ProHoster > Блог > ozi ịntanetị > Mwepụta nkesa Red Hat Enterprise Linux 9.1

Mwepụta nkesa Red Hat Enterprise Linux 9.1

Uhie okpu ebipụtala ntọhapụ nke Red Hat Enterprise Linux 9.1 nkesa. Onyonyo nrụnye akwadoro dị maka ndị ọrụ Portal ahịa ahịa okpu uhie edebanye aha (A nwekwara ike iji onyonyo iso CentOS Stream 9 nyochaa arụmọrụ). Emebere mwepụta ahụ maka ụlọ ọrụ x86_64, s390x (IBM Sistemụ z), ppc64le na Aarch64 (ARM64). Koodu isi mmalite maka ngwugwu Red Hat Enterprise Linux 9 rpm dị na ebe nchekwa CentOS Git.

A na-emepe alaka RHEL 9 site na usoro mmepe mepere emepe ma na-eji ngwugwu CentOS Stream 9 dị ka ntọala ya dị ka ọrụ dị elu maka RHEL, na-enye ndị sonyere ndị ọzọ aka ịchịkwa nkwadebe nke ngwugwu maka RHEL, kwuo mgbanwe ha na mmetụta mkpebi ndị e mere. Dabere na okirikiri nkwado afọ 10 maka nkesa, RHEL 9 ga-akwado ruo 2032.

Mgbanwe isi:

  • Ihe nkesa na ngwugwu sistemụ emelitere: firewalld 1.1.1, chrony 4.2, unbound 1.16.2, frr 8.2.2, Apache httpd 2.4.53, opencryptoki 3.18.0, powerpc-utils 1.3.10, libvpd 2.2.9, ls.1.7.14pd. 64, ppc2.7-diag 5.3.7, PCP 7.5.13, Grafana 4.16.1, samba XNUMX.
  • Ngwakọta ahụ gụnyere ụdị ọhụrụ nke ndị nchịkọta na ngwaọrụ maka ndị mmepe: GCC 11.2.1, GCC Toolset 12, LLVM Toolset 14.0.6, binutils 2.35.2, PHP 8.1, Ruby 3.1, Node.js 18, Rust Toolset 1.62, Go Toolset. . 1.18.2.
  • Nkwalite emejuputa atumatu na Linux kernels 5.15 na 5.16 ka ebufegoro na eBPF (Berkeley Packet Filter). Dịka ọmụmaatụ, maka mmemme BPF, emejuputala ikike ịrịọ na ịhazi ihe omume ngụ oge, ikike ịnata na ịtọ nhọrọ oghere maka setsockot, nkwado maka ịkpọ ọrụ modul kernel, usoro nchekwa data nke puru omume (BPF map) nzacha oge ntoju. atụnyere, na ike ejikọta mkpado na paramita ọrụ agbakwunyere.
  • Emelitela ntọala patches maka sistemu oge ejiri na kernel-rt kernel ka ọ bụrụ steeti dabara na kernel 5.15-rt.
  • Emelitere mmejuputa iwu MPTCP (MultiPath TCP), eji hazie ọrụ njikọ TCP na nnyefe nke ngwugwu n'otu oge n'ọtụtụ ụzọ site na ntanetị netwọkụ dị iche iche. Mgbanwe sitere na Linux kernel 5.19 (dịka ọmụmaatụ, nkwado agbakwunyere maka ịtụgharị njikọ MPTCP na TCP oge niile wee tụọ API maka ijikwa iyi MPTCP site na oghere onye ọrụ).
  • Na sistemụ nwere 64-bit ARM, AMD na Intel processors, ọ ga-ekwe omume ịgbanwe omume nke ọnọdụ Real-Time na kernel na oge ojiri gaa site na ide aha ọnọdụ na faịlụ “/ sys/kernel/debug/sched/preempt ” ma ọ bụ n'oge buut site na paramita kernel “preempt=” (ọ nweghị, ụdị afọ ofufo na nke zuru oke na-akwado).
  • Agbanwela ntọala bootloader GRUB iji zoo menu buut na ndabara, yana menu gosipụtara ma ọ bụrụ na akpụkpọ ụkwụ gara aga dara. Iji gosi menu n'oge buut, ị nwere ike ijide igodo Shift ma ọ bụ pịa igodo Esc ma ọ bụ F8 kwa oge. Iji gbanyụọ nzuzo, ị nwere ike iji iwu "grub2-editenv - unset menu_auto_hide".
  • agbakwunyere nkwado maka ịmepụta elekere ngwaike mebere (PHC, PTP Hardware Clocks) na onye ọkwọ ụgbọ ala PTP (Precision Time Protocol).
  • Iwu modulsync agbakwunyere, nke na-ebu ngwugwu RPM site na modul wee mepụta ebe nchekwa na ndekọ ọrụ yana metadata dị mkpa maka ịwụnye ngwugwu modul.
  • Etugharịrị, ọrụ maka nlekota ahụike sistemu yana ịkwalite profaịlụ maka arụmọrụ kachasị dabere na ibu dị ugbu a, na-enye ikike iji ngwungwu edemede-profaịlụ-realtime kewapụ cores CPU wee nye eriri ngwa na akụrụngwa niile dị.
  • NetworkManager na-arụ ọrụ ntụgharị ntụgharị nke profaịlụ njikọ site na usoro ntọala ifcfg (/etc/sysconfig/network-scripts/ifcfg-*) n'ime usoro dabere na faịlụ igodo. Iji bugharịa profaịlụ, ị nwere ike iji iwu "nmcli njikọ migrate".
  • Emelitere SELinux Toolkit iji wepụta 3.4, nke na-eme ka arụmọrụ nke relabeling dịkwuo mma n'ihi myirịta nke arụmọrụ, agbakwunyere nhọrọ "-m" ("-checksum") na ngwa semodule iji nweta SHA256 hashes nke modul, mcstrans. ebufela ya n'ọbá akwụkwọ PCRE2. Agbakwụnyela akụrụngwa ọhụrụ maka ịrụ ọrụ na iwu ịnweta: sepol_check_access, sepol_compute_av, sepol_compute_member, sepol_compute_relabel, sepol_validate_transition. Amụma SELinux agbakwunyere iji chebe ksm, nm-priv-helper, rhcd, stalld, systemd-network-generator, targetclid na wg-ngwa ngwa ọrụ.
  • Agbakwunyere ikike iji onye ahịa Clevis (clevis-luks-systemd) kpọghee akụkụ diski ezoro ezo na LUKS wee tinye ya na ngwụcha buut, na-enweghị mkpa iji iwu "systemctl nwee clevis-luks-askpass.path".
  • A gbasaa ngwa ngwa maka ịkwadebe ihe onyonyo sistemu iji tinye nkwado maka itinye onyonyo n'ime GCP (Google Cloud Platform), na-etinye onyonyo ozugbo n'ime ndekọ akpa, na-agbanwe nha nke nkebi / buut, yana mezie paramita (Blueprint) n'oge ọgbọ onyonyo. (dịka ọmụmaatụ, ịgbakwunye ngwugwu na ịmepụta ndị ọrụ).
  • Utility keyylime agbakwunyere maka ịgba akaebe (nnwale na nlebanya iguzosi ike n'ezi ihe na-aga n'ihu) nke sistemụ mpụga site na iji teknụzụ TPM (Trusted Platform Module), dịka ọmụmaatụ, iji nyochaa izi ezi nke ngwaọrụ Edge na IoT dị na ebe anaghị achịkwa ebe enwere ike ịnweta ikike na-enweghị ikike.
  • Mbipụta RHEL maka Edge na-enye ikike iji fdo-admin utility hazie ọrụ FDO (FiDO Device Onboard) wee mepụta asambodo na igodo maka ha.
  • SSSD (System Security Services Daemon) gbakwunyere nkwado maka caching arịrịọ SID (dịka ọmụmaatụ, nlele GID/UID) na RAM, nke mere ka o kwe omume ịme ngwa nbigharị ọrụ maka ọnụ ọgụgụ buru ibu nke faịlụ site na sava Samba. Enyere nkwado maka njikọta na Windows Server 2022.
  • Na OpenSSH, ogo igodo RSA kacha nta na-ejedebere na 2048 bits, ụlọ akwụkwọ NSS anaghị akwado igodo RSA dị obere karịa 1023 ibe n'ibe. Iji hazie mmachi nke gị, agbakwunyela ihe achọrọRSASize na OpenSSH. Nkwado agbakwunyere maka usoro mgbanwe igodo [email protected], na-eguzogide ọgwụ na hacking na quantum kọmputa.
  • Ngwa ReaR (izu ike-na-naghachi) agbakwunyela ikike ịme iwu aka ike tupu na mgbe mgbake gasịrị.
  • Onye ọkwọ ụgbọ ala maka ihe nkwụnye Intel E800 Ethernet na-akwado iWARP na protocol RoCE.
  • Agbakwunyela ngwungwu httpd-core ọhụrụ, bụ nke ebuferela isi ihe nke Apache httpd, zuru ezu iji mee ihe nkesa HTTP yana jikọtara ya na ọnụ ọgụgụ kacha nta nke ndabere. Ihe ngwugwu httpd na-agbakwunye modul ndị ọzọ dịka mod_systemd na mod_brotli ma tinye akwụkwọ.
  • Agbakwunyere ngwungwu xmlstarlet ọhụrụ, nke gụnyere akụrụngwa maka ntule, gbanwee, ịkwado, wepụ data na dezie faịlụ XML, dị ka grep, sed, awk, diff, patch na sonyere, mana maka XML kama faịlụ ederede.
  • A gbasaala ikike nke ọrụ sistemụ, dịka ọmụmaatụ, ọrụ netwọk agbakwunyere nkwado maka ịtọlite ​​​​iwu ntụgharị na iji nmstate API, ọrụ ntinye agbakwunyere nkwado maka nzacha site na nkwupụta oge niile (startmsg.regex, endmsg.regex), Ọrụ nchekwa agbakwunyere nkwado maka ngalaba nke ekenyela ohere nchekwa ike (“ihe dị mkpa”), ikike ijikwa site na /etc/ssh/sshd_config agbakwunyere na ọrụ sshd, agbakwunyere mbupụ ọnụ ọgụgụ arụmọrụ Postfix na ọrụ metrics, ikike nke idegharị nhazi gara aga ka etinyere ya na ọrụ firewall na nkwado maka ịgbakwunye, imelite na ihichapụ ka enyerela ọrụ dabere na steeti.
  • Emelitela ngwa ọrụ maka ijikwa arịa ndị dịpụrụ adịpụ, gụnyere ngwugwu dịka Podman, Buildah, Skopeo, crun na runc. Nkwado agbakwunyere maka GitLab Runner n'ime akpa nwere oge Podman. Iji hazie subsystem netwọk akpa, a na-enye ọrụ netavark na sava DNS Aardvark.
  • Nkwado agbakwunyere maka iwu ap-check na mdevctl iji hazie ụzọ mbugharị na ngwa ngwa crypto gaa na igwe mebere.
  • Agbakwunyere ikike mbido (Nhụchalụ teknụzụ) iji nyochaa ndị ọrụ site na iji ndị na-eweta mpụga (IdP, onye na-eweta njirimara) na-akwado ndọtị protocol OAuth 2.0 “Ngwaọrụ ikike ikike” iji nye ohere ịnweta OAuth na ngwaọrụ na-ejighi ihe nchọgharị.
  • Maka nnọkọ GNOME dabere na Wayland, Firefox na-ewuli nke na-eji Wayland. Ewubere na X11, nke egburu na gburugburu Wayland site na iji akụrụngwa XWayland, na-etinye n'ime ngwugwu firefox-x11 dị iche.
  • A na-akwado nnọkọ dabere na Wayland site na ndabara maka sistemụ nwere Matrox GPUs (Ejibughị Wayland na Matrox GPUs n'ihi oke na nsogbu arụmọrụ, nke edozila ugbu a).
  • Nkwado maka GPU agbakwunyere n'ime ọgbọ nke iri na abụọ Intel Core processors, gụnyere Intel Core i12 3T - i12100 9KS, Intel Pentium Gold G12900 na G7400T, Intel Celeron G7400 na G6900T Intel Core i6900-5HX - i12450-9H-12950 i3-1220H-7 na Intel Core 1280P. Nkwado agbakwunyere maka AMD Radeon RX 6[345]00 na AMD Ryzen 5/7/9 6[689]00 GPUs.
  • Iji chịkwaa nsonye nke nchebe megide adịghị ike na usoro MMIO (Memory Mapped Input Output), etinyere paramita kernel boot “mmio_stale_data” nke nwere ike were ụkpụrụ “zuru oke” (na-eme ka ihicha ihe nchekwa mgbe ị na-aga na oghere onye ọrụ na na VM), “full, nosmt” (dị ka “zuru oke” + na-ewepụkwa SMT/Hyper-strings) na “gbanyụọ” (nkwado nchekwa).
  • Iji chịkwaa nsonye nke nchebe megide adịghị ike nke Retbleed, emejuputala paramita kernel boot “retbleed” nke ị nwere ike gbanyụọ nchedo (“ gbanyụọ”) ma ọ bụ họrọ vulnerability blocking algorithm (akpaaka, nosmt, ibpb, unret).
  • Paramita buut acpi_sleep kernel ugbu a na-akwado nhọrọ ọhụrụ maka ịchịkwa ọnọdụ ụra: s3_bios, s3_mode, s3_beep, s4_hwsig, s4_nohwsig, old_ordering, nonvs, sci_force_enable, na nobl.
  • Agbakwunyere nnukwu akụkụ nke ndị ọkwọ ụgbọ ala ọhụrụ maka ngwaọrụ netwọkụ, sistemụ nchekwa na ibe eserese.
  • Nkwanye na-aga n'ihu nke nnwale (Nleba Nkà na ụzụ) nkwado maka KTLS (mmejuputa ọkwa ọkwa kernel nke TLS), VPN WireGuard, Intel SGX (Software Guard Extensions), Intel IDXD (Data Streaming Accelerator), DAX (Nnweta Direct) maka ext4 na XFS, AMD SEV na SEV -ES na KVM hypervisor, ọrụ nhazi usoro, Stratis nchekwa njikwa, Sigstore maka nyochaa arịa site na iji mbinye aka dijitalụ, ngwugwu ya na GIMP 2.99.8 nchịkọta akụkọ eserese, ntọala MPTCP (Multipath TCP) site na NetworkManager, ACME (Asambodo akpaaka Njikwa gburugburu) sava, virtio-mem, hypervisor KVM maka ARM64.
  • Ngwa ngwa GTK 2 na ngwugwu ya metụtara adwaita-gtk2-theme, gnome-common, gtk2, gtk2-immodules na hexchat emebiela. Akwụsịla X.org Server (RHEL 9 na-enye nnọkọ GNOME dabeere na Wayland site na ndabara), nke a na-eme atụmatụ iwepụ na ngalaba na-esote RHEL, mana ọ ga-ejigide ikike ịme ngwa X11 site na nnọkọ Wayland site na iji Ihe nkesa XWayland DDX.

isi: opennet.ru

Tinye a comment