Friday Apr 11, 2014

Friday Spotlight: Easy Access to Java on Oracle Linux

Happy Friday! Our spotlight this week is on an excellent blog post by Oracle Senior Vice President of Linux and Virtualization, Wim Coekaerts. Wim describes the new Java channel on ULN that you can use to easily install Java on Oracle Linux.

Read "Easy access to Java SE 7 on Oracle Linux".

Also, please don't forget that beta 1 of Oracle Linux 7 is now available! If you'd like to try it out, you can get it here.

See you next week!

-Chris 

Friday Dec 20, 2013

Oracle Linux Friday Spotlight - December 20, 2013

Happy Friday, everyone! Just a quick note, this will be the last Friday Spotlight of 2013, we'll pick up again in the new year.

Our spotlight this week is on our excellent new screencast series, covering a variety of topics on Oracle Linux.

(click to jump to Oracle Media Network to play) 

Managing Your Oracle Linux Environment 


Oracle Linux: Maximize Performance, Minimize Downtime 


Oracle Linux – Reliability, Availability, and Scalability


We'll see you in the new year!

-Chris 

Thursday Oct 24, 2013

The October 2013 Oracle Linux Newsletter is Out!

The October 2013 edition of the Oracle Linux Newsletter is here! This issue is absolutely packed with information. Some highlights:

  • Information on the "Why Choose Oracle Linux for Your Oracle Database 12c Deployments?" webcast coming up on October 30.
  • Now Available: Unbreakable Enterprise Kernel 3
  • Oracle Linux Highlights from Oracle OpenWorld 2013
  • Oracle Linux Now Available on Microsoft Azure
  • Faster Downloads of Oracle Linux Updates

Plus, videos, white papers, customer spotlights, information on training, and much more! You can sign up to get the newsletter in your inbox automatically, or you can read this edition online right now.

-Chris 

Thursday Sep 26, 2013

Public yum now powered by Akamai

The availability of free updates and errata has significantly increased the popularity of Oracle Linux. According to a recent Gartner Study from March 2013, Oracle Linux is placed in the top three in the Linux server operating system market, growing more than 80 percent year-over-year in 2012, which outpaced the overall Linux server operating system market growth.

This popularity was also reflected in our download numbers – recently, we were serving  over 80 TB worth of data each month, and this number keeps on growing. In order to ensure continued satisfaction with this free service, we now switched the US-based public-yum.oracle.com server to use the Akamai content delivery network for distributing all the available RPM packages for Oracle Linux globally.

This increases the performance for obtaining updates and security fixes for Oracle Linux – no matter where you are in the world. With the help of the Akamai CDN, the download experience will now be similar, regardless of your geographic location.

Please note that you need to connect to the public yum service by host name. If your yum clients are configured to access the public yum server by its public IP address, you won't benefit from increase in performance, as Akamai uses DNS to redirect the load. Please check your configurations accordingly!

Monday Apr 29, 2013

Updates to errata on ULN and public-yum.oracle.com

The Unbreakable Linux Network (ULN) team have been hard at work updating the errata metadata that is delivered on ULN and public-yum.oracle.com. The changes provide more information about all errata, including security patches, bug fixes and feature enhancements. In addition, security fixes are listed by priority (important, moderate, low). This will allow Oracle Linux customers more flexibility when working with 3rd party Linux management tools like Spacewalk or SUSE Manager.

You can see some of the changes we've implemented using the yum-security plugin that's available as part of Oracle Linux:

 First, install the yum-security plugin: 

 # yum install yum-plugin-security

You can read all about the options available once you have the yum-security plugin installed by reading the man page:

# man yum-security 

Let's take it for a spin. First, let's list all the errata that are available for your system:

# yum updateinfo list
Loaded plugins: rhnplugin, security
ELBA-2012-1399 bug            device-mapper-libs-1.02.74-10.el6_3.2.x86_64
ELEA-2012-1574 enhancement    device-mapper-libs-1.02.74-10.el6_3.3.x86_64
ELSA-2012-1141 Moderate/Sec.  dhclient-12:4.1.1-31.P1.0.1.el6_3.1.x86_64
ELSA-2013-0504 Low/Sec.       dhclient-12:4.1.1-34.P1.0.1.el6.x86_64
ELSA-2012-1141 Moderate/Sec.  dhcp-common-12:4.1.1-31.P1.0.1.el6_3.1.x86_64
ELSA-2013-0504 Low/Sec.       dhcp-common-12:4.1.1-34.P1.0.1.el6.x86_64
...

This command lists all the errata that are available for your system by errata ID. It also specifies whether it's a security patch (Moderate/Sec.), bugfix (bug) or feature enhancement (enhancement).  

You could also narrow your search to just the CVEs, i.e. security patches:

# yum updateinfo list cves
CVE-2012-3954 Moderate/Sec.  dhclient-12:4.1.1-31.P1.0.1.el6_3.1.x86_64
CVE-2012-3571 Moderate/Sec.  dhclient-12:4.1.1-31.P1.0.1.el6_3.1.x86_64
CVE-2012-3955 Low/Sec.       dhclient-12:4.1.1-34.P1.0.1.el6.x86_64 

This provides the CVE ID instead of the errata ID so that you can correlate a published CVE with a particular errata:

# yum updateinfo list --cve CVE-2012-3954
Loaded plugins: rhnplugin, security
ELSA-2012-1141 Moderate/Sec. dhclient-12:4.1.1-31.P1.0.1.el6_3.1.x86_64
ELSA-2012-1141 Moderate/Sec. dhcp-common-12:4.1.1-31.P1.0.1.el6_3.1.x86_64

Or see additional information about that particular errata or CVE:

# yum updateinfo info --cve CVE-2012-3954
Loaded plugins: rhnplugin, security
===============================================================================
   dhcp security update
===============================================================================
  Update ID : ELSA-2012-1141
    Release : Oracle Linux 6
       Type : security
     Status : final
     Issued : 2012-08-02
       CVEs : CVE-2012-3954
	    : CVE-2012-3571
Description : [12:4.1.1-31.P1.0.1.el6_3.1]
            : - Added oracle-errwarn-message.patch
            :
            : [12:4.1.1-31.P1.1]
            : - An error in the handling of malformed client
            :   identifiers can cause a denial-of-service
            :   condition in affected servers. (CVE-2012-3571,
            :   #843120)
            : - Memory Leaks Found In ISC DHCP (CVE-2012-3954,
            :   #843120)
   Severity : Moderate
updateinfo info done

For more information on using the yum tool, see the Oracle Linux 6 Administration Guide

Updating Oracle Linux by Errata or CVE

The yum-security plugin also allows you to narrow the yum tool to only update security fixes. Instead of running a generic update command, you can leverage the additional errata metadata and tell yum to only apply security patches:

# yum --security update

Alternatively, you can target a specific errata or CVE:

# yum update --cve CVE-2012-3954 

Or

# yum update --advisory ELSA-2012-1141

3rd-Party Linux management tools

Oracle Enterprise Manager 12c Cloud Control has always been able to extract and display errata information for Oracle Linux.  

Now, tools like Red Hat Satellite, Spacewalk, Katello/Pulp and SUSE Manager are all able to ingest the errata information and provide that information via their UI tools. 

For example, here's a snippet from  Spacewalk showing the Oracle Linux 6 (i386) Latest channel from public-yum.oracle.com:

Spacewalk errata list

If you click on a particular advisory, you can see information for that advisory:

You can also see the packages affected by an advisory:

Stay tuned for a future blog post that goes through how to setup Spacewalk to mirror the public-yum.oracle.com  repositories. 

Thursday Feb 28, 2013

Announcing Oracle Linux 6.4

The Oracle Linux team is pleased to announce the availability of Oracle Linux 6.4, the fourth update release for Oracle Linux 6. The individual RPM packages have already been published from our public yum repository and ISO images will soon be available from the Oracle Software Delivery Cloud. Oracle Linux 6.4 includes new features and improvements, most notably a new version of the Unbreakable Enterprise Kernel. For further details, please see the Oracle Linux 6.4 Release Notes.

Oracle Linux customers also have access to a number of recently announced unique features/benefits, including:

Support for XFS file system: Today we also announced support for XFS file system in Oracle Linux. It is now available for customers with Premier Support subscriptions using Oracle Linux 6. Read the XFS support blog article for more details.

Ksplice offline client: We recently announced a new feature in our Ksplice service, known as the Ksplice offline client. Ksplice provides zero downtime updates for your kernel and now this new option eliminates the requirement to have a direct connection to the internet to apply Ksplice patches. Read more details in Wim Coekaerts’ blog and watch this video describing updating and patching in Oracle Linux.

DTrace for Oracle Linux: Another new addition is the general availability of DTrace for Oracle Linux. DTrace is a comprehensive dynamic tracing framework available to Oracle Linux customers. It is available to download from ULN for supported customers. 

Oracle Linux can be downloaded, used and distributed free of charge, including updates and errata which are also freely available.

Wednesday Jan 30, 2013

Updating and patching Oracle Linux using yum and Ksplice

Oracle Linux provides two complimentary technologies for patching and updating the operating system.

yum for updating RPM packages. Applications and libraries are packaged and distributed in the form of RPM packages, which are collected in yum repositories. Updates are installed by downloading the packages from the yum repository and installing them locally using the RPM package manager.

It's probably worth repeating that Oracle also provides updates (errata) for free from our public-yum server - you can keep your system up to date and fully patched against security threats without the need of purchasing a support subscription. This makes Oracle Linux and ideal choice to install on both your development and production systems - it is up to you to individually choose which of these systems you want to have covered by a support subscription and at which level.

We also provide updates to the Linux operating system kernel in RPM format. However, these changes only take effect after the system has been rebooted, which can be quite disruptive in certain environments. Scheduling downtime for a reboot is never easy.

This is where Ksplice enters the picture. It is a technology that allows you to apply critical fixes to the Linux kernel at run time, without the need to reboot your system. This is a feature that is unique to Oracle Linux. The system connects to the Ksplice server to obtain the individual rebootless patches, split up by security issues (which are usually tracked by CVE numbers). You can install all of the patches in one go, or choose to install only selected patches, without any service interruption or downtime. Ksplice patches can also be removed at run-time, in case they show any any unwanted or unexpected side-effects.

Both yum and ksplice require downloading patches from a remote server, so the client system needs to be able to connect to a remote server. In many cases, connecting to an update server located on the public Internet directly is not an option, due to security policies.

In the case of yum, it's possible to create a local copy of a repository and simply point all clients to obtain their patches from there instead. There are several ways to create and manage such local repositories, and Oracle Enterprise Manager 12c Cloud Control and Ops Center both provide built-in functionality to support this. We also published a script on OTN that automates the task of downloading RPM packages from the Unbreakable Linux Network.

For Ksplice, it was already possible to set up a local server that would act as a caching proxy server for all available patches - the client systems would only have to connect to this server instead of contacting the remote Ksplice server over the Internet directly. However, this solution requires setting up a dedicated system just for this particular task, so many customers were not too happy about this solution.

The Ksplice team at Oracle now came up with an alternative solution - instead of providing the Ksplice patches as individual downloadable items, they are bundled inside an RPM package, one for each Linux kernel version we support. Any time a new ksplice patch is available, the respective RPM package will be refreshed. This way we can now deliver Ksplice patches via yum repositories, which is a well-established transport mechanism and can utilize already existing infrastructure. The process involves two steps: first you download the ksplice patch RPM using yum, then you run the local ksplice client, which has been modified to check for updates on the local file system instead of contacting the remote server. Even though you are using RPM to download the Ksplice patch bundle RPM, you still use the local ksplice client to apply the individual patches at run time.

This new Ksplice offline mode gives you the best of both worlds: being able to patch your Linux kernel at run-time without disrupting any services, while not requiring you to manage any additional infrastructure or services, or having to negotiate any exceptions to your firewall rules in order to allow your systems to contact the remote Ksplice server.

For more information about the Ksplice offline mode, please see Wim's blog post or check out the following video, which outlines the basic principles of how to apply updates to your Oracle Linux system:

Wednesday Jul 04, 2012

Oracle Linux 6.3 has been released

We're happy to announce the availability of Oracle Linux 6.3, the third update release for Oracle Linux 6. ISO images can now be obtained from the Oracle Software Delivery Cloud, the individual RPM packages have already been published from our public yum repository. This distribution now includes the Unbreakable Enterprise Kernel Release 2 (2.6.39-200), Oracle's recommended kernel version for Oracle Linux. For further details, please see the Oracle Linux 6.3 Release Notes.

Remember, Oracle Linux can be downloaded, used and distributed free of charge, updates and errata are freely available. For support, you are free to decide for which of your systems you want to obtain a support subscription, and at which level each of  them should be supported. This makes Oracle Linux an ideal choice for both your development and production systems - you decide which support coverage is the best for each of your systems individually, while keeping all of them up-to-date and secure.

Wim Coekaerts recently wrote several blog posts about the benefits of Oracle Linux, which are worth a read:

Wednesday Jun 27, 2012

Oracle Linux 6.3 RPMs Now Available

The installation media ISO for Oracle Linux 6.3 is still "in the oven" but the RPMs are already available.  You can grab them on ULN, if you have an Oracle Linux support subscription, or anyone can get them from public-yum.oracle.com.  Oracle Linux 6.3 includes a quarterly update of Unbreakable Enterprise Kernel Release 2 (kernel-uek-2.6.39-200.9.0.el6uek).  To install that kernel, make sure you have the ol6_UEK_latest channel or repo enabled.  Enjoy.

Thursday Mar 22, 2012

Free Updates and Errata for Oracle Linux

ISO images of the Oracle Linux installation media as well as individual binary RPMs (and the sources) of major and minor releases (Updates) have always been freely available for download, use and distribution, ever since we started the Oracle Linux support program.

We're now taking this a step further: in addition to the above, we will now also provide updated packages or errata for free from separate yum repositories on http://public-yum.oracle.com. If you would like to keep your Oracle Linux system up to date, you can now do so by subscribing your system to the respective "_latest" repository for your distribution, e.g. "ol6_latest" for Oracle Linux 6. See the installation instructions on the public yum front page and the "How to subscribe to the free Oracle Linux errata yum repositories" article on the OTN Garage blog for details on how enable these repositories and to obtain the updates.

If you would like to also receive free updates to the Unbreakable Enterprise Kernel Release 2, make sure to enable the "[ol6_UEK_latest]" repository as well - updates to the kernel will be made available from this separate channel until it is included in the next set of installation media.

Now what does this mean for Oracle Network Support? Getting access to the updates and errata was just one part of the offering – the following benefits will be available with an Oracle Linux Support Subscription only:

Wim also published a blog post with his take on the announcement.

Tuesday Mar 13, 2012

Unbreakable Enterprise Kernel Release 2 has been released

We’re proud to announce the availability of a major enhancement to Oracle Linux: Unbreakable Enterprise Kernel Release 2 (2.6.39) has been released! The RPM packages are now available from the Unbreakable Linux Network and the public yum repositories. This kernel can be installed on both Oracle Linux 5.8 and newer as well as Oracle Linux 6.2 and newer. By simply updating the Unbreakable Enterprise Kernel, Oracle Linux customers can benefit from the latest improvements that have taken place in mainline Linux, without having to re-install their distribution or applications.

This release includes many new features as well as numerous performance and scalability improvements that were added to mainline Linux since the first Unbreakable Enterprise Kernel release (which is based on Linux 2.6.32). Despite the version number, the Unbreakable Enterprise Kernel Release 2 is based on mainline Linux 3.0.16 and includes a few selected patches from other mainline Linux versions. The source code is available from this public git source code repository.

Some key highlights in this release include:

  • Btrfs file system
  • Performance and scalability improvements
  • Virtualization improvements
  • Transparent Huge Pages and Memory compaction
  • Cgroups improvements
  • Linux Containers
  • OCFS2 improvements
  • Updated Device Drivers

For more information, please see the Unbreakable Enterprise Kernel Release 2 features and benefits document and consult the release notes for more For installation instructions, check out the Getting Started with the Unbreakable Enterprise Kernel installation guide on the Oracle Technology Network.

Now that the Unbreakable Enterprise Kernel Release 2 has been released, we will continue to provide support for Release 1 of the Unbreakable Enterprise Kernel (2.6.32) in the form of critical bug fixes and security errata for another 9 months. However, new hardware enablement (e.g. by providing device driver updates) will now only be made available through the quarterly updates of Unbreakable Enterprise Kernel Release 2 on the Unbreakable Linux Network. During this grace period, we encourage all customers to switch to Release 2.

Saturday Mar 03, 2012

Oracle Linux 5.8 has been released

We're happy to announce the general availability of Oracle Linux 5 Update 8. RPM packages for direct installation/upgrade are available for Oracle Linux Support Customers from the Unbreakable Linux Network. Individual packages of the initial release are also available for download from our public yum repository. ISO installation images of the distribution will be made available for download from the Oracle Software Delivery Cloud (aka E-Delivery) shortly or look for external mirror sites. If you require ISO images before they are available from there, please request these via a Metalink service request or log into My Oracle Support and search for patch 13801642.

This distribution includes the latest release of the Unbreakable Enterprise Kernel Release 1 (version 2.6.32-300.10.1, based on mainline Linux 2.6.32), which includes a number of important bug fixes and driver updates. Please see the release notes for a detailed list of changes and improvements.

Wednesday Jan 26, 2011

On Yum support for Unbreakable Linux Network (ULN)

Recently, the ULN team added Yum support. This means that anyone running Oracle Linux 5 registered with ULN can now use yum instead of up2date to download and install packages. If you have already run a full update since Oracle Linux 5.6 was released on January 20th 2010, you should already be able to use yum against ULN.

If you are running Oracle Linux 5 and want to enable ULN yum support without updating any other packages, install yum-rhn-plugin as follows. This assumes your system is already registered with ULN:

# up2date --install yum-rhn-plugin

With that installed, you can immediately being using yum. For example:

# yum repolist
Loaded plugins: rhnplugin, security
repo id                   repo name                               status
ol5_x86_64_latest         Oracle Linux 5 Latest (x86_64)          enabled: 4,647
repolist: 4,647

# yum info oracle-validated
Loaded plugins: rhnplugin, security
Installed Packages
Name       : oracle-validated
Arch       : x86_64
Version    : 1.1.0
Release    : 3.el5
Size       : 60 k
Repo       : installed
Summary    : Verifies and sets system parameters based on Oracle validated configuration
           : recommendations for OEL5
License    : GPL
Description: This package verifies and sets system parameters based on Oracle validated
           : configuration recommendations for Oracle Enterprise Linux Release 5 Files
           : affected: /etc/sysctl.conf, /etc/security/limits.conf, /etc/modprobe.conf,
           : /boot/grub/menu.lst. For changes to modules, this package installation will modify
           : module paramters and re-insert.

Available Packages
Name       : oracle-validated
Arch       : x86_64
Version    : 1.1.0
Release    : 7.el5
Size       : 23 k
Repo       : ol5_x86_64_latest
Summary    : Verifies and sets system parameters based on Oracle validated configuration
           : recommendations for OEL5
License    : GPL
Description: This package verifies and sets system parameters based on Oracle validated
           : configuration recommendations for Oracle Enterprise Linux Release 5 Files
           : affected: /etc/sysctl.conf, /etc/security/limits.conf, /etc/modprobe.conf,
           : /boot/grub/menu.lst. For changes to modules, this package installation will modify
           : module paramters and re-insert.

# yum update

...

If you're new to yum, see this overview of basic yum commands. Enjoy.

About

Get the latest updates on strategy, products, events, news, customers, partners and all things Oracle Linux! Connect with Oracle's Linux experts.

Stay Connected

Twitter


Facebook

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
5
6
7
8
9
12
13
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today