ProHoster > Блог > labaran intanet > An gabatar da rarraba Red Hat Enterprise Linux 9

An gabatar da rarraba Red Hat Enterprise Linux 9

Kamfanin Red Hat ya fitar da rarrabawar kamfanin Red Hat Enterprise. Linux 9. Hotunan shigarwa da aka riga aka shirya za su kasance nan ba da jimawa ba ga masu amfani da suka yi rijista na Red Hat Customer Portal (ana iya amfani da hotunan ISO don kimanta aikin) CentOS Watsawa ta 9). Ana samun fitowar don tsarin x86_64, s390x (IBM System z), ppc64le, da Aarch64 (ARM64). Tushen fakitin RPM na Red Hat Enterprise Linux An shirya 9 a cikin ma'ajiyar Git CentOSDangane da zagayowar tallafi na shekaru 10, za a tallafa wa RHEL 9 har zuwa 2032. Sabuntawa ga RHEL 7 za su ci gaba da fitowa har zuwa 30 ga Yuni, 2024, da kuma RHEL 8 har zuwa 31 ga Mayu, 2029.

Rarraba Kasuwancin Red Hat Linux 9 abin lura ne saboda komawarsa zuwa ga tsarin ci gaba mai buɗaɗɗe. Ba kamar rassan da suka gabata ba, ana gina rarrabawar ta amfani da bayanan fakiti. CentOS Watsawa ta 9. CentOS An sanya Stream a matsayin wani aiki na sama ga RHEL, wanda ke ba wa masu ba da gudummawa na ɓangare na uku damar sarrafa ci gaban fakitin RHEL, gabatar da canje-canje, da kuma rinjayar yanke shawara. A da, an yi amfani da hoton fitowar Fedora a matsayin tushen sabon reshen RHEL, wanda aka inganta kuma aka daidaita a bayan ƙofofi a rufe, ba tare da ikon sa ido kan tsarin ci gaba da yanke shawara ba. Yanzu, an ƙirƙiri reshe daga hoton Fedora tare da bayanan al'umma. CentOS Ruwa, inda ake gudanar da aikin shiri da kuma tushen sabon babban reshe na RHEL.

Canje-canje masu mahimmanci:

