Well that was fast.

No sooner did IBM try to kneecap RHEL clones than one of them found an elegant hack – only six days later.  Bravo, Rocky Linux.

If you didn’t read the previous article, the short of it is that IBM doesn’t like RHEL clones.  RedHat Linux Enterprise Edition is under the Gnu Public License (GPL), which obligates IBM to provide the source code to the software, when is what RHEL clones like Alma Linux and Rocky Linux have been using to clone it.

However, the GPL only obligates them to provide it to end users that they provided the binaries to – an important distinction.  IBM decided to put the binaries behind a customer portal.  So you can still get binaries and source code, but only if you’re a paying customer.  And the customer agreements prohibits cloning it.  You can still sign up, download the source, and clone – but then IBM will cut off your contract.

This looked like a death kneel for Alma and Rocky, the chief clones.  Sure, they can still build a distro that has everything RHEL has, but it won’t be byte-for-byte bug-compatible, which is a major, er, selling point.

But Rocky has found a way forward.

The Cloud Loophole

Turns out that if you spin up a RHEL instance in the cloud, you are by virtue of that a RedHat Customer, and can download the SRPMS.  Fire up a spot instance, download, shut it down, and wait for the next release.

Per Rocky Linux’s commentary:

One option is through the usage of UBI container images which are based on RHEL and available from multiple online sources (including Docker Hub). Using the UBI image, it is easily possible to obtain Red Hat sources reliably and unencumbered. We have validated this through OCI (Open Container Initiative) containers and it works exactly as expected.

Another method that we will leverage is pay-per-use public cloud instances. With this, anyone can spin up RHEL images in the cloud and thus obtain the source code for all packages and errata. This is the easiest for us to scale as we can do all of this through CI pipelines, spinning up cloud images to obtain the sources via DNF, and post to our Git repositories automatically.

Nice.

raindog308

Raindog308 is a longtime LowEndTalk community administrator, technical writer, and self-described techno polymath. With deep roots in the *nix world, he has a passion for systems both modern and vintage, ranging from Unix, Perl, Python, and Golang to shell scripting and mainframe-era operating systems like MVS. He’s equally comfortable with relational database systems, having spent years working with Oracle, PostgreSQL, and MySQL.

As an avid user of LowEndBox providers, Raindog runs an empire of LEBs, from tiny boxes for VPNs, to mid-sized instances for application hosting, and heavyweight servers for data storage and complex databases. He brings both technical rigor and real-world experience to every piece he writes.

Beyond the command line, Raindog is a lover of German Shepherds, high-quality knives, target shooting, theology, tabletop RPGs, and hiking in deep, quiet forests.

His goal with every article is to help users, from beginners to seasoned sysadmins, get more value, performance, and enjoyment out of their infrastructure.

You can find him daily in the forums at LowEndTalk under the handle @raindog308.