Due to RHEL restrictions AlmaLinux and Rocky Linux will rebuild their processes

Darkcrizt

4 minutes

Alma Linux and Rocky Linux

AlmaLinux and Rocky Linux respond to recent Red Hat restriction

We recently shared the news here on the blog about changes made by Red Hat regarding code access (you can see the details in the post here), in which it basically restricts access to RHEL code affecting third parties. Among the main issues with the transition from AlmaLinux and Rocky Linux to CentOS Stream is the desynchronization of the release of packages for RHEL and CentOS Stream.

And it is that as mentioned, the RHEL package code will now be publicly available only via repository CentOS Stream, which serves as the basis for future releases of RHEL.

About the case, projects AlmaLinux and Rocky Linux, which publish binary-compatible builds of Red Hat Enterprise Linux, they have already spoken about it and have issued their statements with a roadmap following Red Hat's restriction of public access to the source code of RHEL packages.

In particular, noo all package sources present in RHEL are migrated to CentOS Stream at the same time, in the same order and in the same way (packages released to CentOS Stream may be missing some patches).

Short-term and long-term solutions to this change are something we'll be discussing in the coming weeks. We spent much of our time today digging in to make sure we understood the depth of the issue and discussed our potential options.

In the short term, we will be working with other members of the RHEL ecosystem to ensure that we continue to deliver security updates with the speed and stability that we are known for.

In the long term, we will work with those same partners and with our community to identify the best path forward for AlmaLinux as part of the Linux enterprise ecosystem. Shares Benny Vasquez, President, AlmaLinux OS Foundation Board of Directors

For example, updates related to fixing vulnerabilities in Linux kernel packages may be released to CentOS Stream with some delay. There is also no guarantee that packages will appear in the CentOS Stream repository at or after the RHEL release.

In addition, version numbers of packages in CentOS Stream and RHEL don't always match. The problem also arises with the support terms: CentOS Stream is updated within 5 years after release, and the full lifetime of the RHEL distribution is 10 years, that is, CentOS Stream cannot be an update source for the last 5 years of a distribution's life cycle.

For customers, Red Hat has left the possibility to download the RHEL srpm code through a closed section of the site, which has an additional user agreement (EULA) that prohibits redistribution of RHEL. AlmaLinux and Rocky Linux use srpm packages downloaded from the Red Hat Customer Portal with legal risks.

While this decision changes the automation we use to build Rocky Linux, we have already created a short-term mitigation and are developing a long-term strategy. There will be no interruptions or changes to any Rocky Linux user, contributor or partner.

AlmaLinux and Rocky Linux intend to continue creating builds that reproduce Red Hat Enterprise Linux packages, are fully binary compatible, have identical behavior (at the bug level), and can be used as a replacement for RHEL.

Distributions they will have to rework internal release generation processes, but nothing will change for users and partners, projects will continue to quickly generate builds as before. To avoid interruption in the delivery of updates, both projects will first use a workaround, after which they plan to determine a long-term strategy and implement a more thoughtful long-term solution, options for which are still being discussed.

As a temporary solution, the project AlmaLinux intends to switch to change tracking from the CentOS Stream repository and also use the Oracle Linux repositories to continue generating package updates to fix vulnerabilities. Generated updates will be further reviewed and tuned to ensure full compatibility with RHEL updates without violating Red Hat license terms.

An alternative solution for Rocky linux es create an additional repository to handle out-of-sync updates, Get the srpm packages associated with the missing updates using a workaround and manually upload them to the staging repository. At first, they plan to receive packages through a RHEL subscription. Along the way, they plan to do a legal analysis of the proposed model and the possibility of putting srpm packages in their repository without rebranding.

Finally, if you are interested in being able to learn more about it, you can check the details in the following links.

AlmaLinux Announcement: https://almalinux.org

Rocky Linux Announcement: https://rockylinux.org


Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: AB Internet Networks 2008 SL
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.

  1.   potassium nitrate said
    ago 10 months

    Honestly, RHE and the Centos have been loaded.
    I would stop releasing versions, and dedicate myself to other distributions.
    I lost interest in redhat as soon as they closed it to the public.
    from the first versions that I have been installing on IBM netfinity servers, since 2002.
    and betting for cents on my facilities, and now they have become a pain in the ass.
    Debian, or Ubuntu Server... work just as well or better.

    You know about "A death announced...", well that... bye bye Centos, RHE.

    Reply to potassium nitrate