  • An sabunta yanayin tsarin da kayan aikin gini. Ana amfani da GCC 11 don gina fakiti. An sabunta ɗakin karatu na C na yau da kullun zuwa glibc 2.34. Kunshin kernel Linux An gina shi akan fitowar 5.14. An sabunta manajan kunshin RPM zuwa sigar 4.16 tare da tallafin sarrafa aminci ta hanyar fapolicyd.
  • An kammala ƙaura na rarraba zuwa Python 3. Ana ba da reshen Python 3.9 ta tsohuwa. Python 2 an daina.
  • Teburin yana dogara ne akan GNOME 40 (RHEL 8 wanda aka aika tare da GNOME 3.28) da ɗakin karatu na GTK 4. A cikin GNOME 40, kwamfyutocin kwamfyutoci masu kama-da-wane a cikin Yanayin Bayanin Ayyuka ana canza su zuwa yanayin shimfidar wuri kuma ana nunawa azaman sarkar gungurawa ta ci gaba daga hagu zuwa dama. Kowane tebur da aka nuna a cikin yanayin Dubawa yana hango abubuwan da ke akwai da tagogi da murɗaɗa da zuƙowa a hankali yayin da mai amfani ke hulɗa. An samar da sauyi marar lahani tsakanin jerin shirye-shirye da kwamfutoci masu kama-da-wane.
  • GNOME ya haɗa da mai sarrafa bayanan martaba-daemon wanda ke ba da ikon canzawa tsakanin yanayin ceton wutar lantarki, yanayin daidaita wutar lantarki, da matsakaicin yanayin aiki.
  • An matsar da duk rafukan sauti zuwa uwar garken watsa labarai na PipeWire, wanda yanzu shine tsoho maimakon PulseAudio da JACK. Yin amfani da PipeWire yana ba ku damar samar da ƙwarewar sarrafa sauti na ƙwararru a cikin bugu na yau da kullun, kawar da rarrabuwa da haɗa kayan aikin sauti don aikace-aikace daban-daban.
  • Ta hanyar tsoho, menu na taya na GRUB yana ɓoye idan RHEL shine kawai rarrabawar da aka sanya akan tsarin kuma idan taya na ƙarshe ya yi nasara. Don nuna menu yayin taya, kawai ka riƙe maɓallin Shift ko danna maɓallin Esc ko F8 sau da yawa. Daga cikin canje-canje a cikin bootloader, mun kuma lura da sanya fayilolin sanyi na GRUB don duk gine-gine a cikin shugabanci ɗaya /boot/grub2/ (fayil ɗin /boot/efi/EFI/redhat/grub.cfg yanzu shine hanyar haɗi ta alama zuwa /boot). /grub2/grub.cfg), wadanda. Ana iya kunna tsarin shigar guda ɗaya ta amfani da EFI da BIOS.
  • Abubuwan da aka haɗa don tallafawa harsuna daban-daban an tattara su a cikin jakunkuna, waɗanda ke ba ku damar bambanta matakin tallafin harshe da aka shigar. Misali, langpacks-core-font yana ba da haruffa kawai, langpacks-core yana ba da wurin glibc, font tushe, da hanyar shigarwa, kuma langpacks yana ba da fassarorin, ƙarin fonts, da ƙamus na duba haruffa.
  • An sabunta abubuwan tsaro. Rarrabawa yana amfani da sabon reshe na OpenSSL 3.0 ɗakin karatu na sirri. Ta hanyar tsoho, an kunna ƙarin na zamani da abin dogara algorithms (misali, amfani da SHA-1 a cikin TLS, DTLS, SSH, IKEv2 da Kerberos an haramta, TLS 1.0, TLS 1.1, DTLS 1.0, RC4, Camellia, DSA, 3DES kuma FFDHE-1024 an kashe) . An sabunta fakitin OpenSSH zuwa sigar 8.6p1. An koma Cyrus SASL zuwa GDBM baya maimakon Berkeley DB. NSS (Network Security Services) dakunan karatu ba sa goyan bayan tsarin DBM (Berkeley DB). An sabunta GnuTLS zuwa sigar 3.7.2.
  • Ingantaccen aikin SELinux da kuma rage yawan amfani da ƙwaƙwalwa. An cire tallafi ga saitin "SELINUX=disabled" don kashe SE daga /etc/selinux/configLinux (saitin da aka ƙayyade yanzu yana hana loda manufofi kawai, da kuma kashe aikin SE a zahiriLinux yanzu ana buƙatar wucewa da sigar "selinux=0" zuwa kernel).
  • Ƙara goyan bayan gwaji VPN WireGuard.
  • Ta hanyar tsoho, shiga ta hanyar SSH kamar yadda aka haramta tushen.
  • Kayan aikin sarrafa fakitin iptables-nft (iptables, ip6tables, ebtables da arptables utilities) da ipset an soke su. Yanzu ana ba da shawarar yin amfani da nftables don sarrafa Tacewar zaɓi.
  • Ya haɗa da sabon mptcpd daemon don daidaita MPTCP (MultiPath TCP), haɓaka ƙa'idar TCP don tsara aikin haɗin TCP tare da isar da fakiti a lokaci guda tare da hanyoyi da yawa ta hanyoyin mu'amalar hanyar sadarwa daban-daban waɗanda ke da alaƙa da adiresoshin IP daban-daban. Yin amfani da mptcpd yana ba da damar daidaita MPTCP ba tare da amfani da iproute2 mai amfani ba.
  • An cire kunshin-rubutun hanyar sadarwa; Ya kamata a yi amfani da NetworkManager don saita haɗin yanar gizo. Goyon baya ga tsarin saitin ifcfg yana riƙe, amma NetworkManager yana amfani da tsarin tushen fayil ta tsohuwa.
  • Abun da ke ciki ya haɗa da sabbin nau'ikan masu tarawa da kayan aiki don masu haɓakawa: GCC 11.2, LLVM/Clang 12.0.1, Rust 1.54, Go 1.16.6, Node.js 16, OpenJDK 17, Perl 5.32, PHP 8.0, Python 3.9, Ruby 3.0. Git 2.31, Subversion 1.14, binutils 2.35, CMake 3.20.2, Maven 3.6, Ant 1.10.
  • Fakitin uwar garken Apache HTTP Server 2.4.48, nginx 1.20, Varnish Cache 6.5, Squid 5.1 an sabunta su.
  • DBMS MariaDB 10.5, MySQL 8.0, PostgreSQL 13, Redis 6.2 an sabunta su.
  • Don gina ƙirar QEMU, Clang yana kunna ta tsohuwa, wanda ya ba da damar yin amfani da wasu ƙarin hanyoyin kariya ga hypervisor na KVM, kamar SafeStack don kariya daga dabarun amfani da su dangane da shirye-shiryen da suka dawo (ROP - Return-Oriented Programming).
  • A cikin SSSD (System Security Services Daemon), an ƙara dalla-dalla na rajistan ayyukan, alal misali, lokacin kammala aikin yanzu an haɗa shi da abubuwan da suka faru kuma ana nuna kwararar tabbatarwa. Ƙara aikin bincike don nazarin saituna da batutuwan aiki.
  • An faɗaɗa tallafi don IMA (Integrity Measurement Architecture) don tabbatar da amincin abubuwan tsarin aiki ta amfani da sa hannu na dijital da hashes.
  • Ta hanyar tsoho, an kunna tsarin haɗin kai guda ɗaya (cgroup v2). Za a iya amfani da ƙungiyoyi v2, misali, don iyakance ƙwaƙwalwar ajiya, CPU da yawan amfani da I/O. Babban bambanci tsakanin ƙungiyoyin v2 da v1 shine amfani da tsarin ƙungiyoyin gama gari don kowane nau'in albarkatu, maimakon matsayi daban-daban don rarraba albarkatun CPU, don daidaita yawan ƙwaƙwalwar ajiya, da na I/O. Matsayi daban-daban ya haifar da matsaloli wajen tsara hulɗa tsakanin masu gudanarwa da ƙarin farashin albarkatun kwaya lokacin amfani da ƙa'idodi don tsarin da aka ambata a cikin manyan mukamai daban-daban.
  • An ƙara tallafi don daidaita lokaci daidai bisa ga yarjejeniyar NTS (Tsaro na Lokaci na Network), wanda ke amfani da abubuwan da ke cikin kayan aikin maɓallan jama'a (PKI) kuma yana ba da damar amfani da TLS da ɓoyewa mai inganci AEAD (Tabbataccen ɓoyewa tare da Bayanan da aka Haɗa) don kariyar ɓoyewa na hulɗar abokin ciniki da sabar. uwar garke ta hanyar NTP (Tsarin Lokaci na Cibiyar Sadarwa). An sabunta sabar NTP ta chrony zuwa sigar 4.1.
  • Bayar da tallafi na gwaji (Tsarin Fasaha) don KTLS (ayyukan aiwatar da matakin TLS na kernel), Intel SGX (Extensions Guard Software), DAX (Direct Access) don ext4 da XFS, tallafi ga AMD SEV da SEV-ES a cikin KVM hypervisor.

source: budenet.ru

Sayi amintaccen masauki don shafuka tare da kariyar DDoS, sabar VPS VDS 🔥 Sayi ingantaccen masaukin yanar gizo tare da kariyar DDoS, sabar VPS VDS | ProHoster