ProHoster > Блог > xov xwm hauv internet > Red Hat Enterprise Linux 9 faib qhia

Red Hat Enterprise Linux 9 faib qhia

Компания Red Hat представила релиз дистрибутива Red Hat Enterprise Linux 9. Готовые установочные образы станут в ближайшее время доступны для зарегистрированных пользователей Red Hat Customer Portal (для оценки функциональности также можно использовать iso-образы CentOS Stream 9). Выпуск сформирован для архитектур x86_64, s390x (IBM System z), ppc64le и Aarch64 (ARM64). Исходные тексты rpm-пакетов Red Hat Enterprise Linux 9 размещены в Git-репозиторий CentOS. В соответствии с 10-летним циклом поддержки дистрибутива RHEL 9 будет сопровождаться до 2032 года. Обновления для RHEL 7 продолжат выпускаться до 30 июня 2024 года, RHEL 8 — до 31 мая 2029 года.

Red Hat Enterprise Linux 9 yog qhov tseem ceeb rau nws txoj kev txav mus rau txoj kev txhim kho qhib dua. Tsis zoo li cov ceg ntoo yav dhau los, CentOS Stream 9 pob lub hauv paus yog siv los ua lub hauv paus rau kev tsim cov kev faib tawm. CentOS Stream yog qhov chaw ua haujlwm rau RHEL, tso cai rau cov neeg tuaj koom thib peb los tswj kev npaj cov pob khoom rau RHEL, tshaj tawm lawv cov kev hloov pauv thiab cuam tshuam. kev txiav txim siab. Yav dhau los, ib qho snapshot ntawm ib qho ntawm Fedora tso tawm tau siv los ua lub hauv paus rau RHEL ceg tshiab, uas tau ua tiav thiab ruaj khov tom qab kaw qhov rooj, tsis muaj peev xwm tswj hwm kev txhim kho thiab kev txiav txim siab. Tam sim no, raws li Fedora snapshot, nrog kev koom tes ntawm zej zog, CentOS Stream ceg tau tsim, nyob rau hauv uas kev npaj ua haujlwm tab tom ua thiab lub hauv paus tau tsim rau RHEL ceg tshiab tseem ceeb.

Cov kev hloov pauv tseem ceeb:

  • Qhov system ib puag ncig thiab cov cuab yeej sib dhos tau hloov kho. GCC 11 yog siv los tsim cov pob khoom. Tus qauv C lub tsev qiv ntawv tau hloov kho rau glibc 2.34. Lub pob Linux ntsiav yog raws li 5.14 tso tawm. Tus thawj tswj hwm pob RPM tau hloov kho rau version 4.16 nrog kev txhawb nqa rau kev saib xyuas kev ncaj ncees ntawm fapolicyd.
  • Kev tsiv teb tsaws chaw ntawm kev faib mus rau Python 3 tau ua tiav. Lub ceg ntoo Python 3.9 tau muab los ntawm lub neej ntawd. Python 2 tau txiav tawm.
  • Lub desktop yog raws li GNOME 40 (RHEL 8 xa nrog GNOME 3.28) thiab GTK 4 lub tsev qiv ntawv. Hauv GNOME 40, virtual desktops hauv Cov Txheej Txheem Txheej Txheem tau hloov mus rau kev taw qhia toj roob hauv pes thiab tau nthuav tawm ua cov saw txuas txuas ntxiv ntawm sab laug mus rau sab xis. Txhua lub desktop tso tawm hauv Cov Txheej Txheem Txheej Txheem pom qhov muaj qhov rais thiab dynamically pans thiab zooms raws li tus neeg siv cuam tshuam. Kev hloov pauv seamless yog muab los ntawm cov npe ntawm cov kev pab cuam thiab virtual desktops.
  • GNOME suav nrog lub hwj chim-profiles-daemon handler uas muab lub peev xwm hloov pauv ntawm yoov ntawm hom kev txuag hluav taws xob, lub zog sib npaug, thiab hom kev ua haujlwm siab tshaj plaws.
  • Tag nrho cov kwj suab tau raug tsiv mus rau PipeWire media server, uas tam sim no yog lub neej ntawd tsis yog PulseAudio thiab JACK. Siv PipeWire tso cai rau koj los muab kev tshaj lij kev ua haujlwm lub peev xwm hauv lub desktop ib txwm muaj, tshem tawm kev tawg thiab sib koom ua ke cov suab paj nruag rau kev siv sib txawv.
  • Los ntawm lub neej ntawd, GRUB khau raj ntawv qhia tau muab zais yog RHEL tsuas yog kev faib khoom nruab rau ntawm lub kaw lus thiab yog tias qhov kawg khau raj ua tiav. Txhawm rau qhia cov ntawv qhia zaub mov thaum khau raj, tsuas yog tuav tus yuam sij Hloov lossis nias Esc lossis F8 ob peb zaug. Ntawm cov kev hloov pauv hauv bootloader, peb kuj tseem nco ntsoov qhov kev tso kawm ntawm GRUB teeb tsa cov ntaub ntawv rau tag nrho cov architectures hauv ib phau ntawv teev npe /boot/grub2/ (cov ntaub ntawv /boot/efi/EFI/redhat/grub.cfg yog tam sim no lub cim txuas rau /boot. /grub2/grub.cfg), cov. tib lub kaw lus tuaj yeem pib siv ob qho tib si EFI thiab BIOS.
  • Cov khoom siv rau kev txhawb nqa cov lus sib txawv yog ntim rau hauv langpacks, uas tso cai rau koj los hloov cov theem ntawm cov lus txhawb nqa. Piv txwv li, langpacks-core-font muaj tsuas yog fonts, langpacks-core muab cov glibc thaj chaw, lub hauv paus font, thiab cov tswv yim, thiab langpacks muab kev txhais lus, ntxiv fonts, thiab cov ntawv txheeb xyuas kev sau ntawv.
  • Cov khoom siv ruaj ntseg tau hloov kho. Kev faib tawm siv ib ceg tshiab ntawm OpenSSL 3.0 cryptographic tsev qiv ntawv. Los ntawm lub neej ntawd, ntau niaj hnub thiab txhim khu kev qha cryptographic algorithms tau qhib (piv txwv li, kev siv SHA-1 hauv TLS, DTLS, SSH, IKEv2 thiab Kerberos raug txwv, TLS 1.0, TLS 1.1, DTLS 1.0, RC4, Camellia, DSA, 3DES thiab FFDHE-1024 yog neeg xiam). Lub pob OpenSSH tau hloov kho rau version 8.6p1. Cyrus SASL tau tsiv mus rau GDBM backend es tsis txhob Berkeley DB. NSS (Network Security Services) cov tsev qiv ntawv tsis txhawb nqa DBM (Berkeley DB) hom ntawv ntxiv lawm. GnuTLS tau hloov kho rau version 3.7.2.
  • Txhim kho SELinux kev ua tau zoo thiab txo kev siv lub cim xeeb. Hauv /etc/selinux/config, kev them nyiaj yug rau "SELINUX = disabled" teeb tsa rau lov tes taw SELinux tau raug tshem tawm (qhov kev teeb tsa tam sim no tsuas yog cuam tshuam txoj cai thauj khoom, thiab txhawm rau lov tes taw SELinux functionality tam sim no yuav tsum dhau qhov "selinux = 0" parameter rau lub kernel).
  • Ntxiv kev sim txhawb rau VPN WireGuard.
  • Los ntawm lub neej ntawd, nkag mus hauv SSH raws li hauv paus yog txwv.
  • iptables-nft packet lim tswj cov cuab yeej (iptables, ip6tables, ebtables thiab arptables utilities) thiab ipset tau deprecated. Tam sim no nws tau pom zoo kom siv nftables los tswj lub firewall.
  • Nws suav nrog mptcpd daemon tshiab rau kev teeb tsa MPTCP (MultiPath TCP), qhov txuas ntxiv ntawm TCP raws tu qauv rau kev teeb tsa kev ua haujlwm ntawm TCP kev sib txuas nrog cov pob ntawv xa tuaj ib txhij ntawm ntau txoj hauv kev los ntawm kev sib txawv network cuam tshuam nrog qhov sib txawv IP chaw. Kev siv mptcpd ua rau nws tuaj yeem teeb tsa MPTCP yam tsis siv iproute2 utility.
  • Lub network-scripts pob tau raug tshem tawm; NetworkManager yuav tsum tau siv los teeb tsa kev sib txuas hauv network. Kev them nyiaj yug rau lub ifcfg chaw hom yog khaws cia, tab sis NetworkManager siv cov ntaub ntawv tseem ceeb raws li lub neej ntawd.
  • Cov muaj pes tsawg leeg muaj xws li tshiab versions ntawm compilers thiab cov cuab yeej rau developers: GCC 11.2, LLVM/Clang 12.0.1, Rust 1.54, Go 1.16.6, Node.js 16, OpenJDK 17, Perl 5.32, PHP 8.0, Python 3.9, Ruby Git 3.0, Subversion 2.31, binutils 1.14, CMake 2.35, Maven 3.20.2, Ant 3.6.
  • Cov pob neeg rau zaub mov Apache HTTP Server 2.4.48, nginx 1.20, Varnish Cache 6.5, Squid 5.1 tau hloov kho.
  • DBMS MariaDB 10.5, MySQL 8.0, PostgreSQL 13, Redis 6.2 tau hloov kho.
  • Txhawm rau tsim QEMU emulator, Clang tau qhib los ntawm lub neej ntawd, uas ua rau nws muaj peev xwm siv qee qhov kev tiv thaiv ntxiv rau KVM hypervisor, xws li SafeStack los tiv thaiv cov kev siv dag zog raws li kev rov qab los qhia txog kev ua haujlwm (ROP - Rov qab-Oriented Programming).
  • Hauv SSSD (System Security Services Daemon), cov ntsiab lus ntawm cov cav tau nce ntxiv, piv txwv li, lub sijhawm ua tiav txoj haujlwm tam sim no txuas nrog rau cov xwm txheej thiab qhov kev lees paub tseeb tau tshwm sim. Ntxiv kev tshawb nrhiav ua haujlwm los txheeb xyuas cov chaw thiab teeb meem kev ua haujlwm.
  • Kev them nyiaj yug rau IMA (Integrity Measurement Architecture) tau nthuav dav los txheeb xyuas kev ncaj ncees ntawm kev khiav hauj lwm qhov system siv cov kos npe digital thiab hashes.
  • Los ntawm lub neej ntawd, ib qho kev sib koom ua ke cgroup hierarchy (cgroup v2) tau qhib. Cov pab pawg v2 tuaj yeem siv, piv txwv li, txhawm rau txwv kev nco, CPU thiab I / O noj. Qhov sib txawv tseem ceeb ntawm cgroups v2 thiab v1 yog kev siv cgroups hierarchy rau txhua hom kev pab, es tsis txhob cais hierarchies rau faib CPU cov peev txheej, rau kev tswj hwm kev nco, thiab rau I / O. Kev sib cais hierarchies ua rau muaj teeb meem hauv kev teeb tsa kev sib cuam tshuam ntawm cov neeg tuav haujlwm thiab rau cov nqi siv nyiaj ntxiv thaum siv cov cai rau cov txheej txheem hais txog hauv ntau qib.
  • Ntxiv kev txhawb nqa rau synchronization ntawm lub sijhawm raws sijhawm raws li NTS (Network Time Security) raws tu qauv, uas siv cov ntsiab lus ntawm pej xeem qhov tseem ceeb infrastructure (PKI) thiab tso cai rau siv TLS thiab authenticated encryption AEAD (Authenticated Encryption with Associated Data) rau kev tiv thaiv cryptographic. Cov neeg siv-neeg rau zaub mov kev sib cuam tshuam ntawm NTP raws tu qauv (Network Time Protocol). Lub chrony NTP neeg rau zaub mov tau hloov kho rau version 4.1.
  • Kev sim (Technology Saib ua ntej) kev txhawb nqa rau KTLS (kernel-theem kev siv TLS), Intel SGX (Software Guard Extensions), DAX (Direct Access) rau ext4 thiab XFS, kev txhawb nqa rau AMD SEV thiab SEV-ES hauv KVM hypervisor yog muab.

Tau qhov twg los: opennet.ru

Ntxiv ib saib