Pulogalamu ya ProHoster > Blog > nkhani zapaintaneti > AlmaLinux 9 isanatulutsidwe kutengera RHEL 9 nthambi

AlmaLinux 9 isanatulutsidwe kutengera RHEL 9 nthambi

Kutulutsidwa kwa beta kwa kugawa kwa AlmaLinux 9 kumaperekedwa, kumangidwa pogwiritsa ntchito mapaketi ochokera ku nthambi ya Red Hat Enterprise Linux 9 ndipo ili ndi zosintha zonse zomwe zaperekedwa pakutulutsidwa uku. Misonkhano ikukonzekera x86_64, ARM64, s390x ndi ppc64le zomangamanga mu mawonekedwe a boot (780 MB), zochepa (1.7 GB) ndi chithunzi chonse (8 GB). Kutulutsidwa kwa RHEL 9 ndi AlmaLinux 9 kukuyembekezeka koyambirira kwa Meyi.

Kugawa kuli kofanana ndi RHEL m'magwiridwe ake, kupatulapo kusintha komwe kumakhudzana ndi kupanganso dzina komanso kuchotsedwa kwa phukusi la RHEL lapadera monga redhat-*, kasitomala-makasitomala ndi subscription-manager-migration*. AlmaLinux ndi yaulere kwa magulu onse a ogwiritsa ntchito, opangidwa ndi kukhudzidwa kwa anthu ammudzi ndikugwiritsa ntchito chitsanzo choyang'anira chofanana ndi bungwe la polojekiti ya Fedora. Omwe amapanga AlmaLinux adayesetsa kukwaniritsa mgwirizano pakati pa chithandizo chamakampani ndi zofuna za anthu ammudzi - kumbali imodzi, zothandizira ndi oyambitsa CloudLinux, omwe ali ndi chidziwitso chambiri pakusunga mafoloko a RHEL, adakhudzidwa ndi chitukuko, komanso pa mbali ina, polojekitiyi ndi yowonekera komanso yoyendetsedwa ndi anthu ammudzi.

Kugawa kwa AlmaLinux kudakhazikitsidwa ndi CloudLinux, yomwe, ngakhale idatengapo gawo pazinthu zake ndi omwe akutukula, idasamutsa pulojekitiyi ku bungwe lina lopanda phindu, AlmaLinux OS Foundation, kuti litukuke pamalo osalowerera ndale komanso kutenga nawo gawo kwa anthu. Ndalama zokwana madola milioni imodzi pachaka zaperekedwa kuti zithandizire ntchitoyo. Zochitika zonse za AlmaLinux zimasindikizidwa pansi pa zilolezo zaulere.

Zosintha zazikulu mu AlmaLinux 9 ndi RHEL 9 poyerekeza ndi nthambi ya RHEL 8:

  • Malo a dongosolo ndi zida zosonkhana zasinthidwa. GCC 11 imagwiritsidwa ntchito kupanga phukusi. Laibulale yokhazikika ya C yasinthidwa kukhala glibc 2.34. Phukusi la Linux kernel limachokera ku kutulutsidwa kwa 5.14. Woyang'anira phukusi la RPM wasinthidwa kukhala mtundu 4.16 ndi chithandizo chowunikira kukhulupirika kudzera pa fapolicyd.
  • Kusamuka kwa kugawa ku Python 3 kwatha. Nthambi ya Python 3.9 imaperekedwa mwachisawawa. Python 2 yathetsedwa.
  • Desktop imachokera ku GNOME 40 (RHEL 8 yotumizidwa ndi GNOME 3.28) ndi laibulale ya GTK 4. Mu GNOME 40, ma desktops enieni mu Activities Overview mode amasinthidwa kukhala mawonekedwe a malo ndipo amawonetsedwa ngati tcheni choyendayenda mosalekeza kuchokera kumanzere kupita kumanja. Desktop iliyonse yomwe ikuwonetsedwa mu Overview mode imayang'ana zomwe zilipo windows ndi mapoto osinthika ndi makulitsidwe pomwe wogwiritsa ntchito amalumikizana. Kusintha kosasinthika kumaperekedwa pakati pa mndandanda wa mapulogalamu ndi ma desktops enieni.
  • GNOME imaphatikizapo chogwiritsira ntchito-mbiri-daemon chomwe chimapereka mphamvu yosinthira ntchentche pakati pa njira yopulumutsira mphamvu, njira yoyendetsera mphamvu, ndi machitidwe apamwamba kwambiri.
  • Mitsinje yonse yomvera yasunthidwa ku seva yapa media ya PipeWire, yomwe tsopano ndiyosakhazikika m'malo mwa PulseAudio ndi JACK. Kugwiritsa ntchito PipeWire kumakupatsani mwayi wopereka luso laukadaulo wamawu mumtundu wanthawi zonse wapakompyuta, chotsani kugawikana ndikugwirizanitsa zida zamawu pazogwiritsa ntchito zosiyanasiyana.
  • Mwachikhazikitso, menyu ya boot ya GRUB imabisidwa ngati RHEL ndiyogawika yokhayo yomwe idayikidwa pamakina ndipo ngati boot yomaliza idapambana. Kuti muwonetse menyu mukamatsegula, ingogwirani batani la Shift kapena dinani batani la Esc kapena F8 kangapo. Pakati pa zosintha mu bootloader, tikuwonanso kuyika kwa mafayilo osinthika a GRUB pazomanga zonse mu bukhu limodzi /boot/grub2/ (fayilo /boot/efi/EFI/redhat/grub.cfg tsopano ndi ulalo wophiphiritsa ku /boot /grub2/grub.cfg), amenewo. makina omwewo omwe adayikidwa amatha kuyendetsedwa pogwiritsa ntchito EFI ndi BIOS.
  • Zida zothandizira zilankhulo zosiyanasiyana zimayikidwa mu langpacks, zomwe zimakulolani kuti musinthe mulingo wa chithandizo cha zilankhulo chomwe chayikidwa. Mwachitsanzo, langpacks-core-font imapereka mafonti okha, langpacks-core imapereka malo amtundu wa glibc, font yoyambira, ndi njira yolowera, ndipo langpacks imapereka matanthauzidwe, mafonti owonjezera, ndi mtanthauzira mawu wowunika masipelo.
  • Zida zachitetezo zasinthidwa. Kugawa kumagwiritsa ntchito nthambi yatsopano ya laibulale yachinsinsi ya OpenSSL 3.0. Mwachikhazikitso, ma algorithms amakono komanso odalirika a cryptographic amathandizidwa (mwachitsanzo, kugwiritsa ntchito SHA-1 mu TLS, DTLS, SSH, IKEv2 ndi Kerberos ndikoletsedwa, TLS 1.0, TLS 1.1, DTLS 1.0, RC4, Camellia, DSA, 3DES ndi FFDHE-1024 ndizolemala) . Phukusi la OpenSSH lasinthidwa kukhala 8.6p1. Cyrus SASL yasamutsidwira ku GDBM backend m'malo mwa Berkeley DB. malaibulale a NSS (Network Security Services) sakuthandizanso mtundu wa DBM (Berkeley DB). GnuTLS yasinthidwa kukhala 3.7.2.
  • Kupititsa patsogolo magwiridwe antchito a SELinux ndikuchepetsa kukumbukira kukumbukira. Mu /etc/selinux/config, chithandizo cha "SELINUX = disabled" makonda kuti mulepheretse SELinux chachotsedwa (kukhazikitsa uku kumangolepheretsa kutsitsa kwa mfundo, ndipo kuletsa magwiridwe antchito a SELinux tsopano kukufunika kudutsa "selinux = 0" parameter ku mphuno).
