open Source Development Labs (OSDL), but no one at any of those organizations returned a call or replied to an email.

It seems that The Open Group has some work to do when it comes to brand awareness.

Novell told me that The Linux Standards Base was good enough for the products it is selling (namely SUSE Linux). That got me wondering what the difference is between the LSB and Unix certifications. I asked The Open Group, which responded:

The Single Unix Specification specifies application programming interfaces (APIs) at the source level, and is about application source code portability. Its neither a code implementation nor an operating system, but a stable definition of a programming interface that those systems supporting the specification guarantee to provide to the application programmer. Efforts such as the Linux Standard Base, and similarly the iBCS2 for x86 implementations of System V, are about binary portability and define a specific binary implementation of an interface to operating system services.

The LSB draws on the Single Unix Specification for many of its interfaces although does not formally defer to it, preferring to document any differences where they exist, such as where certain aspects of Linux cannot currently conform to the industry standards, one particular example being the area of threads. Some interfaces are not included in the LSB, since they are outside the remit of a binary runtime environment; typically these are development interfaces or user-level tools. Likewise there are many areas in the LSB that are outside the scope of the Single Unix Specification (for example system administration interfaces).

The Open Group representative then pointed me to two white papers on the subject here and here.

Would GNU/Linux gain from being Unix?

It's possible for a GNU/Linux or BSD implementation to become a real Unix. Would it be worth the time, effort, and money to get certified? The certification process takes only about a week, assuming the product in question meets the standards already. Since GNU/Linux already meets most of the qualifications as written in the POSIX and LSB standards, it probably wouldn't take much effort or money to bring it into Unix compliance. A corporation like IBM or Novell wouldn't have a problem paying the requisite fees -- in fact IBM's already paid for the certification for two of its products.

When an organization certifies an OS, it often certifies it for a certain hardware platform on which it is sold, although software-only vendors can still get the certification. More than likely, GNU/Linux and BSD would be certified on x86 systems. For a hardware vendor like Sun or IBM, it would make sense to offer a Unix-certified version of GNU/Linux because they're selling the hardware with the software, thus providing a complete certified solution for customers. This is what they've done in the past with Solaris and AIX, respectively. However, those OSes are primarily for proprietary hardware (POWER- and SPARC-based systems), although Solaris will work on and is certified for x86 machines. The enormous advantage of a GNU/Linux or BSD solution would be their superior hardware support, which would allow customers a much more diverse selection of considerably lower-cost products. When Sun and IBM proprietary hardware sells anywhere from $4,000 to $20,000 dollars, a similarly powerful alternative x86 solution could cost less than $1,000.

According to The Open Group, thus far nearly $60 billion in procurements have required Unix-conformant or certified products. I was unable to find any data suggesting that this trend will continue, but even selling just upgrades and migrations to the current installed base is a market in itself. There is certainly money to be made by certifying a free software operating system. The question is, who is going to get there first?

Jem Matzan is the author of three books, a freelance journalist, and the editor-in-chief of The Jem Report.

Click Here!