ProHoster > Blog > litaba tsa inthanete > Ho lokolloa ha kabo ea Red Hat Enterprise Linux 9.1

Ho lokolloa ha kabo ea Red Hat Enterprise Linux 9.1

Red Hat e phatlalalitse tokollo ea kabo ea Red Hat Enterprise Linux 9.1. Litšoantšo tse itokiselitseng ho kenya li fumaneha bakeng sa basebelisi ba ngolisitsoeng ba Red Hat Customer Portal (u ka boela ua sebelisa litšoantšo tsa iso tsa CentOS Stream 9 ho lekola ts'ebetso). Tokollo e thehiloe bakeng sa meralo ea x86_64, s390x (IBM System z), ppc64le le Aarch64 (ARM64). Khoutu ea mohloli oa liphutheloana tsa Red Hat Enterprise Linux 9 rpm e sebakeng sa polokelo ea CentOS Git.

Lekala la RHEL 9 le ntse le ntlafatsoa ka ts'ebetso ea nts'etsopele e bulehileng haholoanyane 'me e sebelisa setsi sa sephutheloana sa CentOS Stream 9 e le motheo oa eona. sisinya liphetoho tsa bona le ho susumetsa liqeto tse entsoeng. Ho latela potoloho ea tšehetso ea lilemo tse 10 bakeng sa kabo, RHEL 9 e tla tšehetsoa ho fihlela 2032.

Liphetoho tsa bohlokoa:

  • E ntlafalitsoeng seva le tsamaiso liphutheloana: firewalld 1.1.1, chrony 4.2, unbound 1.16.2, frr 8.2.2, Apache httpd 2.4.53, opencryptoki 3.18.0, powerpc-utils 1.3.10, libvpd 2.2.9, 1.7.14 p. 64, PCP 2.7, Grafana 5.3.7, samba 7.5.13.
  • Tokollo e kenyelletsa mefuta e mecha ea li-compilers le lisebelisoa tsa nts'etsopele: GCC 11.2.1, GCC Toolset 12, LLVM Toolset 14.0.6, binutils 2.35.2, PHP 8.1, Ruby 3.1, Node.js 18, Rust Toolset 1.62. Go Toolset 1.18.2. java-3.8-openjdk (java-17-openjdk le java-11-openjdk le tsona li tsoela pele ho romelloa), .NET 1.8.0, GDB 7.0, Valgrind 10.2, SystemTap 3.19, Dyninst 4.7tils12.1.0 0.187.
  • Sesebelisoa sa eBPF (Berkeley Packet Filter) se ntlafalitsoe ka lintlafatso tse kentsoeng tšebetsong ho Linux kernels 5.15 le 5.16. Ka mohlala, mananeo a BPF hona joale a na le bokhoni ba ho kopa le ho sebetsana le liketsahalo tsa nako, bokhoni ba ho fumana le ho seta likhetho tsa setsockopt, ts'ehetso ea ho letsetsa mesebetsi ea mojule oa kernel, sebopeho sa polokelo ea data ea probabilistic (BPF mapa) sefahla sa lipalesa se hlahisitsoe, 'me bokhoni ba ho tlama li-tag ho li-parameter tsa ts'ebetso bo kentsoe.
  • Patch ea sebele ea nako e sebelisitsoeng ho kernel-rt e nchafalitsoe ho boemo bo tsamaellanang le kernel 5.15-rt.
  • Ts'ebetsong ea protocol ea MPTCP (MultiPath TCP) e nchafalitsoe. E sebelisetsoa ho hlophisa ts'ebetso ea khokahano ea TCP le ho tsamaisoa ha lipakete ka nako e le 'ngoe litseleng tse' maloa ka li-interfaces tse fapaneng tsa marang-rang. Liphetoho li fetisitsoe ho tloha ho Linux kernel 5.19 (mohlala, tšehetso ea ho khutlela morao ho MPTCP ho TCP e tloaelehileng e kenyelelitsoe mme API ea ho laola phallo ea MPTCP ho tloha sebakeng sa mosebedisi e hlahisitsoe).
  • Lits'ebetsong tse nang le li-processor tsa 64-bit ARM, AMD le Intel, hoa khoneha ho fetola ts'ebetso ea "Real-Time mode" ho kernel ka nako ea ho sebetsa ka ho ngola lebitso la "mode" faeleng "/sys/kernel/debug/sched/preempt" kapa ka nako ea bootle ka parameter ea kernel "preempt = "(ha ho le, mekhoa ea boithatelo le e feletseng e tšehetsoeng).
