-
Language:
English
-
Language:
English
Red Hat Training
A Red Hat training course is available for Red Hat Enterprise Linux
3. Feature Updates
3.1. All Architectures
- Systemtap
- Systemtap is a GPL-based infrastructure which simplifies information gathering on a running Linux system. This assists in diagnosis of performance or functional problems. With
systemtap
, the tedious and disruptive "instrument, recompile, install, and reboot" sequence is no longer needed to collect diagnostic data.Systemtap is now fully supported. For more information refer to http://sources.redhat.com/systemtap. - iSNS-utils
- The Internet storage name service for Linux (
isns-utils
) is now supported. This allows you to register iSCSI and iFCP storage devices on the network.isns-utils
allows dynamic discovery of available storage targets through storage initiators.isns-utils
provides intelligent storage discovery and management services comparable to those found in fibre-channel networks. This allows an IP network to function in a similar capacity to a storage area network.With its ability to emulate fibre-channel fabric services,isns-utils
allows for seamless integration of IP and fibre-channel networks. In addition,isns-utils
also provides utilities for managing both iSCSI and fibre-channel devices within the network.For more information aboutisns-utils
specifications, refer to http://tools.ietf.org/html/rfc4171. For usage instructions, refer to/usr/share/docs/isns-utils-[version]/README
and/usr/share/docs/isns-utils-[version]/README.redhat.setup
. - rsyslog
rsyslog
is an enhanced multi-threadedsyslogd
daemon that supports the following (among others):- MySQL
- syslog/tcp
- RFC 3195
- permitted sender lists
- filtering on any message part
- more granular output format control
rsyslog
is compatible with the stocksysklogd
, and can be used as a replacement in most cases. Its advanced features make it suitable for enterprise-class, encryptedsyslog
relay chains; at the same time, its user-friendly interface is designed to make setup easy for novice users.For more information aboutrsyslog
, refer to http://www.rsyslog.com/.- Openswan
- Openswan is a free implementation of Internet Protocol Security (IPsec) and Internet Key Exchange (IKE) for Linux. IPsec uses strong cryptography to provide authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the untrusted network is encrypted by the IPsec gateway machine and decrypted by the gateway at the other end of the tunnel. The resulting tunnel is a virtual private network (VPN).This release of Openswan supports IKEv2 (RFC 4306, 4718) and contains an IKE2 daemon that conforms to IETF RFCs. For more information about Openswan, refer to http://www.openswan.org/.
- Evolution
- The Evolution update for this release now features the following enhancements (among others):
- Bogofilter compatibility for filtering junk mail.
- An option to receive pop-up notifications for new mail.
- Improved performance for downloading messages from a Microsoft Exchange™ server.
- A setup assistant to guide you through both backing up and restoring data and settings.
- Thunderbird
- Thunderbird has been updated to version 2.0.0.12. This update applies the following features (among others):
- Message tags, which help organize email.
- Built-in support for Google Mail and .Mac mail.
- Find-as-you-type, which highlights and filters message text as you type.
- An updated extension system, which provides enhanced security and allows easier extension localization.
For more information about this update, refer to http://www.mozilla.com/en-US/thunderbird/2.0.0.0/releasenotes/. - Password Hashing Using SHA-256/SHA-512
- Password hashing using the SHA-256 and SHA-512 hash functions is now supported.To switch to SHA-256 or SHA-512 on an installed system, run
authconfig --passalgo=sha256 --update
orauthconfig --passalgo=sha512 --update
. To configure the hashing method through a GUI, useauthconfig-gtk
. Existing user accounts will not be affected until their passwords are changed.For newly installed systems, using SHA-256 or SHA-512 can be configured only for kickstart installations. To do so, use the--passalgo=sha256
or--passalgo=sha512
options of the kickstart commandauth
; also, remove the--enablemd5
option if present.If your installation does not use kickstart, useauthconfig
as described above. After installation, change all created passwords, including the root password.Appropriate options were also added tolibuser
,pam
, andshadow-utils
to support these password hashing algorithms.authconfig
configures necessary options automatically, so it is usually not necessary to modify them manually:- New values of the
crypt_style
option and new options for bothhash_rounds_min
andhash_rounds_max
are now supported in the[defaults]
section of/etc/libuser.conf
. For more information, refer toman libuser.conf
. - New options
sha256
,sha512
, androunds
are now supported by thepam_unix
PAM module. For more information, refer to/usr/share/doc/pam-[pam version]/txts/README.pam_unix
. - The following new options in
/etc/login.defs
are now supported byshadow-utils
:ENCRYPT_METHOD
— Specifies the encryption methods to be used. Valid values areDES
,MD5
,SHA256
, andSHA512
. If this option is defined,MD5_CRYPT_ENAB
is ignored.SHA_CRYPT_MIN_ROUNDS
andSHA_CRYPT_MAX_ROUNDS
— Specifies the number of hashing rounds to use ifENCRYPT_METHOD
is set toSHA256
orSHA512
. If neither option is set, a default value is chosen byglibc
. If only one option is set, the encryption method specifies the number of rounds.If both options are used, they specify an inclusive interval from which the number of rounds is chosen randomly. The selected number of rounds is limited to the inclusive interval [1000, 999999999].
- OFED in comps.xml
- The group
OpenFabrics Enterprise Distribution
is now included incomps.xml
. This group contains components used for high-performance networking and clustering (for example, InfiniBand and Remote Direct Memory Access).Further, theWorkstation
group has been removed fromcomps.xml
in the Red Hat Enterprise Linux 5.2 Client version. This group only contained theopenib
package, which is now part of theOpenFabrics Enterprise Distribution
group. - system-config-netboot
system-config-netboot
is now included in this update. This is a GUI-based tool used for enabling, configuring, and disabling network booting. It is also useful in configuring PXE-booting for network installations and diskless clients.- openmpi
- In order to accommodate the use of compilers other than
gcc
for specific applications that use message passing interface (MPI), the following updates have been applied to theopenmpi
andlam
packages:- MPI installations are now consolidated under a single installation directory. All files can now be found under
/usr/lib(64)/lam
and/usr/lib(64)/openmpi/[openmpi version]-[compiler name]
. - Version and compiler strings are now included in the
openmpi
installation path, but not thelam
installation path. This enables you to install multiple versions ofopenmpi
, or install the same version ofopenmpi
built by different compilers.While this capability allows you to use a version ofopenmpi
built by another compiler, Red Hat only supports the latest,gcc
-compiled version ofopenmpi
. openmpi
andlam
now usempi-selector
to set which MPI implementation to use at any given time. For more information, refer toman mpi-selector
andman mpi-selector-menu
.
Note that when upgrading to this release's version ofopenmpi
, you should migrate any default parameters set forlam
oropenmpi
to/usr/lib(64)/lam/etc/
and/usr/lib(64)/openmpi/[openmpi version]-[compiler name]/etc/
. All configurations for eitheropenmpi
orlam
should be set in these directories. - lvm2 Snapshot Volume Warning
lvm2
will now warn if a snapshot volume is near its maximum capacity. However, this feature is not enabled by default.To enable this feature, uncomment the following line in/etc/lvm/lvm.conf
:snapshot_library = "libdevmapper-event-lvm2snapshot.so"
Ensure that thedmeventd
section and its delimiters ({ }
) are also uncommented.- bash
bash
has been updated to version 3.2. This version fixes a number of outstanding bugs, most notably:bash
man page: updated to reflect the correct behavior of special built-in commands (such aseval
,exec
, andset
. In addition, thebash
man page now includes an explanation of the use of aliases in non-interactive scripts.- File descriptors now work as expected; in previous releases,
bash
did not close file descriptors with two or more digits. - A bug in the way
bash
handled certain multi-byte strings is now fixed.
Note that with this update, the output ofulimit -a
has also changed from the Red Hat Enterprise Linux 5.1 version. This may cause a problems with some automated scripts. If you have any scripts that useulimit -a
output strings, you should revise them accordingly.
3.2. s390x Architectures
- Writing System Data to z/VM Monitor Stream
- It is now possible to write process and file system data to the z/VM monitor stream. This allows you to consolidate more system resource information into a single source for performance monitoring purposes.However, since the appropriate scripts for the services in
/etc/init.d
are not available in this release, you need to manually start the daemons for them. To write process utilization data to the z/VM monitor stream, run/usr/sbin/mon_procd
. To write file system utilization data to the z/VM monitor stream, run/usr/sbin/mon_fsstatd
.