ProHoster > Ibhulogi > iindaba ze-intanethi > Ukukhutshwa kwe-AlmaLinux 9 kwangaphambili kusekwe kwisebe le-RHEL 9

Ukukhutshwa kwe-AlmaLinux 9 kwangaphambili kusekwe kwisebe le-RHEL 9

Ukukhutshwa kwe-beta yosasazo lwe-AlmaLinux 9 ibonisiwe, yakhiwe kusetyenziswa iipakethe ezivela kwiRed Hat Enterprise Linux 9 isebe kwaye iqulethe lonke utshintsho olucetywayo kolu kukhutshwa. Iindibano zilungiselelwe i-x86_64, i-ARM64, i-s390x kunye ne-ppc64le izakhiwo ngendlela ye-boot (780 MB), encinci (1.7 GB) kunye nomfanekiso opheleleyo (8 GB). Ukukhutshwa kwe-RHEL 9 kunye ne-AlmaLinux 9 kulindeleke ekuqaleni kukaMeyi.

Usasazo luyafana ne-RHEL ekusebenzeni, ngaphandle kweenguqu ezinxulumene nokutshintshwa kwegama kunye nokususwa kweepakethe ezikhethekileyo ze-RHEL ezifana ne-redhat-*, i-insights-client kunye ne-subscription-manager-migration*. I-AlmaLinux ikhululekile kuzo zonke iindidi zabasebenzisi, eziphuhliswe ngokubandakanyeka koluntu kunye nokusebenzisa imodeli yokulawula efana nombutho weprojekthi yeFedora. Abadali be-AlmaLinux bazamile ukufezekisa ukulingana phakathi kwenkxaso yenkampani kunye nomdla woluntu - kwelinye icala, izibonelelo kunye nabaphuhlisi be-CloudLinux, enamava amaninzi ekugcineni iifolokhwe ze-RHEL, babandakanyeka kuphuhliso, kunye nakwi. kwelinye icala, iprojekthi iselubala kwaye ilawulwa luluntu.

Ukuhanjiswa kwe-AlmaLinux kwasekwa yi-CloudLinux, eyathi, ngaphandle kokubandakanyeka kwezixhobo zayo kunye nabaphuhlisi, idlulisele iprojekthi kwintlangano eyahlukileyo engenzi nzuzo, i-AlmaLinux OS Foundation, yophuhliso kwindawo engathathi hlangothi kunye nokuthatha inxaxheba koluntu. Isigidi seerandi ngonyaka siye sabelwe ukuphuhlisa le projekthi. Lonke uphuhliso lweAlmaLinux lupapashwa phantsi kweelayisensi zasimahla.

Utshintsho oluphambili kwi-AlmaLinux 9 kunye ne-RHEL 9 xa kuthelekiswa nesebe le-RHEL 8:

  • Ubume benkqubo kunye nezixhobo zokuhlanganisa zihlaziyiwe. I-GCC 11 isetyenziselwa ukwakha iipakethe Ithala leencwadi elisemgangathweni C lihlaziywe ukuba libe yi-glibc 2.34. Iphakheji ye-Linux kernel isekwe kukhupho lwe-5.14. Umphathi wephakheji ye-RPM uhlaziywe ukuba abe yi-version 4.16 ngenkxaso yokubekwa esweni kokuthembeka kusetyenziswa i-fapolicyd.
  • Ukufuduswa kokuhanjiswa kwiPython 3 kugqityiwe.Isebe lePython 3.9 linikezelwa ngokungagqibekanga. IPython 2 iyekisiwe.
  • Idesktop isekwe kwi-GNOME 40 (i-RHEL 8 ithunyelwe nge-GNOME 3.28) kunye nethala leencwadi le-GTK 4. Kwi-GNOME 40, iidesktop zenyani ezikwimowudi ye-Activity Overview zitshintshelwa kwi-landscape orientation kwaye ziboniswa njengekhonkco eliqhubekayo lokuskrola ukusuka ekhohlo ukuya ekunene. Idesktop nganye eboniswe kwimowudi yokuJonga ijonga iifestile ezikhoyo kunye neepani eziguqukayo kunye nokwandisa njengoko umsebenzisi esebenzisana. Utshintsho olungenamthungo lunikiwe phakathi koluhlu lweenkqubo kunye nedesktop enenyani.
  • I-GNOME ibandakanya i-power-profiles-daemon handler ebonelela ngokukwazi ukutshintshela kwi-fly phakathi kwendlela yokugcina amandla, imowudi yokulinganisa amandla, kunye nemowudi yokusebenza ephezulu.
  • Yonke imijelo yomsindo iye yasiwa kwiseva yemidiya yePipeWire, ngoku engagqibekanga endaweni yePulseAudio kunye neJACK. Ukusebenzisa iPipeWire kukuvumela ukuba unikezele ngezakhono zokucutshungulwa komsindo kuhlelo oluqhelekileyo lwedesktop, susa ukuqhekeka kwaye udibanise iziseko zomsindo kwizicelo ezahlukeneyo.
  • Ngokungagqibekanga, imenyu ye-GRUB yokuqalisa iyafihlwa ukuba i-RHEL kukuphela konikezelo olufakwe kwisixokelelwano kwaye ukuba isiqalo sokugqibela siphumelele. Ukubonisa imenyu ngexesha lokuqalisa, vele ubambe iqhosha le-Shift okanye ucinezele iqhosha le-Esc okanye le-F8 amaxesha amaninzi. Phakathi kotshintsho kwi-bootloader, sikwaqaphela nokubekwa kweefayile zoqwalaselo ze-GRUB kuzo zonke izakhiwo kwi-directory enye /boot/grub2/ (ifayile /boot/efi/EFI/redhat/grub.cfg ngoku isisimboli sekhonkco kwi/boot /grub2/grub.cfg), ezo. inkqubo ehlohliweyo efanayo inokuqaliswa ngokusebenzisa zombini i-EFI kunye ne-BIOS.
  • Amacandelo okuxhasa iilwimi ezahlukeneyo apakishwe kwiilangpacks, ezikuvumela ukuba utshintshe inqanaba lenkxaso yolwimi efakiweyo. Umzekelo, i-langpacks-core-font inikezela ngamagama kuphela, i-langpacks-core ibonelela nge-glibc locale, isiseko sefonti, kunye nendlela yokufaka, kwaye i-langpacks ibonelela ngeenguqulelo, iifonti ezongezelelweyo, kunye nezichazi-magama zokukhangela upelo.
  • Amacandelo okhuseleko ahlaziyiwe. Ukusasazwa kusebenzisa isebe elitsha le-OpenSSL 3.0 yelayibrari ye-cryptographic. Ngokungagqibekanga, ii-algorithms zangoku nezithembekileyo ze-cryptographic ziyasebenza (umzekelo, ukusetyenziswa kwe-SHA-1 kwi-TLS, DTLS, SSH, IKEv2 kunye neKerberos akuvumelekanga, iTLS 1.0, TLS 1.1, DTLS 1.0, RC4, Camellia, DSA, 3DES kunye ne-FFDHE-1024 zikhubazekile) . Iphakheji ye-OpenSSH ihlaziywe kwinguqulo ye-8.6p1. I-Cyrus SASL iye yasiwa kwi-backend ye-GDBM endaweni ye-Berkeley DB. Amathala eencwadi e-NSS (iiNkonzo zoKhuseleko lweNethiwekhi) awasayixhasi ifomathi ye-DBM (Berkeley DB). I-GnuTLS ihlaziywe kuguqulelo 3.7.2.
  • Ukuphucula ngokuphawulekayo ukusebenza kwe-SELinux kunye nokunciphisa ukusetyenziswa kwememori. Kwi/etc/selinux/config, inkxaso ye-"SELINUX=ekhubazekileyo" ukuseta ukukhubaza i-SELinux isusiwe (esi setingi ngoku sivala kuphela ukulayishwa komgaqo-nkqubo, kwaye ukuvala ukusebenza kwe-SELinux ngoku kufuna ukuba kudluliswe iparamitha "selinux=0" kwi ikernel).
  • Inkxaso yovavanyo eyongeziweyo yeVPN WireGuard.
