I-ProHoster > Π‘Π»ΠΎΠ³ > izindaba ze-inthanethi > Ukusabalalisa kwe-SUSE Linux Enterprise 15 SP3 kuyatholakala

Ukusabalalisa kwe-SUSE Linux Enterprise 15 SP3 kuyatholakala

Ngemuva konyaka wokuthuthuka, i-SUSE yethule ukukhululwa kokusatshalaliswa kwe-SUSE Linux Enterprise 15 SP3. Ngokusekelwe kuplathifomu ye-SUSE Linux Enterprise, kwakhiwa imikhiqizo efana ne-SUSE Linux Enterprise Server, SUSE Linux Enterprise Desktop, SUSE Manager kanye neSUSE Linux Enterprise High Performance Computing. Ukusabalalisa kumahhala ukulanda futhi kusetshenziswe, kodwa ukufinyelela kuzibuyekezo namapeshi kukhawulelwe esikhathini sesivivinyo sezinsuku ezingama-60. Ukukhishwa kuyatholakala ekwakhiweni kwezakhiwo ze-aarch64, ppc64le, s390x kanye ne-x86_64.

I-SUSE Linux Enterprise 15 SP3 inikeza ukuhambisana kanambambili okungu-100% kwamaphakeji ngokusatshalaliswa kwe-openSUSE Leap 15.3 ekhishwe ngaphambilini, okuvumela ukufuduka okushelela kakhulu kwamasistimu asebenzisa i-OpenSUSE kuya ku-SUSE Linux Enterprise, ngokuphambene nalokho. Kulindeleke ukuthi abasebenzisi baqale bakhe futhi bahlole isixazululo esisebenzayo esisekelwe ku-openSUSE, bese beshintshela enguqulweni yezohwebo ngokusekelwa okugcwele, i-SLA, isitifiketi, izibuyekezo zesikhathi eside namathuluzi athuthukile okwamukelwa ngobuningi. Izinga eliphezulu lokusebenzisana lafinyelelwa ngokusebenzisa i-openSUSE yesethi eyodwa yamaphakheji kanambambili nge-SUSE Linux Enterprise, esikhundleni sokwakhiwa kabusha kwamaphakheji we-src okwenziwa ngaphambilini.

Izinguquko eziyinhloko:

  • Njengasekukhishweni kwangaphambilini, i-Linux 5.3 kernel iyaqhubeka nokulethwa, enwetshiwe ukuze isekele ihadiwe entsha. Ukulungiselelwa okungeziwe kwe-AMD EPYC, i-Intel Xeon, i-Arm ne-Fujitsu processors, okuhlanganisa ukunika amandla ukulungiselelwa okuqondile kumaphrosesa we-AMD EPYC 7003. Usekelo olungeziwe lwamakhadi e-Habana Labs Goya AI Processor (AIP) PCIe. Usekelo olungeziwe lwe-NXP i.MX 8M Mini, NXP Layerscape LS1012A, NVIDIA Tegra X1 (T210) kanye ne-Tegra X2 (T186) SoCs.
  • Ukulethwa kwamamojula e-kernel ngendlela ecindezelwe kuqalisiwe.
  • Kungenzeka ukukhetha izindlela zokulungiselela (PREEMPT) kusihleli somsebenzi esigabeni sokuqalisa (preempt=none/voluntary/ full).
  • Kungezwe amandla okulondoloza ukulahlwa kokuphahlazeka kwe-kernel endleleni ye-pstore, okukuvumela ukuthi ulondoloze idatha ezindaweni zememori ezingalahleki phakathi nokuqaliswa kabusha.
  • Umkhawulo yenani eliphezulu lezichazi zefayela lezinqubo zabasebenzisi (RLIMIT_NOFILE) unyusiwe. Umkhawulo onzima unyusiwe kusuka ku-4096 kuya ku-512K, futhi umkhawulo othambile, ongakhuliswa kusuka ngaphakathi kwesicelo, uhlala ungashintshiwe (izibambo ezingu-1024).
  • I-Firewalld yengeze ukusekelwa kwe-backend yokusebenzisa ama-nfttables esikhundleni sama-iptables.
  • Ukwesekwa okwengeziwe kwe-VPN WireGuard (iphakheji yamathuluzi e-wireguard kanye nemojula ye-kernel).
  • I-Linuxrc isekela ukuthumela izicelo ze-DHCP ngefomethi ye-RFC-2132 ngaphandle kokucacisa ikheli le-MAC ukuze kube lula ukunakekela inani elikhulu labasingathi.
  • I-dm-crypt yengeza ukusekelwa kokubethela okuvumelanayo, okunikwe amandla kusetshenziswa ulayini wokungafundiwe kanye nezinketho zomugqa wokungasebenzi-ukubhala ku-/etc/crypttab. Imodi entsha inikeza ukuthuthukiswa kokusebenza ngaphezu kwemodi ezenzakalelayo ye-asynchronous.
  • Usekelo oluthuthukisiwe lwe-NVIDIA Compute Module, CUDA (Compute Unified Device Architecture) kanye ne-Virtual GPU.
  • Usekelo olungeziwe lwezandiso ze-SEV (Secure Encrypted Virtualization) ezihlongozwe esizukulwaneni sesibili samaphrosesa e-AMD EPYC, ahlinzeka ngokubethela okusobala kwememori yomshini obonakalayo.
  • Amaphakheji e-exfatprogs namathuluzi e-bcache anezinsiza ze-exFAT ne-BCache afakiwe.
  • Kwengezwe amandla okunika amandla i-DAX (Ukufinyelela Okuqondile) kumafayela ngamanye ku-Ext4 naku-XFS kusetshenziswa inketho yokukhweza ethi "-o dax=inode" kanye nefulegi le-FS_XFLAG_DAX.
  • Izinsiza ze-Btrfs (btrfsprogs) zengeze usekelo lokwenziwa kwe-serial (ukwenza ngokulandelana komugqa) wemisebenzi engakwazi ukwenziwa ngesikhathi esisodwa, njengokulinganisa, ukususa/ukwengeza amadivayisi kanye nokushintsha usayizi wesistimu yefayela. Esikhundleni sokuphonsa iphutha, imisebenzi efanayo manje seyenziwa ngokulandelana.
  • Isifaki sengeze okhiye bokushisa u-Ctrl+Alt+Shift+C (kwimodi yesithombe) kanye no-Ctrl+D Shift+C (kwimodi yekhonsoli) ukuze kuboniswe ibhokisi elinezilungiselelo ezengeziwe (izilungiselelo zenethiwekhi, ukukhetha amakhosombe nokushintshela kumodi yochwepheshe).
  • I-YaST yengeze usekelo lwe-SELinux. Ngesikhathi sokufaka manje usungakwazi ukunika amandla i-SELinux bese ukhetha imodi "yokuphoqelela" noma "yokuvumela". Ukusekelwa okuthuthukisiwe kwemibhalo namaphrofayili ku-AutoYaST.
  • Izinguqulo ezintsha ze-GCC 10, glibc 2.31, systemd 246, PostgreSQL 13, MariaDB 10.5, postfix 3.5, nginx 1.19, bluez 5.55, bophezela 9.16, clamav 0.103, erlang 22.3, Node 14, 3.9, PJS, Node 1.43, 1.10, 8.4, 5.2, Node 4.13, 1.14.43. Oku-1.5 kuhlongoziwe XNUMX, openssh XNUMX , QEMU XNUMX, samba XNUMX, zypper XNUMX, fwupd XNUMX.
  • Kwengezwe: Umshayeli we-JDBC we-PostgreSQL, amaphakheji nodejs-common, python-kubernetes, python3-kerberos, python-cassandra-driver, python-arrow, compat-libpthread_nonshared, librabbitmq.
  • Njengasekukhishweni kwangaphambilini, ideskithophu ye-GNOME 3.34 inikezwa, lapho ukulungiswa kweziphazamisi okunqwabelene kudluliselwe khona. Kubuyekeziwe Inkscape 1.0.1, Mesa 20.2.4, Firefox 78.10.
  • Insiza entsha ye-xca (Isitifiketi Se-X Nokhiye Wokuphatha) yengezwe kukhithi yamathuluzi yokuphatha isitifiketi, ongakha ngayo iziphathimandla zesitifiketi zendawo, ukhiqize, usayine futhi uhoxise izitifiketi, okhiye bokungenisa nokuthekelisa kanye nezitifiketi ngefomethi ye-PEM, DER kanye ne-PKCS8.
  • Kwengezwe amandla okusebenzisa amathuluzi ukuphatha iziqukathi zePodman ezihlukanisiwe ngaphandle kwamalungelo ezimpande.
  • Ukwesekwa okwengeziwe kwe-IPSec VPN StrongSwan ku-NetworkManager (idinga ukufakwa kwamaphakheji e-NetworkManager-strongswan kanye ne-NetworkManager-strongswan-gnome). Usekelo lwe-NetworkManager lwezinhlelo zeseva luhoxisiwe futhi lungase lususwe ekukhishweni okuzayo (okubi kusetshenziselwa ukulungisa isistimu engaphansi yenethiwekhi yamaseva).
  • Iphakheji ye-wpa_supplicant ibuyekezelwe kunguqulo 2.9, manje ehlanganisa ukusekelwa kwe-WPA3.
  • Ukusekelwa kwezikena kunwetshiwe, iphakheji ye-sane-backends ibuyekeziwe ukuze ibe yinguqulo 1.0.32, eyethula i-escl backend entsha yezikena ezihambisana nobuchwepheshe be-Airprint.
  • Kufaka umshayeli we-etnaviv wama-Vivante GPU asetshenziswa kuma-ARM SoC ahlukahlukene, njenge-NXP Layerscape LS1028A/LS1018A kanye ne-NXP i.MX 8M. Kumabhodi we-Raspberry Pi, kusetshenziswa isilayishi se-U-Boot boot.
  • Ku-KVM, usayizi omkhulu wenkumbulo yomshini obonakalayo unyuswa waba ngu-6 TiB. I-Xen hypervisor ibuyekeziwe ukuze ikhulule i-4.14, i-libvirt ibuyekezwe kunguqulo 7.0, futhi i-virt-manager ibuyekeziwe ukuze ikhulule i-3.2. Amasistimu okwenza izinto ezibonakalayo ngaphandle kwe-IOMMU ahlinzeka ngosekelo lwama-CPU angaphezu kuka-256 emishinini ebonakalayo. Ukuqaliswa okubuyekeziwe kwephrothokholi ye-Spice. I-spice-gtk yengeze usekelo lokukhweza izithombe ze-iso ohlangothini lweklayenti, yathuthukisa umsebenzi ngebhodi lokunamathisela futhi yasusa ingemuva le-PulseAudio. Kwengezwe Amabhokisi E-Vagrant asemthethweni we-SUSE Linux Enterprise Server (x86-64 kanye ne-AArch64).
  • Kwengezwe iphakheji le-SWtpm ngokusetshenziswa kwesilingisi sesofthiwe ye-TPM (Trusted Platform Module).
  • Kuzinhlelo ze-x86_64, isibambi esingenzi lutho se-CPU sengeziwe - β€œi-haltpoll”, esinquma ukuthi i-CPU ingafakwa nini ezindleleni zokonga amandla ajulile; lapho imodi ijula, iyonga kakhulu, kodwa futhi kuthatha isikhathi eside ukuphuma kumodi. . Isibambi esisha sidizayinelwe ukusetshenziswa ezinhlelweni ze-virtualization futhi sivumela i-virtual CPU (VCPU) esetshenziswa kusistimu yesivakashi ukuthi icele isikhathi esingeziwe ngaphambi kokuthi i-CPU ingene esimweni sokungenzi lutho. Le ndlela ithuthukisa ukusebenza kwezinhlelo zokusebenza ezingokoqobo ngokuvimbela ukulawula ukuthi kungabuyiselwa ku-hypervisor.
  • Iseva ye-OpenLDAP yehlisiwe futhi izosuswa ku-SUSE Linux Enterprise 15 SP4, esikhundleni seseva ye-LDAP ye-389 Directory Server (iphakheji 389-ds). Ukulethwa kwemitapo yolwazi yeklayenti le-OpenLDAP kanye nezinsiza kuzoqhubeka.
  • Ukusekelwa kweziqukathi okusekelwe kukhithi yamathuluzi ye-LXC (i-libvirt-lxc namaphakheji we-virt-sandbox) kwehlisiwe futhi kuzonqanyulwa ku-SUSE Linux Enterprise 15 SP4. Kunconywa ukusebenzisa i-Docker noma i-Podman esikhundleni se-LXC.
  • Ukusekelwa kwezikripthi zokuqalisa ze-System V init.d kuhoxisiwe futhi kuzoguqulelwa ngokuzenzakalelayo kumayunithi e-systemd.
  • I-TLS 1.1 kanye ne-1.0 zihlukaniswa njengezinganconyelwe ukusetshenziswa. Lawa maphrothokholi angase anqanyulwe ekukhishweni okuzayo. I-OpenSSL, i-GnuTLS ne-Mozilla NSS enikezwe ngosekelo lokusabalalisa i-TLS 1.3.
  • I-database yephakheji ye-RPM (rpmdb) ithuthelwe isuka e-BerkeleyDB yayiswa ku-NDB (igatsha lase-Berkeley DB 5.x alinakekelwa iminyaka eminingana, futhi ukuthuthela kokukhishwa okusha kuphazanyiswa ushintsho kulayisensi ye-Berkeley DB 6 kuya ku-AGPLv3, futhi iyasebenza ezinhlelweni ezisebenzisa i-BerkeleyDB efomini lomtapo wolwazi - i-RPM ihlinzekwa ngaphansi kwe-GPLv2, futhi i-AGPL ayihambisani ne-GPLv2).
  • Igobolondo le-Bash manje selitholakala ngokuthi "/usr/bin/bash" (ikhono lokulibiza ngokuthi / bin/bash ligciniwe).
  • Ikhithi yamathuluzi ye-SUSE Linux Enterprise Base Container Images (SLE BCI) ihlongozwa ukwakha, ukudiliva kanye nokugcina izithombe zesiqukathi esiqukethe isethi encane yezingxenye ezisuselwe ku-SUSE Linux Enterprise Server edingekayo ukuze kusetshenziswe izinhlelo zokusebenza ezithile esitsheni (okuhlanganisa iPython, Ruby, Perl kanye njll.)

Source: opennet.ru

Engeza amazwana