[CentOS-devel] Balancing the needs around the RHEL platform

Tue Dec 29 04:16:13 UTC 2020
Tetsuo Handa <from-centos at i-love.sakura.ne.jp>

On 2020/12/29 8:32, Lamar Owen wrote:
> Will Stream cut it for me?  One issue that keeps getting glossed over is that 
> many drivers that are already in-kernel, not 3rd party, but disabled by Red Hat, 
> still have users who need them.

Yes, that's a problem for me. I mentioned it at
https://lists.centos.org/pipermail/centos-devel/2020-December/075631.html .
I have an LSM module named TOMOYO which is in-kernel since Linux 2.6.30 .
Since Fedora cannot afford enabling LSM modules other than SELinux
( https://bugzilla.redhat.com/show_bug.cgi?id=542986 ), unlike other Linux
distributions, TOMOYO is enabled in CentOS Plus kernels, which is difficult for
RHEL users because CentOS Plus kernels are completely unsupported by RH.

>                                  ELrepo and others have provided support at the 
> "point release" milestones for these "unsupported" drivers; it really looks like 
> Stream will break this hard.

Any chance that RH moves from "RH is responsible for supporting all code RH is
shipping" to "RH ships as much code as possible (basically any GPL code), but
RH supports only some portion of shipped code" ?

> For instance, I need megaraid_sas for my servers; that's not a 3rd party binary 
> driver, but is already in-kernel; it is intentionally not built by Red Hat.  
> ELrepo rebuilds this AND most importantly provides a working driver disk for 
> installs; I just don't see Red Hat providing these drivers, even in a SIG, for 
> hardware they have already decided is "unsupported "; but I always reserve the 
> right to be wrong.

Who are the intended audience of RHEL/CentOS Linux/CentOS Stream ?

While some people mention absence of security fixes in CentOS Linux upon RHEL minor release,
it is common that RHEL servers with uptime of over 1 year (i.e. no kernel updates).
There are servers using kernels as of e.g. RHEL 7.3 or so. That is, while RHEL is
providing security fixes quickly, not all users are applying security fixes so quickly.

Since I'm a Linux kernel developer, I don't know about trends of userspace.
But let me try to think about characteristics of several distributions.

Gentoo is targeting for providing newest possible versions. But since Gentoo is a
distribution which asks users to "compile", Gentoo is difficult for administrators
who are not developers.

Ubuntu is targeting for easy to use, with reasonably newest versions. Since the design
of Ubuntu is fundamentally different (e.g. setting root password is not mandatory,
multiple Linux Security Modules are available compared to SELinux-only), CentOS Stream
won't be able to behave like Ubuntu due to constraint between Fedora and RHEL.

Default gcc provided in CentOS 7 became too old to compile Linux kernels.
Many projects which follow the trend want latest version of compilers.
Wouldn't developers who want latest versions already using Fedora/Ubuntu ?

After all, isn't RHEL/CentOS a distribution for providing reasonably oldest versions,
with plenty of documents and knowledge prepared for circumspect users?

The idea of moving CentOS Linux to CentOS Stream might be just a
"The grass is always greener on the other side of fence." thing...