Kamfanin Red Hat kayan rarrabawa . An shirya taron shigarwa don x86_64, s390x (IBM System z), ppc64le da gine-ginen Aarch64, amma to kawai ga masu amfani da Portal Abokin Ciniki na Red Hat. Ana rarraba tushen fakitin Linux 8rpm na Red Hat Enterprise ta hanyar CentOS. Za a tallafawa reshen RHEL 8.x har zuwa aƙalla 2029.
Red Hat Enterprise Linux 8.1 shine sakin farko da aka shirya daidai da sabon tsarin ci gaban da ake iya faɗi, wanda ke nuna samuwar sakewa kowane wata shida a ƙayyadadden lokaci. Samun cikakken bayani game da lokacin da za a buga sabon saki yana ba ku damar daidaita jadawalin ci gaban ayyuka daban-daban, shirya a gaba don sabon saki, da tsara lokacin da za a yi amfani da sabuntawa.
An lura cewa sabon Samfuran RHEL sun zana yadudduka da yawa, gami da Fedora a matsayin tushen tushe don sabbin iyakoki, don samun dama ga fakitin da aka ƙirƙira don sakin tsaka-tsaki na gaba na RHEL (nau'in juyi na RHEL),
minimalistic duniya tushe image (UBI, Universal Base Image) don gudanar da aikace-aikace a cikin keɓaɓɓen kwantena da don amfani da RHEL kyauta a cikin tsarin ci gaba.
Maɓalli :
- An bayar da cikakken goyan baya don tsarin yin amfani da faci na Live () don kawar da lahani a cikin kernel na Linux ba tare da sake kunna tsarin ba kuma ba tare da dakatar da aiki ba. A baya can, kpatch an rarraba shi azaman fasalin gwaji;
- Dangane da tsarin An aiwatar da ikon ƙirƙirar jerin fararen fata da baƙi na aikace-aikacen, waɗanda ke ba ku damar bambance shirye-shiryen da mai amfani zai iya ƙaddamar da su kuma waɗanda ba za su iya ba (misali, don toshe ƙaddamar da fayilolin da ba a tabbatar da su ba). Za a iya yanke shawarar toshewa ko ƙyale ƙaddamarwa bisa sunan aikace-aikacen, hanya, hash abun ciki, da nau'in MIME. Duban ƙa'ida yana faruwa yayin kiran tsarin buɗe () da exec (), don haka yana iya yin mummunan tasiri akan aiki;
- Abun da ke ciki ya haɗa da bayanan martaba na SELinux, mai da hankali kan amfani tare da keɓaɓɓen kwantena da ba da damar ƙarin iko akan samun damar ayyukan da ke gudana a cikin kwantena don karɓar albarkatun tsarin. Don samar da ka'idodin SELinux don kwantena, an ba da shawarar sabon mai amfani da udica, wanda ke ba da izini, la'akari da ƙayyadaddun ƙayyadaddun akwati, don samar da damar kawai ga albarkatun waje da ake buƙata, kamar ajiya, na'urori da hanyar sadarwa. Abubuwan amfani na SELinux (libsepol, libselinux, libsemanage, policycoreutils, checkpolicy, mcstrans) an sabunta su don sakin 2.9, da kunshin SETools zuwa sigar 4.2.2.
An ƙara sabon nau'in SELinux, boltd_t, wanda ke ƙuntata boltd, tsari don sarrafa na'urorin Thunderbolt 3 (boltd yanzu yana gudana a cikin akwati da aka iyakance ta SELinux). An ƙara sabon aji na dokokin SELinux - bpf, wanda ke sarrafa damar zuwa Filter Packet Berkeley (BPF) kuma yana duba aikace-aikacen eBPF;
- Ya haɗa da tarin ka'idodin tuƙi (BGP4, MP-BGP, OSPFv2, OSPFv3, RIPv1, RIPv2, RIPng, PIM-SM/MSDP, LDP, IS-IS), wanda ya maye gurbin kunshin Quagga da aka yi amfani da shi a baya (FRROuting cokali mai yatsa ne na Quagga, don haka ba a shafi dacewa ba. );
- Don ɓoyayyen ɓangarori a cikin tsarin LUKS2, an ƙara tallafi don sake ɓoye na'urorin toshe akan tashi, ba tare da dakatar da amfani da su a cikin tsarin ba (misali, yanzu zaku iya canza maɓalli ko ɓoye algorithm ba tare da cire ɓangaren ba);
- An ƙara goyan bayan sabon bugu na SCAP 1.3 yarjejeniya (Tsaro Content Automation Protocol) zuwa tsarin OpenSCAP;
- Sabuntawa na OpenSSH 8.0p1, Saurara 2.12, Chrony 3.5, samba 4.10.4. Modules tare da sababbin rassan PHP 7.3, Ruby 2.6, Node.js 12 da nginx 1.16 an ƙara su zuwa wurin ajiyar AppStream (na'urori masu sabuntawa tare da rassan baya sun ci gaba). An ƙara fakiti tare da GCC 9, LLVM 8.0.1, Rust 1.37 da Go 1.12.8 zuwa Tarin Software;
- An sabunta kayan aikin gano kayan aikin SystemTap zuwa reshe 4.1, kuma an sabunta kayan aikin gyaran ƙwaƙwalwar ajiya na Valgrind zuwa sigar 3.15;
- An ƙara sabon kayan aikin duba lafiya zuwa kayan aikin tura uwar garken (IdM, Gudanar da Shaida), wanda ke sauƙaƙa gano matsaloli tare da aikin mahalli tare da uwar garken ganowa. An sauƙaƙe shigarwa da daidaitawar yanayin IdM, godiya ga goyan baya ga ayyuka masu yiwuwa da ikon shigar da kayayyaki. Ƙarin tallafi don Dokokin Amintattun Dazuzzukan Active Directory bisa Windows Server 2019.
- An canza madaidaicin maɓalli na tebur a cikin GNOME Classic zaman. Widget din don sauyawa tsakanin kwamfyutocin yanzu yana gefen dama na kwamitin kasa kuma an tsara shi azaman tsiri tare da thumbnails na tebur (don canzawa zuwa wani tebur, kawai danna kan thumbnail wanda ke nuna abubuwan da ke ciki);
- An sabunta tsarin DRM (Direct Rendering Manager) da ƙananan direbobi masu hoto (amdgpu, nouveau, i915, mgag200) don dacewa da Linux 5.1 kwaya. Ƙara goyon baya ga AMD Raven 2, AMD Picasso, AMD Vega, Intel Amber Lake-Y da Intel Comet Lake-U tsarin bidiyo;
- Kayan aikin kayan aiki don haɓaka RHEL 7.6 zuwa RHEL 8.1 ya ƙara tallafi don haɓakawa ba tare da sake sakawa ba don ARM64, IBM POWER (kananan endian) da gine-ginen IBM Z. An ƙara tsarin tsarin haɓakawa zuwa na'urar wasan bidiyo na yanar gizo. Ƙara kayan aikin cockpit-leapp don maido da yanayi idan akwai matsaloli yayin sabuntawa. An raba kundayen adireshi/var da/usr zuwa sassa daban-daban. Ƙara goyon bayan UEFI. IN ana sabunta fakiti daga Ma'ajiyar Ƙarin (ya haɗa da fakitin mallakar mallaka);
- Maginin Hoto ya ƙara tallafi don gina hotuna don Google Cloud da Alibaba Cloud muhallin girgije. Lokacin ƙirƙirar cika hoto, an ƙara ikon amfani da repo.git don haɗa ƙarin fayiloli daga ma'ajin Git na sabani;
- An ƙara ƙarin bincike zuwa Glibc don malloc don gano lokacin da keɓantattun tubalan ƙwaƙwalwar ajiya sun lalace;
- Kunshin dnf-utils an sake masa suna zuwa yum-utils don dacewa (ana riƙe ikon shigar dnf-utils, amma wannan fakitin za a maye gurbinsa ta atomatik ta yum-utils);
- An ƙara sabon bugu na Red Hat Enterprise Linux System Roles, saitin na'urori da matsayi don ƙaddamar da tsarin sarrafa tsarin daidaitawa dangane da Mai yiwuwa da daidaita tsarin tsarin don ba da damar takamaiman ayyuka da suka danganci ajiya, sadarwar sadarwa, daidaitawa lokaci, dokokin SElinux da kuma amfani da tsarin kdump. Misali, sabon rawar
ajiya yana ba ku damar yin ayyuka kamar sarrafa tsarin fayil akan faifai, aiki tare da ƙungiyoyin LVM da ɓangarori masu ma'ana; - Rukunin hanyar sadarwa na VXLAN da GENEVE tunnels sun aiwatar da ikon aiwatar da fakitin ICMP "Manufar Unreachable", "Packet Too Big" da "Saƙon Komawa", wanda ya warware matsalar tare da rashin iya amfani da jujjuyawar hanya da Gano Hanyar MTU a cikin VXLAN da GENEVE. .
