2.4. System Management
2.4.1. Default process maximums (ulimit)
/etc/security/limits.d/20-nproc.confon Red Hat Enterprise Linux 7). If this file is not present, the maximum number of processes that a non-root user can own is determined programmatically, as described in https://access.redhat.com/solutions/218383.
2.4.2. Configuration File Syntax
exportcommand was used in configuration files to export the values defined in those files. Variables that did not use the
exportcommand were not exported and were used only as configuration values for the corresponding init script. This is an example
AUTOCREATE_SERVER_KEYS=YES export SSH_USE_STRONG_RNG=1 export OPENSSL_DISABLE_AES_NI=1
OPENSSL_DISABLE_AES_NIwere exported to the environment of the ssh daemon. The variable
AUTOCREATE_SERVER_KEYSwas used to tell the init script to automatically create RSA and DSA server private and public keys.
exportcommand is no longer required for these values to be exported to the environment of the service being configured. Therefore the following example
/etc/sysconfig/sshdfile exports all three values to the environment of the ssh daemon:
AUTOCREATE_SERVER_KEYS=YES SSH_USE_STRONG_RNG=1 OPENSSL_DISABLE_AES_NI=1
2.4.3. New Logging Framework
journald, as part of the move to
journaldcaptures the following types of message for all services:
- kernel messages
- initial RAM disk and early boot messages
- messages sent to standard output and standard error output
/run/log/journaldirectory, the oldest journal files will be removed in order to continue logging.
journaldcoexist. The data collected by
journaldis forwarded to
rsyslog, which can perform further processing and store text-based log files. By default,
rsyslogonly stores the journal fields that are typical for
syslogmessages, but can be configured to store all the fields available to
journald. Red Hat Enterprise Linux 7 therefore remains compatible with applications and system configurations that rely on
2.4.4. Localization Settings
systemd, localization settings have moved from
2.4.5. Hostname Definition
hostnamevariable was defined in the
/etc/sysconfig/networkconfiguration file. In Red Hat Enterprise Linux 7, as part of the move to the new init system (
hostnamevariable is defined in
2.4.6. Updates to Yum
yum groupsare now top level commands, to improve the consistency of command line yum use. For example, where previously you would use
yum groupinfo, you can now use
yum group info.
yum group listnow includes additional optional parameters to alter its output. The new options are
- The default value for the
/etc/yum.confhas been changed from
objects. Previously, the default behavior of
yum group installwas to install all members of a package group and upgrade both previously installed packages and packages that had been added to the group since the previous upgrade. The new default behavior is that yum keeps track of the previously installed groups and distinguishes between packages installed as a part of the group and packages installed separately.
yum-prestoplug-ins have been integrated into yum.
- yum can now download multiple packages simultaneously.
- yum now includes support for environment groups. This allows you to install and remove multiple package groups listed under an environment group as a single entity.
- yum can now treat a repository as a set of packages, allowing users to treat all packages in a repository as a single entity, for example, to install or remove all packages in that repository. This capability is provided by the
- yum now includes a
--disableincludesoption, which allows you to disable
includestatements defined in your configuration files. You can either disable all
includestatements with the
allvalue, or disable the
includestatements defined for a specific repository by providing that repository identifier.
- yum now includes an
--assumenooption, which assumes that the answer to any question asked by yum is 'no'. This option overrides the
--assumeyesoption, but is still subject to the behavior prescribed by
$ man yum
2.4.7. Updates to RPM Package Manager (RPM)
- Conflict detection is now stricter and more correct. Some packages that would have installed on Red Hat Enterprise Linux 6 may not install on Red Hat Enterprise Linux 7 because of this heightened conflict sensitivity.
- A package that conflicts with other versions of itself can now be set up as a singleton using alternatives, so that multiple versions of a single package can be installed alongside each other.
- If an installed package lists another package as obsolete, the second package is not installed.
- Obsolete rules now include all matching packages regardless of other attributes such as architecture.
- Dependency calculations no longer consider files that were not installed or files that were replaced, for example, with the
--forceoptions, as being provided.
- There is no longer a need to manually execute
rm -f /var/lib/rpm/__db.when rebuilding a panicked (
DB_RUNRECOVER) RPM Package Manager database.
- Public keys created with OpenPGP 3 are no longer supported.
--infooption now outputs individual tag–value pairs per line to improve human readability. Any scripts that rely on the previous
--infoformat need to be rewritten.