  • Litlhophiso tsa bootloader tsa GRUB li fetotsoe ho pata menu ea boot ka ho sa feleng, empa menu e bontšoa haeba bootloader e fetileng e hlōlehile. Ho hlahisa menu nakong ea boot, o ka tšoara konopo ea Shift kapa nako le nako tobetsa linotlolo tsa Esc kapa F8. Ho thibela ho pata, o ka sebelisa taelo "grub2-editenv - unset menu_auto_hide".
  • Hona joale mokhanni oa PTP (Precision Time Protocol) o tšehetsa ho thehoa ha lioache tsa hardware (PHC, PTP Hardware Clocks).
  • Taelo e ekelitsoeng ea modulesync, e jarollang liphutheloana tsa RPM ho tsoa ho li-module mme e theha polokelo bukeng ea ts'ebetso e nang le metadata e hlokahalang ho kenya liphutheloana tsa module.
  • tuned, ts'ebeletso ea ho lekola bophelo bo botle ba sistimi le ho ntlafatsa lits'oants'o ho fihlela ts'ebetso e phahameng ho ipapisitse le mojaro oa hajoale, e fana ka bokhoni ba ho sebelisa sephutheloana sa nako ea nnete-profiles ho arola li-CPU cores le ho fana ka likhoele tsa kopo ka lisebelisoa tsohle tse fumanehang.
  • NetworkManager e sebelisa phetolelo ea li-profiles tsa khokahanyo ho tloha ho sebopeho sa litlhophiso tsa ifcfg (/etc/sysconfig/network-scripts/ifcfg-*) ho ea ho sebopeho se thehiloeng ho keyfile. Ho falla, o ka sebelisa taelo ea "nmcli connection migrate".
  • SELinux toolkit e ntlafalitsoe hore e be mofuta oa 3.4, e ntlafatsang ts'ebetso ea relabel ka ts'ebetso e ts'oanang, e eketsa khetho ea "-m" ("--checksum") ho semodule ho fumana li-hashes tsa SHA256 tsa li-module, le ho fallela mcstrans ho laeborari ea PCRE2. Lisebelisoa tse ncha tsa ho sebetsa ka maano a phihlello li kentsoe: sepol_check_access, sepol_compute_av, sepol_compute_member, sepol_compute_relabel, sepol_validate_transition. Melaoana ea SELinux e kenyelelitsoe ho sireletsa ksm, nm-priv-helper, rhcd, stalld, systemd-network-generator, targetclid, le lits'ebeletso tse potlakileng tsa wg.
  • E fane ka bokhoni ba ho sebelisa moreki oa Clevis (clevis-luks-systemd) ho notlolla li-partitions tsa disk tse encrypted tsa LUKS tse kentsoeng morao nakong ea boot, ntle le tlhoko ea ho sebelisa taelo ea "systemctl nolofalletsa clevis-luks-askpass.path".
  • Sesebelisoa sa ho lokisa litšoantšo tsa sistimi se atolositsoe ho kenyelletsa ts'ehetso ea ho kenya litšoantšo ho GCP (Google Cloud Platform), ho beha setšoantšo ka kotloloho ho ngoliso ea sets'oants'o, ho lokisa boholo ba / boot partition, le ho lokisa liparamente (Blueprint) nakong ea tlhahiso ea litšoantšo. (mohlala, ho eketsa liphutheloana le ho theha basebelisi).
  • E kenyellelitsoe ts'ebeliso ea keylime bakeng sa bopaki (tiisetso ea bonnete le tlhahlobo e tsoelang pele ea bots'epehi) ea sistimi e kantle e sebelisang theknoloji ea TPM (Trusted Platform Module), mohlala ho netefatsa bonnete ba lisebelisoa tsa Edge le IoT tse sebakeng se sa laoleheng moo phihlello e sa lumelloeng e ka khonehang.
  • Khatiso ea RHEL bakeng sa Edge e fana ka bokhoni ba ho sebelisa fdo-admin utility ho lokisa litšebeletso tsa FDO (FIDO Device Onboard) le ho etsa litifikeiti le linotlolo bakeng sa bona.
  • SSSD (System Security Services Daemon) e ekelitse tšehetso bakeng sa likopo tsa caching SID (mohlala, licheke tsa GID / UID) ho RAM, e leng se entseng hore ho khonehe ho potlakisa ts'ebetso ea ho kopitsa palo e kholo ea lifaele ka seva sa Samba. Tšehetso ea ho kopanya le Windows Server 2022 e fanoe.
  • OpenSSH e fokotsa boholo ba senotlolo sa RSA ho li-bits tse 2048 ka ho sa feleng, 'me lilaebrari tsa NSS li theotse tšehetso ea linotlolo tsa RSA tse nyane ho feta 1023 bits. Hona joale OpenSSH e na le paramente e RequiredRSASIze bakeng sa ho iketsetsa meeli ea eona. Ts'ehetso bakeng sa sntrup761x25519-sha512@openssh.com mokhoa oa ho fapanyetsana oa bohlokoa, o hanyetsanang le ho hacking ka lik'homphieutha tsa quantum, o kenyelelitsoe.
  • Sehlopha sa lisebelisoa sa ReaR (Relax-and-Recover) se ekelitse bokhoni ba ho phethahatsa litaelo tse sa reroang pele le ka mor'a ho hlaphoheloa.
  • Mokhanni oa li-adapter tsa Intel E800 Ethernet o tšehetsa liprothokholo tsa iWARP le RoCE.
  • Ho kenyelitsoe sephutheloana se secha sa httpd-core, se nang le setsi sa mantlha sa likarolo tsa Apache httpd, se lekaneng ho tsamaisa seva sa HTTP le ka palo e fokolang ea ho itšetleha. Li-module tse ling tse kang mod_systemd le mod_brotli li kenyelelitsoe ho sephutheloana sa httpd, 'me litokomane li kenyelelitsoe.
  • Sephutheloana se secha sa xmlstarlet se kentsoe, se kenyelletsang lits'ebeletso tsa ho arola, ho fetola, ho netefatsa, ho ntša data, le ho hlophisa lifaele tsa XML, tse tšoanang le grep, sed, awk, diff, patch, le join, empa bakeng sa XML ho fapana le lifaele tsa mongolo.
  • Bokhoni ba mesebetsi ea sistimi bo atolositsoe, mohlala, karolo ea marang-rang e tlatsellelitsoe ka ts'ehetso ea ho hlophisa melao ea ho tsamaisa le ho sebelisa nmstate API, karolo ea ho rema lifate e tlatsellelitsoe ka ts'ehetso ea ho sefa ka mantsoe a tloaelehileng (startmsg.regex, endmsg.regex), karolo ea polokelo e tlatsellelitsoe ka ts'ehetso ea likarolo tseo sebaka sa polokelo se abiloeng ka matla, "karolo e abiloeng ka matla". bokhoni ba ho laola ka /etc/ssh/sshd_config, karolo ea metrics e tlatselitsoe ka bokhoni ba ho romela lipalo-palo tsa ts'ebetso ea Postfix, karolo ea firewall e tlatselitsoe ka bokhoni ba ho ngola tlhophiso e fetileng mme e tlatsitsoe ka tšehetso ea ho eketsa, ho ntlafatsa le ho tlosa litšebeletso ho itšetlehile ka boemo ba bona.
  • Letlapa la lisebelisoa bakeng sa ho laola lijana tse ka thoko li ntlafalitsoe, ho kenyeletsoa liphutheloana tse kang Podman, Buildah, Skopeo, crun, le runc. Ts'ehetso bakeng sa GitLab Runner ka lijaneng tse nang le Runtime Podman e kentsoe. Ts'ebeliso ea netavark le seva sa Aardvark DNS li fanoe bakeng sa ho lokisa sistimi e nyane ea marang-rang.
  • Tšehetso e ekelitsoeng bakeng sa taelo ea ap-check ho mdevctl bakeng sa ho hlophisa ho fetisetsa pele ho mechine ea sebele phihlello ea li-accelerator tsa crypto.
  • E kentse bokhoni ba pele (Technology Preview) ba ho netefatsa basebelisi ba sebelisang lits'ebeletso tsa kantle (IdP, mofani oa boitsebiso) ba tšehetsang katoloso ea protocol ea OAuth 2.0 "Device Authorization Grant" ho fana ka matšoao a phihlello a OAuth lisebelisoa ntle le ho sebelisa sebatli.
