LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Enterprise Linux Forums > Linux - Enterprise
User Name
Password
Linux - Enterprise This forum is for all items relating to using Linux in the Enterprise.

Notices


Reply
  Search this Thread
Old 06-25-2020, 12:56 PM   #1
shlammed
LQ Newbie
 
Registered: Mar 2009
Posts: 8

Rep: Reputation: 0
RHEL 7 OS/Security Patching


Hi folks,

Trying to wrap my head around patching in Red Hat. Can anyone validate that my understanding here is correct?

Let's take RHEL 7.5 as an example. My options are:

1) Stay at 7.5 and patching nothing as EUS expired in April 2020
2) Patch to the latest version (7.8)

Now, if for some reason I need to stay at 7.5 due to app stack certification, I believe I would be SOL at this point, correct?

In other words, I see this "Maintenance 2" phase on Red Hat's site which runs up until 2024, but am I correct to say that this maintenance phase ONLY applies to the last version of RHEL 7 (assuming 7.9)?

Thanks
 
Old 06-25-2020, 01:07 PM   #2
shruggy
Senior Member
 
Registered: Mar 2020
Posts: 1,029

Rep: Reputation: Disabled
Quote:
Originally Posted by shlammed View Post
am I correct to say that this maintenance phase ONLY applies to the last version of RHEL 7 (assuming 7.9)?
Seems so.
Quote:
EUS repository Deactivation
For a given RHEL minor release EUS repository (for example RHEL 8.1), like all EUS repositories, will be retired 24 months after it is created and becomes available via Red Hat Subscription Manager. When an EUS repository reaches retirement, no new errata are released to the repositories. However, all previously released errata remain available to customers with an active subscription. It is imperative to migrate to a later EUS release to continue receiving errata updates like security and bug-fix errata.
You should patch to the latest available minor release whenever possible.

Last edited by shruggy; 06-25-2020 at 02:05 PM.
 
Old 06-25-2020, 02:53 PM   #3
shlammed
LQ Newbie
 
Registered: Mar 2009
Posts: 8

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by shruggy View Post
Seems so.


You should patch to the latest available minor release whenever possible.
100%, just regarding those odd cases where an app may not be certified beyond a specific version.

I guess once EUS is expired, you don't have much of an option from the OS level.
 
Old 06-25-2020, 03:06 PM   #4
pan64
LQ Guru
 
Registered: Mar 2012
Location: Hungary
Distribution: debian/ubuntu/suse ...
Posts: 14,704

Rep: Reputation: 4801Reputation: 4801Reputation: 4801Reputation: 4801Reputation: 4801Reputation: 4801Reputation: 4801Reputation: 4801Reputation: 4801Reputation: 4801Reputation: 4801
Quote:
Originally Posted by shlammed View Post
100%, just regarding those odd cases where an app may not be certified beyond a specific version.
That is an interesting question. Theoretical there should be no reason to avoid updating. The releases of RHEL 7.x series are strictly compatible with each other.
 
Old 06-25-2020, 03:38 PM   #5
shruggy
Senior Member
 
Registered: Mar 2020
Posts: 1,029

Rep: Reputation: Disabled
Theoretically, yes. But practically... the link I provided above states this:
Quote:
What Customer Use Cases Benefit from Using EUS?
  • Customers who have a policy of re-certifying application stacks when they move to new minor releases of Red Hat Enterprise Linux
  • Customers who have sensitive workloads that require minimal change
  • Customers using third party applications from ISVs who certify on specific Red Hat Enterprise Linux minor releases
And the Wikipedia article on RHEL gives some examples:
Quote:
EUS allows the organization / company to stay on a minor version if required by a third party application which is only tested with a particular minor version of RHEL, such as Oracle Database, IBM DB2, IBM Cloud Orchestrator, hortonworks.
 
Old 06-26-2020, 02:04 AM   #6
pan64
LQ Guru
 
Registered: Mar 2012
Location: Hungary
Distribution: debian/ubuntu/suse ...
Posts: 14,704

Rep: Reputation: 4801Reputation: 4801Reputation: 4801Reputation: 4801Reputation: 4801Reputation: 4801Reputation: 4801Reputation: 4801Reputation: 4801Reputation: 4801Reputation: 4801
practically impossible to reach the 100 % [coompatibility]. Yes, I know. But again, if there was no real reason to keep you need to update. That was what you told in post #2.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
centos vs rhel patching drManhattan Linux - Server 1 10-20-2011 02:26 PM
Rhel patching newcranium Linux - Newbie 6 04-13-2011 01:33 AM
Registering rhel 5.3 and patching without internet access ocalld Linux - Enterprise 11 12-09-2009 12:21 PM
RHEL Patching Strategy. jasoneh Red Hat 3 11-24-2008 03:19 PM
rhel 3 or 4 patching rekaye1005 Linux - Enterprise 2 01-26-2008 06:05 PM

LinuxQuestions.org > Forums > Enterprise Linux Forums > Linux - Enterprise

All times are GMT -5. The time now is 07:29 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration