need some clarifications between centos stream and rhel

Issues related to applications and software problems and general support
XxTriviumxX
Posts: 8
Joined: 2021/03/31 20:40:54

need some clarifications between centos stream and rhel

Post by XxTriviumxX » 2021/05/06 15:01:54

There are some details that i don't quite understand about centos stream..

Does CentOS Stream get newer packages/updates before or after RHEL?

Does CentOS Stream get security updates/patches before or after RHEL?

Which of the two is more secure?

It's going to be used for penetration testing VMs (kali, vulnhub, metaspoilable, etc.)
I already have a RHEL subcribtion

I'm trying to avoid Fedora... gnome 40 is kinda weird for me.

tunk
Posts: 1204
Joined: 2017/02/22 15:08:17

Re: need some clarifications between centos stream and rhel

Post by tunk » 2021/05/06 15:12:50

Stream has been described as a rolling prerelease of
the next RHEL point release (other's have said it is an
alpha or beta of the next point release).
Given it's nature, I guess there will be more bugs and
problems with Stream.

XxTriviumxX
Posts: 8
Joined: 2021/03/31 20:40:54

Re: need some clarifications between centos stream and rhel

Post by XxTriviumxX » 2021/05/06 15:14:51

I was using fedora before... I don't think centos stream will be more buggy than fedora. I just want to make the right choice between centos stream and rhel.

User avatar
TrevorH
Site Admin
Posts: 33191
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: need some clarifications between centos stream and rhel

Post by TrevorH » 2021/05/06 16:34:18

RH have said that RHEL will get security updates first if there is an embargo on them. So if a vendor notifies RH of a vulnerability in advance and they are NDA then they will fix it in RHEL and have packages ready for the day the embargo is lifted. Stream won't necessarily have those until the embargo is lifted and they then get built and shipped.

At least I think that's what they said, It was a bit waffley and hand-wavy.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

XxTriviumxX
Posts: 8
Joined: 2021/03/31 20:40:54

Re: need some clarifications between centos stream and rhel

Post by XxTriviumxX » 2021/05/06 19:00:17

TrevorH wrote:
2021/05/06 16:34:18
RH have said that RHEL will get security updates first if there is an embargo on them. So if a vendor notifies RH of a vulnerability in advance and they are NDA then they will fix it in RHEL and have packages ready for the day the embargo is lifted. Stream won't necessarily have those until the embargo is lifted and they then get built and shipped.

At least I think that's what they said, It was a bit waffley and hand-wavy.
thanks!

Correct me if i'm wrong, but for what I understand, if RHEL receives security updates first then it must be more secure than CentOS..

How about new packages/updates? Does Centos Stream get them before RHEL? Is centos stream more "bleeding edge" than RHEL? (I know they both are nowhere near as bleeding edge as Fedora)

User avatar
jlehtone
Posts: 4523
Joined: 2007/12/11 08:17:33
Location: Finland

Re: need some clarifications between centos stream and rhel

Post by jlehtone » 2021/05/06 20:46:19

XxTriviumxX wrote:
2021/05/06 19:00:17
How about new packages/updates? Does Centos Stream get them before RHEL? Is centos stream more "bleeding edge" than RHEL? (I know they both are nowhere near as bleeding edge as Fedora)
Lets look at an example, the kernel:
RHEL 8.3 and CentOS Linux 8 (8.3.2011) have now kernel-4.18.0-240.22.1.el8_3
RHEL 8.4 Beta was distributed with kernel-4.18.0-293 (according to beta release notes)
CentOS Stream has kernel-4.18.0-301.1.el8

Either RHEL 8.4 will be released with 4.18.0-301, or CentOS Stream has already content that could go to RHEL 8.5.
XxTriviumxX wrote:
2021/05/06 19:00:17
Correct me if i'm wrong, but for what I understand, if RHEL receives security updates first then it must be more secure than CentOS..
Its a matter of delay.
When RHEL releases an (security) update it does take some time to rebuild the equivalent for CentOS Linux. A variable delay.

However, since CentOS Stream is not a copy of already released RHEL, then the question is what kind of procedure and delay there is before Red Hat ports the patch to Stream?

XxTriviumxX
Posts: 8
Joined: 2021/03/31 20:40:54

Re: need some clarifications between centos stream and rhel

Post by XxTriviumxX » 2021/05/07 01:19:01

From what i understand now, there is a reasonable delay for security patches in comparison to rhel and centos stream is fresher than rhel. Did I get all that right? I'll try both rhel and centos stream, but i'm more inclined towards centos stream. Thanks everyone!

User avatar
TrevorH
Site Admin
Posts: 33191
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: need some clarifications between centos stream and rhel

Post by TrevorH » 2021/05/07 02:26:57

You pay for RHEL, you get Stream for nothing. Which one do you think Red Hat are going to patch first if they have to choose?
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

XxTriviumxX
Posts: 8
Joined: 2021/03/31 20:40:54

Re: need some clarifications between centos stream and rhel

Post by XxTriviumxX » 2021/05/07 12:56:04

TrevorH wrote:
2021/05/07 02:26:57
You pay for RHEL
I didn't pay for my subscribtion...

https://developers.redhat.com/articles/ ... rise-linux
XxTriviumxX wrote:
2021/05/07 01:19:01
From what i understand now, there is a reasonable delay for security patches in comparison to rhel
I can say that i got that part right! Thanks for confirming

I think i'll go for a fresher OS with a slight delay for security updates (centos stream) instead of a quickly security patched and older OS (rhel).

User avatar
jlehtone
Posts: 4523
Joined: 2007/12/11 08:17:33
Location: Finland

Re: need some clarifications between centos stream and rhel

Post by jlehtone » 2021/05/07 14:27:57

XxTriviumxX wrote:
2021/05/07 12:56:04
I didn't pay for my subscribtion...
That subscription limits you to 16 physical or virtual instances. It does give access to knowledge base articles, portal discussion groups, and magazines on the Red Hat Customer Portal.

To "discuss over portal groups with respective domain experts" is no different from discussing here, reddit, etc, so it is the access to KB that may add some value to compensate for the limit.

XxTriviumxX wrote:
2021/05/07 12:56:04
I think i'll go for a fresher OS with a slight delay for security updates (centos stream) instead of a quickly security patched and older OS (rhel).
I don't think it is much more "fresh". It could be https://www.youtube.com/watch?v=_4vOA6fA9xk at times.

CentOS Linux, Rocky Linux, and AlmaLinux OS were, are, will/could be "with slight delay" and not any less fresh.

Post Reply