LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Red Hat
User Name
Password
Red Hat This forum is for the discussion of Red Hat Linux.

Notices


Reply
  Search this Thread
Old 06-04-2018, 11:52 AM   #1
Snookiwooki
LQ Newbie
 
Registered: Jun 2018
Posts: 1

Rep: Reputation: Disabled
Post RHEL 6.4 patching and Perl modules


Afternoon all,

and hello to everyone... first post so apols if this question is a bit flaky, Linux isn't my area,

We have an RHEL 6.4 server, it's running a custom application written in Perl consisting of many hundreds of modules residing in /usr.
Our support vendor is asking for a patching exception and is advising it cannot be patched due to each time /usr is updated the modules are removed; then they have to restore the modules from a backup...

Being in infosec not patching isn't something I easily accept.


Is this expected behaviour on this this flavour of Linux?

Does surprises me this would happen though.


many thanks
Steve

Last edited by Snookiwooki; 06-04-2018 at 12:14 PM.
 
Old 06-04-2018, 12:35 PM   #2
John VV
LQ Muse
 
Registered: Aug 2005
Location: A2 area Mi.
Posts: 17,400

Rep: Reputation: 2584Reputation: 2584Reputation: 2584Reputation: 2584Reputation: 2584Reputation: 2584Reputation: 2584Reputation: 2584Reputation: 2584Reputation: 2584Reputation: 2584
a few things first

is this 6.4 ? or the current 6.9 Legacy hardware support OS ?

for 6.4 you WILL need redhat's help

open a ticket with redhat


to check please post the output of this
OUR help and instructions WILL depend on this !!!

Code:
cat /etc/redhat-release

Last edited by John VV; 06-04-2018 at 12:37 PM.
 
Old 06-04-2018, 12:49 PM   #3
MensaWater
LQ Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, CoreOS, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 7,553
Blog Entries: 15

Rep: Reputation: 1494Reputation: 1494Reputation: 1494Reputation: 1494Reputation: 1494Reputation: 1494Reputation: 1494Reputation: 1494Reputation: 1494Reputation: 1494
The nature of RHEL is that the major version of the distro (e.g. RHEL5, RHEL6, RHEL7) gets built using certain version of upstream packages (e.g. perl-5.10.1 - you can see this by running "rpm -q perl").

RedHat does its own customization to make all the packages they use work together and put their own extended versioning on the package. (e.g. on one RHEL 6.5 system I currently have perl-5.10.1-136.el6.x86_64 but there is a later extended version perl.x86_64 4:5.10.1-144.el6 shown by "yum list perl). Note that both show base version as perl-5.10.1 but what follows that is different. The extended versioning may include backports of security fixes and some enhancements in the base from later upstream base version.

perl Is a modularized programming languange as you know. RedHat provides many perl modules in their repositories. If you run "rpm -qa |grep perl" you'll see all the ones you have installed. However, many modules are NOT provided directly by RedHat. You can get other modules using Perl's own CPAN facility. You can find more information on that at:
http://www.cpan.org/modules/INSTALL.html

You could put newer modules in locations not automatically overwritten by rpm/yum installations. You'd have to insure your includes in the perl scripts you use know the alternate paths to include.

To reiterate:
There ARE security updates in RHEL provided packages but you have to look at the errata for those packages to be sure you have the latest. Many security scanning tools base their pass/fail on the base version of upstream and don't look at all at the RHEL extended versioning. If a scanning tool tells you you're at risk look to see what specifically (i.e. which CVE) it complains about then look at RedHat's site to see if that CVE is addressed in their extended version (which it often is).

Note that RHEL6 is nearing end of life so there is a point at which they'll quit providing security fixes for it. If at all possible you should look at moving on to RHEL7.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
problem with modules in perl running on linux RHEL 5.4 kingston Linux - Newbie 4 04-19-2011 01:34 AM
Rhel patching newcranium Linux - Newbie 6 04-13-2011 02:33 AM
Print output of a script to screen using Perl/Multiple installation of Perl Modules metallica1973 Linux - General 1 02-17-2011 06:59 PM
problem with perl modules declaration and perl/cgi script shifter Programming 9 02-24-2010 10:09 AM
rhel 3 or 4 patching rekaye1005 Linux - Enterprise 2 01-26-2008 07:05 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Red Hat

All times are GMT -5. The time now is 12:33 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration