Friday Apr 11, 2014

Friday Spotlight: Easy Access to Java on Oracle Linux

Happy Friday! Our spotlight this week is on an excellent blog post by Oracle Senior Vice President of Linux and Virtualization, Wim Coekaerts. Wim describes the new Java channel on ULN that you can use to easily install Java on Oracle Linux.

Read "Easy access to Java SE 7 on Oracle Linux".

Also, please don't forget that beta 1 of Oracle Linux 7 is now available! If you'd like to try it out, you can get it here.

See you next week!

-Chris 

Friday Mar 07, 2014

Friday Spotlight: Frequently Asked Questions about Oracle Linux

It is Friday and that means it is time for our Spotlight! 

Our spotlight today is the recently updated Oracle Linux FAQ. This is an excellent document that features some of the questions that everyone asks about Oracle Linux and Oracle Linux support. We cover variety of topics including general definitions, compatibility, support, pricing, indemnification, migration and many more.. 

Here's one of the questions as an example:

Q: What is DTrace for Oracle Linux?

A: DTrace is a comprehensive dynamic tracing framework that was initially developed for the Oracle Solaris operating system, and is now available to Oracle Linux customers. DTrace is designed to give operational insights that allow users to tune and troubleshoot the operating system. DTrace provides Oracle Linux developers with a tool to analyze performance, and increase observability into the systems they own to see how they work. DTrace enables higher quality applications development, reduced downtime, lower cost, and greater utilization of existing resources. It is available to download from ULN for Oracle Linux Support customers. 

Read more in the newly published FAQ.

Have a great weekend!  

Monday Apr 29, 2013

Updates to errata on ULN and public-yum.oracle.com

The Unbreakable Linux Network (ULN) team have been hard at work updating the errata metadata that is delivered on ULN and public-yum.oracle.com. The changes provide more information about all errata, including security patches, bug fixes and feature enhancements. In addition, security fixes are listed by priority (important, moderate, low). This will allow Oracle Linux customers more flexibility when working with 3rd party Linux management tools like Spacewalk or SUSE Manager.

You can see some of the changes we've implemented using the yum-security plugin that's available as part of Oracle Linux:

 First, install the yum-security plugin: 

 # yum install yum-plugin-security

You can read all about the options available once you have the yum-security plugin installed by reading the man page:

# man yum-security 

Let's take it for a spin. First, let's list all the errata that are available for your system:

# yum updateinfo list
Loaded plugins: rhnplugin, security
ELBA-2012-1399 bug            device-mapper-libs-1.02.74-10.el6_3.2.x86_64
ELEA-2012-1574 enhancement    device-mapper-libs-1.02.74-10.el6_3.3.x86_64
ELSA-2012-1141 Moderate/Sec.  dhclient-12:4.1.1-31.P1.0.1.el6_3.1.x86_64
ELSA-2013-0504 Low/Sec.       dhclient-12:4.1.1-34.P1.0.1.el6.x86_64
ELSA-2012-1141 Moderate/Sec.  dhcp-common-12:4.1.1-31.P1.0.1.el6_3.1.x86_64
ELSA-2013-0504 Low/Sec.       dhcp-common-12:4.1.1-34.P1.0.1.el6.x86_64
...

This command lists all the errata that are available for your system by errata ID. It also specifies whether it's a security patch (Moderate/Sec.), bugfix (bug) or feature enhancement (enhancement).  

You could also narrow your search to just the CVEs, i.e. security patches:

# yum updateinfo list cves
CVE-2012-3954 Moderate/Sec.  dhclient-12:4.1.1-31.P1.0.1.el6_3.1.x86_64
CVE-2012-3571 Moderate/Sec.  dhclient-12:4.1.1-31.P1.0.1.el6_3.1.x86_64
CVE-2012-3955 Low/Sec.       dhclient-12:4.1.1-34.P1.0.1.el6.x86_64 

This provides the CVE ID instead of the errata ID so that you can correlate a published CVE with a particular errata:

# yum updateinfo list --cve CVE-2012-3954
Loaded plugins: rhnplugin, security
ELSA-2012-1141 Moderate/Sec. dhclient-12:4.1.1-31.P1.0.1.el6_3.1.x86_64
ELSA-2012-1141 Moderate/Sec. dhcp-common-12:4.1.1-31.P1.0.1.el6_3.1.x86_64

Or see additional information about that particular errata or CVE:

# yum updateinfo info --cve CVE-2012-3954
Loaded plugins: rhnplugin, security
===============================================================================
   dhcp security update
===============================================================================
  Update ID : ELSA-2012-1141
    Release : Oracle Linux 6
       Type : security
     Status : final
     Issued : 2012-08-02
       CVEs : CVE-2012-3954
	    : CVE-2012-3571
Description : [12:4.1.1-31.P1.0.1.el6_3.1]
            : - Added oracle-errwarn-message.patch
            :
            : [12:4.1.1-31.P1.1]
            : - An error in the handling of malformed client
            :   identifiers can cause a denial-of-service
            :   condition in affected servers. (CVE-2012-3571,
            :   #843120)
            : - Memory Leaks Found In ISC DHCP (CVE-2012-3954,
            :   #843120)
   Severity : Moderate
updateinfo info done

For more information on using the yum tool, see the Oracle Linux 6 Administration Guide

Updating Oracle Linux by Errata or CVE

The yum-security plugin also allows you to narrow the yum tool to only update security fixes. Instead of running a generic update command, you can leverage the additional errata metadata and tell yum to only apply security patches:

# yum --security update

Alternatively, you can target a specific errata or CVE:

# yum update --cve CVE-2012-3954 

Or

# yum update --advisory ELSA-2012-1141

3rd-Party Linux management tools

Oracle Enterprise Manager 12c Cloud Control has always been able to extract and display errata information for Oracle Linux.  

Now, tools like Red Hat Satellite, Spacewalk, Katello/Pulp and SUSE Manager are all able to ingest the errata information and provide that information via their UI tools. 

For example, here's a snippet from  Spacewalk showing the Oracle Linux 6 (i386) Latest channel from public-yum.oracle.com:

Spacewalk errata list

If you click on a particular advisory, you can see information for that advisory:

You can also see the packages affected by an advisory:

Stay tuned for a future blog post that goes through how to setup Spacewalk to mirror the public-yum.oracle.com  repositories. 

Monday Jan 14, 2013

Finding Important Errata and CVE Information on ULN

I have recently received several questions about how to find information relating to critical security updates or important errata releases for Oracle Linux. I realized that perhaps people were not aware of the new features and improvements to Unbreakable Linux Network (ULN), which assist users with common administrative tasks. I wanted to take a quick moment to highlight for you some of the changes we have made. First, there are two links you will want to bookmark:

Each link will allow the user to evaluate what updates have been made available for Oracle Linux.

With https://linux.oracle.com/errata you are able to view all errata releases available, listed by type, severity, advisory, summary and release date. In addition, you are also able to filter this list by release and/or type (Bug, Security, Enhancement) and if you select an item from the list you will receive additional details regarding the errata, including a description, related CVEs and the packages updated by the errata.  You can also navigate to this same information by logging into ULN and selecting the 'Errata' tab from the options across the top.

For those who need information on security errata involving CVE identifiers (Common Vulnerabilities and Exposures) we have created https://linux.oracle.com/cve. This site allows you to gather information on important CVE identifiers, by providing a summary of all CVE offered through ULN. This summary is listed by CVE identifier and includes a brief synopsis and the release date. You can also filter the list by year. In addition, when you select a specific CVE identifier, you will receive additional details, such as information on CVSS v2 metrics as well as affected platforms.

We have been working to bring more features to ULN and these updates should provide more tools to simplify your administrative activities. Happy patching!

Wednesday Jun 27, 2012

Oracle Linux 6.3 RPMs Now Available

The installation media ISO for Oracle Linux 6.3 is still "in the oven" but the RPMs are already available.  You can grab them on ULN, if you have an Oracle Linux support subscription, or anyone can get them from public-yum.oracle.com.  Oracle Linux 6.3 includes a quarterly update of Unbreakable Enterprise Kernel Release 2 (kernel-uek-2.6.39-200.9.0.el6uek).  To install that kernel, make sure you have the ol6_UEK_latest channel or repo enabled.  Enjoy.

Tuesday Mar 13, 2012

Unbreakable Enterprise Kernel Release 2 has been released

We’re proud to announce the availability of a major enhancement to Oracle Linux: Unbreakable Enterprise Kernel Release 2 (2.6.39) has been released! The RPM packages are now available from the Unbreakable Linux Network and the public yum repositories. This kernel can be installed on both Oracle Linux 5.8 and newer as well as Oracle Linux 6.2 and newer. By simply updating the Unbreakable Enterprise Kernel, Oracle Linux customers can benefit from the latest improvements that have taken place in mainline Linux, without having to re-install their distribution or applications.

This release includes many new features as well as numerous performance and scalability improvements that were added to mainline Linux since the first Unbreakable Enterprise Kernel release (which is based on Linux 2.6.32). Despite the version number, the Unbreakable Enterprise Kernel Release 2 is based on mainline Linux 3.0.16 and includes a few selected patches from other mainline Linux versions. The source code is available from this public git source code repository.

Some key highlights in this release include:

  • Btrfs file system
  • Performance and scalability improvements
  • Virtualization improvements
  • Transparent Huge Pages and Memory compaction
  • Cgroups improvements
  • Linux Containers
  • OCFS2 improvements
  • Updated Device Drivers

For more information, please see the Unbreakable Enterprise Kernel Release 2 features and benefits document and consult the release notes for more For installation instructions, check out the Getting Started with the Unbreakable Enterprise Kernel installation guide on the Oracle Technology Network.

Now that the Unbreakable Enterprise Kernel Release 2 has been released, we will continue to provide support for Release 1 of the Unbreakable Enterprise Kernel (2.6.32) in the form of critical bug fixes and security errata for another 9 months. However, new hardware enablement (e.g. by providing device driver updates) will now only be made available through the quarterly updates of Unbreakable Enterprise Kernel Release 2 on the Unbreakable Linux Network. During this grace period, we encourage all customers to switch to Release 2.

Saturday Mar 03, 2012

Oracle Linux 5.8 has been released

We're happy to announce the general availability of Oracle Linux 5 Update 8. RPM packages for direct installation/upgrade are available for Oracle Linux Support Customers from the Unbreakable Linux Network. Individual packages of the initial release are also available for download from our public yum repository. ISO installation images of the distribution will be made available for download from the Oracle Software Delivery Cloud (aka E-Delivery) shortly or look for external mirror sites. If you require ISO images before they are available from there, please request these via a Metalink service request or log into My Oracle Support and search for patch 13801642.

This distribution includes the latest release of the Unbreakable Enterprise Kernel Release 1 (version 2.6.32-300.10.1, based on mainline Linux 2.6.32), which includes a number of important bug fixes and driver updates. Please see the release notes for a detailed list of changes and improvements.

Wednesday Jan 26, 2011

On Yum support for Unbreakable Linux Network (ULN)

Recently, the ULN team added Yum support. This means that anyone running Oracle Linux 5 registered with ULN can now use yum instead of up2date to download and install packages. If you have already run a full update since Oracle Linux 5.6 was released on January 20th 2010, you should already be able to use yum against ULN.

If you are running Oracle Linux 5 and want to enable ULN yum support without updating any other packages, install yum-rhn-plugin as follows. This assumes your system is already registered with ULN:

# up2date --install yum-rhn-plugin

With that installed, you can immediately being using yum. For example:

# yum repolist
Loaded plugins: rhnplugin, security
repo id                   repo name                               status
ol5_x86_64_latest         Oracle Linux 5 Latest (x86_64)          enabled: 4,647
repolist: 4,647

# yum info oracle-validated
Loaded plugins: rhnplugin, security
Installed Packages
Name       : oracle-validated
Arch       : x86_64
Version    : 1.1.0
Release    : 3.el5
Size       : 60 k
Repo       : installed
Summary    : Verifies and sets system parameters based on Oracle validated configuration
           : recommendations for OEL5
License    : GPL
Description: This package verifies and sets system parameters based on Oracle validated
           : configuration recommendations for Oracle Enterprise Linux Release 5 Files
           : affected: /etc/sysctl.conf, /etc/security/limits.conf, /etc/modprobe.conf,
           : /boot/grub/menu.lst. For changes to modules, this package installation will modify
           : module paramters and re-insert.

Available Packages
Name       : oracle-validated
Arch       : x86_64
Version    : 1.1.0
Release    : 7.el5
Size       : 23 k
Repo       : ol5_x86_64_latest
Summary    : Verifies and sets system parameters based on Oracle validated configuration
           : recommendations for OEL5
License    : GPL
Description: This package verifies and sets system parameters based on Oracle validated
           : configuration recommendations for Oracle Enterprise Linux Release 5 Files
           : affected: /etc/sysctl.conf, /etc/security/limits.conf, /etc/modprobe.conf,
           : /boot/grub/menu.lst. For changes to modules, this package installation will modify
           : module paramters and re-insert.

# yum update

...

If you're new to yum, see this overview of basic yum commands. Enjoy.

About

Get the latest updates on strategy, products, events, news, customers, partners and all things Oracle Linux! Connect with Oracle's Linux experts.

Stay Connected

Twitter


Facebook

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
5
6
7
8
9
12
13
15
16
17
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today