Is Rocky Linux OK to use enough on government project in terms of security?

I’m about to use Rocky Linux in government project.

But I don’t know about Rocky Linux.

The reason to use Rocky Linux in gov project is that they support Rocky Linux.

My questions are following:

1. Is Rocky OK to use enough on government project in terms of security ?
2. I heard that Rocky is CentOS’s successor.
3. Has it critical security vulnerability ?
4. You guys may feel these question is a kind of abstract and vague, then Could you tell me community about Rocky Linux helping solve my question ?

My english could be quite a bit awkward, Please let me know which one is problem.

It would be grateful !

Is Rocky OK to use enough on government project in terms of security ?

Yes, it is used in US government spaces already.

I heard that Rocky is CentOS’s successor.

It’s started by the same person, depending on your interpretation of CentOS history. People debate that, and to be honest it’s a waste of time because it doesn’t matter. However, Rocky Linux, Oracle Linux, and SuSE Liberty are the only distros that have retained the same goal as the original CentOS (bug-for-bug compatibility). Alma’s another option, but their goal has changed to be just ABI compatible (which CentOS Stream purportedly already is).

Has it critical security vulnerability?

Not that we’re aware of. All software has vulnerabilities, it’s just a matter of time before they’re discovered.

You guys may feel these question is a kind of abstract and vague, then Could you tell me community about Rocky Linux helping solve my question ?

I don’t know what this is asking.

Thank you for your kind answer.

Last question is originally written by stackoverflow.com, I forgot editing it.

I have another question.

Just pure question, Why can’t I access Rocky Linux source code ?

I want to know reason why u guy’s decide not to show source code.

Our source is not hidden and we keep it in the open. Our sources can be obtained in the following ways:

• git.rockylinux.org
  • Base packages will be found in staging/rpms
  • Respective tarballs and other non-text source files are in the lookasides which are obtainable using srpmproc or other methods.
    • rocky-tools/getsrc at main · rocky-linux/rocky-tools · GitHub
• You can download the source packages themselves in the neighboring repositories.
  • You can view all repositories at Index of /pub/rocky/ - Just pick the version you’re after (8 or 9 for example), pick a repository, and find the source directory.
  • On the command line on an installed Rocky Linux system, you can use dnf download.

[label@xmpp01 tmp]$ sudo dnf download --source bash
enabling epel-source repository
enabling epel-cisco-openh264-source repository
enabling baseos-source repository
enabling appstream-source repository
enabling crb-source repository
enabling extras-source repository
bash-5.1.8-6.el9_1.src.rpm                      2.7 MB/s |  10 MB     00:03    

@nazunalika

Thank you for your answer !

I’ll check it right now.

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.