[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

support for RedHat distributions

Dear Linux-security subscribers:

... there will be none (see subject).

As most of you probably know by now RedHat has announced that it will
not release another free Linux distribution, i.e., RH 9 will be the
last. Support for RH 7.x will end at the end of this year, support
for RH 9 will end at the end of April.

What are the alternatives?

Alternative 1: Fedora Linux
There exists a product called Fedora Linux, which RedHat seems to promote
as the successor of the free RedHat distributions. Currently, you can
download "Fedora core 1". Fedora will be a "community supported"
product whatever that means.
While the transition from RedHat Linux to Fedora Linux will be easy
- the two are very similar - there are uncertainties connected with
Fedora Linux that make its suitability for production systems questionable:
1) it has been announced that there will be three core releases every
year of Fedora Linux. This sounds as if using Fedora Linux will be like
living on the edge: always the newest and greatest - not necessarily
good for stability.
2) with three core releases every year, it is completely unclear how
long older releases will be supported: support for 2 years would mean
that at every point in time upto 6 distributions would have to be
supported, 9 distributions, if the support lasts over 3 years. Very
3) it is completely unclear how how fast the Fedora team will come up
with security updates after the discovery of a severe security hole.
Note a community based distribution not necessarily has to be slow
with security updates - Debian is the best counter example, but
Debian also has the opposite strategy than Fedora: stability is more
important than new features every few months.

Alternative 2: SuSE
Despite recently being bought by Novell SuSE support for free distributions
still seems to be strong (I receieved on email from SuSE.com confirming
that). SuSE is definitely high quality, has fast releases for fixing
security problems, is rpm based. Support for older releases seems to be
at least 2 years (SuSE still support SuSE 7.2, which came out about
2 years ago). All of that make it the perfect candidate for production
systems. However, it will be different and will take some time to
get used to.

Alternative 3: Debian
Debian is a community based distribution. It is high quality. And it
has reasonable support for older distributions. However, it is not
rpm based. And more importantly, almost no support for Debian systems
from commercial vendors exists. If you rely on commercial compilers,
software libraries, etc. Debian is not for you.

The most appealing plan (at least from my perspective) for the SFU
distributions is the following:

1) support for RH 7.1 and 7.2 will disappear at the end of this year.
2) support for RH 9 will disappear at the end of April.
3) we will be supporting Fedora Linux, at least on a test basis.
4) I will try to start supporting SuSE Linux, probably starting with
   version 9. This will require work - currently we have no experience
   with building SuSE distributions.
5) ACS runs a large number of systems that run RH 7.3. These systems
   rely on this particular version of the OS, because they use commercial
   software packages that only work with this particular version of glibc.
   For that reason we will be trying to support RH 7.3 (we probably have
   to rename it to something else) beyond Dec. 31 by backporting security
   updates to RH 7.3. Right now we cannot say how long we will be
   able to continue that support, but alternatives to that approach would
   be very expensive.

I would like to hear your comments, suggestions, wishes, etc. with respect
to these issues.

In any case this will not be an easy transition.


Martin Siegert
Manager, Research Services
WestGrid Site Manager
Academic Computing Services                        phone: (604) 291-4691
Simon Fraser University                            fax:   (604) 291-4242
Burnaby, British Columbia                          email: siegert@sfu.ca
Canada  V5A 1S6