2

We are discovering Oracle Linux and considering the move from other RHEL clones.

One question that's remains unanswered is: what's the lifecycle of minor releases on Oracle Linux? Do we get updates, on the free tier, when a new point release is available for the previous ones?

Exemple: I need to install an Enterprise Linux 7.7 server, on CentOS world we need to get the ISOs from CentOS Vault and there's only updates to the last day before CentOS 7.8 is released. In other hand on RHEL there will be some security updates for RHEL 7.7 even if 7.8 is already released for a period of time. So RHEL is a better fit than CentOS in this case.

So which is the policy on Oracle Linux in this case? Where I can read about it? How can I pin Oracle Linux to keep a point release and maintain it patched just like in RHEL?

Thank you all.

Vinícius Ferrão
  • 5,520
  • 11
  • 55
  • 95

1 Answers1

3

Oracle's lifecycle for Oracle Linux is only at the major release level, not the minor. (see here: https://www.oracle.com/a/ocom/docs/elsp-lifetime-069338.pdf) The important part of the version for software compatibility is the "7", not the ".x". Oracle Linux 7.8 just as a newer kernel than 7.7; they're not "separate" releases.

If you need to maintain security, then you need to install kernel patches as they are released. Particular kernel patches will automatically increase the point release of the Oracle Linux OS; the point version is an indicator of the minimum kernel version. This happens once or twice a year in my experience.

I've never seen software that had an issue with that - that wouldn't release its own update to support a new kernel version if necessary. If you have to freeze the kernel version to support something specific, then by definition security isn't really critical - I don't think you can have it both ways.

pmdba
  • 281
  • 1
  • 6
  • 1
    Thanks @pmdba; it seems that OL is in fact a rolling release. There's a lot of scientific and engineering software that needs pinned versions, for example Ansys: https://www.ansys.com/-/media/ansys/corporate/files/pdf/solutions/it-professionals/platform-support/ansys-platform-support-strategy-plans-february-2021.pdf. Another issue is that I know that RHEL issues some rebases during point releases which may break userland anyway, so keeping a current point release sometimes is really mandatory while still receiving updates; just like EUS on RHEL: https://access.redhat.com/articles/rhel-eus – Vinícius Ferrão Mar 14 '21 at 22:14
  • I'm marking this as the answer although I'm not 100% satisfied. The only way right now to keep a version is to install the version from DVDs. But you'll not get updates that were released during the lifecycle of that specific version. – Vinícius Ferrão Jul 20 '21 at 01:08
  • A couple of points: the RHEL EUS program is only for patching otherwise _unsupported_ versions of RHEL (like RHEL 5). It is not about freezing currently supported releases at a particular point release. – pmdba Jul 20 '21 at 01:43
  • Also, per the software you referenced, if you look at their support strategy here: https://www.ansys.com/content/dam/it-solutions/platform-support/ansys-platform-support-strategy-plans-june-2021.pdf you will see that they generally support the three most current dot releases of any major Linux release in a rolling fashion: they do _not_ expect you to maintain a specific dot release if you upgrade their software along with the OS kernel. If you want to maintain a secure system, you have to continuously upgrade _both_ the apps and the OS. – pmdba Jul 20 '21 at 01:44