The SELinux userspace has been rebased and provides various enhancements and performance improvements. Notably, the new SELinux module store supports priorities, and the SELinux Common Intermediate Language (CIL) has been introduced.
OpenSCAP workbench now provides a new SCAP Security Guide integration dialog and enables modification of SCAP policies using a graphical tool.
The OpenSCAP suite now includes support for scanning containers using the
atomic scan command.
firewalld starts and restarts significantly faster due to a new transaction model. It also provides improved management of connections, interfaces, and sources, a new default logging option, and
audit daemon introduces a new flush technique, which significantly improves performance. Audit policy, configuration, and logging have been enhanced and now support a number of new options.
Media Access Control Security (MACsec) encryption over Ethernet is now supported.
The highlighted new features and improvements related to Identity Management (IdM) include:
Improved performance of both IdM servers and clients in large customer environments
Enhanced topology management and replica installation
Extended smart card support for Active Directory (AD) users
Fine-grained configuration of one-time password (OTP) authentication
Improved troubleshooting capabilities of IdM clients.
Red Hat Enterprise Linux 7.2 introduced the Ipsilon identity provider service for federated single sign-on (SSO). Subsequently, Red Hat has released Red Hat Single Sign-On as a web SSO solution based on the Keycloak community project. Red Hat Single Sign-On provides greater capabilities than Ipsilon and is designated as the standard web SSO solution across the Red Hat product portfolio.
For details on Red Hat Single Sign-On, see:
Note that Red Hat does not plan to upgrade Ipsilon from Technology Preview to a fully supported feature. The ipsilon packages will be removed from Red Hat Enterprise Linux in a future minor release.
Entitlements to Red Hat Single Sign-On are currently available using Red Hat JBoss Middleware or OpenShift Container Platform subscriptions.
Support for Checkpoint/Restore in User space (CRIU) has been expanded to the the little-endian variant of IBM Power Systems architecture.
Heterogeneous memory management (HMM) feature has been introduced as a Technology Preview.
Open vSwitch now uses kernel lightweight tunnel support.
Bulking in the memory allocator subsystem is now supported.
NetworkManager now supports new device types, improved stacking of virtual devices, LLDP, stable privacy IPv6 addresses (RFC 7217), detects duplicate IPv4 addresses, and controls a host name through
systemd-hostnamed. Additionally, the user can set a DHCP timeout property and DNS priorities.
Platform Hardware Enablement
Support for the Coherent Accelerator Processor Interface (CAPI) flash block adapter has been added. For detailed information, see Chapter 10, Hardware Enablement
A new scheduler policy,
has been introduced as Technology Preview. This new policy is available in the upstream kernel and shows promise for certain Realtime use cases. For details, see Chapter 43, Real-Time Kernel
Storage and File Systems
Support for Non-Volatile Dual In-line Memory Module (NVDIMM) persistent memory architecture has been added, which includes the addition of the
kernel subsystem. NVDIMM memory can be accessed either as a block storage device, which is fully supported in Red Hat Enterprise Linux 7.3, or in Direct Access (DAX) mode, which is provided by the ext4 and XFS file systems as a Technology Preview in Red Hat Enterprise Linux 7.3. For more information, see Chapter 17, Storage
and Chapter 12, Kernel
in the New Features part, and Chapter 39, File Systems
in the Technology Previews part.
A new Ceph File System (CephFS) kernel module, introduced as a Technology Preview, enables Red Hat Enterprise Linux Linux nodes to mount Ceph File Systems from Red Hat Ceph Storage clusters. For more information, see Chapter 39, File Systems
Support for pNFS SCSI file sharing has been introduced as a Technology Preview. For details, refer to Chapter 39, File Systems
LVM2 support for RAID-level takeover, the ability to switch between RAID types, is now available as a Technology Preview. See Chapter 45, Storage
for more information.
For Red Hat Enterprise Linux 7.3, the Red Hat High Availability Add-On supports the following major enhancements:
The ability to better configure and trigger notifications when the status of a managed cluster changes with the introduction of enhanced pacemaker alerts.
The ability to configure Pacemaker to manage multi-site clusters across geo-locations for disaster recovery and scalability through the use of the Booth ticket manager. This feature is provided as a Technology Preview.
The ability to configure Pacemaker to manage stretch clusters using a separate quorum device (QDevice), which acts as a third-party arbitration device for the cluster. This functionality is provided as a Technology Preview, and its primary use is to allow a cluster to sustain more node failures than standard quorum rules allow.
A new instant messaging client, pidgin, has been introduced, which supports off-the-record (OTR) messaging and the Microsoft Lync instant messaging application.
Internet of Things
Red Hat Enterprise Linux 7.3 provides latest Bluetooth support, including support for connecting to Bluetooth Low Energy (LE) devices; see Chapter 14, Networking
Controller Area Network (CAN) device drivers are now supported, see Chapter 12, Kernel
for more information.
Red Hat Insights
Since Red Hat Enterprise Linux 7.2, the Red Hat Insights service is available. Red Hat Insights is a proactive service designed to enable you to identify, examine, and resolve known technical issues before they affect your deployment. Insights leverages the combined knowledge of Red Hat Support Engineers, documented solutions, and resolved issues to deliver relevant, actionable information to system administrators.
Red Hat Customer Portal Labs
Red Hat Customer Portal Labs
is a set of tools in a section of the Customer Portal available at https://access.redhat.com/labs/
. The applications in Red Hat Customer Portal Labs can help you improve performance, quickly troubleshoot issues, identify security problems, and quickly deploy and configure complex applications. Some of the most popular applications are: