CentOS ãããžã§ã¯ãã¯ãCentOS Stream 9 ãã£ã¹ããªãã¥ãŒã·ã§ã³ã®æäŸãæ£åŒã«çºè¡šããŸãããããã¯ããããªãŒãã³ãªæ°ããéçºããã»ã¹ã®äžç°ãšããŠãRed Hat Enterprise Linux 9 ãã£ã¹ããªãã¥ãŒã·ã§ã³ã®åºç€ãšããŠäœ¿çšãããŠããŸãã CentOS Stream ã¯ç¶ç¶çã«æŽæ°ããããã£ã¹ããªãã¥ãŒã·ã§ã³ã§ãããå°æ¥ã® RHEL ãªãªãŒã¹ã«åããŠéçºãããŠããããã±ãŒãžã«æ©æã«ã¢ã¯ã»ã¹ã§ããŸãã ãã«ãã¯ãx86_64ãAarch64ãããã³ ppc64le (IBM Power 9+) ã¢ãŒããã¯ãã£ãŒçšã«æºåãããŠããŸãã ããã«ãIBM Z ã¢ãŒããã¯ã㣠(s390x Z14+) ã®ãµããŒããçºè¡šãããŠããŸããããã®ã¢ã»ã³ããªã¯ãŸã å©çšã§ããŸããã
CentOS Stream 㯠RHEL ã®äžæµãããžã§ã¯ããšããŠäœçœ®ä»ããããŠããããµãŒãããŒãã£ã®åå è ã« RHEL çšã®ããã±ãŒãžã®æºåãå¶åŸ¡ããå€æŽãææ¡ãã決å®ã«åœ±é¿ãäžããæ©äŒãæäŸããŸãã 以åã¯ãFedora ãªãªãŒã¹ã® 9 ã€ã®ã¹ãããã·ã§ãããæ°ãã RHEL ãã©ã³ãã®åºç€ãšããŠäœ¿çšãããŠããŸããããéçºã®é²è¡ç¶æ³ãææ決å®ãå¶åŸ¡ããããšã¯ã§ãããå¯å®€ã§æçµåããã³å®å®åãè¡ãããŠããŸããã RHEL 34 ã®éçºäžã«ãã³ãã¥ããã£ã®åå ãåŸãŠãFedora 9 ã®ã¹ãããã·ã§ããã«åºã¥ã㊠CentOS Stream XNUMX ãã©ã³ãã圢æãããããã§æºåäœæ¥ãå®è¡ãããRHEL ã®æ°ããéèŠãªãã©ã³ãã®åºç€ã圢æãããŸããã
ãŸã ãªãªãŒã¹ãããŠããªãå°æ¥ã® RHEL æ«å®ãªãªãŒã¹ã«åããŠåãæŽæ°ã CentOS Stream ã«å¯ŸããŠå ¬éãããŠãããéçºè ã®äž»ãªç®æšã¯ãRHEL ãšåãã¬ãã«ã® CentOS Stream ã®å®å®æ§ãéæããããšã§ããããšã«æ³šæããŠãã ããã ããã±ãŒãžã¯ CentOS Stream ã§æäŸãããåã«ãããŸããŸãªèªåããã³æåãã¹ã ã·ã¹ãã ãééãããã®å®å®æ§ã¬ãã«ã RHEL ã§å ¬éã§ããããã±ãŒãžã®å質åºæºãæºãããŠãããšã¿ãªãããå Žåã«ã®ã¿å ¬éãããŸãã CentOS Stream ãšåæã«ãæºåãããæŽæ°ã RHEL ã®å€éãã«ãã«é 眮ãããŸãã
以åã®éèŠãªãã©ã³ããšæ¯èŒãã CentOS Stream 9 ã®äž»ãªå€æŽç¹:
- ã·ã¹ãã ç°å¢ãšã¢ã»ã³ããªããŒã«ãæŽæ°ãããŸããã ããã±ãŒãžã®æ§ç¯ã«ã¯ GCC 11 ã䜿çšãããæšæº C ã©ã€ãã©ãªã¯ glibc 2.34 ã«æŽæ°ãããŸããã Linux ã«ãŒãã« ããã±ãŒãžã¯ 5.14 ãªãªãŒã¹ã«åºã¥ããŠããŸãã RPM ããã±ãŒãž ãããŒãžã£ãŒãããŒãžã§ã³ 4.16 ã«æŽæ°ãããfapolicyd ã«ããæŽåæ§ç£èŠããµããŒããããŸããã
- Python 3 ãžã®ãã£ã¹ããªãã¥ãŒã·ã§ã³ã®ç§»è¡ãå®äºããPython 3.9 ãã©ã³ããããã©ã«ãã§æäŸãããŸãã Python 2 ã¯å»æ¢ãããŸããã
- ãã¹ã¯ããã㯠GNOME 40 (GNOME 8 ã«å梱ãããŠãã RHEL 3.28) ãš GTK 4 ã©ã€ãã©ãªã«åºã¥ããŠããŸããGNOME 40 ã§ã¯ãã¢ã¯ãã£ããã£æŠèŠã¢ãŒãã®ä»®æ³ãã¹ã¯ãããã¯æšªåãã«åãæ¿ãããå·Šããå³ãžé£ç¶çã«ã¹ã¯ããŒã«ãããã§ãŒã³ãšããŠè¡šç€ºãããŸãã æŠèŠã¢ãŒãã§è¡šç€ºãããåãã¹ã¯ãããã¯ã䜿çšå¯èœãªãŠã£ã³ããŠãèŠèŠåãããŠãŒã¶ãŒã®æäœã«å¿ããŠåçã«ãã³ããºãŒã ãè¡ããŸãã ããã°ã©ã ã®ãªã¹ããšä»®æ³ãã¹ã¯ãããã®éã§ã·ãŒã ã¬ã¹ãªç§»è¡ãæäŸãããŸãã
- GNOME ã«ã¯ãçé»åã¢ãŒããé»åãã©ã³ã¹ ã¢ãŒããæ倧ããã©ãŒãã³ã¹ ã¢ãŒãããªã³ã¶ãã©ã€ã§åãæ¿ããæ©èœãæäŸãã power-profiles-daemon ãã³ãã©ãŒãå«ãŸããŠããŸãã
- ãã¹ãŠã®ãªãŒãã£ãª ã¹ããªãŒã 㯠PipeWire ã¡ãã£ã¢ ãµãŒããŒã«ç§»åãããããã PulseAudio ãš JACK ã®ä»£ããã«ããã©ã«ãã«ãªããŸããã PipeWire ã䜿çšãããšãéåžžã®ãã¹ã¯ããã ãšãã£ã·ã§ã³ã§ãããã§ãã·ã§ãã«ãªãªãŒãã£ãªåŠçæ©èœãæäŸããæçåã解æ¶ããããŸããŸãªã¢ããªã±ãŒã·ã§ã³ã®ãªãŒãã£ãª ã€ã³ãã©ã¹ãã©ã¯ãã£ãçµ±åã§ããŸãã
- ããã©ã«ãã§ã¯ãRHEL ãã·ã¹ãã ã«ã€ã³ã¹ããŒã«ãããŠããå¯äžã®ãã£ã¹ããªãã¥ãŒã·ã§ã³ã§ãããæåŸã®ããŒããæåããå ŽåãGRUB ããŒã ã¡ãã¥ãŒã¯é衚瀺ã«ãªããŸãã èµ·åäžã«ã¡ãã¥ãŒã衚瀺ããã«ã¯ãShift ããŒãæŒãç¶ããããEsc ããŒãŸã㯠F8 ããŒãæ°åæŒããŸãã ããŒãããŒããŒã®å€æŽç¹ã®äžã§ããã¹ãŠã®ã¢ãŒããã¯ãã£ã® GRUB èšå®ãã¡ã€ã«ã 2 ã€ã®ãã£ã¬ã¯ã㪠/boot/grub2/ ã«é 眮ãããŠããããšã«ã泚ç®ããŠãã ãã (ãã¡ã€ã« /boot/efi/EFI/redhat/grub.cfg 㯠/boot ãžã®ã·ã³ããªã㯠ãªã³ã¯ã«ãªããŸãã) /grubXNUMX/grub.cfg)ããããã ã€ã³ã¹ããŒã«ãããŠããåãã·ã¹ãã ã¯ãEFI ãš BIOS ã®äž¡æ¹ã䜿çšããŠèµ·åã§ããŸãã
- ããŸããŸãªèšèªããµããŒãããã³ã³ããŒãã³ã㯠langpack ã«ããã±ãŒãžåãããŠãããã€ã³ã¹ããŒã«ãããèšèªãµããŒãã®ã¬ãã«ãå€æŽã§ããŸãã ããšãã°ãlangpacks-core-font ã¯ãã©ã³ãã®ã¿ãæäŸããlangpacks-core 㯠glibc ãã±ãŒã«ãåºæ¬ãã©ã³ããããã³å ¥åã¡ãœãããæäŸããlangpacks ã¯ç¿»èš³ãè¿œå ãã©ã³ããããã³ã¹ãã«ãã§ãã¯èŸæžãæäŸããŸãã
- ã»ãã¥ãªãã£ã³ã³ããŒãã³ããæŽæ°ãããŸããã ãã®ãã£ã¹ããªãã¥ãŒã·ã§ã³ã§ã¯ãOpenSSL 3.0 æå·åã©ã€ãã©ãªã®æ°ãããã©ã³ãã䜿çšãããŸãã ããã©ã«ãã§ã¯ãããææ°ã§ä¿¡é Œæ§ã®é«ãæå·åã¢ã«ãŽãªãºã ãæå¹ã«ãªã£ãŠããŸã (ããšãã°ãTLSãDTLSãSSHãIKEv1ãããã³ Kerberos ã§ã® SHA-2 ã®äœ¿çšã¯çŠæ¢ãããŠããŸããTLS 1.0ãTLS 1.1ãDTLS 1.0ãRC4ãCamelliaãDSAã3DES)ããã³ FFDHE-1024 ã¯ç¡å¹ã«ãªããŸã)ã OpenSSH ããã±ãŒãžãããŒãžã§ã³ 8.6p1 ã«æŽæ°ãããŸããã Cyrus SASL ã¯ãBerkeley DB ã§ã¯ãªã GDBM ããã¯ãšã³ãã«ç§»åãããŸããã NSS (Network Security Services) ã©ã€ãã©ãªã¯ãDBM (Berkeley DB) 圢åŒããµããŒãããªããªããŸããã GnuTLS ãããŒãžã§ã³ 3.7.2 ã«æŽæ°ãããŸããã
- SELinux ã®ããã©ãŒãã³ã¹ãå€§å¹ ã«åäžããã¡ã¢ãªæ¶è²»éãåæžãããŸããã /etc/selinux/config ã§ã¯ãSELinux ãç¡å¹ã«ãããSELINUX=disabledãèšå®ã®ãµããŒããåé€ãããŸãã (ãã®èšå®ã¯çŸåšãããªã·ãŒã®èªã¿èŸŒã¿ã®ã¿ãç¡å¹ã«ããå®éã« SELinux æ©èœãç¡å¹ã«ããã«ã¯ããselinux=0ããã©ã¡ãŒã¿ãã«ãŒãã«ïŒã
- VPN WireGuard ã®å®éšçãµããŒããè¿œå ãããŸããã
- ããã©ã«ãã§ã¯ãroot ãšã㊠SSH çµç±ã§ãã°ã€ã³ããããšã¯çŠæ¢ãããŠããŸãã
- iptables-nft ãã±ãã ãã£ã«ã¿ãŒç®¡çããŒã« (iptablesãip6tablesãebtablesãarptables ãŠãŒãã£ãªãã£) ãš ipset ã¯éæšå¥šã«ãªããŸããã çŸåšããã¡ã€ã¢ãŠã©ãŒã«ã®ç®¡çã«ã¯ nftables ã䜿çšããããšãæšå¥šãããŠããŸãã
- ããã«ã¯ãMPTCP (ãã«ããã¹ TCP) ãæ§æããããã®æ°ãã mptcpd ããŒã¢ã³ãå«ãŸããŠããŸããMPTCP (ãã«ããã¹ TCP) ã¯ãç°ãªã IP ã¢ãã¬ã¹ã«é¢é£ä»ããããç°ãªããããã¯ãŒã¯ ã€ã³ã¿ãŒãã§ã€ã¹ãä»ããŠè€æ°ã®ã«ãŒãã«æ²¿ã£ãŠåæã«ãã±ãããé ä¿¡ãã TCP æ¥ç¶ã®æäœãçµç¹ããããã® TCP ãããã³ã«ã®æ¡åŒµæ©èœã§ãã mptcpd ã䜿çšãããšãiproute2 ãŠãŒãã£ãªãã£ã䜿çšããã« MPTCP ãæ§æã§ããŸãã