  • Bakeng sa seboka sa GNOME se thehiloeng ho Wayland, Firefox e haha ​​ho sebelisa Wayland e fanoe. Mehaho e thehiloeng ho X11, e sebetsang tikolohong ea Wayland e sebelisang karolo ea XWayland, e ka har'a sephutheloana se arohaneng sa firefox-x11.
  • Seboka se thehiloeng ho Wayland se lumelloa ke kamehla bakeng sa litsamaiso tse nang le Matrox GPUs (Wayland pele e ne e sa sebelisoe le Matrox GPUs ka lebaka la mefokolo le mathata a tshebetso a seng a rarollotsoe).
  • Ts'ehetso e kentsoeng bakeng sa li-GPU tse kenyellelitsoeng ho li-processor tsa Intel Core tsa 12th, ho kenyeletsoa Intel Core i3 12100T - i9 12900KS, Intel Pentium Gold G7400 le G7400T, Intel Celeron G6900 le G6900T Intel Core i5-12450HX - i9 Core i12950-3, Intel Core i1220-7HX - i1280-iP6-345 le Intel Core i00-5-7. i9-6P. Tšehetso e ekelitsoeng bakeng sa AMD Radeon RX 689[00]XNUMX le AMD Ryzen XNUMX/XNUMX/XNUMX XNUMX[XNUMX]XNUMX GPUs.
  • Ho laola kenyelletso ea ts'ireletso khahlano le bofokoli mochining oa MMIO (Memory Mapped Input Output), kernel boot parameter "mmio_stale_data" e kengoa ts'ebetsong, e ka nkang boleng "ka botlalo" (ho nolofalletsa ho hloekisa li-buffers ha u fallela sebakeng sa mosebelisi le ho VM), "full,nosmt" (e le "full" + e boetse e tima SMT/Hyper-Threads) le "off" (ts'ireletso e holofetse).
  • Ho laola ho kenngoa ha tšireletso khahlanong le ts'oaetso ea Retbleed, parameter ea kernel boot "retbleed" e kentsoe ts'ebetsong, eo ka eona u ka thibelang tšireletso ("off") kapa khetha algorithm ea ho thibela ts'oaetso (auto, nosmt, ibpb, unret).
  • The acpi_sleep kernel boot parameter hona joale e tšehetsa mekhoa e mecha ea ho laola mokhoa oa ho robala: s3_bios, s3_mode, s3_beep, s4_hwsig, s4_nohwsig, old_ordering, nonvs, sci_force_enable, le nobl.
  • E kentse sehlopha se seholo sa bakhanni ba bacha bakeng sa lisebelisoa tsa marang-rang, lisebelisoa tsa polokelo le li-graph chips.
  • Ho tswela pele kabo ya tshehetso ya teko (Theknoloji ya Ponelopele) bakeng sa ho kenngwa tshebetsong ha TLS ya boemo ba kernel (KTLS), VPN WireGuard, Intel SGX (Likatoloso tsa Balebeli ba Software), Intel IDXD (Sekgahla sa ho Phallela ha Data), DAX (Phihlello e Otlolohileng) bakeng sa ext4 le XFS, AMD SEV le SEV-ES ho hypervisor ya KVM, tshebeletso e rarollotsweng ke systemd, mookameli wa polokelo ya Stratis, Sigstore bakeng sa ho netefatsa dijana tse sebedisang ditshaeno tsa dijithale, sephutheloana se nang le mohlophisi wa ditshwantsho wa GIMP 2.99.8, di-setting tsa MPTCP (Multipath TCP) ka NetworkManager, di-server tsa ACME (Automated Certificate Management Environment), virtio-mem, le hypervisor ya KVM bakeng sa ARM64.
  • GTK 2 toolkit le liphutheloana tse amanang le eona tsa adwaita-gtk2-theme, gnome-common, gtk2, gtk2-immodules, le hexchat ha li sa sebetsa. Seva ea X.org (e fanang ka seboka sa GNOME se thehiloeng ho Wayland ka ho sa feleng ho RHEL 9) e theotsoe fatše 'me e reretsoe ho tlosoa lekaleng le latelang le leholo la RHEL, empa e tla boloka bokhoni ba ho tsamaisa lits'ebetso tsa X11 ho tloha sebokeng sa Wayland ho sebelisa seva sa XWayland DDX.

Source: opennet.ru