ProHoster > Blog > nkhani zapaintaneti > Kugawa kwa Red Hat Enterprise kwayambitsidwa Linux 9

Kugawa kwa Red Hat Enterprise kwayambitsidwa Linux 9

Red Hat yatulutsa kugawa kwake kwa Red Hat Enterprise. Linux 9. Zithunzi zokonzedwa kale zidzapezeka posachedwa kwa ogwiritsa ntchito olembetsedwa a Red Hat Customer Portal (zithunzi za ISO zingagwiritsidwenso ntchito poyesa momwe zinthu zilili) CentOS Mtsinje 9). Kutulutsidwa kumeneku kwapangidwira mapangidwe a x86_64, s390x (IBM System z), ppc64le, ndi Aarch64 (ARM64). Magwero a phukusi la Red Hat Enterprise RPM Linux 9 ali mu malo osungiramo zinthu a Git CentOSMogwirizana ndi nthawi yothandizira ya zaka 10, RHEL 9 idzathandizidwa mpaka 2032. Zosintha za RHEL 7 zipitiliza kutulutsidwa mpaka pa June 30, 2024, ndi RHEL 8 mpaka pa May 31, 2029.

Kugawa kwa Makampani a Red Hat Linux 9 ndi yodziwika bwino chifukwa cha kupita patsogolo kwake kupita ku njira yotseguka kwambiri. Mosiyana ndi nthambi zam'mbuyomu, kugawa kumeneku kumapangidwa pogwiritsa ntchito database ya phukusi. CentOS Mtsinje 9. CentOS Stream imayikidwa ngati pulojekiti yotsogola ya RHEL, zomwe zimathandiza othandizira ena kuti azilamulira kupanga ma phukusi a RHEL, kupereka malingaliro osintha, ndikusintha zisankho. M'mbuyomu, chithunzithunzi cha kutulutsidwa kwa Fedora chidagwiritsidwa ntchito ngati maziko a nthambi yatsopano ya RHEL, yomwe idakonzedwanso ndikukhazikika mobisa, popanda kuthekera koyang'anira njira yopangira ndi zisankho. Tsopano, nthambi imapangidwa kuchokera ku chithunzithunzi cha Fedora chokhala ndi malingaliro ammudzi. CentOS Mtsinje, komwe ntchito yokonzekera imachitikira ndipo maziko a nthambi yatsopano yofunika ya RHEL amapangidwa.

Zosintha zazikulu:

