Ngemva kokumenyezelwa kokukhishwa kwe-RHEL 9, i-Red Hat ishicilele ukukhululwa kwe-Red Hat Enterprise Linux 8.6. Izakhiwo zokufaka zilungiselelwa izakhiwo ze-x86_64, s390x (IBM System z), ppc64le, ne-Aarch64, kodwa zitholakala ukuze zilandwe kuphela kubasebenzisi ababhalisiwe be-Red Hat Customer Portal. Imithombo yamaphakheji weRed Hat Enterprise Linux 8 rpm isatshalaliswa endaweni ye-CentOS Git. Igatsha le-8.x, elizosekelwa kuze kube okungenani u-2029, lithuthukiswa ngokuvumelana nomjikelezo wokuthuthukisa ohilela ukwakhiwa kokukhishwa njalo ezinyangeni eziyisithupha ngesikhathi esinqunyiwe kusengaphambili.
Izinguquko ezibalulekile:
- Uhlaka lwe-fapolicyd, olukuvumela ukuthi unqume ukuthi yiziphi izinhlelo ezingaqhutshwa umsebenzisi othize futhi iziphi ezingakwazi, lubuyekeziwe lwaba yinguqulo 1.1, esebenzisa ukubekwa kwemithetho yokufinyelela kanye nohlu lwezinsiza ezithembekile ku-/etc/fapolicyd/rules. .d/ kanye /etc/fapolicyd/trust directory .d esikhundleni se-/etc/fapolicyd/fapolicyd.rules kanye /etc/fapolicyd/fapolicyd.trust amafayela. Kwengezwe izinketho ezintsha kusisetshenziswa se-fapolicyd-cli.
- Izilungiselelo zengezwe ku-fapolicyd, SELinux kanye ne-PBD (Ukucaciswa Kwenqubomgomo Okusekelwe Kumgomo wokuvula ngokuzenzakalelayo amadiski e-LUKS) ukuze kuthuthukiswe ukuvikeleka kwe-SAP HANA 2.0 DBMS.
- I-OpenSSH isebenzisa ikhono lokusebenzisa umyalo Faka kufayela lokumisa elithi sshd_config ukuze umiselele izilungiselelo ezivela kwamanye amafayela, isibonelo, ezikuvumela ukuthi ubeke izilungiselelo eziqondene nesistimu kufayela elihlukile.
- Inketho ethi "--checksum" yengezwe kumyalo wesemojuli ukuze kuhlolwe ubuqotho bamamojula afakiwe ngemithetho ye-SELinux.
- Ukwakheka kufaka phakathi izinguqulo ezintsha zabadidiyeli namathuluzi onjiniyela: Perl 5.32, PHP 8.0, LLVM Toolset 13.0.1, GCC Toolset 11.2.1, Rust Toolset 1.58.1, Go Toolset 1.17.7, java-17-opejdk (futhi qhubeka izothunyelwa i-java-11-openjdk ne-java-1.8.0-openjdk).
- Iseva ebuyekeziwe namaphakheji wesistimu: NetworkManager 1.36.0, rpm-ostree 2022.2, bophezela 9.11.36 kanye 9.16.23, Libreswan 4.5, audit 3.0.7, samba 4.15.5, 389 Directory Server 1.4.3.
- Umakhi Wezithombe wengeze ikhono lokudala izithombe zokukhishwa okuphakathi okuhlukile kwe-RHEL, okuhlukile enguqulweni yesistimu yamanje, futhi unikeza nokusekelwa kokumisa nokushintsha usayizi wesistimu yefayela kuma-partitions we-LVM.
- ama-nftables anciphisa kakhulu ukusetshenziswa kwememori (kufika ku-40%) lapho ubuyisela uhlu olukhulu lwesethi. Isisetshenziswa se-nft sisebenzisa usekelo lwezibali zephakethe nezibali zethrafikhi eziboshelwe ezintweni zokusetha futhi zinikwe amandla kusetshenziswa igama elingukhiye elithi “counter” (“@myset {ip saddr counter}”).
- Iphakheji ihlanganisa iphakheji ye-hostapd, esebenzisa i-FreeRADIUS backend futhi ingasetshenziswa ukusebenzisa isiqinisekisi se-802.1X kumanethiwekhi e-Ethernet. Ukusebenzisa i-hostapd ukuze usebenzise indawo yokufinyelela noma iseva yokuqinisekisa ye-Wi-Fi akusekelwa.
- Usekelo luhlinzekwa ezingxenyeni eziningi ze-eBPF, njenge-BCC (BPF Compiler Collection), libbpf, control traffic (tc, Traffic Control), bpftracem, xdp-tools kanye ne-XDP (eXpress Data Path). Esimeni Sokuhlola Kuqala Ubuchwepheshe, ukusekelwa kwamasokhethi e-AF_XDP kusasele ekufinyeleleni i-XDP endaweni yomsebenzisi.
- Ukuvumelana kuqinisekiswa ngezithombe zezinhlelo zesivakashi ezisekelwe ku-RHEL 9 kanye nesistimu yefayela ye-XFS (i-RHEL 9 isebenzisa ifomethi ye-XFS ebuyekeziwe ngokusekelwa kwe-bigtime nokubala).
- Iphakheji ye-Samba ihlanganisa izinguquko ezihlobene nokuqamba kabusha izinketho ku-Samba 4.15. Isibonelo, izinketho ziqanjwe kabusha: “—kerberos” (kuya “—use-kerberos=required|desired|off”), “—krb5-ccache” (kuya “—use-krb5-ccache=CCACHE”), “ —scope” ( kokuthi "--netbios-scope=SCOPE") kanye "--use-ccache" (ku-"--use-winbind-ccache"). Izinketho ezisusiwe: “-e|—encrypt” kanye “-S|—signing”. Izinketho eziyimpinda zisusiwe ku-ldbadd, ldbdel, ldbedit, ldbmodify, ldbrename kanye ne-ldbsearch, ndrdump, net, sharesec, smbcquotas, nmbd, smbd kanye nezinsiza ze-winbindd.
- Kwengezwe inketho ethi "--list-diagnostics" ku-ld.so ukuze ubonise idatha ethinta ukusetshenziswa kokulungiselelwa ku-Glibc.
- Ikhonsoli yewebhu yengeze amandla okuqinisekisa kusetshenziswa amakhadi ahlakaniphile e-sudo ne-SSH, idlulisele i-PCI namadivayisi e-USB emishinini ebonakalayo, futhi iphathe isitoreji sasendaweni kusetshenziswa i-Stratis.
- I-KVM hypervisor yengeza ukusekelwa kwezivakashi ezisebenzayo Windows 11 kanye neWindows Server 2022.
- Iphakethe le-rig lifakwe nensiza yokuqoqa idatha yokuqapha nokucubungula imicimbi engasiza ukuxilonga izinkinga ezingahleliwe noma ezingajwayelekile kakhulu.
- Amathuluzi okuqukatha angeziwe 4.0, afaka i-Podman, i-Buildah, i-Skopeo kanye nezinsiza ze-runc.
- Kungenzeka ukusebenzisa i-NFS njengendawo yokugcina iziqukathi ezingazodwa kanye nemifanekiso yazo.
- Isithombe sesiqukathi esinekhithi yamathuluzi ye-Podman simisiwe. Isitsha esingeziwe esinomugqa womyalo we-openssl.
- Iqoqo elisha lamaphakheji lihanjiswe esigabeni esiphelelwe yisikhathi (okuhloswe ngalo ukususwa ngokuzayo), okuhlanganisa abrt, alsa-plugins-pulseaudio, aspnetcore, awscli, bpg-*, dbus-c++, dotnet 3.0-5.0, ukulahla, amafonti -tweak-tool, gegl, gnu-free-fonts-common, gnuplot, java-1.8.0-ibm, libcgroup-tools, libmemcached-libs, pygtk2, python2-backports, recode, spax, spice-server, star, tpm -amathuluzi.
- Ukunikezwa okuqhubekayo kosekelo lokuhlola (Ukubuka Kuqala Kobuchwepheshe) kwe-AF_XDP, ukulayishwa kwezingxenyekazi zekhompyutha ze-XDP, i-Multipath TCP (MPTCP), i-MPLS (I-Multi-protocol Label Switching), i-DSA (isisheshisi sokusakaza idatha), i-KTLS, idracut, i-kexec reboot, i-nispor, i-DAX ngaphakathi ext4 kanye ne-xfs, i-systemd-resolved, accel-config, igc, OverlayFS, Stratis, Software Guard Extensions (SGX), NVMe/TCP, DNSSEC, GNOME kuzinhlelo ze-ARM64 kanye ne-IBM Z, AMD SEV ye-KVM, Intel vGPU, Ibhokisi lamathuluzi.
Source: opennet.ru