Feeds

Oracle: Get your Red Hat Linux patches from us, it's easier

New service lets public browse kernel fixes

  • alert
  • submit to reddit

Seven Steps to Software Security

In the latest episode in its ongoing pissing match with leading Linux vendor Red Hat, Oracle has set up a new service that allows Red Hat Enterprise Linux (RHEL) customers to more easily browse the source code of changes Red Hat has made to its version of the Linux kernel.

Called RedPatch, the new service is a Git repository that holds every patch Red Hat has applied to the kernel source, broken out as one code commit per patch.

Red Hat itself used to distribute its patches in a similar fashion, but in early 2011 it changed its policy. It now distributes all of its modifications for each new version of its kernel as a single, giant patch file, making it harder for RHEL users to identify specific changes.

"For most people who work in the kernel this is merely an inconvenience," wrote Oracle's Tim Hill in a blog post announcing RedPatch. But the change is particularly cumbersome for Oracle's Ksplice team, he said, which is why it created the new code repository.

Ksplice is a technology that allows Linux kernel patches to be applied to running servers with no downtime. To facilitate this, the Ksplice team needs to build binary update files from individual patches, one at a time, and many of Red Hat's patches aren't even particularly relevant. For example, as Hill wrote, a patch that makes a server boot faster isn't very important for a server that never reboots.

But although the unique requirements of the Ksplice development process explain why the Ksplice team wanted to develop and maintain RedPatch for internal use, Oracle may have other reasons for making it public.

Oracle and Red Hat have clashed repeatedly in the enterprise Linux market, with Red Hat supporters arguing that Oracle Linux is nothing more than a clone of RHEL designed to undercut Red Hat's business.

Oracle denies the charge, claiming that not only is its Unbreakable Linux Kernel superior to the RHEL kernel, but that a Linux support contract from Oracle offers a better value than one from Red Hat, whether a customer's servers are running Oracle Linux or RHEL.

Last year, Red Hat reps admitted to El Reg that Larry Ellison's aggressive attempts to poach RHEL customers were the main reason why Red Hat decided to start shipping its Linux kernel patches in one big batch.

"We made the change, quite honestly, because we are absolutely making a set of steps that make it more difficult for competitors that wish to provide support services on top of Red Hat Enterprise Linux," Red Hat CTO Brian Stevens said at the time.

But Red Hat's attempts to obfuscate its kernel code didn't slow down Oracle for long, and now with the public launch of RedPatch, RHEL customers can once again access kernel patches in an easy-to-browse format, free of charge – they just have to go to Oracle's servers to do it, rather than Red Hat's.

Expect to hear Larry Ellison's talking points about how much more open and transparent Oracle Linux is than RHEL, coming soon to a speaking engagement near you.

It seems unlikely that RedPatch alone will convince many Red Hat Linux customers to jump ship to Oracle, though. According to Wim Coekaerts, the database giant's Linux chief, most current Oracle Linux users are customers who had existing Oracle support contracts and who migrated their Linux support to Oracle mainly out of convenience.

But the public launch of RedPatch does seem to weaken the case for Red Hat's current patch delivery method. It remains to be seen whether the Linux vendor will rethink its approach, but as long as anyone can access RedPatch free of charge, the issue seems largely moot.

Red Hat has yet to issue a public statement regarding Oracle's new service, and it did not immediately respond to The Register's requests for comment. ®

Mobile application security vulnerability report

More from The Register

next story
Apple fanbois SCREAM as update BRICKS their Macbook Airs
Ragegasm spills over as firmware upgrade kills machines
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
NO MORE ALL CAPS and other pleasures of Visual Studio 14
Unpicking a packed preview that breaks down ASP.NET
Captain Kirk sets phaser to SLAUGHTER after trying new Facebook app
William Shatner less-than-impressed by Zuck's celebrity-only app
Cheer up, Nokia fans. It can start making mobes again in 18 months
The real winner of the Nokia sale is *drumroll* ... Nokia
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
EU dons gloves, pokes Google's deals with Android mobe makers
El Reg cops a squint at investigatory letters
Chrome browser has been DRAINING PC batteries for YEARS
Google is only now fixing ancient, energy-sapping bug
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.