  • Ngokungagqibekanga, ukungena nge-SSH njengengcambu akuvumelekanga.
  • Izixhobo zokulawula iipakethe ze-iptables-nft (ii-iptables, ip6tables, i-ebtables kunye ne-arptables utilities) kunye ne-ipset ziye zachithwa. Ngoku kuyacetyiswa ukuba usebenzise ii-nftables ukulawula i-firewall.
  • Iquka i-daemon entsha ye-mptcpd yokuqwalasela i-MPTCP (i-MultiPath TCP), ulwandiso lwe-protocol ye-TCP yokuququzelela ukusebenza koqhagamshelo lwe-TCP kunye nokuhanjiswa kwepakethi ngaxeshanye kwiindlela ezininzi ngeendlela ezahlukeneyo zenethiwekhi ezihambelana needilesi ze-IP ezahlukeneyo. Ukusebenzisa mptcpd kwenza kube nokwenzeka ukuqwalasela iMPTCP ngaphandle kokusebenzisa iproute2 into eluncedo.
  • I-network-scripts package isusiwe, Imanejala yenethiwekhi kufuneka isetyenziswe ukumisela uqhakamshelwano lwenethiwekhi. Inkxaso yefomati yoseto lwe-ifcfg igciniwe, kodwa i-NetworkManager isebenzisa ifomathi esekwe kwifayile yesitshixo ngokungagqibekanga.
  • Ukwakhiwa kubandakanya iinguqulelo ezintsha zabaqulunqi kunye nezixhobo zabaphuhlisi: GCC 11.2, LLVM/Clang 12.0.1, Rust 1.54, Hamba 1.16.6, Node.js 16, OpenJDK 17, Perl 5.32, PHP 8.0, Python 3.9, Ruby Git 3.0, Ukuguqulwa 2.31, binutils 1.14, CMake 2.35, Maven 3.20.2, Imbovane 3.6.
  • Iiphakheji zeseva ye-Apache HTTP Server 2.4.48, nginx 1.20, i-Varnish Cache 6.5, i-squid 5.1 ihlaziywe.
  • I-DBMS MariaDB 10.5, MySQL 8.0, PostgreSQL 13, Redis 6.2 ihlaziywe.
  • Ukwakha i-emulator ye-QEMU, i-Clang inikwe amandla ngokungagqibekanga, okwenza kube lula ukusebenzisa ezinye iindlela zokukhusela ezongezelelweyo kwi-hypervisor ye-KVM, njenge-SafeStack ukukhusela kwiindlela zokuxhaphaza ezisekelwe kwiprogram ejolise ekubuyiseleni (i-ROP - i-Return-Oriented Programming).
  • Kwi-SSSD (IiNkonzo zoKhuseleko lweSistim iDaemon), iinkcukacha zelogi zonyusiwe, umzekelo, ixesha lokugqitywa komsebenzi ngoku lifakwe kwiziganeko kwaye ukuhamba kokuqinisekiswa kubonakaliswe. Kongezwe umsebenzi wokukhangela ukuhlalutya useto kunye nemiba yokusebenza.
  • Inkxaso ye-IMA (i-Integrity Measurement Architecture) iye yandiswa ukuze kuqinisekiswe ukunyaniseka kwamacandelo enkqubo yokusebenza usebenzisa iisignesha zedijithali kunye ne-hashes.
  • Ngokungagqibekanga, ulawulo lweqela elidityanisiweyo elinye (iqela v2) yenziwe. Amaqela v2 anokusetyenziswa, umzekelo, ukunciphisa inkumbulo, i-CPU kunye nokusetyenziswa kwe-I/O. Umahluko ophambili phakathi kwe-cgroups v2 kunye ne-v1 kukusetyenziswa kweqela eliqhelekileyo loluhlu lwazo zonke iintlobo zemithombo, endaweni yoluhlu oluhlukeneyo lokwabiwa kwezixhobo ze-CPU, zokulawula ukusetyenziswa kwememori, kunye ne-I / O. Uluhlu olwahlukileyo lukhokelele kubunzima ekuququzeleleni intsebenziswano phakathi kwabaphathi kunye neendleko ezongezelelweyo zemithombo ye-kernel xa kusetyenziswa imithetho yenkqubo ekubhekiselwa kuyo kwii-hierarchies ezahlukeneyo.
  • Inkxaso eyongeziweyo yongqamaniso lwexesha elichanekileyo ngokusekwe kwiprotocol ye-NTS (Network Time Security), esebenzisa izinto zesiseko esingundoqo sikawonke-wonke (PKI) kwaye ivumela ukusetyenziswa kwe-TLS kunye ne-encryption eqinisekisiweyo ye-AEAD (Ufihlo oluQinisekisiweyo ngeDatha eManyanisiweyo) kukhuseleko lwe-cryptographic of unxibelelwano lomxhasi-umncedisi ngeNTP protocol ( Network Time Protocol). Iseva ye-NTP yekhrony ihlaziywe kuguqulelo lwe-4.1.
  • Ukubonelela ngenkxaso yovavanyo lwe-KTLS (ukuphunyezwa kwe-kernel-level ye-TLS), i-Intel SGX (Izandiso ze-Software Guard), i-DAX (Ukufikelela ngokuthe ngqo) kwi-ext4 kunye ne-XFS, inkxaso ye-AMD SEV kunye ne-SEV-ES kwi-hypervisor ye-KVM.

    • umthombo: opennet.ru

Yongeza izimvo