- network-scripts ããã±ãŒãžã¯åé€ãããŸããããããã¯ãŒã¯æ¥ç¶ã®æ§æã«ã¯ NetworkManager ã䜿çšããå¿ èŠããããŸãã ifcfg èšå®åœ¢åŒã®ãµããŒãã¯ç¶æãããŸãããNetworkManager ã¯ããã©ã«ãã§ããŒãã¡ã€ã«ããŒã¹ã®åœ¢åŒã䜿çšããŸãã
- ãã®æ§æã«ã¯ãéçºè åãã®æ°ããããŒãžã§ã³ã®ã³ã³ãã€ã©ãšããŒã«ãå«ãŸããŠããŸã: GCC 11.2ãLLVM/Clang 12.0.1ãRust 1.54ãGo 1.16.6ãNode.js 16ãOpenJDK 17ãPerl 5.32ãPHP 8.0ãPython 3.9ãRuby 3.0ã Git 2.31ãSubversion 1.14ãbinutils 2.35ãCMake 3.20.2ãMaven 3.6ãAnt 1.10ã
- ãµãŒã㌠ããã±ãŒãž Apache HTTP Server 2.4.48ãnginx 1.20ãVarnish Cache 6.5ãSquid 5.1 ãæŽæ°ãããŸããã
- DBMS MariaDB 10.5ãMySQL 8.0ãPostgreSQL 13ãRedis 6.2 ãæŽæ°ãããŸããã
- QEMU ãšãã¥ã¬ãŒã¿ãŒãæ§ç¯ããã«ã¯ãClang ãããã©ã«ãã§æå¹ã«ãªã£ãŠãããããã«ããããªã¿ãŒã³æåããã°ã©ãã³ã° (ROP - ãªã¿ãŒã³æåããã°ã©ãã³ã°) ã«åºã¥ãæªçšææ³ããä¿è·ãã SafeStack ãªã©ãããã€ãã®è¿œå ã®ä¿è·ã¡ã«ããºã ã KVM ãã€ããŒãã€ã¶ãŒã«é©çšããããšãå¯èœã«ãªããŸãã
- SSSD (System Security Services Daemon) ã§ã¯ãã¿ã¹ã¯ã®å®äºæéãã€ãã³ãã«ä»å ãããããèªèšŒãããŒãåæ ããããªã©ããã°ã®è©³çŽ°ã匷åãããŸããã èšå®ãšããã©ãŒãã³ã¹ã®åé¡ãåæããããã®æ€çŽ¢æ©èœãè¿œå ãããŸããã
- IMA (Integrity Measurement Architecture) ã®ãµããŒããæ¡åŒµãããããžã¿ã«çœ²åãšããã·ã¥ã䜿çšããŠãªãã¬ãŒãã£ã³ã° ã·ã¹ãã ã³ã³ããŒãã³ãã®æŽåæ§ãæ€èšŒã§ããããã«ãªããŸããã
- ããã©ã«ãã§ã¯ãåäžã®çµ±å cgroup éå±€ (cgroup v2) ãæå¹ã«ãªã£ãŠããŸãã Сgroups v2 ã¯ãããšãã°ã¡ã¢ãªãCPUãããã³ I/O ã®æ¶è²»ãå¶éããããã«äœ¿çšã§ããŸãã cgroups v2 ãš v1 ã®äž»ãªéãã¯ãCPU ãªãœãŒã¹ã®å²ãåœãŠãã¡ã¢ãªæ¶è²»ã®èª¿æŽãããã³ I/O ã«åå¥ã®éå±€ã䜿çšããã®ã§ã¯ãªãããã¹ãŠã®çš®é¡ã®ãªãœãŒã¹ã«å ±éã® cgroups éå±€ã䜿çšããããšã§ãã éå±€ãåãããŠãããšããã³ãã©ãŒéã®å¯Ÿè©±ãæŽçããããšãå°é£ã«ãªããç°ãªãéå±€ã§åç §ãããããã»ã¹ã«ã«ãŒã«ãé©çšãããšãã«è¿œå ã®ã«ãŒãã« ãªãœãŒã¹ ã³ã¹ããçºçããŸãã
- NTS (Network Time Security) ãããã³ã«ã«åºã¥ãæ£ç¢ºãªæå»ã®åæã®ãµããŒããè¿œå ãããŸãããããã«ãããå ¬éããŒåºç€ (PKI) ã®èŠçŽ ã䜿çšãããTLS ãšèªèšŒæå·å AEAD (Authenticated Encryption with Associated Data) ã®äœ¿çšãèš±å¯ãããæå·åä¿è·ãè¡ãããŸãã NTP ãããã³ã« (ãããã¯ãŒã¯ ã¿ã€ã ãããã³ã«) ãä»ããã¯ã©ã€ã¢ã³ããšãµãŒããŒã®å¯Ÿè©±ã chrony NTP ãµãŒããŒãããŒãžã§ã³ 4.1 ã«æŽæ°ãããŸããã
- KTLS (TLS ã®ã«ãŒãã«ã¬ãã«å®è£ )ãIntel SGX (Software Guard Extensions)ãext4 ããã³ XFS çšã® DAX (Direct Access)ãKVM ãã€ããŒãã€ã¶ãŒã§ã® AMD SEV ããã³ SEV-ES ã®ãµããŒãã®å®éšçãµããŒããæäŸããŸããã
䞊è¡ããŠãCentOS Stream 8 ãã©ã³ãã®éçºãç¶ããããŠããŸããããã¯ãRHEL 8.x ã®æ°ãããªãªãŒã¹ã®æºåã«äœ¿çšããããµããŒããçµäºããåŸæ¥ã® CentOS 8.x ãã£ã¹ããªãã¥ãŒã·ã§ã³ã䜿çšããã·ã¹ãã ã®å€æã«æšå¥šãããŸããæã®çµããã«ã CentOS Stream ã«åãæ¿ããã«ã¯ãcentos-release-stream ããã±ãŒãž (ãdnf install centos-release-streamã) ãã€ã³ã¹ããŒã«ãããdnf updateãã³ãã³ããå®è¡ããã ãã§ãã CentOS Stream 8 ãã©ã³ã㯠31 幎 2024 æ 7 æ¥ãŸã§ãµããŒããããã¯ã©ã·ã㯠CentOS 30.x ã®ãµããŒã㯠2024 幎 XNUMX æ XNUMX æ¥ã«çµäºããŸãã
代ããã«ããŠãŒã¶ãŒã¯ CentOS 8 ãã©ã³ãã®éçºãç¶ç¶ãããã£ã¹ããªãã¥ãŒã·ã§ã³ (AlmaLinux (移è¡ã¹ã¯ãªãã)ãRocky Linux (移è¡ã¹ã¯ãªãã)ãVzLinux (移è¡ã¹ã¯ãªãã)ããŸã㯠Oracle Linux (移è¡ã¹ã¯ãªãã)) ã«åãæ¿ããããšãã§ããŸãã ããã«ãRed Hat ã¯ããªãŒãã³ãœãŒã¹ ãœãããŠã§ã¢ãéçºããŠããçµç¹ããæ倧 16 åã®ä»®æ³ãŸãã¯ç©çã·ã¹ãã ãåããå人ã®éçºè
ç°å¢ã§ RHEL ãç¡æã§äœ¿çšã§ããæ©äŒ (移è¡ã¹ã¯ãªãã) ãæäŸããŠããŸãã
åºæïŒ ãªãŒãã³ããã.ru