ProHoster > Blog > internet nhau > Kugoverwa kweRed Hat Enterprise kwakatangwa Linux 9

Kugoverwa kweRed Hat Enterprise kwakatangwa Linux 9

Red Hat yakaburitsa kugoverwa kwayo kweRed Hat Enterprise. Linux 9. Mifananidzo yekuisa yakagadzirwa ichawanikwa munguva pfupi iri kutevera kune vashandisi vakanyoreswa veRed Hat Customer Portal (mifananidzo yeISO inogona kushandiswawo kuongorora mashandiro ayo) CentOS Stream 9). Kuburitswa kwacho kwakagadzirirwa ma architecture e x86_64, s390x (IBM System z), ppc64le, uye Aarch64 (ARM64). Red Hat Enterprise RPM package sources Linux 9 dzakachengetwa muGit repository CentOSZvichienderana nehurongwa hwekutsigira hwemakore gumi, RHEL 9 ichatsigirwa kusvika 2032. Zvichangobva kuburitswa zveRHEL 7 zvicharamba zvichiburitswa kusvika 30 Chikumi, 2024, uye RHEL 8 kusvika 31 Chivabvu, 2029.

Kugoverwa kweRed Hat Enterprise Linux 9 inozivikanwa nekuchinja kwayo kuenda kune nzira yakavhurika yekuvandudza. Kusiyana nemapazi ekare, kugoverwa kwacho kwakavakwa uchishandisa database yepakeji. CentOS Rwizi 9. CentOS Stream iri panzvimbo yayo seprojekiti yepamusoro yeRHEL, ichigonesa vanhu vechitatu kuti vatonge kugadzirwa kwemapakeji eRHEL, kupa mazano ekuchinja, uye kupesvedzera sarudzo. Kare, mufananidzo wekuburitswa kweFedora waishandiswa sehwaro hwebazi idzva reRHEL, iro rakagadziriswa uye rakagadzikana pasina mukana wekutarisa maitiro ekugadzira uye sarudzo. Iye zvino, bazi rinoumbwa kubva pamufananidzo weFedora une pfungwa dzenharaunda. CentOS Stream, uko basa rekugadzirira rinoitwa uye hwaro hwebazi idzva rakakosha reRHEL hunoumbwa.

Kuchinja kukuru:

  • Nzvimbo yesystem uye maturusi ekuvaka zvakagadziridzwa. GCC 11 inoshandiswa pakuvaka mapakeji. Raibhurari yeC yakajairwa yakagadziridzwa kuita glibc 2.34. Pakeji yekernel Linux Yakavakirwa pane yakaburitswa 5.14. Mutariri wepakeji yeRPM yakagadziriswa kuita vhezheni 4.16 nerutsigiro rwekudzora kutendeseka kuburikidza nefapolicyd.
  • Kutama kwekugovera kuPython 3 kwapera. Bazi rePython 3.9 rinopihwa nekusarudzika. Python 2 yakamiswa.
  • Desktop yakavakirwa paGNOME 40 (RHEL 8 yakatumirwa neGNOME 3.28) uye raibhurari yeGTK 4. MuGNOME 40, virtual desktops in Activities Overview mode anochinjirwa ku landscape orientation uye anoratidzwa sengetani inoramba ichifamba kubva kuruboshwe kuenda kurudyi. Desktop yega yega inoratidzwa muOverview modhi inoona iripo windows uye zvine simba pani uye zooms sezvo mushandisi anopindirana. Shanduko isina musono inopihwa pakati pechinyorwa chezvirongwa uye chaiwo desktops.
  • GNOME inosanganisira simba-profiles-daemon handler iyo inopa kukwanisa kuchinja pakubhururuka pakati pemagetsi ekuchengetedza simba, simba rekuenzanisa mode, uye maitiro ekushanda kwepamusoro.
  • Ese maodhiyo nzizi akaendeswa kune iyo PipeWire midhiya server, inova ndiyo yakasarudzika pachinzvimbo chePulseAudio neJACK. Kushandisa PipeWire kunokutendera kuti upe hunyanzvi hwekugadzirisa odhiyo mune yenguva dzose desktop edition, bvisa kupatsanuka uye ubatanidze zvivakwa zvekuteerera kune akasiyana maapplication.
  • Nekumisikidza, iyo GRUB bhutsu menyu yakavanzwa kana RHEL ndiyo yega kugovera yakaiswa pane system uye kana bhutsu yekupedzisira yakabudirira. Kuti uratidze menyu panguva yebhutsu, ingobata pasi kiyi yeShift kana kudzvanya Esc kana F8 kiyi kakawanda. Pakati pekuchinja mubhootloader, tinocherechedzawo kuiswa kweGRUB configuration mafaira ezvese zvivakwa mune rimwe dhairekitori /boot/grub2/ (iyo faira /boot/efi/EFI/redhat/grub.cfg ikozvino inofananidzira link ku/boot /grub2/grub.cfg), avo. iyo yakafanana yakaiswa sisitimu inogona kubhurwa uchishandisa ese EFI uye BIOS.
  • Zvikamu zvekutsigira mitauro yakasiyana zvakaiswa mu langpacks, izvo zvinokutendera iwe kusiyanisa nhanho yerutsigiro yemutauro yakaiswa. Semuenzaniso, langpacks-core-font inopa mafonti chete, langpacks-core inopa glibc locale, base font, uye nzira yekuisa, uye langpacks inopa shanduro, mamwe mafonti, uye maduramazwi ekutarisa zviperengo.
  • Chengetedzo zvikamu zvakagadziridzwa. Kugovera kunoshandisa bazi idzva reOpenSSL 3.0 cryptographic library. Nekutadza, mamwe emazuva ano uye akavimbika cryptographic algorithms anogoneswa (semuenzaniso, kushandiswa kweSHA-1 muTLS, DTLS, SSH, IKEv2 uye Kerberos kunorambidzwa, TLS 1.0, TLS 1.1, DTLS 1.0, RC4, Camellia, DSA, 3DES. uye FFDHE-1024 yakaremara) . Iyo OpenSSH package yakagadziridzwa kuita shanduro 8.6p1. Cyrus SASL yakaendeswa kune GDBM backend panzvimbo yeBerkeley DB. NSS (Network Security Services) maraibhurari haachatsigiri iyo DBM (Berkeley DB) fomati. GnuTLS yakagadziridzwa kuita shanduro 3.7.2.
  • Zvakanyanya kuvandudzwa mashandiro eSELinux uye kushandiswa kwendangariro kwakaderera. Rutsigiro rwe "SELINUX=disabled" setting yekudzima SE rwabviswa kubva pa /etc/selinux/configLinux (mamiriro akatarwa iye zvino anongodzima kurodha kwemapolisi, uye kudzima mashandiro eSELinux ikozvino zvinodikanwa kuti parameter "selinux=0" ipfuure ku kernel).
  • Rutsigiro rwekuedza rwakawedzerwa VPN WireGuard.
  • Nekusagadzikana, kupinda mukati kuburikidza neSSH sezvo mudzi unorambidzwa.
  • Iyo iptables-nft packet filter management maturusi (iptables, ip6tables, ebtables uye arptables utilities) uye ipset zvakabviswa. Ikozvino inokurudzirwa kushandisa nftables kubata firewall.
  • Inosanganisira mptcpd daemon itsva yekugadzirisa MPTCP (MultiPath TCP), kuwedzera kweTCP protocol yekuronga kushanda kweTCP yekubatanidza nekuendeswa kwemapakiti panguva imwe chete munzira dzakawanda kuburikidza netiweki yakasiyana-siyana inosanganiswa ne IP kero dzakasiyana. Kushandisa mptcpd kunoita kuti zvikwanise kugadzirisa MPTCP pasina kushandisa iproute2 utility.
  • Iyo network-scripts package yabviswa; NetworkManager inofanirwa kushandiswa kugadzirisa network. Tsigiro yeifcfg yekuseta fomati inochengetwa, asi NetworkManager inoshandisa iyo keyfile-based fomati nekukasira.
  • Kuumbwa kwacho kunosanganisira mavhezheni matsva evagadziri uye maturusi evagadziri: GCC 11.2, LLVM/Clang 12.0.1, Rust 1.54, Go 1.16.6, Node.js 16, OpenJDK 17, Perl 5.32, PHP 8.0, Python 3.9, Ruby Git 3.0, Subversion 2.31, binutils 1.14, CMake 2.35, Maven 3.20.2, Ant 3.6.
  • Server packages Apache HTTP Server 2.4.48, nginx 1.20, Varnish Cache 6.5, Squid 5.1 yakagadziridzwa.
  • DBMS MariaDB 10.5, MySQL 8.0, PostgreSQL 13, Redis 6.2 yakagadziridzwa.
  • Kuvaka iyo QEMU emulator, Clang inogoneswa nekusarudzika, izvo zvakaita kuti zvikwanise kushandisa dzimwe nzira dzekudzivirira kune KVM hypervisor, senge SafeStack kudzivirira kubva kuhunyanzvi hwekushandisa hunoenderana nekudzoka-yakatarisana programming (ROP - Return-Oriented Programming).
  • MuSSSD (System Security Services Daemon), ruzivo rwematanda rwakawedzerwa, semuenzaniso, nguva yekupedzisa basa ikozvino yakabatanidzwa kune zviitiko uye kuyerera kwechokwadi kunoratidzwa. Yakawedzera basa rekutsvaga kuongorora marongero uye nyaya dzekuita.
  • Tsigiro yeIMA (Integrity Measurement Architecture) yakawedzerwa kuti ione kutendeseka kweanoshanda sisitimu zvikamu uchishandisa siginecha yedhijitari uye hashi.
  • Nekumisikidza, imwechete yakabatana cgroup hierarchy (cgroup v2) inogoneswa. Сgroups v2 inogona kushandiswa, semuenzaniso, kudzikamisa ndangariro, CPU uye I / O kushandiswa. Musiyano wakakosha pakati pecgroups v2 uye v1 iko kushandiswa kweakajairwa cgroups hierarchy kune ese marudzi ezviwanikwa, pachinzvimbo cheakaparadzana hierarchies yekugovera CPU zviwanikwa, zvekudzora mashandisirwo endangariro, uye yeI/O. Akaparadzana mahierarchies akatungamira kunetsa mukuronga kudyidzana pakati pevabati uye nekuwedzera kernel resource mutengo pakushandisa mitemo yemaitiro anotsanangurwa mune akasiyana hierarchies.
  • Rutsigiro rwakawedzerwa rwekuwiriranisa nguva nemazvo zvichibva paNTS (Network Time Security) protocol, iyo inoshandisa zvinhu zve public key infrastructure (PKI) uye inobvumira kushandiswa kweTLS uye authenticated encryption AEAD (Authenticated Encryption neAssociated Data) kudzivirira cryptographic yekudyidzana kwevatengi nemaseva. server kuburikidza neNTP (Network Time Protocol). Sevha yeNTP yenguva refu yakagadziridzwa kuita vhezheni 4.1.
  • Experimental (Tekinoroji Preview) rutsigiro rweKTLS (kernel-level kuita kweTLS), Intel SGX (Software Guard Extensions), DAX (Direct Access) ye ext4 uye XFS, rutsigiro rwe AMD SEV uye SEV-ES muKVM hypervisor inopihwa.

Source: opennet.ru

Tenga inovimbika yekutambira kwemasaiti ane DDoS dziviriro, VPS VDS maseva 🔥 Tenga webhusaiti yakavimbika ine dziviriro yeDDoS, maseva eVPS VDS | ProHoster