ProHoster > Ibhulogi > iindaba ze-intanethi > Ukuhanjiswa kweRed Hat Enterprise Linux 9 yaziswa

Ukuhanjiswa kweRed Hat Enterprise Linux 9 yaziswa

I-Red Hat iye yazisa ukukhululwa kwe-Red Hat Enterprise Linux 9. Imifanekiso yokufakela esele ilungile iya kufumaneka ngokukhawuleza kubasebenzisi ababhalisiweyo be-Portal yoMthengi we-Red Hat (i-CentOS Stream 9 imifanekiso ye-iso ingasetyenziselwa ukuvavanya ukusebenza). Ukukhutshwa kwenzelwe i-x86_64, s390x (IBM System z), i-ppc64le kunye ne-Aarch64 (ARM64) izakhiwo. Ikhowudi yomthombo weRed Hat Enterprise Linux 9 rpm ipakethe iyafumaneka kwindawo yokugcina ye-CentOS Git. Ngokungqinelana nomjikelo wenkxaso weminyaka eyi-10 wokusasazwa, i-RHEL 9 iya kuxhaswa kude kube ngu-2032. Uhlaziyo lwe-RHEL 7 luza kuqhubeka nokukhutshwa kude kube nguJuni 30, 2024, RHEL 8 de kube nguMeyi 31, 2029.

I-Red Hat Enterprise Linux 9 iphawuleka ngokuhamba kwayo kwinkqubo yophuhliso evuleleke ngakumbi. Ngokungafaniyo namasebe angaphambili, isiseko sephakheji ye-CentOS Stream 9 sisetyenziswa njengesiseko sokwakha ukuhanjiswa.I-CentOS Stream ibekwe njengeprojekthi ephezulu ye-RHEL, evumela abathathi-nxaxheba beqela lesithathu ukuba balawule ukulungiswa kweepakethe ze-RHEL, bacebise utshintsho kunye nefuthe labo. izigqibo ezenziweyo. Ngaphambili, i-snapshot yesinye se-Fedora ekhutshwayo yayisetyenziswe njengesiseko sesebe elitsha le-RHEL, elagqitywa kwaye lazinziswa emva kweengcango ezivaliweyo, ngaphandle kokukwazi ukulawula inkqubela phambili yophuhliso kunye nezigqibo ezenziwe. Ngoku, ngokusekelwe kwi-snapshot ye-Fedora, kunye nokuthatha inxaxheba koluntu, isebe le-CentOS Stream liyenziwa, apho umsebenzi wokulungiselela wenziwa kwaye isiseko senziwe kwisebe elitsha elibalulekileyo le-RHEL.

Utshintsho oluphambili:

  • Ubume benkqubo kunye nezixhobo zokuhlanganisa zihlaziyiwe. I-GCC 11 isetyenziselwa ukwakha iipakethe Ithala leencwadi elisemgangathweni C lihlaziywe ukuba libe yi-glibc 2.34. Iphakheji ye-Linux kernel isekwe kukhupho lwe-5.14. Umphathi wephakheji ye-RPM uhlaziywe ukuba abe yi-version 4.16 ngenkxaso yokubekwa esweni kokuthembeka kusetyenziswa i-fapolicyd.
  • Ukufuduswa kokuhanjiswa kwiPython 3 kugqityiwe.Isebe lePython 3.9 linikezelwa ngokungagqibekanga. IPython 2 iyekisiwe.
  • Idesktop isekwe kwi-GNOME 40 (i-RHEL 8 ithunyelwe nge-GNOME 3.28) kunye nethala leencwadi le-GTK 4. Kwi-GNOME 40, iidesktop zenyani ezikwimowudi ye-Activity Overview zitshintshelwa kwi-landscape orientation kwaye ziboniswa njengekhonkco eliqhubekayo lokuskrola ukusuka ekhohlo ukuya ekunene. Idesktop nganye eboniswe kwimowudi yokuJonga ijonga iifestile ezikhoyo kunye neepani eziguqukayo kunye nokwandisa njengoko umsebenzisi esebenzisana. Utshintsho olungenamthungo lunikiwe phakathi koluhlu lweenkqubo kunye nedesktop enenyani.
  • I-GNOME ibandakanya i-power-profiles-daemon handler ebonelela ngokukwazi ukutshintshela kwi-fly phakathi kwendlela yokugcina amandla, imowudi yokulinganisa amandla, kunye nemowudi yokusebenza ephezulu.
  • Yonke imijelo yomsindo iye yasiwa kwiseva yemidiya yePipeWire, ngoku engagqibekanga endaweni yePulseAudio kunye neJACK. Ukusebenzisa iPipeWire kukuvumela ukuba unikezele ngezakhono zokucutshungulwa komsindo kuhlelo oluqhelekileyo lwedesktop, susa ukuqhekeka kwaye udibanise iziseko zomsindo kwizicelo ezahlukeneyo.
  • Ngokungagqibekanga, imenyu ye-GRUB yokuqalisa iyafihlwa ukuba i-RHEL kukuphela konikezelo olufakwe kwisixokelelwano kwaye ukuba isiqalo sokugqibela siphumelele. Ukubonisa imenyu ngexesha lokuqalisa, vele ubambe iqhosha le-Shift okanye ucinezele iqhosha le-Esc okanye le-F8 amaxesha amaninzi. Phakathi kotshintsho kwi-bootloader, sikwaqaphela nokubekwa kweefayile zoqwalaselo ze-GRUB kuzo zonke izakhiwo kwi-directory enye /boot/grub2/ (ifayile /boot/efi/EFI/redhat/grub.cfg ngoku isisimboli sekhonkco kwi/boot /grub2/grub.cfg), ezo. inkqubo ehlohliweyo efanayo inokuqaliswa ngokusebenzisa zombini i-EFI kunye ne-BIOS.
  • Amacandelo okuxhasa iilwimi ezahlukeneyo apakishwe kwiilangpacks, ezikuvumela ukuba utshintshe inqanaba lenkxaso yolwimi efakiweyo. Umzekelo, i-langpacks-core-font inikezela ngamagama kuphela, i-langpacks-core ibonelela nge-glibc locale, isiseko sefonti, kunye nendlela yokufaka, kwaye i-langpacks ibonelela ngeenguqulelo, iifonti ezongezelelweyo, kunye nezichazi-magama zokukhangela upelo.
  • Amacandelo okhuseleko ahlaziyiwe. Ukusasazwa kusebenzisa isebe elitsha le-OpenSSL 3.0 yelayibrari ye-cryptographic. Ngokungagqibekanga, ii-algorithms zangoku nezithembekileyo ze-cryptographic ziyasebenza (umzekelo, ukusetyenziswa kwe-SHA-1 kwi-TLS, DTLS, SSH, IKEv2 kunye neKerberos akuvumelekanga, iTLS 1.0, TLS 1.1, DTLS 1.0, RC4, Camellia, DSA, 3DES kunye ne-FFDHE-1024 zikhubazekile) . Iphakheji ye-OpenSSH ihlaziywe kwinguqulo ye-8.6p1. I-Cyrus SASL iye yasiwa kwi-backend ye-GDBM endaweni ye-Berkeley DB. Amathala eencwadi e-NSS (iiNkonzo zoKhuseleko lweNethiwekhi) awasayixhasi ifomathi ye-DBM (Berkeley DB). I-GnuTLS ihlaziywe kuguqulelo 3.7.2.
  • Ukuphucula ngokuphawulekayo ukusebenza kwe-SELinux kunye nokunciphisa ukusetyenziswa kwememori. Kwi/etc/selinux/config, inkxaso ye-"SELINUX=ekhubazekileyo" ukuseta ukukhubaza i-SELinux isusiwe (esi setingi ngoku sivala kuphela ukulayishwa komgaqo-nkqubo, kwaye ukuvala ukusebenza kwe-SELinux ngoku kufuna ukuba kudluliswe iparamitha "selinux=0" kwi ikernel).
  • Inkxaso yovavanyo eyongeziweyo yeVPN WireGuard.