- Aiwatar da gwaji na tsarin tsarin XDP (eXpress Data Path), wanda ke ba Linux damar gudanar da shirye-shiryen BPF a matakin direba na cibiyar sadarwa tare da ikon isa ga fakitin fakitin DMA kai tsaye kuma a matakin kafin skbuff buffer ya keɓe ta hanyar cibiyar sadarwa, haka kuma abubuwan eBPF, masu aiki tare da Linux 5.0 kernel. Ƙara goyan bayan gwaji don tsarin kernel na AF_XDP ();
- An bayar da cikakken tallafin ka'idar hanyar sadarwa (Transparent Inter-process Communication), wanda aka ƙera don tsara hanyoyin sadarwa a cikin gungu. Yarjejeniyar tana ba da hanya don aikace-aikace don sadarwa cikin sauri da dogaro, ba tare da la'akari da ko wane nodes a cikin gungu da suke gudana ba;
- Wani sabon yanayi don adana juji mai mahimmanci idan ya gaza an ƙara zuwa initramfs - "", aiki a farkon matakai na loading;
- An ƙara sabon ma'aunin kwaya ipcmni_extend, wanda ke ƙara iyakar ID na IPC daga 32 KB (bits 15) zuwa 16 MB (bits 24), ƙyale aikace-aikacen yin amfani da ƙarin ɓangarori na ƙwaƙwalwar ajiya;
- An sabunta Ipset don sakin 7.1 tare da goyan bayan ayyukan IPSET_CMD_GET_BYNAME da IPSET_CMD_GET_BYINDEX;
- The rngd daemon, wanda ya cika tafkin entropy na pseudorandom lamba janareta, an kubuta daga bukatar gudu a matsayin tushen;
- An bayar da cikakken tallafi (Omni-Path Architecture) don kayan aiki tare da Mai watsa shiri Fabric Interface (HFI) da cikakken goyan baya ga Intel Optane DC Persistent Memory na'urorin.
- Kwayoyin cirewa ta tsohuwa sun haɗa da ginawa tare da ganowar UBSAN (Udefined Behavior Sanitizer), wanda ke ƙara ƙarin bincike zuwa lambar da aka haɗa don gano yanayin lokacin da halayen shirin ya zama wanda ba a bayyana ba (misali, amfani da masu canji maras tsaye kafin a fara su, rarrabawa. lamba ta sifili, nau'ikan lamba masu yawa da aka sanya hannu, zubar da ma'ana NULL, matsaloli tare da daidaita ma'ana, da sauransu);
- Itacen tushen kwaya tare da haɓakawa na ainihi (kernel-rt) yana aiki tare da babban lambar kwaya ta RHEL 8;
- Ƙara direban ibmvnic don mai sarrafa cibiyar sadarwa na vNIC (Virtual Network Interface Controller) tare da aiwatar da fasahar cibiyar sadarwa ta PowerVM. Lokacin da aka yi amfani da shi tare da SR-IOV NIC, sabon direba yana ba da damar bandwidth da ingancin kulawar sabis a matakin adaftar cibiyar sadarwa mai mahimmanci, yana rage girman haɓakar haɓakawa da rage nauyin CPU;
- Ƙarin tallafi don Ƙaƙƙarfan Mutuncin Bayanai, wanda ke ba ku damar kare bayanai daga lalacewa lokacin rubutawa zuwa ajiya ta adana ƙarin tubalan gyarawa;
- Ƙara goyan bayan gwaji (Tsarin Fasaha) don kunshin , wanda ke ba da ɗakin karatu na nmstatectl da mai amfani don sarrafa saitunan cibiyar sadarwa ta hanyar API mai ƙididdigewa (an kwatanta yanayin cibiyar sadarwa a cikin hanyar da aka riga aka ƙayyade);
- Ƙara goyon bayan gwaji don aiwatar da matakin TLS (KTLS) tare da boye-boye na tushen AES-GCM, da kuma tallafin gwaji don OverlayFS, cgroup v2, , mdev () da DAX (hanzari kai tsaye zuwa tsarin fayil yana ƙetare cache shafi ba tare da amfani da matakin toshe na'urar ba) a cikin ext4 da XFS;
- Goyon bayan da aka soke don DSA, TLS 1.0 da TLS 1.1, waɗanda aka cire daga saitin DEFAULT kuma an koma LEGACY (“sabuntawa-crypto-manufofin —saitin LEGACY”);
- An soke fakitin 389-ds-base-legacy-kayan aikin.
autd
kula,
sunan masauki,
libidn,
kayan aikin net,
Rubutun hanyar sadarwa,
nss-pam-ldapd,
aikawa,
yp-kayan aiki
ypbind da ypserv. Za a iya dakatar da su a cikin wani muhimmin saki na gaba; - An maye gurbin rubutun ifup da ifdown tare da masu rufewa waɗanda ke kiran NetworkManager ta hanyar nmcli (domin dawo da tsoffin rubutun, kuna buƙatar gudanar da “yum install network-scripts”).
source: budenet.ru