Pulogalamu ya ProHoster > Blog > nkhani zapaintaneti > Kutulutsidwa kwa kugawa kwa Red Hat Enterprise Linux 8.7

Kutulutsidwa kwa kugawa kwa Red Hat Enterprise Linux 8.7

Red Hat yatulutsa kutulutsidwa kwa Red Hat Enterprise Linux 8.7. Kukhazikitsa kumakonzedweratu kwa x86_64, s390x (IBM System z), ppc64le, ndi Aarch64 zomangamanga, koma zimapezeka kuti zitsitsidwe kwa ogwiritsa ntchito a Red Hat Customer Portal okha. Magwero a Red Hat Enterprise Linux 8 rpm phukusi amagawidwa kudzera mu CentOS Git repository. Nthambi ya 8.x imasungidwa mofanana ndi nthambi ya RHEL 9.x ndipo idzathandizidwa mpaka osachepera 2029.

Kukonzekera kwatsopano kukuchitika motsatira ndondomeko ya chitukuko, zomwe zikutanthawuza kupangidwa kwa zotulutsidwa miyezi isanu ndi umodzi iliyonse pa nthawi yokonzedweratu. Mpaka chaka cha 2024, nthambi ya 8.x idzakhala yothandizira zonse, kutanthauza kuphatikizidwa kwa kusintha kwa ntchito, pambuyo pake idzasunthira kumalo okonzekera, momwe zinthu zofunika kwambiri zidzasinthira ku kukonza zolakwika ndi chitetezo, ndi kusintha kwazing'ono zokhudzana ndi kuthandizira. machitidwe ovuta a hardware.

Zosintha zazikulu:

  • Chida chokonzekera zithunzi zamakina chakulitsidwa kuti chiphatikizepo kuthandizira kukweza zithunzi mu GCP (Google Cloud Platform), kuyika chithunzicho mwachindunji mu registry ya zotengera, kusintha kukula kwa / boot partition, ndikusintha magawo (Blueprint) panthawi yopanga zithunzi. (mwachitsanzo, kuwonjezera phukusi ndi kupanga ogwiritsa ntchito).
  • Anawonjezera luso logwiritsa ntchito kasitomala wa Clevis (clevis-luks-systemd) kuti atsegule ma disk partitions otetezedwa ndi LUKS ndikuyikidwa pa boot mochedwa, popanda kufunikira kugwiritsa ntchito lamulo la "systemctl enable clevis-luks-askpass.path".
  • Phukusi latsopano la xmlstarlet laperekedwa, lomwe limaphatikizapo zofunikira pakugawa, kusintha, kutsimikizira, kuchotsa deta ndikusintha mafayilo a XML.
  • Anawonjeza kuthekera koyambilira (Technology Preview) kutsimikizira ogwiritsa ntchito pogwiritsa ntchito othandizira akunja (IdP, wopereka zidziwitso) omwe amathandizira kukulitsa kwa protocol ya OAuth 2.0 "Device Authorization Grant" kuti apereke ma tokeni ofikira a OAuth kuzida popanda kugwiritsa ntchito msakatuli.
  • Kuthekera kwa maudindo adongosolo kwakulitsidwa, mwachitsanzo, gawo la netiweki lawonjezera thandizo pakukhazikitsa malamulo oyendetsera ndikugwiritsa ntchito nmstate API, ntchito yodula mitengo yawonjezera kuthandizira kusefa ndi mawu okhazikika (startmsg.regex, endmsg.regex), udindo wosungirako wawonjezera chithandizo cha magawo omwe adagawidwa mofulumizitsa malo osungira ("kuchepa kwapang'onopang'ono"), kukwanitsa kuyendetsa kudzera /etc/ssh/sshd_config wawonjezedwa ku gawo la sshd, kutumiza kwa Postfix ziwerengero za ntchito zawonjezedwa ku ntchito ya metrics, kuthekera kolemba zosintha zam'mbuyomu zakhazikitsidwa ku gawo la firewall ndikuthandizira kuwonjezera, kukonzanso ndi kuchotsa kwaperekedwa ntchito kutengera boma.
  • Kusinthidwa seva ndi dongosolo phukusi: chrony 4.2, unbound 1.16.2, opencryptoki 3.18.0, powerpc-utils 1.3.10, libva 2.13.0, PCP 5.3.7, Grafana 7.5.13, SystemTap 4.7, NetworkManager 1.40 samba 4.16.1. XNUMX.
  • Zolembazo zikuphatikiza mitundu yatsopano yazophatikiza ndi zida za opanga: GCC Toolset 12, LLVM Toolset 14.0.6, Rust Toolset 1.62, Go Toolset 1.18, Ruby 3.1, java-17-openjdk (java-11-opejdk ndi pitilizani java-1.8.0. kuperekedwa .3.8-openjdk), Maven 6.2, Mercurial 18, Node.js 6.2.7, Redis 3.19, Valgrind 12.1.0, Dyninst 0.187, elfutils XNUMX.
  • sysctl configuration processing yakhala ikugwirizana ndi dongosolo la dongosolo la ndondomeko - mafayilo osinthika mu /etc/sysctl.d tsopano ali ndi patsogolo kwambiri kuposa omwe ali mu /run/sysctl.d.
  • Chida cha ReaR (Relax-and-Recover) chawonjezera kuthekera kopereka malamulo osakhazikika musanachira komanso mukachira.
  • Malaibulale a NSS sakuthandizanso makiyi a RSA ochepera 1023 bits.
  • Nthawi yomwe imatenga iptables-save utility kuti ipulumutse ma iptables akuluakulu a malamulo achepetsedwa kwambiri.
  • Njira yodzitetezera ku SSBD (spec_store_bypass_disable) ndi STIBP (spectre_v2_user) yasunthidwa kuchoka ku "seccomp" kupita ku "prctl", zomwe zimakhala ndi zotsatira zabwino pakugwira ntchito kwa zotengera ndi mapulogalamu omwe amagwiritsa ntchito njira ya seccomp kuletsa kuyimba mafoni.
  • Dalaivala wa ma adapter a Intel E800 Ethernet amathandizira ma protocol a iWARP ndi RoCE.
  • Kuphatikizidwa ndi chida chotchedwa nfsrahead chomwe chingagwiritsidwe ntchito kusintha makonzedwe owerengera a NFS.
  • M'makonzedwe a Apache httpd, mtengo wa LimitRequestBody parameter wasinthidwa kuchoka ku 0 (palibe malire) kupita ku 1 GB.
  • Phukusi latsopano, laposachedwa, lawonjezedwa, lomwe limaphatikizapo mtundu waposachedwa wa make utility.
  • Thandizo lowonjezera pakuwunika magwiridwe antchito pamakina okhala ndi mapurosesa a AMD Zen 2 ndi Zen 3 ku libpfm ndi papi.
  • SSSD (System Security Services Daemon) inawonjezera chithandizo chosungira zopempha za SID (mwachitsanzo, macheke a GID / UID) mu RAM, zomwe zinapangitsa kuti zitheke kufulumizitsa ntchito zokopera mafayilo ambiri kudzera pa seva ya Samba. Thandizo lophatikizana ndi Windows Server 2022 limaperekedwa.
  • Maphukusi omwe ali ndi chithandizo cha API ya zithunzi za Vulkan awonjezedwa pamakina a 64-bit IBM POWER (ppc64le).
  • Thandizo la AMD Radeon RX 6 [345]00 yatsopano ndi AMD Ryzen 5/7/9 6[689]00 GPUs yakhazikitsidwa. Thandizo la Intel Alder Lake-S ndi Alder Lake-P GPUs limayatsidwa mwachisawawa, zomwe poyamba zinali zofunika kukhazikitsa parameter i915.alpha_support=1 kapena i915.force_probe=*.
  • Thandizo lokhazikitsa ma cryptopolicies awonjezedwa pa intaneti, kuthekera kotsitsa ndi kukhazikitsa RHEL pamakina owoneka bwino kwaperekedwa, batani lawonjezedwa kuti muyike zigamba zokha za kernel ya Linux, malipoti ozindikira akulitsidwa, ndipo njira yawonjezedwa kuti muyambitsenso kukhazikitsa zosintha zikamalizidwa.
  • Thandizo lowonjezera la lamulo la ap-check ku mdevctl kuti mukhazikitse mwayi wotumizira ma crypto accelerators kumakina enieni.
  • Thandizo lonse la VMware ESXi hypervisor ndi SEV-ES (AMD Secure Encrypted Virtualization-Encrypted State) zowonjezera zakhazikitsidwa. Thandizo lowonjezera la malo amtambo a Azure okhala ndi mapurosesa kutengera kamangidwe ka Ampere Altra.
  • Zida zowongolera zotengera zakutali zasinthidwa, kuphatikiza mapaketi monga Podman, Buildah, Skopeo, crun ndi runc. Thandizo lowonjezera la GitLab Runner muzotengera zokhala ndi Rutime Podman. Kuti musinthe makina amtundu wa chidebe, chida cha netavark ndi seva ya Aardvark DNS imaperekedwa.
  • Kuti muwongolere kuphatikizika kwa chitetezo ku ziwopsezo mu makina a MMIO (Memory Mapped Input Output), kernel boot parameter "mmio_stale_data" imakhazikitsidwa, yomwe imatha kutenga "zambiri" (zothandizira kuyeretsa ma buffers mukasunthira kumalo ogwiritsira ntchito komanso mu VM), "full,nosmt" (monga "full" + imalepheretsanso SMT/Hyper-Threads) ndi "off" (chitetezo cholemala).
  • Kuwongolera kuphatikizika kwa chitetezo ku chiwopsezo cha Retbleed, kernel boot parameter "retbleed" yakhazikitsidwa, kudzera momwe mungathetsere chitetezo ("off") kapena kusankha chiwopsezo chotsekereza algorithm (auto, nosmt, ibpb, unret).
  • The acpi_sleep kernel boot parameter tsopano imathandizira zosankha zatsopano zowongolera kugona: s3_bios, s3_mode, s3_beep, s4_hwsig, s4_nohwsig, old_ordering, nonvs, sci_force_enable, ndi nobl.
  • Onjezani madalaivala atsopano a Maxlinear Ethernet GPY (mxl-gpy), Realtek 802.11ax 8852A (rtw89_8852a), Realtek 802.11ax 8852AE (rtw89_8852ae), Modem Host Interface (MHI), AMDs Host Interface (MHI), AMDs Host Interface (MHI), AMD Passd DRM DisplayPort (drm_dp_helper), Intel® Software Defined Silicon (intel_sdsi), Intel PMT (pmt_*), AMD SPI Master Controller (spi-amd).
  • Thandizo lowonjezera la eBPF kernel subsystem.
  • Kupitiliza kupereka zoyeserera (Technology Preview) zothandizira AF_XDP, XDP kutsitsa kwa hardware, Multipath TCP (MPTCP), MPLS (Multi-protocol Label Switching), DSA (data streaming accelerator), KTLS, dracut, kexec fast reboot, nispor, DAX mu ext4 ndi xfs, systemd-resolved, accel-config, igc, OverlayFS, Stratis, Software Guard Extensions (SGX), NVMe/TCP, DNSSEC, GNOME pa ARM64 ndi IBM Z machitidwe, AMD SEV ya KVM, Intel vGPU, Toolbox.

Source: opennet.ru

Kuwonjezera ndemanga