Oracle Linux: A better alternative to CentOS …really?

Last week I came across this link:  http://linux.oracle.com/switch/centos/ and thought “wow, this might be a very nice alternative to RHEL.” Here is a quote of Oracles site:

“FAQ

Wait, doesn’t Oracle Linux cost money?
Oracle Linux support costs money. If you just want the software, it’s 100% free. And it’s all in our yum repo at public-yum.oracle.com. Major releases, errata, the whole shebang. Free source code, free binaries, free updates, freely redistributable, free for production use. Yes, we know that this is Oracle, but it’s actually free. Seriously.

 Errata, the whole shebang, free updates?  Sounds fantastic no?

The errata information in the CentOS repos are missing. There is no updatesinfo.xml.gz file which provides the essential updates and security information (as in the epel repo). As an alternative you can import the errata list into Spacewalk so you get all the information you need. Here is what I am talking about… If you execute

yum list-security on a system which has no errata (for CentOS)   you get the following output:

[root@graylog2 ~]# yum list-security
Loaded plugins: fastestmirror, rhnplugin, security
There was an error communicating with RHN.
RHN Satellite or RHN Classic support will be disabled.
Error communicating with server. The message was:
Unable to connect to the host and port specified
Loading mirror speeds from cached hostfile
* base: mirror.atlanticmetro.net
* epel: mirrors.einstein.yu.edu
* extras: centos.mirror.choopa.net
* updates: mirror.trouble-free.net
FEDORA-EPEL-2012-5824 enhancement epel-release-6-7.noarch
updateinfo list done

with CentOS errata (in my case connected to my spacewalk server) it would look like this:

[root@graylog2 ~]# yum list-security
Loaded plugins: rhnplugin, security
centos6-updates-x86_64/updateinfo                                                         |  31 kB     00:00
epel/updateinfo                                                                           | 427 kB     00:06
FEDORA-EPEL-2012-5715 enhancement PyYAML-3.10-3.el6.x86_64
CEBA-2012:0561        bugfix      bash-4.1.2-9.el6_2.x86_64
FEDORA-EPEL-2012-6188 bugfix      cobbler-2.2.3-2.el6.noarch
FEDORA-EPEL-2012-5824 enhancement epel-release-6-7.noarch
CEBA-2012:0566        bugfix      glibc-2.12-1.47.el6_2.12.x86_64
CEBA-2012:0566        bugfix      glibc-common-2.12-1.47.el6_2.12.x86_64
CEBA-2012:0552        bugfix      irqbalance-2:0.55-30.el6_2.x86_64
FEDORA-EPEL-2012-6188 bugfix      koan-2.2.3-2.el6.noarch
CESA-2012:0523        security    libpng-2:1.2.49-1.el6_2.x86_64
CEBA-2012:0511        bugfix      matahari-0.4.4-12.el6_2.x86_64
CEBA-2012:0555        bugfix      net-tools-1.60-110.el6_2.x86_64
FEDORA-EPEL-2012-6024 bugfix      perl-Config-IniFiles-2.72-2.el6.noarch
CEBA-2012:0572        bugfix      qemu-img-2:0.12.1.2-2.209.el6_2.5.x86_64
CEBA-2012:0556        bugfix      sos-2.2-17.el6_2.3.noarch
CEBA-2012:0565        bugfix      sudo-1.7.4p5-9.el6_2.x86_64
CESA-2012:0515        security    xulrunner-10.0.4-1.el6.centos.x86_64
updateinfo list done

As you can see all the CEBA and CESA show up. So lets go back to the Oracle quote,  “Errata, the whole shebang!”

So I created a virtual host and ran their centos2ol.sh script. Have to say it worked flawlessly. After it ran, I begun to get a little bit excited so I ran the command again on my new OEL6 box.

[root@kvm0 ~]# yum list security
Loaded plugins: fastestmirror, security
Loading mirror speeds from cached hostfile
ol6_UEK_latest                                                                            |  951 B     00:00
ol6_latest                                                                                | 1.1 kB     00:00
updateinfo list done

WHAT??? really? Where is the security information (errata)? I had this host connected to my spacewalk server before and this is what it looked like:

 

 

 

 

 

 

11 Critical updates. So it seems that there are no updates or security information in the official Oracle public-yum-ol6.repo.

Lets check if  the updateinfo.xml.gz is available.

So there is NO updateinfo.xml.gz file :-(.

Well Oracle, that’s disappointing. So where can I get the errata information for OEL from? Oh here it is: https://oss.oracle.com/pipermail/el-errata/. Hmm that looks like a mailing list 🙂

The El-errata Archives

You can get more information about this list.

Archive View by: Downloadable version
August 2012: [ Thread ] [ Subject ] [ Author ] [ Date ] [ Gzip’d Text 2 KB ]
July 2012: [ Thread ] [ Subject ] [ Author ] [ Date ] [ Gzip’d Text 170 KB ]
June 2012: [ Thread ] [ Subject ] [ Author ] [ Date ] [ Gzip’d Text 24 KB ]
May 2012: [ Thread ] [ Subject ] [ Author ] [ Date ] [ Gzip’d Text 17 KB ]
April 2012: [ Thread ] [ Subject ] [ Author ] [ Date ] [ Gzip’d Text 17 KB ]
March 2012: [ Thread ] [ Subject ] [ Author ] [ Date ] [ Gzip’d Text 66 KB ]

As a comparison, the CentOS one 🙂

The CentOS-announce Archives

You can get more information about this list.

Archive View by: Downloadable version
August 2012: [ Thread ] [ Subject ] [ Author ] [ Date ] [ Gzip’d Text 19 KB ]
July 2012: [ Thread ] [ Subject ] [ Author ] [ Date ] [ Gzip’d Text 46 KB ]
June 2012: [ Thread ] [ Subject ] [ Author ] [ Date ] [ Gzip’d Text 41 KB ]
May 2012: [ Thread ] [ Subject ] [ Author ] [ Date ] [ Gzip’d Text 27 KB ]

Ok, so my conclusion is yes, it’s nice the have tools like ksplice and dtrace. And depending on you’re environment, these 2 tools can make life a lot easier! But no errata information in the yum repos is a killer for me. I can have the same errata information with CentOS without being dependent on Oracle. So, I’ll wait until maybe one day, there is errata information in the oracles yum repos.

 

 

4 thoughts on “Oracle Linux: A better alternative to CentOS …really?

  • At the time this test was conducted (August 2012) there was no CVE metadata published in the Oracle public-yum channels. However, this has since changed and the CVE metadata is available and can be seen when using the “yum list-security” command. When you have a moment, please try the test again and report back.

  • Did you ever try this out? It would be good to see you correct the record here!

    (And yes, I do work for Oracle, on the Oracle Linux project, so have a vested interest!)

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.


Hit Counter provided by laptop reviews