The dm-thinp targets, thin and thin-pool, provide a device-mapper device with thin-provisioning and scalable snapshot capabilities. This feature is available as a Technology Preview. For more information on the newly-introduced LVM thin provisioning, refer to Chapter 9, Storage.

The lpfc driver is deprecating the sysfs mbox interface as it is no longer used by the Emulex tools. Read and write operations are now stubbed out and only return the -EPERM (Operation not permitted) symbol.

For a complete list of supported Kdump targets (that is, targets that kdump can use to dump a vmcore to), refer to the following Kbase article: https://access.redhat.com/knowledge/articles/41534.

Red Hat Enterprise Linux 6.3 adds support for mount options to restrict access to /proc/<PID>/ directories. One of the new options is called hidepid= and its value defines how much information about processes is provided to non-owners. The gid= option defines a group that gathers information about all processes. Untrusted users, which are not supposed to monitor tasks in the whole system, should not be added to the group.

Support for the O_DIRECT flag for files in FUSE (File system in Userspace) has been added. This flag minimizes cache effects of the I/O to and from a file. In general, using this flag degrades performance, but it is useful in special situations, such as when applications do their own caching.

In Red Hat Enterprise Linux 6.3, the CONFIG_STRICT_DEVMEM configuration option is enabled by default for the PowerPC architecture. This option restricts access to the /dev/mem device. If this option is disabled, userspace access to all memory is allowed, including kernel and userspace memory, and accidental memory (write) access could potentially be harmful.

In Red Hat Enterprise Linux 6.3, the high-resolution timer's capacity to remap the HPET registers into the memory of a user process has been enabled.

A number of patches have been applied to the kernel in Red Hat Enterprise Linux 6.3 to improve overall performance and reduce boot time on extremely large systems (patches were tested on a system with 2048 cores and 16 TB of memory).

The Intel Core i5 and i7 processors (formerly code-named Ivy Bridge) support a new rdrand instruction to quickly generate random numbers. The kernel shipped in Red Hat Enterprise Linux 6.3 utilizes this instruction to provide quick random number generation.

Persistent storage (pstore), a file system interface for platform dependent persistent storage, now supports UEFI.

Support for CPU family specific container files has been added. Starting with AMD family 15h processors, a container such as microcode_amd_fam15h.bin is now loaded for the aforementioned family of processors.

Red Hat Enterprise Linux 6.3 includes full USB 3.0 support.

In Red Hat Enterprise Linux 6.3, the kdump/kexec kernel dumping mechanism is enabled for IBM System z systems as a Technology Preview, in addition to the IBM System z stand-alone and hypervisor dumping mechanism. The auto-reserve threshold is set at 4 GB; therefore, any IBM System z system with more than 4 GB of memory has the kexec/kdump mechanism enabled.

The ftrace function tracer now allows modules and all users to make use of the ftrace function tracing utility. For more information, refer to the following man pages:

When tracing processes with more than one thread, the ltrace utility would neglect to trace threads other than the main thread. But because threads share address space, those other threads would still see breakpoints distributed by ltrace. Consequently, those threads would be killed by a SIGTRAP signal. Red Hat Enterprise Linux 6.3 includes thread-awareness and breakpoint handling mechanisms. Support for tracing of multi-threaded processes is now on par with tracing single-threaded process.

Cross Memory Attach provides a mechanism to reduce the number of data copies needed for intra-node inter-process communication. In particular, this allows MPI libraries doing intra-node communication to do a single copy of the message rather than a double copy of the message via shared memory. This technique has been employed in the past through multiple, unique driver-based implementations. The implementation introduced in Red Hat Enterprise Linux 6.3 provides a general solution for this functionality. In addition, it provides a layer of abstraction for device driver writers who wish to exploit these functions without having to modify their corresponding implementations when there are changes in the memory management subsystem.

Red Hat Enterprise Linux 6.3 enhances the usage of mutexes. Additional information provided to the scheduler allows for more efficient and less costly decisions when optimizing processor cycles depending on the usage of mutexes, thread scheduling, and the status of the physical and virtual processors. The status of a thread owning a locked mutex is examined and waiting threads are not scheduled unless the first thread is scheduled on both a virtual and a physical processor.

Red Hat Enterprise Linux 6.3 enables improved diagnosis of PAV (Parallel Access Volume) and HPF (High Performance Ficon) environments to analyze and tune the DASD performance on a system, for example, to give recommendations regarding the number of alias devices or the usage of PAV versus HyperPAV.

With Red Hat Enterprise Linux 6.3, collective problem analysis through consolidated dumps of software and hardware is enabled. A command can be used to generate qeth or qdio trace data and to trigger the internal dump of an OSA device.

The CONFIG_VGA_SWITCHEROO configuration option is now enabled by default to allow switching between two graphics cards.

With Red Hat Enterprise Linux 6.3, the crashkernel=auto parameter changed the default kdump enabling threshold from 4 GB to 2 GB. This means that any machine that has 2 GB (or more) of memory will have the kdump feature enabled on its systems.

The Brocade BFA Fibre Channel and FCoE driver is no longer a Technology Preview. In Red Hat Enterprise Linux 6.3 the BFA driver is fully supported.

The Brocade BNA driver for Brocade 10Gb PCIe ethernet Controllers is no longer a Technology Preview. In Red Hat Enterprise Linux 6.3 the BNA driver is fully supported.

The SR-IOV functionality of the Emulex be2net driver is considered a Technology Preview in Red Hat Enterprise Linux 6.3. You must meet the following requirements to use the latest version of SR-IOV support:

In Red Hat Enterprise Linux 6.3, the tc utility has been updated to work with the Quick Fair Scheduler (QFQ) kernel features. Users can now take advantage of the new QFQ traffic queuing discipline from userspace. This feature is considered a Technology Preview.

The rdma_bw and rdma_lat utilities (provided by the perftest package) are now deprecated and will be removed from the perftest package in a future update. Users should use the following utilities instead: ib_write_bw, ib_write_lat, ib_read_bw, and ib_read_lat.

With Red Hat Enterprise Linux 6.3, the System z qethconf tool provides information messages when a change of attributes did not work as expected.

Red Hat Enterprise Linux 6.3 adds IPv6 support to the qetharp tool for inspection and modification of the ARP cache of HiperSockets (real and virtual) operated in layer 3 mode. For real HiperSockets, the tool queries and shows the IPv6 address, and for guest LAN HiperSockets, it queries and shows IPv6 to MAC address mappings.

In Red Hat Enterprise Linux 6.3, NFSv4 introduces a module/kernel boot parameter, nfs.max_session_slots, which sets the maximum number of session slots the NFS client will attempt to negotiate with the server. This limits the number of simultaneous RPC requests that the client can send to the NFSv4 server. Note that setting this value higher than max_tcp_slot_table_limit has no effect.

Red Hat Enterprise Linux 6.3 introduces the Network Priority (net_prio) resource controller, which provides a way to dynamically set the priority of network traffic per each network interface for applications within various cgroups. For more information, refer to the Resource Management Guide.

The memory resource controller implements an Out-of-Memory (OOM) notifier which uses the new notification API. When enabled (by executing echo 1 > memory.oom_control), an application is notified via eventfd when an OOM occurs. Note that OOM notification does not function for root cgroups.

The numad package provides a daemon for NUMA (Non-Uniform Memory Architecture) systems that monitors NUMA characteristics. As an alternative to manual static CPU pinning and memory assignment, numad provides dynamic adjustment to minimize memory latency on an ongoing basis. The package also provides an interface that can be used to query the numad daemon for the best manual placement of an application. The numad package is introduced as a Technology Preview.

Previously, it was not possible to centrally manage host and user SSH public keys. Red Hat Enterprise Linux 6.3 includes SSH public key management for Identity Management servers as a Technology Preview. OpenSSH on Identity Management clients is automatically configured to use public keys which are stored on the Identity Management server. SSH host and user identities can now be managed centrally in Identity Management.

Red Hat Enterprise Linux 6.3 introduces the ability to control the SELinux context of a user on a remote system. SELinux user map rules can be defined and, optionally, associated with HBAC rules. These maps define the context a user receives depending on the host they are logging into and the group membership. When a user logs into a remote host which is configured to use SSSD with the Identity Management backend, the user's SELinux context is automatically set according to mapping rules defined for that user. For more information, refer to http://freeipa.org/page/SELinux_user_mapping. This feature is considered a Technology Preview.

SSH can now be set up to require multiple ways of authentication (whereas previously SSH allowed multiple ways of authentication of which only one was required for a successful login); for example, logging in to an SSH-enabled machine requires both a passphrase and a public key to be entered. The RequiredAuthentications1 and RequiredAuthentications2 options can be configured in the /etc/ssh/sshd_config file to specify authentications that are required for a successful log in. For example:

In Red Hat Enterprise Linux 6.3, SSSD includes a new Technology Preview feature: support for caching automount maps. This feature provides several advantages to environments that operate with autofs:

SSSD has changed the behavior of the debug_level option in the /etc/sssd/sssd.conf file. Previously, it was possible to set the debug_level option in the [sssd] configuration section and the result would be that this became the default setting for other configuration sections, unless they explicitly overrode it.

A new option, ldap_chpass_update_last_change, has been added to SSSD configuration. If this option is enabled, SSSD attempts to change the shadowLastChange LDAP attribute to the current time. Note that this is only related to a case when the LDAP password policy is used (usually taken care of by LDAP server), that is, the LDAP extended operation is used to change the password. Also note that the attribute has to be writable by the user who is changing the password.

Red Hat Enterprise Linux 6.3 includes a new tool to migrate RHN Classic customers to the certificate-based RHN. For more information, refer to the Red Hat Enterprise Linux 6 Subscription Management Guide.

Subscription Manager now disables gpgcheck for any repositories it manages which have an empty gpgkey. To re-enable the repository, upload the GPG keys, and ensure that the correct URL is added to your custom content definition.

In Red Hat Enterprise Linux 6.3, during firstboot system registration, registering to Certificate-based Subscription Management is now the default option.

System profiles are now unregistered when they are deleted from the Customer Portal so that they no longer check in with certificate-based RHN.

Subscription manager now allows users to associate a machine with a preferred Service Level which impacts the auto subscription and healing logic. For more information on service levels, refer to the Red Hat Enterprise Linux 6 Subscription Management Guide.

Subscription manager now allows a user to select a specific release (for example, Red Hat Enterprise Linux 6.2), which will lock a machine to that release. Prior to this update, there was no way to limit package updates in the event newer packages became available as part of a later minor release (for example, Red Hat Enterprise Linux 6.3).

Luci, the web-based administrative UI for configuring clusters, has been updated to include the following:

As of Red Hat Enterprise Linux 6.3, luci authenticated sessions automatically time out after 15 minutes of inactivity. This period can be configured in the /etc/sysconfig/luci file by modifying the who.auth_tkt_timeout parameter.

The libqb package provides a library with the primary purpose of providing high performance client server reusable features, such as high performance logging, tracing, inter-process communication, and polling. This package is introduced as a dependency of the pacemaker package, and is considered a Technology Preview in Red Hat Enterprise Linux 6.3.

Because of the newly added libqb dependency, pacemaker now uses its logging functionality to provide less verbosity while keeping the ability to debug and support pacemaker.

Rgmanager includes a feature which enables it to utilize Corosync's Closed Process Group (CPG) API for inter-node locking. This feature is automatically enabled when Corosync's Redundant Ring Protocol (RRP) feature is enabled. Corosync's RRP feature is considered fully supported. However, when used with the rest of the High-Availability Add-Ons, it is considered a Technology Preview.

A new implementation of LVM copy-on-write (cow) snapshots is available in Red Hat Enterprise Linux 6.3 as a Technology Preview. The main advantage of this implementation, compared to the previous implementation of snapshots, is that it allows many virtual devices to be stored on the same data volume. This implementation also provides support for arbitrary depth of recursive snapshots (snapshots of snapshots of snapshots …).

Logical Volumes (LVs) can now be thinly provisioned to manage a storage pool of free space to be allocated to an arbitrary number of devices when needed by applications. This allows creation of devices that can be bound to a thinly provisioned pool for late allocation when an application actually writes to the LV. The thinly-provisioned pool can be expanded dynamically if and when needed for cost-effective allocation of storage space. In Red Hat Enterprise Linux 6.3, this feature is introduced as a Technology Preview. You must have the device-mapper-persistent-data package installed to try out this feature. For more information, refer to the lvcreate man page.

Most LVM commands require an accurate view of the LVM metadata stored on the disk devices on the system. With the current LVM design, if this information is not available, LVM must scan all the physical disk devices in the system. This requires a significant amount of I/O operations in systems that have a large number of disks.

Fiber Channel over Ethernet (FCoE) target mode is fully supported in Red Hat Enterprise Linux 6.3. This kernel feature is configurable via the targetcli utility, supplied by the fcoe-target-utils package. FCoE is designed to be used on a network supporting Data Center Bridging (DCB). Further details are available in the dcbtool(8) and targetcli(8) man pages (provided by the lldpad and fcoe-target-utils packages, respectively).

The expanded RAID support in LVM is now fully supported in Red Hat Enterprise Linux 6.3. LVM is now capable of creating RAID 4/5/6 logical volumes and supports mirroring of these logical volumes. The MD (software RAID) modules provide the backend support for these new features.

A new LVM configuration file parameter, activation/read_only_volume_list, makes it possible to always activate particular volumes in read-only mode, regardless of the actual permissions on the volumes concerned. This parameter overrides the --permission rw option stored in the metadata.

The Matahari agent framework (matahari-*) packages are deprecated starting with the Red Hat Enterprise Linux 6.3 release. Focus for remote systems management has shifted towards the use of the CIM infrastructure. This infrastructure relies on an already existing standard which provides a greater degree of interoperability for all users. It is strongly recommended that users discontinue the use of the matahari packages and other packages which depend on the Matahari infrastructure (specifically, libvirt-qmf and fence-virtd-libvirt-qpid). It is recommended that users uninstall Matahari from their systems to remove any possibility of security issues being exposed.

Red Hat Enterprise Linux 6.3 includes an scl-utils package which provides a runtime utility and packaging macros for packaging Software Collections. Software Collections allow users to concurrently install multiple versions of the same RPM packages on the system. Using the scl utility, users may enable specific versions of RPMs which are installed in the /opt directory. For more information on Software Collections, refer to the Software Collections Guide.

With Red Hat Enterprise Linux 6.3, the openssl-ibmca package is part of the System z default installation. This avoids the need for manual installation steps.

Red Hat Enterprise Linux 6.3 provides the MySQL InnoDB storage engine as a plug-in for AMD64 and Intel 64 architectures. The plugin offers additional features and better performance than the built-in InnoDB storage engine.

Red Hat Enterprise Linux 6.3 includes full support for OpenJDK 7 as an alternative to OpenJDK 6. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit.

The java-1.7.0-oracle and java-1.7.0-ibm packages are now available in Red Hat Enterprise Linux 6.3.

The initscripts package has been updated to allow users to set the NIS domain name. This is done by configuring the NISDOMAIN parameter in the /etc/sysconfig/network file, or other relevant configuration files.

Previously, when certain groups were permitted to access all logs via ACLs, these ACLs were removed when the logs were rotated. In Red Hat Enterprise Linux 6.3, the logrotate utility supports ACLs, and logs that are rotated preserve any ACL settings.

The wacomcpl package has been deprecated and has been removed from the package set. The wacomcpl package provided graphical configuration of Wacom tablet settings. This functionality is now integrated into the GNOME Control Center.

The NumPy package which is designed to manipulate large multi-dimensional arrays of arbitrary records has been updated to version 1.4.1. This updated version includes these changes:

The rsyslog package has been upgraded to major version 5. This upgrade introduces various enhancements and fixes multiple bugs. The following are the most important changes: