Chapter 37. Networking

rsync component, BZ#1082496
The rsync utility cannot be run as a socket-activated service because the rsyncd@.service file is missing from the rsync package. Consequently, the systemctl start rsyncd.socket command does not work. However, running rsync as a daemon by executing the systemctl start rsyncd.service command works as expected.
InfiniBand component, BZ#1172783
The libocrdma package is not included in the default package set of the InfiniBand Support group. Consequently, when users select the InfiniBand Support group and are expecting RDMA over Converged Ethernet (RoCE) to work on Emulex OneConnect adapters, the necessary driver, libocrdma, is not installed by default. On first boot, the user can manually install the missing package by issuing this command:
~]# yum install libocrdma
As a result, the user will now be able to use the Emulex OneConnect devices in RoCE mode.
vsftpd component, BZ#1058712
The vsftpd daemon does not currently support ciphers suites based on the Elliptic Curve Diffie–Hellman Exchange (ECDHE) key-exchange protocol. Consequently, when vsftpd is configured to use such suites, the connection is refused with a no shared cipher SSL alert.
arptables component, BZ#1018135
Red Hat Enterprise Linux 7 introduces the arptables packages, which replace the arptables_jf packages included in Red Hat Enterprise Linux 6. All users of arptables are advised to update their scripts because the syntax of this version differs from arptables_jf.
openssl component, BZ#1062656
It is not possible to connect to any Wi-Fi Protected Access (WPA) Enterprise Access Point (AP) that requires MD5-signed certificates. To work around this problem, copy the wpa_supplicant.service file from the /usr/lib/systemd/system/ directory to the /etc/systemd/system/ directory and add the following line to the Service section of the file:
Environment=OPENSSL_ENABLE_MD5_VERIFY=1
Then run the systemctl daemon-reload command as root to reload the service file.

Important

Note that MD5 certificates are highly insecure and Red Hat does not recommend using them.