ProHoster > Blog > litaba tsa inthanete > Ho lokolloa ha kabo ea Red Hat Enterprise Linux 9.1

Ho lokolloa ha kabo ea Red Hat Enterprise Linux 9.1

Red Hat e phatlalalitse tokollo ea kabo ea Red Hat Enterprise Linux 9.1. Litšoantšo tse itokiselitseng ho kenya li fumaneha ho basebelisi ba Portal ea bareki ba ngolisitsoeng ba Red Hat (Litšoantšo tsa iso tsa CentOS Stream 9 li ka boela tsa sebelisoa ho lekola ts'ebetso). Tokollo e etselitsoe meralo ea x86_64, s390x (IBM System z), ppc64le le Aarch64 (ARM64). Khoutu ea mohloli oa liphutheloana tsa Red Hat Enterprise Linux 9 rpm e fumaneha sebakeng sa polokelo ea CentOS Git.

Lekala la RHEL 9 le ntse le ntlafatsoa ka ts'ebetso ea nts'etsopele e bulehileng haholoanyane 'me e sebelisa setsi sa sephutheloana sa CentOS Stream 9 e le motheo oa eona. sisinya liphetoho tsa bona le ho susumetsa liqeto tse entsoeng. Ho latela potoloho ea tšehetso ea lilemo tse 10 bakeng sa kabo, RHEL 9 e tla tšehetsoa ho fihlela 2032.

Liphetoho tsa bohlokoa:

  • E ntlafalitsoeng seva le tsamaiso liphutheloana: firewalld 1.1.1, chrony 4.2, unbound 1.16.2, frr 8.2.2, Apache httpd 2.4.53, opencryptoki 3.18.0, powerpc-utils 1.3.10, libvpd 2.2.9 1.7.14, ls. 64, ppc2.7-diag 5.3.7, PCP 7.5.13, Grafana 4.16.1, samba XNUMX.
  • Sebopeho se kenyelletsa mefuta e mecha ea li-compilers le lisebelisoa bakeng sa bahlahisi: GCC 11.2.1, GCC Toolset 12, LLVM Toolset 14.0.6, binutils 2.35.2, PHP 8.1, Ruby 3.1, Node.js 18, Rust Toolset 1.62, Go 1.18.2set Toolset. ... 3.8.
  • Lintlafatso tse kentsoeng tšebetsong ho Linux kernels 5.15 le 5.16 li fetiselitsoe ho sistimi e nyane ea eBPF (Berkeley Packet Filter). Ka mohlala, bakeng sa mananeo a BPF, bokhoni ba ho kopa le ho sebetsana le liketsahalo tsa nako bo kentsoe ts'ebetsong, bokhoni ba ho amohela le ho beha likhetho tsa socket bakeng sa setsockopt, ts'ehetso ea ho letsetsa mesebetsi ea mojule oa kernel, sebopeho sa polokelo ea data ea probabilistic (BPF mapa) sefahla sa lipalesa se bile teng. e hlahisitsoeng, 'me bokhoni ba ho kopanya li-tag ho li-parameter tsa ts'ebetso bo kentsoe.
  • Sehlopha sa li-patches bakeng sa lisebelisoa tsa nako ea sebele tse sebelisoang kernel-rt kernel li nchafalitsoe ho boemo bo lumellanang le 5.15-rt kernel.
  • Ts'ebetsong ea protocol ea MPTCP (MultiPath TCP), e sebelisetsoang ho hlophisa ts'ebetso ea khokahanyo ea TCP le ho fana ka lipakete ka nako e le 'ngoe litseleng tse' maloa ka marang-rang a fapaneng a marang-rang, e ntlafalitsoe. Liphetoho tse fetisitsoeng ho tsoa ho Linux kernel 5.19 (mohlala, tšehetso e ekelitsoeng bakeng sa ho khutlisa likhokahano tsa MPTCP ho TCP e tloaelehileng mme e sisinya API bakeng sa ho tsamaisa melapo ea MPTCP ho tsoa sebakeng sa basebelisi).
  • Litsamaisong tse nang le li-processor tsa 64-bit ARM, AMD le Intel, hoa khonahala ho fetola boits'oaro ba mokhoa oa Nako ea 'Nete ka har'a kernel ka nako ea ho sebetsa ka ho ngola lebitso la mokhoa faeleng "/sys/kernel/debug/sched/preempt ” kapa ka nako ea ho qalisa ka kernel parameter “preempt=" (ha ho le ea mong, mekhoa ea boithaopo le e felletseng e tšehetsoeng).
  • Litlhophiso tsa GRUB bootloader li fetotsoe ho pata menu ea boot ka mokhoa o ikhethileng, 'me lethathamo le bonts'a hore na mochini o fetileng o hlolehile. Ho hlahisa menu nakong ea boot, o ka tšoara konopo ea Shift kapa nako le nako tobetsa linotlolo tsa Esc kapa F8. Ho thibela ho pata, o ka sebelisa taelo "grub2-editenv - unset menu_auto_hide".
  • Tšehetso ea ho theha lioache tsa hardware (PHC, PTP Hardware Clock) e kentsoe ho mokhanni oa PTP (Precision Time Protocol).
  • Taelo e ekelitsoeng ea modulesync, e jarang liphutheloana tsa RPM ho tsoa ho li-module mme e theha polokelo bukeng ea ts'ebetso e nang le metadata e hlokahalang bakeng sa ho kenya liphutheloana tsa module.
  • E hlophisitsoe, ts'ebeletso ea ho lekola bophelo bo botle ba sistimi le ho ntlafatsa lits'ebetso bakeng sa ts'ebetso e phahameng ho latela mojaro oa hajoale, e fana ka bokhoni ba ho sebelisa sephutheloana sa nako ea nnete-profiles ho arola li-cores tsa CPU le ho fana ka likhoele tsa ts'ebeliso ka lisebelisoa tsohle tse fumanehang.
  • NetworkManager e kenya tšebetsong phetolelo ea li-profiles tsa khokahano ho tsoa ho sebopeho sa litlhophiso tsa ifcfg (/etc/sysconfig/network-scripts/ifcfg-*) ho ea ka sebopeho se ipapisitseng le faele ea senotlolo. Ho falla, o ka sebelisa taelo ea "nmcli connection migrate".
  • SELinux toolkit e nchafalitsoe ho lokolla 3.4, e ntlafatsang ts'ebetso ea ho ngola bocha ka lebaka la ho ts'oana ha ts'ebetso, khetho ea "-m" ("--checksum") e kentsoe sesebelisoa sa semodule ho fumana SHA256 hashes ea modules, mcstrans. e fetiselitsoe laebraring ea PCRE2. Lisebelisoa tse ncha tsa ho sebetsa ka maano a phihlello li kentsoe: sepol_check_access, sepol_compute_av, sepol_compute_member, sepol_compute_relabel, sepol_validate_transition. E kentse maano a SELinux ho sireletsa ksm, nm-priv-helper, rhcd, stalld, systemd-network-generator, targetclid le wg-quick services.
  • E ekelitse bokhoni ba ho sebelisa moreki oa Clevis (clevis-luks-systemd) ho notlolla li-partitions tsa disk tse patiloeng ka LUKS le ho kenngoa ha nako ea ho qala, ntle le tlhoko ea ho sebelisa taelo ea "systemctl nolofalletsa clevis-luks-askpass.path".
  • Sesebelisoa sa ho lokisa litšoantšo tsa sistimi se atolositsoe ho kenyelletsa ts'ehetso ea ho kenya litšoantšo ho GCP (Google Cloud Platform), ho beha setšoantšo ka kotloloho ho ngoliso ea sets'oants'o, ho lokisa boholo ba / boot partition, le ho lokisa liparamente (Blueprint) nakong ea tlhahiso ea litšoantšo. (mohlala, ho eketsa liphutheloana le ho theha basebelisi).
  • E kenyellelitsoe ts'ebeliso ea keylime bakeng sa bopaki (tiisetso le ho lekola bots'epehi bo tsoelang pele) ea sistimi e kantle e sebelisang theknoloji ea TPM (Trusted Platform Module), mohlala, ho netefatsa bonnete ba lisebelisoa tsa Edge le IoT tse sebakeng se sa laoleheng moo phihlello e sa lumelloeng e ka khonehang.
  • Khatiso ea RHEL bakeng sa Edge e fana ka bokhoni ba ho sebelisa fdo-admin utility ho lokisa litšebeletso tsa FDO (FIDO Device Onboard) le ho etsa litifikeiti le linotlolo bakeng sa bona.
  • SSSD (System Security Services Daemon) e ekelitse tšehetso bakeng sa likopo tsa caching SID (mohlala, licheke tsa GID / UID) ho RAM, e leng se entseng hore ho khonehe ho potlakisa ts'ebetso ea ho kopitsa palo e kholo ea lifaele ka seva sa Samba. Tšehetso ea ho kopanya le Windows Server 2022 e fanoe.
  • В OpenSSH минимальный размер RSA-ключей по умолчанию ограничен 2048 битами, а в библиотеках NSS прекращена поддержка ключей RSA, размером менее 1023 бит. Для настройки собственных ограничений в OpenSSH добавлен параметр RequiredRSASize. Добавлена поддержка метода обмена ключами [imeile e sirelelitsoe], e hanyetsanang le ho qhekella lik'homphieutha tsa quantum.
  • Sehlopha sa lisebelisoa sa ReaR (Relax-and-Recover) se ekelitse bokhoni ba ho phethahatsa litaelo tse sa reroang pele le ka mor'a ho hlaphoheloa.
  • Mokhanni oa li-adapter tsa Intel E800 Ethernet o tšehetsa liprothokholo tsa iWARP le RoCE.
  • Sephutheloana se secha sa httpd-core se kenyelelitsoe, moo setsi sa mantlha sa lisebelisoa tsa Apache httpd se fetisitsoeng, se lekaneng ho tsamaisa seva sa HTTP mme se amahanngoa le palo e fokolang ea ho itšetleha. Sephutheloana sa httpd se eketsa li-module tse ling tse kang mod_systemd le mod_brotli mme li kenyelletsa litokomane.
  • E kentse sephutheloana se secha sa xmlstarlet, se kenyelletsang lits'ebeletso tsa ho arola, ho fetola, ho netefatsa, ho ntša data le ho hlophisa lifaele tsa XML, tse tšoanang le grep, sed, awk, diff, patch le join, empa bakeng sa XML ho fapana le lifaele tsa mongolo.
  • Bokhoni ba mesebetsi ea tsamaiso bo atolositsoe, mohlala, karolo ea marang-rang e ekelitse tšehetso bakeng sa ho theha melao ea ho tsamaisa le ho sebelisa nmstate API, karolo ea ho rema lifate e ekelitse tšehetso ea ho sefa ka lipolelo tse tloaelehileng (startmsg.regex, endmsg.regex), karolo ea polokelo e ekelitse tšehetso bakeng sa likarolo tseo sebaka sa polokelo se abetsoeng ka matla ("pehelo e tšesaane"), bokhoni ba ho laola ka /etc/ssh/sshd_config bo kenyelelitsoe karolong ea sshd, ho romeloa ha lipalo-palo tsa Postfix ho kenyelitsoe ho karolo ea metrics, bokhoni ba ho hlakola tlhophiso e fetileng e kentsoe tšebetsong ea firewall mme ts'ehetso ea ho eketsa, ho ntlafatsa le ho hlakola ho fanoe ka lits'ebeletso ho latela naha.