  • Ngokungagqibekanga, ukungena nge-SSH njengengcambu akuvumelekanga.
  • Izixhobo zokulawula iipakethe ze-iptables-nft (ii-iptables, ip6tables, i-ebtables kunye ne-arptables utilities) kunye ne-ipset ziye zachithwa. Ngoku kuyacetyiswa ukuba usebenzise ii-nftables ukulawula i-firewall.
  • Iquka i-daemon entsha ye-mptcpd yokuqwalasela i-MPTCP (i-MultiPath TCP), ulwandiso lwe-protocol ye-TCP yokuququzelela ukusebenza koqhagamshelo lwe-TCP kunye nokuhanjiswa kwepakethi ngaxeshanye kwiindlela ezininzi ngeendlela ezahlukeneyo zenethiwekhi ezihambelana needilesi ze-IP ezahlukeneyo. Ukusebenzisa mptcpd kwenza kube nokwenzeka ukuqwalasela iMPTCP ngaphandle kokusebenzisa iproute2 into eluncedo.
  • I-network-scripts package isusiwe, Imanejala yenethiwekhi kufuneka isetyenziswe ukumisela uqhakamshelwano lwenethiwekhi. Inkxaso yefomati yoseto lwe-ifcfg igciniwe, kodwa i-NetworkManager isebenzisa ifomathi esekwe kwifayile yesitshixo ngokungagqibekanga.
  • Ukwakhiwa kubandakanya iinguqulelo ezintsha zabaqulunqi kunye nezixhobo zabaphuhlisi: GCC 11.2, LLVM/Clang 12.0.1, Rust 1.54, Hamba 1.16.6, Node.js 16, OpenJDK 17, Perl 5.32, PHP 8.0, Python 3.9, Ruby Git 3.0, Ukuguqulwa 2.31, binutils 1.14, CMake 2.35, Maven 3.20.2, Imbovane 3.6.
  • Iiphakheji zeseva ye-Apache HTTP Server 2.4.48, nginx 1.20, i-Varnish Cache 6.5, i-squid 5.1 ihlaziywe.
  • I-DBMS MariaDB 10.5, MySQL 8.0, PostgreSQL 13, Redis 6.2 ihlaziywe.
  • Ukwakha i-emulator ye-QEMU, i-Clang inikwe amandla ngokungagqibekanga, okwenza kube lula ukusebenzisa ezinye iindlela zokukhusela ezongezelelweyo kwi-hypervisor ye-KVM, njenge-SafeStack ukukhusela kwiindlela zokuxhaphaza ezisekelwe kwiprogram ejolise ekubuyiseleni (i-ROP - i-Return-Oriented Programming).
  • Kwi-SSSD (IiNkonzo zoKhuseleko lweSistim iDaemon), iinkcukacha zelogi zonyusiwe, umzekelo, ixesha lokugqitywa komsebenzi ngoku lifakwe kwiziganeko kwaye ukuhamba kokuqinisekiswa kubonakaliswe. Kongezwe umsebenzi wokukhangela ukuhlalutya useto kunye nemiba yokusebenza.
  • Inkxaso ye-IMA (i-Integrity Measurement Architecture) iye yandiswa ukuze kuqinisekiswe ukunyaniseka kwamacandelo enkqubo yokusebenza usebenzisa iisignesha zedijithali kunye ne-hashes.
  • Ngokungagqibekanga, ulawulo lweqela elidityanisiweyo elinye (iqela v2) yenziwe. Amaqela v2 anokusetyenziswa, umzekelo, ukunciphisa inkumbulo, i-CPU kunye nokusetyenziswa kwe-I/O. Umahluko ophambili phakathi kwe-cgroups v2 kunye ne-v1 kukusetyenziswa kweqela eliqhelekileyo loluhlu lwazo zonke iintlobo zemithombo, endaweni yoluhlu oluhlukeneyo lokwabiwa kwezixhobo ze-CPU, zokulawula ukusetyenziswa kwememori, kunye ne-I / O. Uluhlu olwahlukileyo lukhokelele kubunzima ekuququzeleleni intsebenziswano phakathi kwabaphathi kunye neendleko ezongezelelweyo zemithombo ye-kernel xa kusetyenziswa imithetho yenkqubo ekubhekiselwa kuyo kwii-hierarchies ezahlukeneyo.
  • Inkxaso eyongeziweyo yongqamaniso lwexesha elichanekileyo ngokusekwe kwiprotocol ye-NTS (Network Time Security), esebenzisa izinto zesiseko esingundoqo sikawonke-wonke (PKI) kwaye ivumela ukusetyenziswa kwe-TLS kunye ne-encryption eqinisekisiweyo ye-AEAD (Ufihlo oluQinisekisiweyo ngeDatha eManyanisiweyo) kukhuseleko lwe-cryptographic of unxibelelwano lomxhasi-umncedisi ngeNTP protocol ( Network Time Protocol). Iseva ye-NTP yekhrony ihlaziywe kuguqulelo lwe-4.1.
  • Kubonelelwe ngenkxaso yovavanyo (i-Technology Preview) ye-KTLS (i-kernel-level TLS ukuphunyezwa), i-Intel SGX (Izandiso ze-Software Guard), i-DAX (Ukufikelela ngokuthe ngqo) kwi-ext4 kunye ne-XFS, inkxaso ye-AMD SEV kunye ne-SEV-ES kwi-hypervisor ye-KVM.

umthombo: opennet.ru

Yongeza izimvo