How compatible are RHEL and clones?

Security security at air-austral.com
Mon Oct 24 06:31:14 UTC 2005 

Ed Wilts wrote:

>On Fri, Oct 21, 2005 at 01:31:38PM -0500, Chris St. Pierre wrote:
>  
>
>All of the "clones" are going to have some issues.
>
Like RH .. that's why for exemple Scientific Linux and Gralinux wait
when a update is avaible from RH ...

>  They're not clones -
>  
>
They are "source clone", or near.

>they're generally compilations of the source rpms.  There have been
>cases where some 3rd party software won't install
>
Like some HP drivers and the Oracle Application server, but I don't have
other exemple
(IBM tivoli+kernel driver run perfectly on gralinux)


> and there have been
>cases where compiler bugs have made it impossible for you to generate a
>fully functional binary from the source rpm because Red Hat had not at
>the time released the updated compiler.
>  
>

It's a really rare case... I'm not sure that if you compile samba with a
"old" gcc from CenOS, you will have problems :)
Of course, for clones, it's important to check the version of gcc when
you compile the glibc or the kernel; but for non-critical
programs there is no reason to check it, dont be paranoid, gcc2.96 is
not used actually ;-)


>In general, the rebuilds work and I run one at home for non-critical
>work.  At the office, all of my systems have RHEL subscriptions.
>
>  
>

I switch production servers (GFS, Samba, mail) to Gralinux, and there is
no problem at all.
Maybe I'm lucky, maybe the "source based clone" is not a stupid idea
after all :)

>Do not expect a clone on CentOS, White Box Linux, or any of the others.
>They're rebuilds of the source and they all have limitations.
>
????
There is a "professional support" problem, that's true, but for exemple
(Gralinux) you have a fully
postfix version with ldap/mysql support on
RHAS3 ?? no .. you need "to it by yourself"


>  Some may
>have varying life cycles and differing delays in getting security
>patches to you.
>
It's a question of days, like RH does.
The security patchs from RH don't come 1 or 2 hours after the public
annonce (see bugtraq or CVE)
some of them are avaible months after the public annonce of the security
problem.


>  Some may simply wither away and die tomorrow and leave
>you scrambling.  It depends on what you're comfortable with.
>
>        .../Ed
>  
>
RH can close the door too ...

I think Scientific Linux or Centos (because there is more than 1 people
for these projects) are a good way:
Don't be scared about them !
There is no guarantee that RH will really maintain RH enterprise for
years: theys can have problems too.

Regards

jean-seb

More information about the redhat-list mailing list