Huawei Unveils OpenEuler, CentOS-Based Linux Distribution

New submitter profi shares a report from Computing: Huawei has released the source code of openEuler, its distribution of Linux based on CentOS. The operating system was formally launched by Huawei in September 2019 in response to U.S. sanctions, which had briefly affected the company's access to Windows and Android operating systems. The source code has now been published on Gitee, the Chinese version of Github.

OpenEuler comprises two organizations on Gitee, one for source code and one for package sources. The openEuler organization was keen to highlight two particular packages, iSulad and A-Tune, among the openEuler source code. "iSulad is a lightweight gRPC service-based container runtime. Compared to runc, iSulad is written in C, but all interfaces are compatible with OCI. A-Tune is a system software to auto-optimize the system adaptively to multiple scenarios with embedded AI-engine." The announcement continues: "You will also see several infrastructure-supported projects that set up the community's operating systems... these systems are built on the Huawei Cloud through script automation."

Among the package sources, covered by the src-openeuler organization on Gitee, are around 1,000 packages with versions in both ARM64 and X86 architecture packages. Huawei claims its developers have made a number of enhancements to ARM64 openEuler code to improve multi-core efficiency. It is also working on a "green computing" ecosystem with Linaro and the Green Industry Alliance. At the moment, the organization claims, there are more than 50 contributors and just under 600 commits. The openEuler community has around 20 SIGs or project groups.

So, where's the backdoor?

[nagora]

Where's the little bit of binary blob (probably firmware or a network driver) that allows the Fascist Party of China monitor all your work and comms?

Is there a prize for finding it? Is the prize as big as the one for finding the CIA's?

Re:

[nagora]

Yeah, yeah, gotta scream "Beelzebub! Look!" real loud, if you're known as the world's Satan number one. (China: Close runner-up. Great Britain and Israel: Tie for third. Honorable mention but no cigar due to being pathetic: North Korea and Russia.)

At least you're helping out, by being in denial about you ruining your country.

Sincerely,

literally everyone in every other country on the planet.

It seems that you don't even know what country I'm from.

But then your post doesn't actually constitute a defense of China anyway - just a "two wrongs make a right" piece of fascist apologetics.

Re:

[gweihir]

Ah, just saw your .Sig. No wonder you have no insights, you are actually announcing your cluelessness right there.

Re:

[nagora]

Ah, just saw your .Sig. No wonder you have no insights, you are actually announcing your cluelessness right there.

Wow. Iron-clad defense of the Chinese government there. I'm completely convinced.

Re:

[h33t l4x0r]

I made a bet with myself that FP would be a racist rant. God bless you, bro.

Re:

[crobarcro]

Could you explain exactly what is racist about the post? I don't see anything racist. There's certainly nothing racist towards the Chinese people.

Re:

[h33t l4x0r]

I suppose sinophobic is a better term. Referring to the Communist Party as the Fascist Party is obviously meant as a sleight. Extra irony points for OP probably being a Ring camera owner and griping about Chinese surveillance.

Re:

[nagora]

I suppose sinophobic is a better term. Referring to the Communist Party as the Fascist Party is obviously meant as a sleight.

No - it's meant as truth in advertising. Or perhaps you think the Chinese government is really communist?

Extra irony points for OP probably being a Ring camera owner and griping about Chinese surveillance.

Sorry, you missed those bonus points (amongst others).

Re:

[h33t l4x0r]

Look, it's clear that you are strongly anti-china despite never having been there and having little understanding of the culture. I merely pointed out that I expected the first post in this thread to be along those lines and I was not wrong.

Feel free to keep it up.

Re:So, where's the backdoor?

[lucasnate1]

I'm sure there were people who said "were you ever in Germany" about 80 years ago.

Re:

[Junta]

And like then, being anti-Nazi did not mean you were 'phobic of the German people'.

Just like being worried about the Iranian Ayatollah does not mean you are anti-Iran or being worried about the US President mean you are against Americans.

The Chinese government is not the same as the Chinese people.

Re: So, where's the backdoor?

[e3m4n]

Hmm. Ive been there. Ive trained in chinese martial arts for 20yrs from people that lived there. Most of us are not anti-china. They are anti- PRC. Its the PRC that is the issue. They literally want to control every facet of everybodys lives. To the extent that they feel it is their job to Pick the next Dalai Lama, who they feel the next grandmasters of the chin family dragons should be and everything else that really should not fucking matter to a government pick the next Dalai Lama, who they feel the next grandmasters of the Chen family of dragons should be, and everything else that really should not fucking matter to a government. We are talking about the same government that gets butt hurt if one of your martial art forms has 108 Movement. They want you to renumber it because they dont want you to use the number 108. The PRC are the frontrunners for which country gets to Nineteen Eighty-Four first.

Re:

[nagora]

Look, it's clear that you are strongly anti-china despite never having been there and having little understanding of the culture. I merely pointed out that I expected the first post in this thread to be along those lines and I was not wrong.

Except that you were wrong and now you're trying to bluff it out.

But, hey, have fun saluting the oppressors and mass-murderers of the Chinese people with your "look at me, baby, I'm a cool contrarian" routine.

Re:

[crobarcro]

Ah, I see, you are confusing the Fascist Chinese government with the Chinese people. A very small proportion of people are in the PRC you know.

Re:

[gweihir]

Where's the little bit of binary blob (probably firmware or a network driver) that allows the Fascist Party of China monitor all your work and comms?

Is there a prize for finding it? Is the prize as big as the one for finding the CIA's?

While your paranoia is laudable, I don't think you quite understand how placing backdoors works.

Re:

[AlanObject]

I don't think you quite understand how placing backdoors works.

That was my first reaction as well, but I think the poster was being ironical. There is not one but many ways of placing back doors and everyone should realize that attaching it to the open-source source code is at the bottom of the list as far as efficacy is concerned. Particularly as a blob which would stand out like a beacon in the desert.

Re:

[mysidia]

Particularly as a blob which would stand out like a beacon in the desert.

Yeah... about that; the most likely mechanism inside a github source tree would be code containing an extremely subtle but easily-exploitable RCE or priv esc bug in plain sight and not any kind of binary. Particularly a few lines within a massive commit containing no explicit backdoor "trap" or conditional yet still designed to create an obscurely-exploitable condition that would be unlikely to be detected by fuzzing. And the o

Re:So, where's the backdoor?

[mysidia]

The last thing they should want to do is make a backdoor access method apparent in the source release. This is something that goes into the chips or media of the target devices: that way the backdoor isn't publicly available for people to analyze and develop detection methods for.

Re:

[rlwinm]

It probably runs systemd. So it comes with security holes built in. The systemd folks don't have a good track record.

What reason did they have though?

[BAReFO0t]

I don't see anything that would make it actually a new fork in anything but in name.

Re:

[FudRucker]

probably to have better support for Chinese language and spelling characters.

Do they not know how open source works?

[BAReFO0t]

Jusr submit your patches then.

I don't see why somebody would object to that. Everybody hates localization. Great if somebody just submits it to you.

Re:What reason did they have though?

[sad_]

A bit puzzling to me as well, the highlights seem to be several tools they developed, but they could just as easily used centos directly and just focus on their tools.

Re:What reason did they have though?

[kot-begemot-uk]

I don't see anything that would make it actually a new fork in anything but in name.

The name is enough to get around USA sanctions and that is all that's needed for Huawei to fulfill both domestic needs and the outsourcing deal for manufacturing laptops for the Russian market (they are sold there with Russian name stickers).

Re:

[jabuzz]

I thought they where going with Deepin for their laptops? At least they are already shipping laptops with Deepin installed.

What "sanctions"?

[BAReFO0t]

1. It is an open source project.
2. Since when does China have to give a fuck about us laws? What are they gonna do? Sue them in a Chinese court? Right before or after those who copied western products? Which is *half their fucking industry*! :)

Re: What reason did they have though?

[e3m4n]

Of course not. Its a clone of CentOS, which we know is a free clone of RHEL. So is Scientific Linux. CentOS does not own exclusivity to cloning RHEL. So why not go to the source? Oh, because its easier to just re-brand and pass it off as if you did all the work.

I met some professors, retired military, that spent five years as educators in China. They were hired by the government to help their people overcome an endemic problem. You see the pressure is so high for them to succeed that they lack independent t

Re:

[lrichardson]

There's also an element of CYA there ... if you put forward an idea, and it fails, *BOOM* ... conversely, if you steal an idea - and virtually everyone knows you stole it - then that lends a certain legitimacy to the idea: heck, somebody outside of China thought it was a good idea. The added benefit being the repercussions for failure are not as much, reasons being a) it wasn't your idea to begin with and b) the assumption is simply that somebody failed to copy some part of the process correctly.

Re:

[whitroth]

Simple answer: because before CentOS is released, they scrub all the RH proprietary IP - code, artwork, etc - out of what they release. Why should the Euler folks have to do exactly the same work over?

Re:

[ctilsie242]

Maybe the fork might have some UI development. The open source DEs are decent, but it can't hurt to have one of the biggest companies in the world throw some megabucks (megayuan?) at the problem. It wouldn't hurt if they had decent English support as well.

I wonder if this will remain a RedHat/CentOS descendant distribution, or if they eventually will completely branch and handle all RPM packaging themselves, where the distro will be RPM based like SuSE/OpenSuSE, but not related to RedHat.

Overall, having a

Re:

[account_deleted]

Comment removed based on user account deletion

Euler

[MrKaos]

Leonhard Euler [wikipedia.org], in case anyone is interested. Pronounced "Oiler" IIRC.

Re:

[Kokuyo]

You nailed the pronunciation.

Re:

[MrKaos]

You nailed the pronunciation.

Thank you.

Re:

[swillden]

Leonhard Euler [wikipedia.org], in case anyone is interested. Pronounced "Oiler" IIRC.

It's a sad day when Leonhard Euler needs an introduction on /.

As an aside, anyone who likes math and programming puzzles and isn't familiar with Project Euler [projecteuler.net] should check it out.

Wait, wait, wait...

[Kokuyo]

Does that mean what I think it means? We get linux drivers for smartphones?

Wouldn't that mean we'll soon be able to install just about any linux distribution on Huawei?

I mean, an openwrt with wifi and LTE from an obsolete smartphone... sounds awesome!

Or am I to optimistic here?

600 commits & they improved the multi-core AR

[johnjones]

600 seems a little low or is it just me ?

hopefully any changes can be reviewed and upstreamed

all power to them

regards

John Jones

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[ctilsie242]

I think Huawei wants to keep it on mainland Chinese datacenters, just for national security reasons. It would be nice if there were mirrors/CDNs of Gitee in other countries, and this is the first time I've really heard of Gitee, but it does make sense.

If I were contributing, I'd contribute to RHEL, Fedora, or CentOS, and so the contributions propagate through the RHEL-based distro ecosystem, and not just one specific distro.

Re:

[tlhIngan]

At the moment stateside Gitee is so slow its damn near unresponsive. Assets arent loading properly either

Quite likely is it will always be slow - it's the two way nature of the Great Firewall. It makes it ridiculously slow to access Chinese servers. I had to retrieve a file through FTP that was only a few megabytes - it still took over a day to do it because AI was getting sub-dialup speeds.

Re:

[eclectro]

No. The US is not becoming arbitrarily capricious. After decades of Chinese spying and malfeasance by the Chinese government in intellectual property areas, the US government is becoming aware of the dangers that this poses to the US.

The last thing we need

[ReneR]

is yet another, 1001 Linux distribution. Fragmentation and random nonsense helps nobody: https://www.youtube.com/watch?... [youtube.com]

Re:

[ambidextroustech]

is yet another, 1001 Linux distribution. Fragmentation and random nonsense helps nobody: https://www.youtube.com/watch?... [youtube.com]

Agreed. They should've called it "Yet Another Linux Distribution" (YALD). If I were to create a product (that works on Linux), I'd just go with Arch Linux then find a way to blend in via package management my company's software.