  • Adawonjezera chithandizo choyesera cha VPN WireGuard.
  • Mwachikhazikitso, kulowa kudzera pa SSH monga muzu ndikoletsedwa.
  • Zida zowongolera zosefera za iptables-nft (iptables, ip6tables, ebtables ndi ma arptables utilities) ndi ipset zachotsedwa. Tsopano tikulimbikitsidwa kugwiritsa ntchito nftables kuyang'anira firewall.
  • Zimaphatikizapo daemon yatsopano ya mptcpd yokonzekera MPTCP (MultiPath TCP), kuwonjezereka kwa protocol ya TCP yokonzekera kugwira ntchito kwa TCP yolumikizana ndi paketi yobweretsera nthawi imodzi m'njira zingapo kudzera m'malo osiyanasiyana ochezera a pa intaneti omwe amagwirizanitsidwa ndi ma adilesi osiyanasiyana a IP. Kugwiritsa ntchito mptcpd kumapangitsa kuti zitheke kukonza MPTCP osagwiritsa ntchito iproute2.
  • Phukusi la network-scripts lachotsedwa; NetworkManager iyenera kugwiritsidwa ntchito kukonza maukonde. Thandizo la mawonekedwe a ifcfg amasungidwa, koma NetworkManager imagwiritsa ntchito mawonekedwe a keyfile mwachisawawa.
  • Zolembazo zikuphatikiza mitundu yatsopano ya ophatikiza ndi zida za opanga: GCC 11.2, LLVM/Clang 12.0.1, Rust 1.54, Go 1.16.6, Node.js 16, OpenJDK 17, Perl 5.32, PHP 8.0, Python 3.9, Ruby Git 3.0, Kutembenuza 2.31, binutils 1.14, CMake 2.35, Maven 3.20.2, Nyerere 3.6.
  • Phukusi la seva Apache HTTP Server 2.4.48, nginx 1.20, Varnish Cache 6.5, Squid 5.1 zasinthidwa.
  • DBMS MariaDB 10.5, MySQL 8.0, PostgreSQL 13, Redis 6.2 zasinthidwa.
  • Kuti apange emulator ya QEMU, Clang imathandizidwa mwachisawawa, zomwe zinapangitsa kuti zitheke kugwiritsa ntchito njira zina zotetezera ku hypervisor ya KVM, monga SafeStack kuti ateteze ku njira zowonongeka zochokera ku mapulogalamu obwereranso (ROP - Return-Oriented Programming).
  • Mu SSSD (System Security Services Daemon), tsatanetsatane wa zipikazo zawonjezeka, mwachitsanzo, nthawi yomaliza ntchito tsopano ikuphatikizidwa ndi zochitika ndipo kutuluka kwa chitsimikizo kukuwonekera. Anawonjezera ntchito zofufuzira kuti muwunike zosintha ndi zovuta za magwiridwe antchito.
  • Thandizo la IMA (Integrity Measurement Architecture) lakulitsidwa kuti litsimikizire kukhulupirika kwa zida zogwirira ntchito pogwiritsa ntchito siginecha ya digito ndi ma hashi.
  • Mwachikhazikitso, gulu limodzi logwirizana (cgroup v2) limayatsidwa. Π‘magulu v2 angagwiritsidwe ntchito, mwachitsanzo, kuchepetsa kukumbukira, CPU ndi I/O kumwa. Kusiyana kwakukulu pakati pa cgroups v2 ndi v1 ndikugwiritsa ntchito magulu amtundu wamba pamitundu yonse yazachuma, m'malo mwa magawo osiyana pakugawa zida za CPU, pakuwongolera kugwiritsa ntchito kukumbukira, ndi I/O. Kusiyanasiyana kosiyana kudapangitsa kuti pakhale zovuta pakulinganiza kulumikizana pakati pa ogwira ntchito komanso ndalama zowonjezera za kernel mukamagwiritsa ntchito malamulo pamachitidwe omwe amatchulidwa m'magawo osiyanasiyana.
  • Thandizo lowonjezera pakulunzanitsa nthawi yeniyeni kutengera protocol ya NTS (Network Time Security), yomwe imagwiritsa ntchito zida zachinsinsi zapagulu (PKI) ndikulola kugwiritsa ntchito TLS ndi kubisa kotsimikizika kwa AEAD (Authenticated Encryption with Associated Data) pachitetezo chachinsinsi cha kasitomala. -Kulumikizana kwa seva kudzera pa protocol ya NTP (Network Time Protocol). Seva ya chrony NTP yasinthidwa kukhala mtundu wa 4.1.
  • Anapereka chithandizo choyesera cha KTLS (kukhazikitsa kernel-level ya TLS), Intel SGX (Software Guard Extensions), DAX (Direct Access) ya ext4 ndi XFS, chithandizo cha AMD SEV ndi SEV-ES mu hypervisor ya KVM.

    • Source: opennet.ru

Kuwonjezera ndemanga