Linux Patch Management: Keeping Linux Systems Up To Date

1.3. Community-Based Sources

Besides Debian Linux, there are a number of distributions and "rebuilds" backed by a community of developers and users. This list includes Fedora Linux, the community-based offering of Red Hat, along with other distributions, such as Slackware Linux.

The most common current examples of rebuilds are the groups that have taken the source code from Red Hat Enterprise Linux and built their own binary packages and even downloadable CDs/DVDs.

Note

When I refer to a "rebuild," I'm referring to a distribution that is built from the source code of another distribution. This is in contrast to a "clone" which is an operating system that emulates the functionality of another while using different source code. For example, while Linux is a clone of Unix, CentOS-4 is a rebuild of Red Hat Enterprise Linux 4.

1.3.1. Fedora Linux

When Red Hat moved to a subscription model for its flagship RHEL distribution, it wanted to retain the support of the Linux community. For this reason, it started the Fedora Linux project. Red Hat has stated that Fedora Linux distributions will be released every 4 to 8 months, and it will be the testbed for future RHEL releases. As of this writing, the current version is Fedora Core 4, and we'll be using that version in our examples.

As a community project, Fedora Linux does not have access to the Red Hat Network. However, as a RHEL testbed, it uses the same basic Update Agent as described earlier in this chapter.

Therefore, Fedora Linux needed a community-based repository and update tool. The basic repositories are listed at fedora.redhat.com/download/mirrors. The basic update tool is the tool associated with Yellowdog Linux, yum. Before you can start the update process, you'll need to import the Fedora GPG key into your update system. As it's already available in the /usr/share/rhn directory, all you need to do is run:

rpm --import /usr/share/rhn/RPM-GPG-KEY-fedora

If you're using Fedora Linux, you should update the files in the /etc/yum.repos.d directory. The default version of this directory includes six files:

fedora.repo includes the basic Fedora Core repository.

fedora-updates.repo contains the updates associated with Fedora Core.

fedora-updates-testing.repo has updates that may not be ready for production for Fedora Core. These are proposed updates.

fedora-extras.repo contains additional packages which are tested for Fedora Core, but are not part of the official distribution.

fedora-extras-devel.repo has packages that may not be ready for production for the Extras repository of Fedora Core. These updates are incorporated in the Extras repository when they're ready for production.

fedora-devel.repo includes the repository with the regular rebuilds of packages; formerly known as Rawhide.

These files include two variables, $releasever and $basearch. They refer to the release version of Fedora Core and the CPU version, respectively.

My version of this file in Fedora Core 4 points to random mirrors. The first time I ran yum, this file pointed my computer to a repository in Denmark. As I am in the USA, that is not what I want. So I'll want to change each of the files in the /etc/yum.repos.d directory. For example, if I wanted to use the mirror at North Carolina State University at ftp://ftp.linux.ncsu.edu/, I'd comment out the mirrorlist command in each of the six files and substitute in the following files:

fedora.repo

baseurl=ftp://ftp.linux.ncsu.edu/pub/fedora/linux/core/$releasever/ $basearch/os/

fedora-updates.repo

baseurl=ftp://ftp.linux.ncsu.edu/pub/fedora/linux/core/updates/ $releasever/$basearch/

fedora-updates-testing.repo

baseurl=ftp://ftp.linux.ncsu.edu/pub/fedora/linux/core/updates/ testing/$releasever/$basearch/

fedora-extas.repo

baseurl=ftp://ftp.linux.ncsu.edu/pub/fedora/linux/extras/ $releasever/$basearch/

fedora-extas-devel.repo

baseurl=ftp://ftp.linux.ncsu.edu/pub/fedora/linux/extras/ development/$basearch/

fedora-devel.repo

baseurl=ftp://ftp.linux.ncsu.edu/pub/fedora/linux/core/development/ $basearch/

You should update these files with the mirror-based repositories of your choice. It's OK to have more than one repository listed in each of the /etc/yum.repos.d configuration files. We'll explore this process in more detail in Chapter 2.

1.3.2. Red Hat Rebuilds

There are several different groups that have rebuilt the Red Hat Enterprise Linux source code. This is allowable because Red Hat has released the source code for almost all RHEL packages under the GPL or related open source licenses. Before release, each of these groups has modified the source code to remove Red Hat trademarks. While there are several versions of RHEL 4, the developers behind the rebuilds have configured a generic rebuild, which can be configured as a server or workstation. While these rebuilds generally support 32- and 64-bit x86 systems, support for other architectures varies.

Some of the groups behind RHEL rebuilds include the following:

cAos is the group behind CentOS 4, which is based on the source code for RHEL 4. It has a strong following and is based on a community of volunteers. For more information, see www.caosity.org.

White Box Linux was developed by a group associated with a Louisiana library system; they had the first available rebuild of RHEL 3. For more information, see www.whiteboxlinux.org.

Note

The people behind White Box Linux worked overtime, adding Linux terminals and wireless networks, to help evacuees from Hurricane Katrina (2005) stay in touch with friends and families. Thousands of evacuees have relocated, at least temporarily, to their area. These dedicated Linux hackers have maintained their efforts even after a near-direct hit from Hurricane Rita.

Lineox was built by a company in Finland, the original home of Linus Torvalds. They offer CDs, DVDs, and paid levels of support. For more information, see www.lineox.net.

Fermi Linux was rebuilt by several developers at the Fermi National Accelerator Laboratory near Chicago. Scientific Linux was developed from Fermi Linux and is maintained by developers at similar laboratories including the European particle physics laboratory (CERN). For more information, see www-oss.fnal.gov/projects/fermilinux/ and www.scientificlinux.org.

A more complete list of RHEL rebuilds is available at www.linuxmafia.com/faq/RedHat/rhel-forks.html.

Категории