ProHoster > Ibhulogi > iindaba ze-intanethi > Ukusasazwa kweRed Hat Enterprise kwaziswa Linux 9

Ukusasazwa kweRed Hat Enterprise kwaziswa Linux 9

I-Red Hat ikhuphe usasazo lwayo lwe-Red Hat Enterprise. Linux 9. Imifanekiso yokufakela esele yenziwe iza kufumaneka kungekudala kubasebenzisi ababhalisiweyo beRed Hat Customer Portal (imifanekiso ye-ISO ingasetyenziselwa ukuvavanya ukusebenza kwayo) CentOS Ukusasaza 9). Olu khuphelo lufumaneka kwii-architectures ze-x86_64, s390x (IBM System z), ppc64le, kunye ne-Aarch64 (ARM64). Imithombo yephakheji ye-Red Hat Enterprise RPM Linux Ezili-9 zigcinwe kwindawo yokugcina izinto yeGit CentOSNgokuhambelana nomjikelo wenkxaso weminyaka eli-10, i-RHEL 9 iya kuxhaswa kude kube ngu-2032. Uhlaziyo lwe-RHEL 7 luya kuqhubeka lukhutshwa kude kube ngu-30 Juni 2024, kunye ne-RHEL 8 kude kube ngu-31 Meyi 2029.

Ukusasazwa kweShishini leRed Hat Linux I-9 iphawuleka ngokufudukela kwinkqubo yophuhliso evulelekileyo ngakumbi. Ngokungafaniyo namasebe angaphambili, usasazo lwakhiwe kusetyenziswa isiseko sedatha sephakheji. CentOS Umjelo 9. CentOS Ukusasazwa kubekwe njengeprojekthi ephezulu ye-RHEL, evumela abaxhasi beqela lesithathu ukuba balawule uphuhliso lweepakethe ze-RHEL, bacebise utshintsho, kwaye baphembelele izigqibo. Ngaphambili, umfanekiso omfutshane wokukhutshwa kwe-Fedora wawusetyenziswa njengesiseko sesebe elitsha le-RHEL, elacocwa kwaye lazinziswa ngasemva kweminyango evaliweyo, ngaphandle kokukwazi ukujonga inkqubo yophuhliso kunye nezigqibo. Ngoku, isebe lenziwe nge-snapshot ye-Fedora enegalelo loluntu. CentOS Umsinga, apho kwenziwa khona umsebenzi wokulungiselela kwaye kwakhiwa isiseko sesebe elitsha elibalulekileyo le-RHEL.

Utshintsho oluphambili:

  • Imeko-bume yenkqubo kunye nezixhobo zokwakha zihlaziyiwe. I-GCC 11 isetyenziselwa ukwakha iipakeji. Ilayibrari ye-C esemgangathweni ihlaziyiwe kwi-glibc 2.34. Iphakheji ye-kernel Linux Yakhelwe phezu kokukhululwa kwe-5.14. Umphathi wephakheji ye-RPM uhlaziywe kwinguqulelo ye-4.16 ngenkxaso yolawulo lokuthembeka nge-fapolicyd.
  • Ukufuduswa kokuhanjiswa kwiPython 3 kugqityiwe.Isebe lePython 3.9 linikezelwa ngokungagqibekanga. IPython 2 iyekisiwe.
  • Idesktop isekwe kwi-GNOME 40 (i-RHEL 8 ithunyelwe nge-GNOME 3.28) kunye nethala leencwadi le-GTK 4. Kwi-GNOME 40, iidesktop zenyani ezikwimowudi ye-Activity Overview zitshintshelwa kwi-landscape orientation kwaye ziboniswa njengekhonkco eliqhubekayo lokuskrola ukusuka ekhohlo ukuya ekunene. Idesktop nganye eboniswe kwimowudi yokuJonga ijonga iifestile ezikhoyo kunye neepani eziguqukayo kunye nokwandisa njengoko umsebenzisi esebenzisana. Utshintsho olungenamthungo lunikiwe phakathi koluhlu lweenkqubo kunye nedesktop enenyani.
  • I-GNOME ibandakanya i-power-profiles-daemon handler ebonelela ngokukwazi ukutshintshela kwi-fly phakathi kwendlela yokugcina amandla, imowudi yokulinganisa amandla, kunye nemowudi yokusebenza ephezulu.
  • Yonke imijelo yomsindo iye yasiwa kwiseva yemidiya yePipeWire, ngoku engagqibekanga endaweni yePulseAudio kunye neJACK. Ukusebenzisa iPipeWire kukuvumela ukuba unikezele ngezakhono zokucutshungulwa komsindo kuhlelo oluqhelekileyo lwedesktop, susa ukuqhekeka kwaye udibanise iziseko zomsindo kwizicelo ezahlukeneyo.
  • Ngokungagqibekanga, imenyu ye-GRUB yokuqalisa iyafihlwa ukuba i-RHEL kukuphela konikezelo olufakwe kwisixokelelwano kwaye ukuba isiqalo sokugqibela siphumelele. Ukubonisa imenyu ngexesha lokuqalisa, vele ubambe iqhosha le-Shift okanye ucinezele iqhosha le-Esc okanye le-F8 amaxesha amaninzi. Phakathi kotshintsho kwi-bootloader, sikwaqaphela nokubekwa kweefayile zoqwalaselo ze-GRUB kuzo zonke izakhiwo kwi-directory enye /boot/grub2/ (ifayile /boot/efi/EFI/redhat/grub.cfg ngoku isisimboli sekhonkco kwi/boot /grub2/grub.cfg), ezo. inkqubo ehlohliweyo efanayo inokuqaliswa ngokusebenzisa zombini i-EFI kunye ne-BIOS.
  • Amacandelo okuxhasa iilwimi ezahlukeneyo apakishwe kwiilangpacks, ezikuvumela ukuba utshintshe inqanaba lenkxaso yolwimi efakiweyo. Umzekelo, i-langpacks-core-font inikezela ngamagama kuphela, i-langpacks-core ibonelela nge-glibc locale, isiseko sefonti, kunye nendlela yokufaka, kwaye i-langpacks ibonelela ngeenguqulelo, iifonti ezongezelelweyo, kunye nezichazi-magama zokukhangela upelo.
  • Amacandelo okhuseleko ahlaziyiwe. Ukusasazwa kusebenzisa isebe elitsha le-OpenSSL 3.0 yelayibrari ye-cryptographic. Ngokungagqibekanga, ii-algorithms zangoku nezithembekileyo ze-cryptographic ziyasebenza (umzekelo, ukusetyenziswa kwe-SHA-1 kwi-TLS, DTLS, SSH, IKEv2 kunye neKerberos akuvumelekanga, iTLS 1.0, TLS 1.1, DTLS 1.0, RC4, Camellia, DSA, 3DES kunye ne-FFDHE-1024 zikhubazekile) . Iphakheji ye-OpenSSH ihlaziywe kwinguqulo ye-8.6p1. I-Cyrus SASL iye yasiwa kwi-backend ye-GDBM endaweni ye-Berkeley DB. Amathala eencwadi e-NSS (iiNkonzo zoKhuseleko lweNethiwekhi) awasayixhasi ifomathi ye-DBM (Berkeley DB). I-GnuTLS ihlaziywe kuguqulelo 3.7.2.
  • Uphuculo olukhulu ekusebenzeni kwe-SELinux kunye nokusetyenziswa kwememori okuncitshisiweyo. Inkxaso yokuseta "i-SELINUX=disabled" yokucima i-SE isusiwe kwi-/etc/selinux/configLinux (useto oluchaziweyo ngoku lukhubaza kuphela ukulayishwa kwemigaqo-nkqubo, kwaye lukhubaze ngokwenene ukusebenza kwe-SELinux ngoku kufuneka kudluliselwe iparameter ethi "selinux=0" kwi-kernel).
  • Inkxaso yovavanyo eyongeziweyo VPN WireGuard.
  • Ngokungagqibekanga, ukungena nge-SSH njengengcambu akuvumelekanga.
  • Izixhobo zokulawula iipakethe ze-iptables-nft (ii-iptables, ip6tables, i-ebtables kunye ne-arptables utilities) kunye ne-ipset ziye zachithwa. Ngoku kuyacetyiswa ukuba usebenzise ii-nftables ukulawula i-firewall.
  • Iquka i-daemon entsha ye-mptcpd yokuqwalasela i-MPTCP (i-MultiPath TCP), ulwandiso lwe-protocol ye-TCP yokuququzelela ukusebenza koqhagamshelo lwe-TCP kunye nokuhanjiswa kwepakethi ngaxeshanye kwiindlela ezininzi ngeendlela ezahlukeneyo zenethiwekhi ezihambelana needilesi ze-IP ezahlukeneyo. Ukusebenzisa mptcpd kwenza kube nokwenzeka ukuqwalasela iMPTCP ngaphandle kokusebenzisa iproute2 into eluncedo.
  • I-network-scripts package isusiwe, Imanejala yenethiwekhi kufuneka isetyenziswe ukumisela uqhakamshelwano lwenethiwekhi. Inkxaso yefomati yoseto lwe-ifcfg igciniwe, kodwa i-NetworkManager isebenzisa ifomathi esekwe kwifayile yesitshixo ngokungagqibekanga.
  • Ukwakhiwa kubandakanya iinguqulelo ezintsha zabaqulunqi kunye nezixhobo zabaphuhlisi: GCC 11.2, LLVM/Clang 12.0.1, Rust 1.54, Hamba 1.16.6, Node.js 16, OpenJDK 17, Perl 5.32, PHP 8.0, Python 3.9, Ruby Git 3.0, Ukuguqulwa 2.31, binutils 1.14, CMake 2.35, Maven 3.20.2, Imbovane 3.6.
  • Iiphakheji zeseva ye-Apache HTTP Server 2.4.48, nginx 1.20, i-Varnish Cache 6.5, i-squid 5.1 ihlaziywe.
  • I-DBMS MariaDB 10.5, MySQL 8.0, PostgreSQL 13, Redis 6.2 ihlaziywe.
  • Ukwakha i-emulator ye-QEMU, i-Clang inikwe amandla ngokungagqibekanga, okwenza kube lula ukusebenzisa ezinye iindlela zokukhusela ezongezelelweyo kwi-hypervisor ye-KVM, njenge-SafeStack ukukhusela kwiindlela zokuxhaphaza ezisekelwe kwiprogram ejolise ekubuyiseleni (i-ROP - i-Return-Oriented Programming).
  • Kwi-SSSD (IiNkonzo zoKhuseleko lweSistim iDaemon), iinkcukacha zelogi zonyusiwe, umzekelo, ixesha lokugqitywa komsebenzi ngoku lifakwe kwiziganeko kwaye ukuhamba kokuqinisekiswa kubonakaliswe. Kongezwe umsebenzi wokukhangela ukuhlalutya useto kunye nemiba yokusebenza.
  • Inkxaso ye-IMA (i-Integrity Measurement Architecture) iye yandiswa ukuze kuqinisekiswe ukunyaniseka kwamacandelo enkqubo yokusebenza usebenzisa iisignesha zedijithali kunye ne-hashes.
  • Ngokungagqibekanga, ulawulo lweqela elidityanisiweyo elinye (iqela v2) yenziwe. Amaqela v2 anokusetyenziswa, umzekelo, ukunciphisa inkumbulo, i-CPU kunye nokusetyenziswa kwe-I/O. Umahluko ophambili phakathi kwe-cgroups v2 kunye ne-v1 kukusetyenziswa kweqela eliqhelekileyo loluhlu lwazo zonke iintlobo zemithombo, endaweni yoluhlu oluhlukeneyo lokwabiwa kwezixhobo ze-CPU, zokulawula ukusetyenziswa kwememori, kunye ne-I / O. Uluhlu olwahlukileyo lukhokelele kubunzima ekuququzeleleni intsebenziswano phakathi kwabaphathi kunye neendleko ezongezelelweyo zemithombo ye-kernel xa kusetyenziswa imithetho yenkqubo ekubhekiselwa kuyo kwii-hierarchies ezahlukeneyo.
  • Inkxaso eyongezelelweyo yokuvumelanisa ixesha ngokuchanekileyo ngokusekelwe kwi-NTS (Network Time Security) protocol, esebenzisa izinto zeziseko zophuhliso ezingundoqo zikawonke-wonke (PKI) kwaye ivumela ukusetyenziswa kwe-TLS kunye ne-authenticated encryption AEAD (Authenticated Encryption with Associated Data) ukukhusela i-cryptographic yokusebenzisana kwe-client-server. umncedisi nge-NTP (Network Time Protocol). Iseva ye-NTP engapheliyo ihlaziyiwe kwinguqulelo 4.1.
  • Kubonelelwe ngenkxaso yovavanyo (i-Technology Preview) ye-KTLS (i-kernel-level TLS ukuphunyezwa), i-Intel SGX (Izandiso ze-Software Guard), i-DAX (Ukufikelela ngokuthe ngqo) kwi-ext4 kunye ne-XFS, inkxaso ye-AMD SEV kunye ne-SEV-ES kwi-hypervisor ye-KVM.

umthombo: opennet.ru

Thenga ukusingathwa okuthembekileyo kwiindawo ezinokhuseleko lweDDoS, iiseva zeVPS VDS 🔥 Thenga ukusingathwa kwewebhusayithi okuthembekileyo ngokhuseleko lwe-DDoS, iiseva zeVPS VDS | ProHoster