- The spec parser is now stricter and more correct, so some previously-accepted spec files may fail to parse, or give warnings.
%licensecan now be used to mark files in the
%filessection of a spec file as licenses that must be installed even when
- Version comparison now supports the dpkg-style tilde (
~) operator to handle pre-release software better. For example,
foo-2.0~beta1is considered older than
foo-2.0, removing the need for tricks with the Release field to handle these common upstream version practices.
- The automatic dependency generator has been rewritten into an extensible, customizable rule-based system with built in filtering.
- It is now possible to query the files installed from a package (
INSTFILENAMES), the number of hard links to a file (
FILENLINKS), package version control system details (
VCS), and formatted dependency string shortcuts (
- A number of new commands are provided, including:
- RPM Package Manager now includes new switches to scriptlets to enable runtime macro expansion or runtime query format expansion.
- Pre- and post-transaction scriptlet dependencies can now be correctly expressed with
- RPM Package Manager now includes the
OrderWithRequirestag to allow users to supply additional ordering information. This new tag uses the same syntax as the Requires tag, but does not generate dependencies. If mentioned packages are present in the same transaction, the ordering hints are treated like
Requireswhen calculating transaction order.
- Line continuations and macro expansions in spec files are no longer limited to a specified length.
- RPM Package Manager now allows users to specify upstream version control repository information.
- RPM Package Manager now includes an
%autosetupmacro to assist in automating the process of applying patches.
2.4.8. New Format of ifconfig
ip link) instead of the deprecated ifconfig tool.
2.4.9. Changes to Control Groups
- Control groups are now mounted under
- Some file systems are now mounted by default.
systemddoes not yet fully support migration from
systemd. As such, the
cgredservice should be used only to move processes to groups not managed by
cgconfig.conffile should be used to configure a control group hierarchy for file systems or file controllers not managed by
2.4.10. Changes to Kernel Crash Collection (Kdump)
initrd) for the kdump capture kernel with a custom
mkdumprdscript. In Red Hat Enterprise Linux 7 the initial RAMDisk is generated with dracut, making the process of generating the initial RAMDisk easier to maintain.
netdirective is no longer supported. Users must now explicitly define either
blacklistoption is no longer supported. Instead, users can specify
rd.driver.blacklistas a parameter in the
/etc/sysconfig/kdumpfile of their capture kernel.
- The default
mount_root_run_initaction, which was performed if dumping to an intended target failed, has been replaced by the
dump_to_rootfsaction. Instead of mounting the real root file system, running init scripts, and attempting to save the vmcore when the
kdumpservice has started, this new action mounts the root file system and saves the vmcore to it immediately.
- A new directive,
dracut_args, allows you to specify additional dracut arguments when configuring kdump.
debug_mem_leveloption is no longer included in kdump. This functionality has been moved to dracut. Users can achieve the same functionality by specifying
rd.memdebugas a parameter in the
/etc/sysconfig/kumpfile of their capture kernel.
optionsdirective was previously used to include parameters specific to the kernel module in the initial ram file system (
initramfs). This method is not supported in Red Hat Enterprise Linux 7. Instead, users can specify relevant parameters in the
/etc/sysconfig/kdumpfile of their capture kernel.
disk_timeoutparameters are no longer necessary or supported, as dracut contains
udev, which addresses the use case for which these parameters were previously required.
- Any file system back-end dump targets must be mounted in the crashed kernel before the kdump service is started and the initial RAMDdisk image is created. You can achieve this by adding these targets to
/etc/fstabto be automatically mounted at boot time.
- If you specify a path, but do not specify a target, and any directory in the path that you specify is a mount point for a separate device, the vmcore is saved to the path, not the device mounted somewhere along that path. Therefore when your system reboots, and the device mounts, the vmcore is inaccessible, because the device has mounted over the top of its location. Red Hat Enterprise Linux 7 now warns about this issue when you specify a path without specifying a target.
2.4.11. Changes to usermod behavior
-goption of the
usermodcommand did not manipulate group ownership. From Red Hat Enterprise Linux 7.0 to Red Hat Enterprise Linux 7.2 release, the
-goption modified the group ownership of the files in the
/homedirectory tree. Starting from Red Hat Enterprise Linux 7.3,
usermodchanges the group ownership of the files inside of the user’s home directory only if the home directory user ID matches the user ID being modified.
2.4.12. Changes to System accounts
Table 2.4. ID layout
|Range||Red Hat Enterprise Linux 6||Red Hat Enterprise Linux 7|