Pulogalamu ya ProHoster > Blog > nkhani zapaintaneti > Kutulutsidwa kwa kugawa kwa Red Hat Enterprise Linux 9.1

Kutulutsidwa kwa kugawa kwa Red Hat Enterprise Linux 9.1

Red Hat yatulutsa kufalitsa kwa Red Hat Enterprise Linux 9.1. Zithunzi zokhazikitsidwa zokonzeka zimapezeka kwa ogwiritsa ntchito a Red Hat Customer Portal (zithunzi za CentOS Stream 9 iso zitha kugwiritsidwanso ntchito kuyesa magwiridwe antchito). Kutulutsidwa kumapangidwira kwa x86_64, s390x (IBM System z), ppc64le ndi Aarch64 (ARM64) zomangamanga. Khodi yoyambira mapaketi a Red Hat Enterprise Linux 9 rpm ikupezeka m'malo a CentOS Git.

Nthambi ya RHEL 9 ikupangidwa ndi njira yowonjezera yotseguka ndipo imagwiritsa ntchito phukusi la CentOS Stream 9 monga maziko ake. perekani zosintha zawo ndikuwongolera zisankho zomwe zapangidwa. Mogwirizana ndi zaka 10 zothandizira kugawa, RHEL 9 idzathandizidwa mpaka 2032.

Zosintha zazikulu:

  • Kusinthidwa seva ndi dongosolo phukusi: firewalld 1.1.1, chrony 4.2, unbound 1.16.2, frr 8.2.2, Apache httpd 2.4.53, opencryptoki 3.18.0, powerpc-utils 1.3.10, libvpd 2.2.9pd . 1.7.14, ppc64-diag 2.7, PCP 5.3.7, Grafana 7.5.13, samba 4.16.1.
  • Zolembazo zikuphatikiza mitundu yatsopano ya ophatikiza ndi zida za opanga: GCC 11.2.1, GCC Toolset 12, LLVM Toolset 14.0.6, binutils 2.35.2, PHP 8.1, Ruby 3.1, Node.js 18, Rust Toolset 1.62 Toolset 1.18.2. 3.8, Maven 17, java-11-openjdk (java-1.8.0-openjdk ndi java-7.0-openjdk komanso kupitiriza kutumiza), .NET 10.2, GDB 3.19, Valgrind 4.7, SystemTap 12.1.0, Dyninst 0.187 elfu. XNUMX.
  • Zowongolera zomwe zachitika mu Linux kernels 5.15 ndi 5.16 zasamutsidwa ku eBPF (Berkeley Packet Filter) subsystem. Mwachitsanzo, pamapulogalamu a BPF, kuthekera kopempha ndikukonza zochitika zowerengera nthawi kwakhazikitsidwa, kuthekera kolandila ndikuyika zosankha zasocket za setsockopt, kuthandizira kuyimba ntchito za kernel module, probabilistic data storage structure (BPF map) pachimake fyuluta wakhala. aperekedwa, ndipo kuthekera komanga ma tag ku magawo ogwirira ntchito awonjezedwa.
  • Seti ya zigamba zamakina anthawi yeniyeni omwe amagwiritsidwa ntchito mu kernel-rt kernel zasinthidwa kukhala boma lolingana ndi 5.15-rt kernel.
  • Kukhazikitsidwa kwa protocol ya MPTCP (MultiPath TCP), yomwe imagwiritsidwa ntchito pokonza magwiridwe antchito a kulumikizana kwa TCP ndi kutumiza mapaketi nthawi imodzi m'njira zingapo kudzera pamaneti osiyanasiyana, yasinthidwa. Zosintha zomwe zidatengedwa kuchokera ku Linux kernel 5.19 (mwachitsanzo, adawonjezera chithandizo chotsitsimutsa maulumikizidwe a MPTCP ku TCP wamba ndikukonza API yoyang'anira mitsinje ya MPTCP kuchokera pamalo ogwiritsa ntchito).
  • Pa machitidwe omwe ali ndi 64-bit ARM, AMD ndi Intel processors, ndizotheka kusintha machitidwe a Real-Time mode mu kernel pa nthawi yothamanga polemba dzina la mode ku fayilo "/sys/kernel/debug/sched/preempt ” kapena pa nthawi yoyambira kudzera pa kernel parameter β€œpreempt=" (palibe, njira zodzifunira ndi zonse zimathandizidwa).
  • Zokonda za GRUB bootloader zasinthidwa kuti zibise zoyambira mwachisawawa, ndi menyu omwe akuwonetsa ngati boot yapitayo idalephera. Kuti muwonetse menyu mukamatsegula, mutha kugwira batani la Shift kapena kukanikiza makiyi a Esc kapena F8 nthawi ndi nthawi. Kuti mulepheretse kubisala, mutha kugwiritsa ntchito lamulo "grub2-editenv - unset menu_auto_hide".
  • Thandizo lopanga mawotchi a hardware (PHC, PTP Hardware Clock) awonjezedwa kwa oyendetsa PTP (Precision Time Protocol).
  • Lamulo lowonjezera la modulesync, lomwe limanyamula phukusi la RPM kuchokera ku ma modules ndikupanga chosungira muzolemba zogwirira ntchito ndi metadata yofunikira pakuyika ma module.
  • Tuned, ntchito yowunikira thanzi ladongosolo komanso kukhathamiritsa ma profayilo kuti agwire bwino ntchito kutengera zomwe zikuchitika pano, imapereka mwayi wogwiritsa ntchito pulogalamu yapanthawi yeniyeni yopatula ma CPU cores ndikupereka ulusi wogwiritsa ntchito ndi zonse zomwe zilipo.
  • NetworkManager imagwiritsa ntchito kumasulira kwa ma profiles olumikizana kuchokera pamtundu wa ifcfg (/etc/sysconfig/network-scripts/ifcfg-*) kukhala mtundu wotengera fayilo yayikulu. Kusamutsa mbiri, mutha kugwiritsa ntchito lamulo la "nmcli connection migrate".
  • SeLinux toolkit yasinthidwa kuti itulutse 3.4, yomwe imapangitsa kuti magwiridwe antchito alembenso chifukwa cha kufanana kwa magwiridwe antchito, njira ya "-m" ("--checksum") yawonjezedwa ku semodule kuti mupeze SHA256 hashes yama module, mcstrans. zasamutsidwa ku laibulale ya PCRE2. Zida zatsopano zogwirira ntchito ndi malamulo ofikira awonjezedwa: sepol_check_access, sepol_compute_av, sepol_compute_member, sepol_compute_relabel, sepol_validate_transition. Mfundo zowonjezera za SELinux zoteteza ksm, nm-priv-helper, rhcd, stalld, systemd-network-generator, targetclid ndi wg-quick services.
  • Anawonjezera luso logwiritsa ntchito kasitomala wa Clevis (clevis-luks-systemd) kuti atsegule ma disk partitions otetezedwa ndi LUKS ndikuyikidwa pa boot mochedwa, popanda kufunikira kugwiritsa ntchito lamulo la "systemctl enable clevis-luks-askpass.path".
  • Chida chokonzekera zithunzi zamakina chakulitsidwa kuti chiphatikizepo kuthandizira kukweza zithunzi mu GCP (Google Cloud Platform), kuyika chithunzicho mwachindunji mu registry ya zotengera, kusintha kukula kwa / boot partition, ndikusintha magawo (Blueprint) panthawi yopanga zithunzi. (mwachitsanzo, kuwonjezera phukusi ndi kupanga ogwiritsa ntchito).
  • Chowonjezera chofunikira chothandizira umboni (chitsimikiziro ndi kuwunika kosalekeza) kwadongosolo lakunja pogwiritsa ntchito ukadaulo wa TPM (Trusted Platform Module), mwachitsanzo, kutsimikizira zowona za zida za Edge ndi IoT zomwe zili pamalo osalamulirika komwe kuli kotheka kupeza mosaloledwa.
  • The RHEL for Edge edition imapereka mwayi wogwiritsa ntchito fdo-admin utility kukonza mautumiki a FDO (FIDO Device Onboard) ndikupanga satifiketi ndi makiyi awo.
  • SSSD (System Security Services Daemon) inawonjezera chithandizo chosungira zopempha za SID (mwachitsanzo, macheke a GID / UID) mu RAM, zomwe zinapangitsa kuti zitheke kufulumizitsa ntchito zokopera mafayilo ambiri kudzera pa seva ya Samba. Thandizo lophatikizana ndi Windows Server 2022 limaperekedwa.
  • Π’ OpenSSH ΠΌΠΈΠ½ΠΈΠΌΠ°Π»ΡŒΠ½Ρ‹ΠΉ Ρ€Π°Π·ΠΌΠ΅Ρ€ RSA-ΠΊΠ»ΡŽΡ‡Π΅ΠΉ ΠΏΠΎ ΡƒΠΌΠΎΠ»Ρ‡Π°Π½ΠΈΡŽ ΠΎΠ³Ρ€Π°Π½ΠΈΡ‡Π΅Π½ 2048 Π±ΠΈΡ‚Π°ΠΌΠΈ, Π° Π² Π±ΠΈΠ±Π»ΠΈΠΎΡ‚Π΅ΠΊΠ°Ρ… NSS ΠΏΡ€Π΅ΠΊΡ€Π°Ρ‰Π΅Π½Π° ΠΏΠΎΠ΄Π΄Π΅Ρ€ΠΆΠΊΠ° ΠΊΠ»ΡŽΡ‡Π΅ΠΉ RSA, Ρ€Π°Π·ΠΌΠ΅Ρ€ΠΎΠΌ ΠΌΠ΅Π½Π΅Π΅ 1023 Π±ΠΈΡ‚. Для настройки собствСнных ΠΎΠ³Ρ€Π°Π½ΠΈΡ‡Π΅Π½ΠΈΠΉ Π² OpenSSH Π΄ΠΎΠ±Π°Π²Π»Π΅Π½ ΠΏΠ°Ρ€Π°ΠΌΠ΅Ρ‚Ρ€ RequiredRSASize. Π”ΠΎΠ±Π°Π²Π»Π΅Π½Π° ΠΏΠΎΠ΄Π΄Π΅Ρ€ΠΆΠΊΠ° ΠΌΠ΅Ρ‚ΠΎΠ΄Π° ΠΎΠ±ΠΌΠ΅Π½Π° ΠΊΠ»ΡŽΡ‡Π°ΠΌΠΈ [imelo ndiotetezedwa], kugonjetsedwa ndi kubera pamakompyuta a quantum.
  • Chida cha ReaR (Relax-and-Recover) chawonjezera kuthekera kopereka malamulo osakhazikika musanachira komanso mukachira.
  • Dalaivala wa ma adapter a Intel E800 Ethernet amathandizira ma protocol a iWARP ndi RoCE.
  • Phukusi latsopano la httpd-core lawonjezeredwa, momwe gawo lalikulu la zigawo za Apache httpd zasunthidwa, zokwanira kuyendetsa seva ya HTTP ndikugwirizanitsidwa ndi chiwerengero chochepa cha kudalira. Phukusi la httpd limawonjezera ma module ena monga mod_systemd ndi mod_brotli ndipo limaphatikizapo zolemba.
  • Anawonjezera phukusi latsopano la xmlstarlet, lomwe limaphatikizapo zida zopangira, kusintha, kutsimikizira, kuchotsa deta ndi kusintha mafayilo a XML, ofanana ndi grep, sed, awk, diff, chigamba ndi kujowina, koma kwa XML m'malo mwa mafayilo.
  • Kuthekera kwa maudindo adongosolo kwakulitsidwa, mwachitsanzo, gawo la netiweki lawonjezera thandizo pakukhazikitsa malamulo oyendetsera ndikugwiritsa ntchito nmstate API, ntchito yodula mitengo yawonjezera kuthandizira kusefa ndi mawu okhazikika (startmsg.regex, endmsg.regex), udindo wosungirako wawonjezera chithandizo cha magawo omwe adagawidwa mofulumizitsa malo osungira ("kuchepa kwapang'onopang'ono"), kukwanitsa kuyendetsa kudzera /etc/ssh/sshd_config wawonjezedwa ku gawo la sshd, kutumiza kwa Postfix ziwerengero za ntchito zawonjezedwa ku ntchito ya metrics, kuthekera kolemba zosintha zam'mbuyomu zakhazikitsidwa ku gawo la firewall ndikuthandizira kuwonjezera, kukonzanso ndi kuchotsa kwaperekedwa ntchito kutengera boma.
  • Zida zowongolera zotengera zakutali zasinthidwa, kuphatikiza mapaketi monga Podman, Buildah, Skopeo, crun ndi runc. Thandizo lowonjezera la GitLab Runner muzotengera zokhala ndi Rutime Podman. Kuti musinthe makina amtundu wa chidebe, chida cha netavark ndi seva ya Aardvark DNS imaperekedwa.
  • Thandizo lowonjezera la lamulo la ap-check ku mdevctl kuti mukhazikitse mwayi wotumizira ma crypto accelerators kumakina enieni.
  • Anawonjeza kuthekera koyambilira (Technology Preview) kutsimikizira ogwiritsa ntchito pogwiritsa ntchito othandizira akunja (IdP, wopereka zidziwitso) omwe amathandizira kukulitsa kwa protocol ya OAuth 2.0 "Device Authorization Grant" kuti apereke ma tokeni ofikira a OAuth kuzida popanda kugwiritsa ntchito msakatuli.
  • Pa gawo la Wayland-based GNOME, Firefox imamanga omwe amagwiritsa ntchito Wayland amaperekedwa. Zomanga zochokera pa X11, zomwe zimachitidwa m'malo a Wayland pogwiritsa ntchito gawo la XWayland, zimayikidwa mu phukusi lapadera firefox-x11.
  • Gawo lokhazikitsidwa ndi Wayland limayatsidwa ndi machitidwe omwe ali ndi Matrox GPUs (Wayland m'mbuyomu sinagwiritsidwe ntchito ndi Matrox GPUs chifukwa cha zofooka ndi zovuta zogwirira ntchito, zomwe zathetsedwa tsopano).
  • Thandizo la ma GPU ophatikizidwa mu processor ya 12th Intel Core processors, kuphatikiza Intel Core i3 12100T - i9 12900KS, Intel Pentium Gold G7400 ndi G7400T, Intel Celeron G6900 ndi G6900T Intel Core i5-12450HX - i9-12950KS - I3-1220 iH-7 iH-1280 6P. Thandizo lowonjezera la AMD Radeon RX 345[00]5 ndi AMD Ryzen 7/9/6 689[00]XNUMX GPUs.
  • Kuti muwongolere kuphatikizika kwa chitetezo ku ziwopsezo mu makina a MMIO (Memory Mapped Input Output), kernel boot parameter "mmio_stale_data" imakhazikitsidwa, yomwe imatha kutenga "zambiri" (zothandizira kuyeretsa ma buffers mukasunthira kumalo ogwiritsira ntchito komanso mu VM), "full,nosmt" (monga "full" + imalepheretsanso SMT/Hyper-Threads) ndi "off" (chitetezo cholemala).
  • Kuwongolera kuphatikizika kwa chitetezo ku chiwopsezo cha Retbleed, kernel boot parameter "retbleed" yakhazikitsidwa, kudzera momwe mungathetsere chitetezo ("off") kapena kusankha chiwopsezo chotsekereza algorithm (auto, nosmt, ibpb, unret).
  • The acpi_sleep kernel boot parameter tsopano imathandizira zosankha zatsopano zowongolera kugona: s3_bios, s3_mode, s3_beep, s4_hwsig, s4_nohwsig, old_ordering, nonvs, sci_force_enable, ndi nobl.
  • Adawonjezera gawo lalikulu la madalaivala atsopano pazida zama network, makina osungira ndi tchipisi tazithunzi.
  • Kupitiliza kupereka chithandizo choyesera (Technology Preview) cha KTLS (kernel-level kukhazikitsa TLS), VPN WireGuard, Intel SGX (Software Guard Extensions), Intel IDXD (Data Streaming Accelerator), DAX (Direct Access) ya ext4 ndi XFS, AMD SEV ndi SEV -ES mu hypervisor ya KVM, serviced-resolved service, Stratis storage manager, Sigstore potsimikizira zotengera pogwiritsa ntchito siginecha ya digito, phukusi ndi GIMP 2.99.8 graphical editor, MPTCP (Multipath TCP) zoikamo kudzera NetworkManager, ACME (Automated Certificate Management Environment) maseva, virtio-mem, KVM hypervisor ya ARM64.
  • Zida za GTK 2 ndi mapaketi ogwirizana nawo adwaita-gtk2-theme, gnome-common, gtk2, gtk2-immodules ndi hexchat zatsitsidwa. Seva ya X.org yachotsedwa ntchito (RHEL 9 imapereka gawo la Wayland-based GNOME mwachisawawa), lomwe likukonzekera kuchotsedwa munthambi yayikulu yotsatira ya RHEL, koma ikhalabe ndi kuthekera koyendetsa mapulogalamu a X11 kuchokera ku gawo la Wayland pogwiritsa ntchito Seva ya XWayland DDX.

Source: opennet.ru

Kuwonjezera ndemanga