How to use Extra Packages for Enterprise Linux (EPEL)?

Resolution

Important Notice

• The following information has been provided by Red Hat, but is outside the scope of the posted Service Level Agreements and support procedures.
• Installing unsupported packages does not necessarily make a system unsupportable by Red Hat Global Support Services
  • However, Red Hat Global Support Services will be unable to support or debug problems with packages not shipped in standard RHEL channels.
• Installing packages from EPEL is done at the user's own risk.
• The EPEL repository is a community supported repository hosted by the Fedora Community project.
• The EPEL repository is not a part of Red Hat Enterprise Linux and does not fall under Red Hat's Production Support Scope of Coverage. The repository is considered an optional repository and is not tested by Red Hat quality engineers.

Who supports EPEL?

EPEL is a community project, and is supported by the community. You can oftentimes find contributors on the Libera IRC network, in the #epel channel.

Security concerns using EPEL software

EPEL software is third-party software - that is, software not engineered or supported by Red Hat. Importantly, this means that EPEL software has not been through Red Hat's product pathway, which includes formal planning, development, testing, and maintenance - in short, it's what separates a project from a product.

Given that anyone can contribute to it, consumers of EPEL must take special notice of the potential for supply-chain attacks. Read the following article to learn more about what separates Red Hat software from third-party and community projects like EPEL or ELRepo:

• Software Supply Chain Security Assurance at Red Hat: A Partnership Process Model

Also, we'd recommend reading Red Hat's practical guide to software supply chain security.

What if I need a package that's supplied by EPEL?

If your organization needs a package supplied in EPEL, but needs Red Hat to support it, we'd encourage you to open a Request for Feature Enhancement (RFE) ticket with Red Hat Support Delivery rather than taking on the burden of support yourself.

Who can create packages in EPEL?

You can! Anyone with an interest can submit packages to EPEL that can be used by systems administrators that want to use them. The Fedora Project has documentation that will help you get started!

Enabling EPEL

• Follow the directions on the EPEL website to install the epel-release package appropriate to the RHEL version of the system in question.
• Ensure that you install the EPEL release that corresponds to the RHEL release you are running.
• EPEL X must be installed on a RHEL X system (where X is 7/8/9 .. will probably continue in this fashion)

If the installation fails with No package epel-release available., you can install the package directly from http URL, as is also described on the EPEL website.

• On RHEL10, the rhel-10-for-x86_64-extensions-rpms repository provides EPEL packages built and signed by Red Hat, delivered through Red Hat's secure channels to address compliance needs. Please note that these packages are not supported by Red Hat and are maintained by the community. See Blog post, link to support policy. If you require one of these packages, please open an RFE ticket in the portal.

References

• Will a package in EPEL 7 be in EPEL 8?