Hello everyone. I outline the problem - I have a couple of Centoses 6. For obvious reasons, migrating to 7, 8 or 9 (another Linux) doesn't really appeal to me. I won't even mention Stream. On the other hand, due to the fact that these Centoses of mine have not had updates for a long time, there has been pressure to do something about it. Do you have any ready-made solutions?

Obviously, there is no way. https://forums.centos.org/viewtopic.php?t=72710. How do you think you can identify and introduce all the required patches?
But anyway, you need to decide if you want to upgrade or not. You cannot do both of them in the same time, that is just impossible.

As per Pan64, if you want to continue using the services C6 is currently providing, you need to spin up either Centos Stream v9 (if you want to go upstream from RHEL), OR go for eg Rocky or Alma Linux v9 if you want to stay downstream from RHEL, as Centos was.

PS don't even think of trying to update in-place....

Check this out: https://en.euro-linux.com/eurolinux/euroels/. This company provides security patches for CentOS 6. This may be what you are looking for.

I'd also take a hard look at program versiions and compare them with current ones.

It's all fine backporting patches but there is a sane limit and you probably lose out on new features. How, for instance do you get on with python 2&3? It would be better to make a plan to do something to get and keep your systems up to date.

Yes; update to the latest version of ANY server-grade distro. That's the solution.

There have been many posts like this here over the years, and this is something my company deals with all the time. The 'logic' of keeping a VERY old distro around because it's not 'appealing'/too hard/software won't work/whatever-other-reason is plain wrong. At some point, CentOS 6 won't work on any newer hardware...are you going to buy old junk at thrift stores to keep going?? You'll be *FORCED* to upgrade at some point...so why wait? Do it in an orderly fashion now, and deal with your problems as they come up. If you're at a business and are already familiar with CentOS, it's worth every penny to pay for Red Hat enterprise. You get support from them as well, and all the same commands will work.

1 members found this post helpful.

OT: I nearly interviewed for a position of "Director Of Legacy Computing" where the department had to maintain old / obsolete hardware on a "best endeavor basis" while code was refactored, it DID involve scouring ebay etc. for parts to keep stuff going. My old 40Mb tape drives and Pentium 4 hardware may have come in handy!

Yep; been there, done that too, but only as a stop-gap measure. Actually had someone at a large bank (Fortune 100 large), ask why we couldn't buy old VT-320 style terminals from eBay to replace the dying ones in the computer room. Actually argued that the operators would 'get confused' if they used their existing SSH terminal software.

He threatened to quit rather than rewrite a small portion of his code that just wouldn't work on ANYTHING but a VT-320. They took him up on his offer and someone else did the job in about two days.

1 members found this post helpful.

"For obvious reasons?" Why should your employer care about what "appeals to you?"

I once proposed a $350,000 budget for a project to bring a company's long-neglected public facing software "face" up to date, on the observation that it was unacceptable to allow the business to remain exposed to vulnerabilities that were well-known (and documented!) to every potential attacker. It was a very long project, because the company's [former ...] IT department had left their heads buried in the sand for a very long time, and it ran slightly over budget – but the executives never flinched.

CentOS never really had support, it had a community. Now that it is an IBM "product" it has nothing. The community has gone over to Rocky, with a few also in the other RHEL code compatible options.
The question is what features do you NEED and what level of support do you NEED!
Personally, I would be migrating to the latest Rocky, or see if you qualify for one of the RHEL free license options.

Thank you everyone for your help. I decided to stick with the solution suggested by les_paul. I'll have more time (until June 2024) to migrate to a higher version of something similar.

just a comment: this eurolinux is another distro, be careful when you upgrade, at least make a full backup (and check it) first. Probably it is not what you want. But I hope you will tell us the result.