from Hacker News

Rocky Linux from CIQ – Hardened

by LaSombra on 3/19/25, 8:43 AM with 48 comments

  • by neilv on 3/21/25, 11:10 PM

    Can someone confirm or fill in details?

    * CentOS used to be a free rebranding of RHEL.

    * IBM effectively cut off CentOS.

    * Rocky Linux is the replacement free RHEL-compatible distro, but is higher effort to maintain than CentOS was.

    * "Rocky Linux from CIQ" is a commercial product that is attempting to compete with RHEL, by being lower-cost essentially-RHEL while still satisfying some is-there-a-company-behind-it "compliance" checkboxes that companies require?

    * "Rocky Linux from CIQ - Hardened" offers some supposed security improvements that vanilla RHEL doesn't?

  • by 999900000999 on 3/22/25, 12:26 AM

    >Secure All packages validated and delivered via secure supply chain from CIQ repositories.

    How deep does this go.

    Are they inspecting every line of code in every source repo ?

    What happens when I need a package they haven't validated yet ?

  • by owl_vision on 3/22/25, 1:23 AM

    as seen on the about page[0] "Named in honor of CentOS co-founder Rocky McGaugh"

    "Gregory Kurtzer, our CEO and founder," the other CentOS guy.

    [0]https://ciq.com/company/founding-story/

  • by client4 on 3/21/25, 11:19 PM

    But is it FIPS certified?

  • by rob_c on 3/22/25, 1:46 AM

    And more drama from the machine that is being the FUD created over every misstep of RHEL/IBM. And I mean misstep not evil attack on the community. CIQ is the worst of FOSS and a blight causing nonsense arguing rather than actually contributing to a better community.

  • by gbraad on 3/22/25, 4:50 PM

    Oh wait, it is a commercial offering ... Hardened? What do they actually do besides repackaging. I fail to see what this provides over RHEL or even AlmaLinux. They will always be a downstream/derivative who does not really engage with the upstream.

  • by e40 on 3/22/25, 12:05 AM

    How much?