For David: For RHEL 10.2, there are patches (including one suggestion from me) as part of LU 20312: https://jira.whamcloud.com/browse/LU-20312
We are of course in the process of testing this. For Peter: We also echo the LTS issue. We are using primarily 2.15.x, with 2.16.1 at a smaller part of our production. 2.17.x is used as part of our test environment, because we are encountering issues with 2.16.1 . For RHEL 10.x, we would like to know what would be the LTS Lustre release. Best regards, GM -- -- -- *Georgios Magklaras PhD* Chief Engineer IT Infrastructure/HPC The Norwegian Meteorological Institute https://www.met.no/ https://www.steelcyber.com/georgioshome/ On Tue, 2 Jun 2026 at 11:45, Hans Henrik Happe via lustre-discuss < [email protected]> wrote: > The work is tracked in LU-20071 > <https://jira.whamcloud.com/browse/LU-20071> for the RHEL 9.8 and there > is a patch. Haven't tested it myself. > > You need RHEL 9.8 to get a kernel that fixes all the known root escalation > security issues. So I agree that we are in a bit of a limbo until an RHEL > 9.8 LTS version of Lustre is ready. However, I think Alma did a special > security kernel for RHEL 9.7. I know Rocky did. > > On 01/06/2026 19.16, Peter Jones via lustre-discuss wrote: > > So do I understand correctly that your concern is that: > > > 1. there are vulnerabilities in RHEL 10.2 that also affect RHEL 10.1 > but there are no updates for RHEL 10.1 once RHEL 10.2 is GA > 2. RHEL 10.x is not supported by the current Lustre LTS branch > (2.15.x) > > > If so, the good news is that we expect to have a newly designated LTS > branch in the near future that will support RHEL 10.x clients. > > Longer term, there are efforts to get Lustre into the upstream kernel, > which would completely eliminate any of these issues. > > In the meantime, if you are ever in the position of wanting to move to > kernel versions ahead of formal support being available, my recommendation > would be to experiment with a limited number of clients (perhaps even just > one) before rolling out across all the clients. > > *From: *David Cohen <[email protected]> > <[email protected]> > *Date: *Monday, June 1, 2026 at 8:41 AM > *To: *Peter Jones <[email protected]> > <[email protected]> > *Cc: *lustre-discuss <[email protected]> > <[email protected]> > *Subject: *Re: [lustre-discuss] RHEL 9.8 and 10.2 support > > Hi Peter, > For the EL 10.1 client I was using version 17.0 which was the only version > to support EL 10. After upgrading to EL 10.2 the client lost the storage > mount. > I'm not updating the EL9.7 clients, not to risk losing the storage mount. > They are running the 2.15 LTS Lustre. > On the servers I am still using the 2.15 version on EL 8.10 as I prefer to > use the LTS version, and there is no LTS server support beyond EL 8.10. > This complex matrix just emphasizes how much Lustre is a > restrictive factor for upgrades. > > David > > > On Mon, Jun 1, 2026 at 4:48 PM Peter Jones <[email protected]> > wrote: > > David > > Could you please clarify what version of Lustre you are using today for > both servers and clients? Also, are you using ldiskfs or ZFS as the backend > filesystem? > > Peter > > *From: *David Cohen <[email protected]> > *Date: *Sunday, May 31, 2026 at 8:25 PM > *To: *Peter Jones <[email protected]> > *Cc: *lustre-discuss <[email protected]> > *Subject: *Re: [lustre-discuss] RHEL 9.8 and 10.2 support > > Hi Peter, > The new kernel presented with EL 10.2 presents changes preventing DKMS > from recompiling Lustre modules. > There is even a Jira ticket following the issue since the beta, > highlighting the security fixes in the new kernels. > https://jira.whamcloud.com/browse/LU-20070 > > David > > > > On Mon, Jun 1, 2026 at 12:19 AM Peter Jones < > [email protected]> wrote: > > David > > Could you please elaborate as to what you feel is missing today? Lustre > clients are patchless, so I would expect that if a security update is > issued for a given supported release of RHEL that users would just apply > the kernel update and weak updates would take care of the rest with no need > to get any updates to Lustre... > > Peter > > *From: *lustre-discuss <[email protected]> on > behalf of David Cohen via lustre-discuss <[email protected]> > *Date: *Sunday, May 31, 2026 at 5:31 AM > *To: *lustre-discuss <[email protected]> > *Subject: *[lustre-discuss] RHEL 9.8 and 10.2 support > > Hi, > With the latest critical kernel vulnerabilities, updates are no longer > optional. > This puts Lustre on the critical path for cluster security. > Is there a plan to address this necessity by releasing Lustre client > versions outside of the half a year cycle to support the new kernels? > > David > > > _______________________________________________ > lustre-discuss mailing > [email protected]http://lists.lustre.org/listinfo.cgi/lustre-discuss-lustre.org > > > _______________________________________________ > lustre-discuss mailing list > [email protected] > http://lists.lustre.org/listinfo.cgi/lustre-discuss-lustre.org >
_______________________________________________ lustre-discuss mailing list [email protected] http://lists.lustre.org/listinfo.cgi/lustre-discuss-lustre.org