  • Malo ogwirira ntchito ndi zida zomangira zasinthidwa. GCC 11 imagwiritsidwa ntchito popanga ma phukusi. Laibulale ya C yokhazikika yasinthidwa kukhala glibc 2.34. Phukusi la kernel Linux Yomangidwa pa kutulutsidwa kwa 5.14. Woyang'anira phukusi la RPM wasinthidwa kukhala mtundu wa 4.16 ndi chithandizo cha kuwongolera umphumphu kudzera pa fapolicyd.
  • Kusamuka kwa kugawa ku Python 3 kwatha. Nthambi ya Python 3.9 imaperekedwa mwachisawawa. Python 2 yathetsedwa.
  • Desktop imachokera ku GNOME 40 (RHEL 8 yotumizidwa ndi GNOME 3.28) ndi laibulale ya GTK 4. Mu GNOME 40, ma desktops enieni mu Activities Overview mode amasinthidwa kukhala mawonekedwe a malo ndipo amawonetsedwa ngati tcheni choyendayenda mosalekeza kuchokera kumanzere kupita kumanja. Desktop iliyonse yomwe ikuwonetsedwa mu Overview mode imayang'ana zomwe zilipo windows ndi mapoto osinthika ndi makulitsidwe pomwe wogwiritsa ntchito amalumikizana. Kusintha kosasinthika kumaperekedwa pakati pa mndandanda wa mapulogalamu ndi ma desktops enieni.
  • GNOME imaphatikizapo chogwiritsira ntchito-mbiri-daemon chomwe chimapereka mphamvu yosinthira ntchentche pakati pa njira yopulumutsira mphamvu, njira yoyendetsera mphamvu, ndi machitidwe apamwamba kwambiri.
  • Mitsinje yonse yomvera yasunthidwa ku seva yapa media ya PipeWire, yomwe tsopano ndiyosakhazikika m'malo mwa PulseAudio ndi JACK. Kugwiritsa ntchito PipeWire kumakupatsani mwayi wopereka luso laukadaulo wamawu mumtundu wanthawi zonse wapakompyuta, chotsani kugawikana ndikugwirizanitsa zida zamawu pazogwiritsa ntchito zosiyanasiyana.
  • Mwachikhazikitso, menyu ya boot ya GRUB imabisidwa ngati RHEL ndiyogawika yokhayo yomwe idayikidwa pamakina ndipo ngati boot yomaliza idapambana. Kuti muwonetse menyu mukamatsegula, ingogwirani batani la Shift kapena dinani batani la Esc kapena F8 kangapo. Pakati pa zosintha mu bootloader, tikuwonanso kuyika kwa mafayilo osinthika a GRUB pazomanga zonse mu bukhu limodzi /boot/grub2/ (fayilo /boot/efi/EFI/redhat/grub.cfg tsopano ndi ulalo wophiphiritsa ku /boot /grub2/grub.cfg), amenewo. makina omwewo omwe adayikidwa amatha kuyendetsedwa pogwiritsa ntchito EFI ndi BIOS.
  • Zida zothandizira zilankhulo zosiyanasiyana zimayikidwa mu langpacks, zomwe zimakulolani kuti musinthe mulingo wa chithandizo cha zilankhulo chomwe chayikidwa. Mwachitsanzo, langpacks-core-font imapereka mafonti okha, langpacks-core imapereka malo amtundu wa glibc, font yoyambira, ndi njira yolowera, ndipo langpacks imapereka matanthauzidwe, mafonti owonjezera, ndi mtanthauzira mawu wowunika masipelo.
  • Zida zachitetezo zasinthidwa. Kugawa kumagwiritsa ntchito nthambi yatsopano ya laibulale yachinsinsi ya OpenSSL 3.0. Mwachikhazikitso, ma algorithms amakono komanso odalirika a cryptographic amathandizidwa (mwachitsanzo, kugwiritsa ntchito SHA-1 mu TLS, DTLS, SSH, IKEv2 ndi Kerberos ndikoletsedwa, TLS 1.0, TLS 1.1, DTLS 1.0, RC4, Camellia, DSA, 3DES ndi FFDHE-1024 ndizolemala) . Phukusi la OpenSSH lasinthidwa kukhala 8.6p1. Cyrus SASL yasamutsidwira ku GDBM backend m'malo mwa Berkeley DB. malaibulale a NSS (Network Security Services) sakuthandizanso mtundu wa DBM (Berkeley DB). GnuTLS yasinthidwa kukhala 3.7.2.
  • Kuchita bwino kwa SE kwakula kwambiriLinux ndi kuchepetsa kugwiritsa ntchito kukumbukira. Chithandizo cha "SELINUX=disabled" choletsa SE chachotsedwa pa /etc/selinux/configLinux (makonzedwe omwe atchulidwa tsopano amangoletsa kuyika kwa mfundo, komanso kuletsa magwiridwe antchito a SELinux tsopano pakufunika kupititsa gawo la "selinux=0" ku kernel).
  • Anawonjezera chithandizo choyesera VPN WireGuard.
  • Mwachikhazikitso, kulowa kudzera pa SSH monga muzu ndikoletsedwa.
  • Zida zowongolera zosefera za iptables-nft (iptables, ip6tables, ebtables ndi ma arptables utilities) ndi ipset zachotsedwa. Tsopano tikulimbikitsidwa kugwiritsa ntchito nftables kuyang'anira firewall.
  • Zimaphatikizapo daemon yatsopano ya mptcpd yokonzekera MPTCP (MultiPath TCP), kuwonjezereka kwa protocol ya TCP yokonzekera kugwira ntchito kwa TCP yolumikizana ndi paketi yobweretsera nthawi imodzi m'njira zingapo kudzera m'malo osiyanasiyana ochezera a pa intaneti omwe amagwirizanitsidwa ndi ma adilesi osiyanasiyana a IP. Kugwiritsa ntchito mptcpd kumapangitsa kuti zitheke kukonza MPTCP osagwiritsa ntchito iproute2.
  • Phukusi la network-scripts lachotsedwa; NetworkManager iyenera kugwiritsidwa ntchito kukonza maukonde. Thandizo la mawonekedwe a ifcfg amasungidwa, koma NetworkManager imagwiritsa ntchito mawonekedwe a keyfile mwachisawawa.
  • Zolembazo zikuphatikiza mitundu yatsopano ya ophatikiza ndi zida za opanga: GCC 11.2, LLVM/Clang 12.0.1, Rust 1.54, Go 1.16.6, Node.js 16, OpenJDK 17, Perl 5.32, PHP 8.0, Python 3.9, Ruby Git 3.0, Kutembenuza 2.31, binutils 1.14, CMake 2.35, Maven 3.20.2, Nyerere 3.6.
  • Phukusi la seva Apache HTTP Server 2.4.48, nginx 1.20, Varnish Cache 6.5, Squid 5.1 zasinthidwa.
  • DBMS MariaDB 10.5, MySQL 8.0, PostgreSQL 13, Redis 6.2 zasinthidwa.
  • Kuti apange emulator ya QEMU, Clang imathandizidwa mwachisawawa, zomwe zinapangitsa kuti zitheke kugwiritsa ntchito njira zina zotetezera ku hypervisor ya KVM, monga SafeStack kuti ateteze ku njira zowonongeka zochokera ku mapulogalamu obwereranso (ROP - Return-Oriented Programming).
  • Mu SSSD (System Security Services Daemon), tsatanetsatane wa zipikazo zawonjezeka, mwachitsanzo, nthawi yomaliza ntchito tsopano ikuphatikizidwa ndi zochitika ndipo kutuluka kwa chitsimikizo kukuwonekera. Anawonjezera ntchito zofufuzira kuti muwunike zosintha ndi zovuta za magwiridwe antchito.
  • Thandizo la IMA (Integrity Measurement Architecture) lakulitsidwa kuti litsimikizire kukhulupirika kwa zida zogwirira ntchito pogwiritsa ntchito siginecha ya digito ndi ma hashi.
  • Mwachikhazikitso, gulu limodzi logwirizana (cgroup v2) limayatsidwa. Сmagulu v2 angagwiritsidwe ntchito, mwachitsanzo, kuchepetsa kukumbukira, CPU ndi I/O kumwa. Kusiyana kwakukulu pakati pa cgroups v2 ndi v1 ndikugwiritsa ntchito magulu amtundu wamba pamitundu yonse yazachuma, m'malo mwa magawo osiyana pakugawa zida za CPU, pakuwongolera kugwiritsa ntchito kukumbukira, ndi I/O. Kusiyanasiyana kosiyana kudapangitsa kuti pakhale zovuta pakulinganiza kulumikizana pakati pa ogwira ntchito komanso ndalama zowonjezera za kernel mukamagwiritsa ntchito malamulo pamachitidwe omwe amatchulidwa m'magawo osiyanasiyana.
  • Thandizo lowonjezera la kulumikizana kwa nthawi molondola kutengera protocol ya NTS (Network Time Security), yomwe imagwiritsa ntchito zinthu za zomangamanga zachinsinsi (PKI) ndipo imalola kugwiritsa ntchito TLS ndi kubisa kovomerezeka kwa AEAD (Authenticated Encryption ndi Associated Data) poteteza kuyanjana kwa makasitomala ndi seva. Seva kudzera pa NTP (Network Time Protocol). Seva ya NTP yokhazikika yasinthidwa kukhala mtundu wa 4.1.
  • Anapereka chithandizo choyesera (Technology Preview) cha KTLS (kukhazikitsa kernel-level TLS), Intel SGX (Software Guard Extensions), DAX (Direct Access) ya ext4 ndi XFS, chithandizo cha AMD SEV ndi SEV-ES mu hypervisor ya KVM.

Source: opennet.ru

Gulani kuchititsa kodalirika kwamasamba okhala ndi chitetezo cha DDoS, ma seva a VPS VDS Gulani malo odalirika osungira mawebusayiti okhala ndi chitetezo cha DDoS, ma seva a VPS VDS | ProHoster