Version upgrade

Support for security such as Firewalls and securing linux
Post Reply
eitancaspi
Posts: 13
Joined: 2020/02/25 20:11:45

Version upgrade

Post by eitancaspi » 2020/05/14 13:56:45

Hi, I use CentOS 7 and it has version 0.6.3 of firewalld.
Trying to yum update it gets a reply there are not upgrade packages.

Is there any reason why not to move to a newer version (with manual upgrade from the firewalld site (https://firewalld.org/download/all.html)?

Also, if upgrading, I see two branches - of 0.7.4 and 0.8.2. Why there are two branches? Any one of them is more recommended?

User avatar
jlehtone
Posts: 4523
Joined: 2007/12/11 08:17:33
Location: Finland

Re: Version upgrade

Post by jlehtone » 2020/05/14 14:19:16

firewalld-0.6.3-8.el7_8.1 is the current version of the firewalld package that Red Hat maintains for RHEL 7 and since CentOS 7 is derived from RHEL 7, that is the one and only version to use in CentOS 7.

Red Hat backports security fixes into the packages that they maintain.

Enterprise Linux is about stability of services. You definitely don't want to introduce drastic feature changes due to rebase into production servers. It might look like a small step to you, but all the admins of all the RHEL 7 and CentOS 7 servers in the world do not want surprises.

eitancaspi
Posts: 13
Joined: 2020/02/25 20:11:45

Re: Version upgrade

Post by eitancaspi » 2020/05/14 14:22:53

Thanks.

Well, I'm the only admin of my server and I like to use "greatest and latest"... I will think of it.

And what is the difference between the 0.7.x branch to the 0.8.x one?

chemal
Posts: 776
Joined: 2013/12/08 19:44:49

Re: Version upgrade

Post by chemal » 2020/05/14 14:32:19

eitancaspi wrote:
2020/05/14 14:22:53
And what is the difference between the 0.7.x branch to the 0.8.x one?
0.8.x is the greater and later branch.

eitancaspi
Posts: 13
Joined: 2020/02/25 20:11:45

Re: Version upgrade

Post by eitancaspi » 2020/05/14 14:34:21

OK, thanks.

stevemowbray
Posts: 519
Joined: 2012/06/26 14:20:47

Re: Version upgrade

Post by stevemowbray » 2020/05/20 08:28:44

If you want to use bleeding edge packages on your system then CentOS/RHEL is probably not the right distribution for you.

Any package that you do change from the CentOS version, you will have to maintain from then on. You will have to keep on top of all security updates for all such packages, instead of just "yum update" for distribution packages. This is particularly true for security critical packages like firewalld of course.

eitancaspi
Posts: 13
Joined: 2020/02/25 20:11:45

Re: Version upgrade

Post by eitancaspi » 2020/05/20 08:31:39

Got it. Thanks!

Post Reply