  • Letlapa la lisebelisoa bakeng sa ho laola lijana tse ka thoko li nchafalitsoe, ho kenyeletsoa liphutheloana tse kang Podman, Buildah, Skopeo, crun le runc. Tšehetso e ekelitsoeng bakeng sa GitLab Runner ka lijaneng tse nang le Podman ea nako ea ho sebetsa. Ho lokisa subsystem network network, sesebelisoa sa netavark le seva sa Aardvark DNS se fanoa.
  • Ts'ehetso e ekelitsoeng bakeng sa taelo ea ap-check ho mdevctl ho hlophisa phihlello ea ho fetisetsa li-accelerator tsa crypto ho mechini e fumanehang.
  • E kentse bokhoni ba pele (Technology Preview) ba ho netefatsa basebelisi ba sebelisang lits'ebeletso tsa kantle (IdP, mofani oa boitsebiso) ba tšehetsang katoloso ea protocol ea OAuth 2.0 "Device Authorization Grant" ho fana ka matšoao a phihlello a OAuth lisebelisoa ntle le ho sebelisa sebatli.
  • Bakeng sa seboka sa GNOME se thehiloeng ho Wayland, Firefox e haha ​​​​e sebelisang Wayland e fanoe. Mehaho e thehiloeng ho X11, e entsoeng tikolohong ea Wayland e sebelisang karolo ea XWayland, e behiloe ka har'a sephutheloana se arohaneng sa firefox-x11.
  • Seboka se thehiloeng ho Wayland se lumelloa ka ho sa feleng bakeng sa litsamaiso tse nang le Matrox GPUs (Wayland e ne e sa sebelisoe pele le Matrox GPU ka lebaka la mefokolo le mathata a tshebetso, a seng a rarollotsoe).
  • Ts'ehetso bakeng sa li-GPU tse kenyellelitsoeng ho li-processor tsa Intel Core tsa 12th, ho kenyeletsoa Intel Core i3 12100T - i9 12900KS, Intel Pentium Gold G7400 le G7400T, Intel Celeron G6900 le G6900T Intel Core i5-12450HX - i9-12950HX - i3-1220 i-Intel Core i7-1280 iH6-345-00 5P. Tšehetso e ekelitsoeng bakeng sa AMD Radeon RX 7[9]6 le AMD Ryzen 689/00/XNUMX XNUMX[XNUMX]XNUMX GPUs.
  • Ho laola kenyelletso ea ts'ireletso khahlano le bofokoli mochining oa MMIO (Memory Mapped Input Output), kernel boot parameter "mmio_stale_data" e kengoa ts'ebetsong, e ka nkang boleng "ka botlalo" (ho nolofalletsa ho hloekisa li-buffers ha u fallela sebakeng sa mosebelisi le ho VM), "full,nosmt" (e le "full" + e boetse e tima SMT/Hyper-Threads) le "off" (ts'ireletso e holofetse).
  • Ho laola ho kenngoa ha tšireletso khahlanong le ts'oaetso ea Retbleed, parameter ea kernel boot "retbleed" e kentsoe ts'ebetsong, eo ka eona u ka thibelang tšireletso ("off") kapa khetha algorithm ea ho thibela ts'oaetso (auto, nosmt, ibpb, unret).
  • The acpi_sleep kernel boot parameter hona joale e tšehetsa mekhoa e mecha ea ho laola mokhoa oa ho robala: s3_bios, s3_mode, s3_beep, s4_hwsig, s4_nohwsig, old_ordering, nonvs, sci_force_enable, le nobl.
  • E kenyellelitse karolo e kholo ea bakhanni ba bacha bakeng sa lisebelisoa tsa marang-rang, lisebelisoa tsa polokelo le lisebelisoa tsa litšoantšo.
  • Ts'ehetso e tsoelang pele ea liteko (Technology Preview) bakeng sa KTLS (ts'ebetso ea kernel-level ea TLS), VPN WireGuard, Intel SGX (Software Guard Extensions), Intel IDXD (Data Streaming Accelerator), DAX (Direct Access) bakeng sa ext4 le XFS, AMD. SEV le SEV -ES ho hypervisor ea KVM, ts'ebeletso e rarollotsoeng ka sistimi, mookameli oa polokelo ea Stratis, Sigstore bakeng sa ho netefatsa lijana tse sebelisang li-signature tsa dijithale, sephutheloana se nang le mohlophisi oa litšoantšo oa GIMP 2.99.8, litlhophiso tsa MPTCP (Multipath TCP) ka NetworkManager, ACME (Automated Certificate Tikoloho ea Tsamaiso) li-server, virtio-mem, hypervisor ea KVM bakeng sa ARM64.
  • GTK 2 toolkit le liphutheloana tse amanang le eona tsa adwaita-gtk2-theme, gnome-common, gtk2, gtk2-immodules le hexchat ha li sa sebetsa. Seva ea X.org e tlositsoe mosebetsing (RHEL 9 e fana ka seboka sa GNOME se thehiloeng ho Wayland ka boiketsetso), e reretsoeng ho tlosoa lekaleng le leholo le latelang la RHEL, empa e tla boloka bokhoni ba ho tsamaisa lits'ebetso tsa X11 ho tsoa kopanong ea Wayland e sebelisa Seva ea XWayland DDX.

Source: opennet.ru

Eketsa ka tlhaloso