8.0 Beta release notes

Red Hat Enterprise Linux 8.0 Beta

Release notes for Red Hat Enterprise Linux 8.0 Beta

Red Hat Customer Content Services


The release notes provide high-level coverage of the improvements and additions that have been implemented in Red Hat Enterprise Linux Beta 8.0 and document known problems in this release, as well as notable bug fixes, Technology Previews, deprecated functionality, and other details.

This is a beta version!

This document is only provided as a preview. It is under development and is subject to substantial change. Consider the included information incomplete and use it with caution.

Providing feedback on Red Hat documentation

We appreciate your input on our documentation. Please let us know how we could make it better. To do so:

  • For simple comments on specific passages, make sure you are viewing the documentation in the Multi-page HTML format. Highlight the part of text that you want to comment on. Then, click the Add Feedback pop-up that appears below the highlighted text, and follow the displayed instructions.
  • For submitting more complex feedback, create a Bugzilla ticket:

    1. Go to the Bugzilla website.
    2. As the Component, use Documentation.
    3. Fill in the Description field with your suggestion for improvement. Include a link to the relevant part(s) of documentation.
    4. Click Submit Bug.

Chapter 1. Overview

Based on Fedora 28 and the upstream kernel 4.18, Red Hat Enterprise Linux 8.0 provides users with a stable, secure, consistent foundation across hybrid cloud deployments with the tools needed to support traditional and emerging workloads. Highlights of the release include:


  • Content is available through the BaseOS and Application Stream (AppStream) repositories.
  • The AppStream repository supports a new extension of the traditional RPM format - modules. This allows for multiple major versions of a component to be available for install.

Software Management

  • The YUM package manager is now based on the DNF technology and it provides support for modular content, increased performance, and a well-designed stable API for integration with tooling.

Web servers, databases, dynamic languages

  • Python 3.6 is the default Python implementation in RHEL 8; limited support for Python 2.7 is provided. No version of Python is installed by default.
  • RHEL 8 provides the following database servers: MariaDB 10.3, MySQL 8.0, PostgreSQL 10, PostgreSQL 9.6, and Redis 4.0.


  • GNOME Shell is distributed with version 3.28.
  • The GNOME session and the GNOME Display Manager use Wayland as their default display server. The X.Org server, which is the default display server in RHEL 7, is available as well.

Installer and image creation

  • The Anaconda installer can utilize LUKS2 disk encryption, and install the system on NVDIMM devices.
  • The new Composer tool enables users to create customized system images in a variety of formats, including images prepared for deployment on clouds of various providers. Composer is available as a Technology Preview.
  • Installation from a DVD using Hardware Management Console (HMC) and Support Element (SE) on IBM Z.

File systems and storage

  • The Stratis local storage manager has been introduced. Stratis enables you to easily perform complex storage tasks and manage your storage stack using a unified interface.
  • The LUKS version 2 (LUKS2) format replaces the legacy LUKS (LUKS1) format. The dm-crypt subsystem and the cryptsetup tool now uses LUKS2 as the default format for encrypted volumes.


  • System-wide cryptographic policies, which configures the core cryptographic subsystems, covering the TLS, IPSec, SSH, DNSSec, and Kerberos protocols, are applied by default. With the new update-crypto-policies command, the administrator can easily switch between modes: default, legacy, future, and fips.
  • Support for smart cards and Hardware Security Modules (HSM) with PKCS #11 is now consistent across the system.


  • The nftables framework replaces iptables in the role of the default network packet filtering facility.
  • The firewalld daemon now uses nftables as its default backend.
  • Support for IPVLAN virtual network drivers that enable the network connectivity for multiple containers.


  • A more modern PCI Express-based machine type (Q35) is now supported and automatically configured in virtual machines created in RHEL 8. This provides a variety of improvements in features and compatibility of virtual devices.
  • Virtual machines can now be created and managed using the RHEL 8 web console, also known as Cockpit.
  • The QEMU emulator introduces the sandboxing feature, which provides configurable limitations to what systems calls QEMU can perform, and thus makes virtual machines more secure.

Compilers and development tools

  • The GCC compiler based on version 8.2 brings support for more recent C++ language standard versions, better optimizations, new code hardening techniques, improved warnings, and new hardware features.
  • Support for the DWARF5 debugging information format across various tools for code generation, manipulation, and debugging.
  • Kernel support for eBPF tracing is available for some tools, such as BCC, PCP, and SystemTap.
  • The glibc libraries based on version 2.28 add support for Unicode 11, newer Linux system calls, key improvements in the DNS stub resolver, additional security hardening, and improved performance.

High availability and clusters

  • The Pacemaker cluster resource manager has been upgraded to upstream version 2.0.0, which provides a number of bug fixes and enhancements.
  • In RHEL 8, the pcs configuration system fully supports Corosync 3, knet, and node names.

Integration with Satellite 5

Currently, Red Hat Enterprise Linux 8.0 Beta systems cannot be configured to consume updates from Satellite 5. The minimum supported version is Satellite 5.8. Integration with Satellite 5 will not be available at the same time as that of Red Hat Enterprise Linux 8.0 Beta availability. We anticipate making this available shortly after Red Hat Enterprise Linux 8.0 Beta is publicly available.

See the Running Red Hat Enterprise Linux 8 on Satellite 5.8 article for more information.

Chapter 2. Architectures

Red Hat Enterprise Linux 8.0 is distributed with the kernel version 4.18, which provides support for the following architectures:

  • AMD and Intel 64-bit architectures
  • The 64-bit ARM architecture
  • IBM Power Systems, Little Endian
  • IBM Z

Chapter 3. Distribution of content in RHEL 8

3.1. Installation

Red Hat Enterprise Linux 8 can be installed using ISO images. Two basic types of installation media are available for the AMD64 and Intel 64 (x86_64), ARM (aarch64), IBM POWER Systems, Little Endian (ppc64le), and IBM Z (s390x) architectures:

  • Binary DVD - A full installation image, which can be used to boot the installation program and perform an entire installation without additional package content sets.
  • Netinstall DVD (boot.iso) - A minimal boot image, which can be used to boot into the installation program. This option requires access to a local or remote repository providing additional packages.

The document, Installing and Deploying RHEL, provides instructions for using these ISO images to create bootable media.

3.2. Repositories

Red Hat Enterprise Linux 8 is distributed through two repositories:

  • BaseOS
  • AppStream

Both content sets are required for a basic RHEL installation, and are available with all RHEL subscriptions.

Content in the BaseOS repository is intended to provide the core set of the underlying OS functionality that provides the foundation for all installations. This content is available in the RPM format and is subject to support terms similar to those in previous releases of RHEL. For a list of packages distributed through BaseOS, see Appendix B, Packages in BaseOS.

Content in the AppStream repository includes additional user space applications, runtime languages, and databases in support of the varied workloads and use cases. Content in AppStream is available in one of two formats - the familiar RPM format and an extension to the RPM format called modules. For a list of packages available in AppStream, see Appendix C, Packages in AppStream.

3.3. Application Streams

Red Hat Enterprise Linux 8.0 introduces the concept of Application Streams. Multiple versions of user space components are now delivered and updated more frequently than the core operating system packages. This provides greater flexibility to customize Red Hat Enterprise Linux without impacting the underlying stability of the platform or specific deployments.

Components made available as Application Streams can be packaged as modules or RPM packages and are delivered through the AppStream repository in RHEL 8.

Modules are collections of packages representing a logical unit: an application, a language stack, a database, or a set of tools. These packages are built, tested, and released together.

Module streams represent versions of the Application Stream components. For example, two streams (versions) of the PostgreSQL database server are available in the postgresql module: PostgreSQL 10 (the default stream) and PostgreSQL 9.6. Only one module stream can be installed on the system. Different versions can be used in separate containers.

Detailed module commands are described in the Using Application Stream document. For a list of modules available in AppStream, see Appendix A, Modules available in RHEL 8.0 Beta.

Chapter 4. New features

This part describes new features and major enhancements introduced in Red Hat Enterprise Linux 8.

4.1. The web console


The web console’s Subscriptions page is now provided by the new subscription-manager-cockpit package.

A firewall interface has been added to the web console

The Networking page in the RHEL 8 web console now includes a Firewall section. In this section, users can enable or disable the firewall, as well as add, remove, and modify firewall rules.


The web console is now available by default

Packages for the RHEL 8 web console, also known as Cockpit, are now part of Red Hat Enterprise Linux default repositories, and can therefore be immediately installed on a registered RHEL 8 system.

In addition, on a non-minimal installation of RHEL 8, the web console is automatically installed and firewall ports required by the console are automatically open. A system message has also been added prior to login that provides information about how to enable or access the web console.


Better IdM integration for the web console

If your system is enrolled in an Identity Management (IdM) domain, the RHEL 8 web console now uses the domain’s centrally managed IdM resources by default. This includes the following benefits:

  • The IdM domain’s administrators can use the web console to manage the local machine.
  • The console’s web server automatically switches to a certificate issued by the IdM certificate authority (CA) and accepted by browsers.
  • Users with a Kerberos ticket in the IdM domain do not need to provide login credentials to access the web console.
  • SSH hosts known to the IdM domain are accessible to the web console without manually adding an SSH connection.

Note that for IdM integration with the web console to work properly, the user first needs to run the ipa-advise utility with the enable-admins-sudo option in the IdM master system.


The web console is now compatible with mobile browsers

With this update, the web console menus and pages can be navigated on mobile browser variants. This makes it possible to manage systems using the RHEL 8 web console from a mobile device.


The web console front page now displays missing updates and subscriptions

If a system managed by the RHEL 8 web console has outdated packages or a lapsed subscription, a warning is now displayed on the web console front page of the system.


The web console now supports PBD enrollment

With this update, you can use the the RHEL 8 web console interface to apply Policy-Based Decryption (PBD) rules to disks on managed systems. This uses the Clevis decryption client to facilitate a variety of security management functions in the web console, such as automatic unlocking of LUKS-encrypted disk partitions.


Virtual Machines can now be managed using the web console

The Virtual Machines page can now be added to the RHEL 8 web console interface, which enables the user to create and manage libvirt-based virtual machines.


4.2. Installer and image creation

Installing and booting from NVDIMM devices is now supported

Prior to this update, Nonvolatile Dual Inline Memory Module (NVDIMM) devices in any mode were ignored by the installer.

With this update, kernel improvements to support NVDIMM devices provide improved system performance capabilities and enhanced file system access for write-intensive applications like database or analytic workloads, as well as reduced CPU overhead.

This update introduces support for:

  • The use of NVDIMM devices for installation using the nvdimm Kickstart command and the GUI, making it possible to install and boot from NVDIMM devices in sector mode and reconfigure NVDIMM devices into sector mode during installation.
  • The extension of Kickstart scripts for Anaconda with commands for handling NVDIMM devices.
  • The ability of grub2, efibootmgr, and efivar system components to handle and boot from NVDIMM devices.


Installing RHEL from a DVD using SE and HMC is now fully supported on IBM Z

The installation of Red Hat Enterprise Linux 8 on IBM Z hardware from a DVD using the Support Element (SE) and Hardware Management Console (HMC) is now fully supported. This addition simplifies the installation process on IBM Z with SE and HMC.

When booting from a binary DVD, the installer prompts the user to enter additional kernel parameters. To set the DVD as an installation source, append inst.repo=hmc to the kernel parameters. The installer then enables SE and HMC file access, fetches the images for stage2 from the DVD, and provides access to the packages on the DVD for software selection.

The new feature eliminates the requirement of an external network setup and expands the installation options.


Installer now supports the LUKS2 disk encryption format

Red Hat Enterprise Linux 8 installer now uses the LUKS2 format by default but you can select a LUKS version from Anaconda’s Custom Partitioning window or by using the new options in Kickstart’s autopart, logvol, part, and RAID commands.

LUKS2 provides many improvements and features, for example, it extends the capabilities of the on-disk format and provides flexible ways of storing metadata.


Anaconda supports System Purpose in RHEL 8

Previously, Anaconda did not provide system purpose information to Subscription Manager. In Red Hat Enterprise Linux 8.0, you can set the intended purpose of the system during installation by using Anaconda’s System Purpose window or Kickstart’s syspurpose command. When the installation completes, Subscription Manager uses the system purpose information when subscribing the system.


Pykickstart supports System Purpose in RHEL 8

Previously, it was not possible for the pykickstart library to provide system purpose information to Subscription Manager. In Red Hat Enterprise Linux 8.0, pykickstart parses the new syspurpose command and records the intended purpose of the system during automated and partially-automated installation. The information is then passed to Anaconda, saved on the newly-installed system, and available for Subscription Manager when subscribing the system.


Anaconda supports a new kernel boot parameter in RHEL 8

Previously, you could only specify a base repository from the kernel boot parameters. In Red Hat Enterprise Linux 8, a new kernel parameter, inst.addrepo=<name>,<url>, allows you to specify an additional repository during installation.

This parameter has two mandatory values: the name of the repository and the URL that points to the repository. For more information, see https://anaconda-installer.readthedocs.io/en/latest/boot-options.html#inst-addrepo


Anaconda supports a unified ISO in RHEL 8

In Red Hat Enterprise Linux 8.0, a unified ISO automatically loads the BaseOS and AppStream installation source repositories.

This feature works for the first base repository that is loaded during installation. For example, if you boot the installation with no repository configured and have the unified ISO as the base repository in the GUI, or if you boot the installation using the inst.repo= option that points to the unified ISO. As a result, the AppStream repository is enabled under the Additional Repositories section of the Installation Source GUI window. You cannot remove the AppStream repository or change its settings but you can disable it in Installation Source. This feature does not work if you boot the installation using a different base repository and then change it to the unified ISO. If you do that, the base repository is replaced. However, the AppStream repository is not replaced and points to the original file.


4.3. Kernel

ARM 52-bit physical addressing is now available

With this update, support for 52-bit physical addressing (PA) for the 64-bit ARM architecture is available. This provides larger address space than previous 48-bit PA.


Support for 5-level paging

New P4d_t software page table type has been added into the Linux kernel in order to support 5-level paging in Red Hat Enterprise Linux 8.


Memory management supports 5-level page tables

With Red Hat Enterprise Linux 7, existing memory bus had 48/46 bit of virtual/physical memory addressing capacity, and the Linux kernel implemented 4 levels of page tables to manage these virtual addresses to physical addresses. The physical bus addressing line put the physical memory upper limit capacity at 64 TB.

These limits have been extended to 57/52 bit of virtual/physical memory addressing with 128 PiB of virtual address space and 4 PB of physical memory capacity.

With the extended address range, the memory management in Red Hat Enterprise Linux 8 adds support for 5-level page table implementation, to be able to handle the expanded address range.


Control Group v2 in RHEL 8

Red Hat Enterprise Linux 8 supports the Control Group v2 mechanism, which is a unified hierarchy control group. Control Group v2 organizes processes hierarchically and distributes system resources along the hierarchy in a controlled and configurable manner.

Unlike the previous version, Control Group v2 has only a single hierarchy. This single hierarchy enables the Linux kernel to:

  • Categorize processes based on the role of their owner.
  • Eliminate issues with conflicting policies of multiple hierarchies.

Control Group v2 supports numerous controllers:

  • CPU controller regulates the distribution of CPU cycles. This controller implements:

    • Weight and absolute bandwidth limit models for normal scheduling policy.
    • Absolute bandwidth allocation model for real time scheduling policy.
  • Memory controller regulates the memory distribution. Currently, the following types of memory usages are tracked:

    • Userland memory - page cache and anonymous memory.
    • Kernel data structures such as dentries and inodes.
    • TCP socket buffers.
  • I/O controller regulates the distribution of I/O resources.
  • Writeback controller interacts with both Memory and I/O controllers and is Control Group v2 specific.

The information above was based on https://www.kernel.org/doc/Documentation/cgroup-v2.txt. You can refer to the same link to obtain more information about particular Control Group v2 controllers.


kernel-signing-ca.cer is moved to kernel-core in RHEL 8

In all versions of Red Hat Enterprise Linux 7, the kernel-signing-ca.cer public key was located in the kernel-doc package. However, with the removal of kernel-doc in Red Hat Enterprise Linux 8 Beta, kernel-signing-ca.cer has been re-located to the kernel-core package for every architecture.


bpftool for inspection and manipulation of eBPF-based programs and maps added

The bpftool utility that serves for inspection and simple manipulation of programs and maps based on extended Berkeley Packet Filtering (eBPF) has been added into the Linux kernel. bpftool is a part of the kernel source tree, and is provided by the bpftool package, which is included as a sub-package of the kernel package.


4.4. Software management

YUM performance improvement and support for modular content

On Red Hat Enterprise Linux 8, installing software is ensured by the new version of the YUM tool, which is based on the DNF technology.

YUM based on DNF has the following advantages over the previous YUM v3 used on RHEL 7:

  • Increased performance
  • Support for modular content
  • Well-designed stable API for integration with tooling

For detailed information about differences between the new YUM tool and the previous version YUM v3 from RHEL 7, see http://dnf.readthedocs.io/en/latest/cli_vs_yum.html.

YUM based on DNF is compatible with YUM v3 when using from the command line, editing or creating configuration files.

For installing software, you can use the yum command and its particular options in the same way as on RHEL 7. Packages can be installed under the previous names using Provides. Packages also provide compatibility symlinks, so the binaries, configuration files and directories can be found in usual locations.

Note that the legacy Python API provided by YUM v3 and the Libdnf C API are unstable and will likely change during Red Hat Enterprise Linux 8 life cycle. Users are advised to migrate their plugins and scripts to the new DNF Python API, which is stable and fully supported. The DNF Python API is available at https://dnf.readthedocs.io/en/latest/api.html

Some of the YUM v3 features may behave differently in YUM based on DNF. If any such change negatively impacts your workflows, please open a case with Red Hat Support, as described in How do I open and manage a support case on the Customer Portal?


Notable RPM features in RHEL 8

Red Hat Enterprise Linux 8 is distributed with RPM 4.14. This version introduces many enhancements over RPM 4.11, which is available in RHEL 7. The most notable features include:

  • The debuginfo packages can be installed in parallel
  • Support for weak dependencies
  • Support for rich or boolean dependencies
  • Support for packaging files above 4 GB in size
  • Support for file triggers

Also, the most notable changes include:

  • Stricter spec-parser
  • Simplified signature checking the output in non-verbose mode
  • Additions and deprecation in macros


RPM now validates the entire package contents before starting an installation

On Red Hat Enterprise Linux 7, the RPM utility verified payload contents of individual files while unpacking. However, this is insufficient for multiple reasons:

  • If the payload is damaged, it is only noticed after executing script actions, which are irreversible.
  • If the payload is damaged, upgrade of a package aborts after replacing some files of the previous version, which breaks a working installation.
  • The hashes on individual files are performed on uncompressed data, which makes RPM vulnerable to decompressor vulnerabilities.

On Red Hat Enterprise Linux 8, the entire package is validated prior to the installation in a separate step, using the best available hash.

Packages built on Red Hat Enterprise Linux 8 use a new SHA-256 hash on the compressed payload. On signed packages, the payload hash is additionally protected by the signature, and thus cannot be altered without breaking a signature and other hashes on the package header. Older packages use the MD5 hash of the header and payload unless it is disabled by configuration.

The %_pkgverify_level macro can be used to additionally enable enforcing signature verification before installation or disable the payload verification completely. In addition, the %_pkgverify_flags macro can be used to limit which hashes and signatures are allowed. For example, it is possible to disable the use of the weak MD5 hash at the cost of compatibility with older packages.


4.5. Infrastructure services

Notable changes in the recommended Tuned profile in RHEL 8

With this update, the recommended Tuned profile (reported by the tuned-adm recommend command) is now selected based on the following rules - the first rule that matches takes effect:

  • If the syspurpose role (reported by the syspurpose show command) contains "atomic", and at the same time:

    • if Tuned is running on bare metal, the "atomic-host" profile is selected
    • if Tuned is running in a virtual machine, the "atomic-guest" profile is selected
  • If Tuned is running in a virtual machine, the "virtual-guest" profile is selected
  • If the syspurpose role contains "desktop" or "workstation" and the chassis type (reported by dmidecode) is "Notebook", "Laptop", or "Portable", then the "balanced" profile is selected
  • If none of the above rules matches, the "throughput-performance" profile is selected


Files produced by named can be written in the working directory

Previously, the named daemon stored some data in the working directory, which has been read-only in Red Hat Enterprise Linux. With this update, paths have been changed for selected files into subdirectories, where writing is allowed. Now, default directory Unix and SELinux permissions allow writing into the directory. Files distributed inside the directory are still read-only to named.


Geolite Databases have been replaced by Geolite2 Databases

Geolite Databases that were present in Red Hat Enterprise Linux 7 were replaced by Geolite2 Databases on Red Hat Enterprise Linux 8.

Geolite Databases were provided by the GeoIP package. This package together with the legacy database is no longer supported in the upstream.

Geolite2 Databases are provided by multiple packages. The libmaxminddb package includes the library and the mmdblookup command line tool, which enables manual searching of addresses. The geoipupdate binary from the legacy GeoIP package is now provided by the geoipupdate package, and is capable of downloading both legacy databases and the new Geolite2 databases.


4.6. Shells and command-line tools

The nobody user replaces nfsnobody

In Red Hat Enterprise Linux 7, there was:

  • the nobody user and group pair with the ID of 99, and
  • the nfsnobody user and group pair with the ID of 65534, which is the default kernel overflow ID, too.

Both of these have been merged into the nobody user and group pair, which uses the 65534 ID in Red Hat Enterprise Linux 8. New installations no longer create the nfsnobody pair.

This change reduces the confusion about files that are owned by nobody but have nothing to do with NFS.


4.7. Web servers, databases, dynamic languages

Database servers in RHEL 8

RHEL 8 provides the following database servers:

  • MySQL 8.0, a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs.
  • MariaDB 10.3, a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL.
  • PostgreSQL 10 and PostgreSQL 9.6, an advanced object-relational database management system (DBMS).
  • Redis 4.0, an advanced key-value store. It is often referred to as a data structure server because keys can contain strings, hashes, lists, sets, and sorted sets. Redis is provided for the first time in RHEL.

Note that the NoSQL MongoDB database server is not included in RHEL 8.0 Beta because it uses the Server Side Public License (SSPL).


Notable changes in MySQL 8.0

RHEL 8 is distributed with MySQL 8.0, which provides, for example, the following enhancements:

  • MySQL now incorporates a transactional data dictionary, which stores information about database objects.
  • MySQL now supports roles, which are collections of privileges.
  • The default character set has been changed from latin1 to utf8mb4.
  • Support for common table expressions, both nonrecursive and recursive, has been added.
  • MySQL now supports window functions, which perform a calculation for each row from a query, using related rows.
  • InnoDB now supports the NOWAIT and SKIP LOCKED options with locking read statements.
  • GIS-related functions have been improved.
  • JSON functionality has been enhanced.
  • The new mariadb-connector-c packages provide a common client library for MySQL and MariaDB. This library is usable with any version of the MySQL and MariaDB database servers. As a result, the user is able to connect one build of an application to any of the MySQL and MariaDB servers distributed with RHEL 8.

In addition, the MySQL 8.0 server distributed with RHEL 8 is configured to use mysql_native_password as the default authentication plug-in because client tools and libraries in RHEL 8 are incompatible with the caching_sha2_password method, which is used by default in the upstream MySQL 8.0 version.

To change the default authentication plug-in to caching_sha2_password, edit the /etc/my.cnf.d/mysql-default-authentication-plugin.cnf file as follows:


(BZ#1649891, BZ#1519450, BZ#1631400)

Notable changes in MariaDB 10.3

MariaDB 10.3 provides numerous new features over the version 5.5 distributed in RHEL 7. Some of the most notable changes are:

  • MariaDB Galera Cluster, a synchronous multi-master cluster, is now a standard part of MariaDB.
  • InnoDB is used as the default storage engine instead of XtraDB.
  • Common table expressions
  • System-versioned tables
  • FOR loops
  • Invisible columns
  • Sequences
  • Instant ADD COLUMN for InnoDB
  • Storage-engine independent column compression
  • Parallel replication
  • Multi-source replication

In addition, the new mariadb-connector-c packages provide a common client library for MySQL and MariaDB. This library is usable with any version of the MySQL and MariaDB database servers. As a result, the user is able to connect one build of an application to any of the MySQL and MariaDB servers distributed with RHEL 8.

See also Using MariaDB on Red Hat Enterprise Linux 8.

(BZ#1637034, BZ#1519450)

Python scripts must specify major version in hashbangs at RPM build time

In RHEL 8, executable Python scripts are expected to use hashbangs (shebangs) specifying explicitly at least the major Python version.

The /usr/lib/rpm/redhat/brp-mangle-shebangs buildroot policy (BRP) script is run automatically when building any RPM package, and attempts to correct hashbangs in all executable files. The BRP script will generate errors when encountering a Python script with an ambiguous hashbang, such as:

  • #! /usr/bin/python
  • #! /usr/bin/env python

To modify hashbangs in the Python scripts causing these build errors at RPM build time, use the pathfix.py script from the platform-python-devel package:

pathfix.py -pn -i %{__python3} PATH ...

Multiple PATHs can be specified. If a PATH is a directory, pathfix.py recursively scans for any Python scripts matching the pattern ^[a-zA-Z0-9_]+\.py$, not only those with an ambiguous hashbang. Add this command to the %prep section or at the end of the %install section.

For more information, see Handling hashbangs in Python scripts.


Python 3 is the default Python implementation in RHEL 8

Red Hat Enterprise Linux 8 is distributed with Python 3.6. The package is not installed by default. To install Python 3.6, use the yum install python3 command.

Python 2.7 is available in the python2 package. However, Python 2 will have a shorter life cycle and its aim is to facilitate smoother transition to Python 3 for customers.

Neither the default python package nor the unversioned /usr/bin/python executable is distributed with RHEL 8. Customers are advised to use python3 or python2 directly. Alternatively, administrators can configure the unversioned python command using the alternatives command.

For details, see Using Python in Red Hat Enterprise Linux 8.


Notable changes in PHP

Red Hat Enterprise Linux 8 is distributed with PHP 7.2. This version introduces the following major changes over PHP 5.4, which is available in RHEL 7:

  • PHP uses FastCGI Process Manager (FPM) by default (safe for use with a threaded httpd)
  • The php_value and php-flag variables should no longer be used in the httpd configuration files; they should be set in pool configuration instead: /etc/php-fpm.d/*.conf
  • PHP script errors and warning are logged to the /var/log/php-fpm/www-error.log file instead of /var/log/httpd/error.log
  • When changing the PHP max_execution_time configuration variable, the httpd ProxyTimeout setting should be increased to match
  • The user running PHP scripts is now configured in the FPM pool configuration (the /etc/php-fpm/d/www.conf file; the apache user is the default)
  • The php-fpm service needs to be restarted after a configuration change or after a new extension is installed

The following extensions have been removed:

  • aspell
  • mysql (note that the mysqli and pdo_mysql extensions are still available, provided by php-mysqlnd package)
  • zip
  • memcache


Notable changes in Ruby

RHEL 8 provides Ruby 2.5, which introduces numerous new features and enhancements over Ruby 2.0.0 available in RHEL 7. Notable changes include:

  • Incremental garbage collector has been added.
  • The Refinements syntax has been added.
  • Symbols are now garbage collected.
  • The $SAFE=2 and $SAFE=3 safe levels are now obsolete.
  • The Fixnum and Bignum classes have been unified into the Integer class.
  • Performance has been improved by optimizing the Hash class, improved access to instance variables, and the Mutex class being smaller and faster.
  • Certain old APIs have been deprecated.
  • Bundled libraries, such as RubyGems, Rake, RDoc, Psych, Minitest, and test-unit, have been updated.
  • Other libraries, such as mathn, DL, ext/tk, and XMLRPC, which were previously distributed with Ruby, are deprecated or no longer included.
  • The SemVer versioning scheme is now used for Ruby versioning.


Notable changes in Perl

Perl 5.26, distributed with RHEL 8, introduces the following changes over the version available in RHEL 7:

  • Unicode 9.0 is now supported.
  • New op-entry, loading-file, and loaded-file SystemTap probes are provided.
  • Copy-on-write mechanism is used when assigning scalars for improved performance.
  • The IO::Socket::IP module for handling IPv4 and IPv6 sockets transparently has been added.
  • The Config::Perl::V module to access perl -V data in a structured way has been added.
  • A new perl-App-cpanminus package has been added, which contains the cpanm utility for getting, extracting, building, and installing modules from the Comprehensive Perl Archive Network (CPAN) repository.
  • The current directory . has been removed from the @INC module search path for security reasons.
  • The do statement now returns a deprecation warning when it fails to load a file because of the behavioral change described above.
  • The do subroutine(LIST) call is no longer supported and results in a syntax error.
  • Hashes are randomized by default now. The order in which keys and values are returned from a hash changes on each perl run. To disable the randomization, set the PERL_PERTURB_KEYS environment variable to 0.
  • Unescaped literal { characters in regular expression patterns are no longer permissible.
  • Lexical scope support for the $_ variable has been removed.
  • Using the defined operator on an array or a hash results in a fatal error.
  • Importing functions from the UNIVERSAL module results in a fatal error.
  • The find2perl, s2p, a2p, c2ph, and pstruct tools have been removed.
  • The ${^ENCODING} facility has been removed. The encoding pragma’s default mode is no longer supported. To write source code in other encoding than UTF-8, use the encoding’s Filter option.
  • The perl packaging is now aligned with upstream. The perl package installs also core modules, while the /usr/bin/perl interpreter is provided by the perl-interpreter package. In previous releases, the perl package included just a minimal interpreter, whereas the perl-core package included both the interpreter and the core modules.


Notable changes in Apache httpd

RHEL 8 is distributed with the Apache HTTP Server 2.4.35. This version introduces the following changes over httpd available in RHEL 7:

  • HTTP/2 support is now provided by the mod_http2 package, which is a part of the httpd module.
  • Automated TLS certificate provisioning and renewal using the Automatic Certificate Management Environment (ACME) protocol is now supported with the mod_md package (for use with certificate providers such as Let’s Encrypt)
  • The Apache HTTP Server now supports loading TLS certificates and private keys from hardware security tokens directly from PKCS#11 modules. As a result, a mod_ssl configuration can now use PKCS#11 URLs to identify the TLS private key, and, optionally, the TLS certificate in the SSLCertificateKeyFile and SSLCertificateFile directives.
  • The multi-processing module (MPM) configured by default with the Apache HTTP Server has changed from a multi-process, forked model (known as prefork) to a high-performance multi-threaded model, event. Any third-party modules that are not thread-safe need to be replaced or removed. To change the configured MPM, edit the /etc/httpd/conf.modules.d/00-mpm.conf file. See the httpd.service(8) man page for more information.

For more information about httpd, see Setting up the Apache HTTP web server.

(BZ#1632754, BZ#1527084, BZ#1581178)

The nginx web server new in RHEL 8

RHEL 8 introduces nginx 1.14, a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. nginx was previously available only as a Software Collection.

The nginx web server now supports loading TLS private keys from hardware security tokens directly from PKCS#11 modules. As a result, an nginx configuration can use PKCS#11 URLs to identify the TLS private key in the ssl_certificate_key directive.


4.8. Desktop

GNOME Shell, version 3.28 in RHEL 8

GNOME Shell, version 3.28 is available in Red Hat Enterprise Linux (RHEL) 8. Notable enhancements include:

  • New GNOME Boxes features
  • New on-screen keyboard
  • Extended devices support, most significantly integration for the Thunderbolt 3 interface
  • Improvements for GNOME Software, dconf-editor and GNOME Terminal


Wayland is the default display server

With Red Hat Enterprise Linux 8, the GNOME session and the GNOME Display Manager (GDM) use Wayland as their default display server instead of the X.org server, which was used with the previous major version of RHEL.

Wayland provides multiple advantages and improvements over X.org. Most notably:

  • Stronger security model
  • Improved multi-monitor handling
  • Improved user interface (UI) scaling
  • The desktop can control window handling directly.

Note that the following features are currently unavailable or do not work as expected:

  • Multi-GPU setups are not supported under Wayland.
  • The NVIDIA binary driver does not work under Wayland.
  • The xrandr utility does not work under Wayland due to its different approach to handling, resolutions, rotations, and layout. Note that other X.org utilities for manipulating the screen do not work under Wayland, either.
  • Screen recording, remote desktop, and accessibility do not always work correctly under Wayland.
  • No clipboard manager is available.
  • Wayland ignores keyboard grabs issued by X11 applications, such as virtual machines viewers.
  • Wayland inside guest virtual machines (VMs) has stability and performance problems, so it is recommended to use the X11 session for virtual environments.

If you upgrade to RHEL 8 from a RHEL 7 system where you used the X.org GNOME session, your system continues to use X.org. The system also automatically falls back to X.org when the following graphics drivers are in use:

  • The NVIDIA binary driver
  • The cirrus driver
  • The mga driver
  • The aspeed driver

You can disable the use of Wayland manually:

  • To disable Wayland in GDM, set the WaylandEnable=false option in the /etc/gdm/custom.conf file.
  • To disable Wayland in the GNOME session, select the legacy X11 option by using the cogwheel menu on the login screen after entering your login name.

For more details on Wayland, see https://wayland.freedesktop.org/.


Locating RPM packages that are in repositories not enabled by default

Additional repositories for desktop are not enabled by default. The disablement is indicated by the enabled=0 line in the corresponding .repo file. If you attempt to install a package from such repository using PackageKit, PackageKit shows an error message announcing that the application is not available. To make the package available, replace previously used enabled=0 line in the respective .repo file with enabled=1.


GNOME Sofware for package management

The gnome-packagekit package that provided a collection of tools for package management in graphical environment on Red Hat Enterprise Linux 7 is no longer available. On Red Hat Enterprise Linux 8, similar functionality is provided by the GNOME Software utility, which enables you to install and update applications and gnome-shell extensions. GNOME Software is distributed in the gnome-software package.


4.9. Hardware enablement

The IOMMU code supports 5-level page tables in RHEL 8

The I/O memory management unit (IOMMU) code in the Linux kernel has been updated to support 5-level page tables in Red Hat Enterprise Linux 8.


4.10. Identity Management

New password syntax checks in Directory Server

This enhancement adds new password syntax checks to Directory Server. Administrators can now, for example, enable dictionary checks, allow or deny using character sequences and palindromes. As a result, if enabled, the password policy syntax check in Directory Server enforces more secure passwords.


Directory Server now provides improved internal operations logging support

Several operations in Directory Server, initiated by the server and clients, cause additional operations in the background. Previously, the server only logged for internal operations the Internal connection keyword, and the operation ID was always set to -1. With this enhancement, Directory Server logs the real connection and operation ID. You can now trace the internal operation to the server or client operation that caused this operation.


Local users are cached by SSSD and served through the nss_sss module

In RHEL 8, the System Security Services Daemon (SSSD) serves users and groups from the /etc/passwd and /etc/groups files by default. The sss nsswitch module precedes files in the /etc/nsswitch.conf file.

The advantage of serving local users through SSSD is that the nss_sss module has a fast memory-mapped cache that speeds up Name Service Switch (NSS) lookups compared to accessing the disk and opening the files on each NSS request. Previously, the Name service cache daemon (nscd) helped accelerate the process of accessing the disk. However, using nscd in parallel with SSSD is cumbersome, as both SSSD and nscd use their own independent caching. Consequently, using nscd in setups where SSSD is also serving users from a remote domain, for example LDAP or Active Directory, can cause unpredictable behavior.

With this update, the resolution of local users and groups is faster in RHEL 8. Note that the root user is never handled by SSSD, therefore root resolution cannot be impacted by a potential bug in SSSD. Note also that if SSSD is not running, the nss_sss module handles the situation gracefully by falling back to nss_files to avoid problems. You do not have to configure SSSD in any way, the files domain is added automatically.


KCM replaces KEYRING as the default credential cache storage

In RHEL 8, the default credential cache storage is the Kerberos Credential Manager (KCM) which is backed by the sssd-kcm deamon. KCM overcomes the limitations of the previously used KEYRING, such as its being difficult to use in containerized environments because it is not namespaced, and to view and manage quotas.

With this update, RHEL 8 contains a credential cache that is better suited for containerized environments and that provides a basis for building more features in future releases.


Active Directory users can now administer Identity Management

With this update, RHEL 8 allows adding a user ID override for an Active Directory (AD) user as a member of an Identity Management (IdM) group. An ID override is a record describing what a specific AD user or group properties should look like within a specific ID view, in this case the Default Trust View. As a consequence of the update, the IdM LDAP server is able to apply access control rules for the IdM group to the AD user.

AD users are now able to use the self service features of IdM UI, for example to upload their SSH keys, or change their personal data. An AD administrator is able to fully administer IdM without having two different accounts and passwords. Note that currently, selected features in IdM may still be unavailable to AD users.


sssctl prints an HBAC rules report for an IdM domain

With this update, the sssctl utility of the System Security Services Daemon (SSSD) can print an access control report for an Identity Management (IdM) domain. This feature meets the need of certain environments to see, for regulatory reasons, a list of users and groups that can access a specific client machine. Running sssctl access-report domain_name on an IdM client prints the parsed subset of host-based access control (HBAC) rules in the IdM domain that apply to the client machine.

Note that no other providers than IdM support this feature.


Identity Management packages are available as a module

In RHEL 8, the packages necessary for installing an Identity Management (IdM) server and client are shipped as a module. The client stream is the default stream of the idm module and you can download the packages necessary for installing the client without enabling the stream.

The IdM server module stream is called the DL1 stream. The stream contains multiple profiles corresponding to different types of IdM servers: server, dns, adtrust, client, and default. To download the packages in a specific profile of the DL1 stream: . Enable the stream. . Switch to the RPMs delivered through the stream. . Run the yum module install idm:DL1/profile_name command.


Session recording solution for RHEL 8 added

A session recording solution has been added to Red Hat Enterprise Linux 8 (RHEL 8). A new tlog package and its associated web console session player enable to record and playback the user terminal sessions. The recording can be configured per user or user group via the System Security Services Daemon (SSSD) service. All terminal input and output is captured and stored in a text-based format in a system journal. The input is inactive by default for security reasons not to intercept raw passwords and other sensitive information.

The solution can be used for auditing of user sessions on security-sensitive systems. In the event of a security breach, the recorded sessions can be reviewed as a part of a forensic analysis. The system administrators are now able to configure the session recording locally and view the result from the RHEL 8 web console interface or from the Command-Line Interface using the tlog-play utility.


authselect simplifies the configuration of user authentication

This update introduces the authselect utility that simplifies the configuration of user authentication on RHEL 8 hosts, replacing the authconfig utility. authselect comes with a safer approach to PAM stack management that makes the PAM configuration changes simpler for system administrators. authselect can be used to configure authentication methods such as passwords, certificates, smart cards, and fingerprint. Note that authselect does not configure services required to join remote domains. This task is performed by specialized tools, such as realmd or ipa-client-install.


4.11. Compilers and development tools

Boost updated to version 1.66

The Boost C++ library has been updated to upstream version 1.66. The version of Boost included in Red Hat Enterprise Linux 7 is 1.53. For details, see the upstream changelogs: https://www.boost.org/users/history/

This update introduces the following changes breaking compatibility with previous versions:

  • The bs_set_hook() function, the splay_set_hook() function from splay containers, and the bool splay = true extra parameter in the splaytree_algorithms() function in the Intrusive library have been removed.
  • Comments or string concatenation in JSON files are no longer supported by the parser in the Property Tree library.
  • Some distributions and special functions from the Math library have been fixed to behave as documented and raise an overflow_error instead of returning the maximum finite value.
  • Some headers from the Math library have been moved into the directory libs/math/include_private.
  • Behavior of the basic_regex<>::mark_count() and basic_regex<>::subexpression(n) functions from the Regex library has been changed to match their documentation.
  • Use of variadic templates in the Variant library may break metaprogramming functions.
  • The boost::python::numeric API has been removed. Users can use boost::python::numpy instead.
  • Arithmetic operations on pointers to non-object types are no longer provided in the Atomic library.


Unicode 11.0.0 support

The Red Hat Enterprise Linux core C library, glibc, has been updated to support the Unicode standard version 11.0.0. As a result, all wide character and multi-byte character APIs including transliteration and conversion between character sets provide accurate and correct information conforming to this standard.


Support for linking against the libpthread_nonshared.a archive file

This update provides the new compat-libpthread-nonshared package that allows applications which directly reference /usr/lib64/libpthread_nonshared.a to work properly.


The boost package is now independent of Python

With this update, installing the boost package no longer installs the Boost.Python library as a dependency. In order to use Boost.Python, you need to explicitly install the boost-python3 or boost-python3-devel packages.


A new compat-libgfortran-48 package available

For compatibility with Red Hat Enterprise Linux 6 and 7 applications using the Fortran library, a new compat-libgfortran-48 compatibility package is now available, which provides the libgfortran.so.3 library.


Retpoline support in GCC

This update adds support for retpolines to GCC. A retpoline is a software construct used by the kernel to reduce overhead of mitigating Spectre Variant 2 attacks described in CVE-2017-5715.


Enhanced support for the 64-bit ARM architecture in toolchain components

Toolchain components, GCC and binutils, now provide extended support for the 64-bit ARM architecture. For example:

  • GCC and binutils now support Scalable Vector Extension (SVE).
  • Support for the FP16 data type, provided by ARM v8.2, has been added to GCC. The FP16 data type improves performance of certain algorithms.
  • Tools from binutils now support the ARM v8.3 architecture definition, including Pointer Authentication. The Pointer Authentication feature prevents malicious code from corrupting the normal execution of a program or the kernel by crafting their own function pointers. As a result, only trusted addresses are used when branching to different places in the code, which improves security.

(BZ#1504980, BZ#1550501, BZ#1504995, BZ#1504993, BZ#1504994)

Optimizations to glibc for IBM POWER systems

This update provides a new version of glibc that is optimized for both IBM POWER 8 and IBM POWER 9 architectures. As a result, IBM POWER 8 and IBM POWER 9 systems now automatically switch to the appropriate, optimized glibc variant at run time.


GNU C Library updated to version 2.28

Red Hat Enterprise Linux 8 Beta includes version 2.28 of the GNU C Library (glibc). Notable improvements include:

  • Security hardening features:

    • Secure binary files marked with the AT_SECURE flag ignore the LD_LIBRARY_PATH environment variable.
    • Backtraces are no longer printed for stack checking failures to speed up shutdown and avoid running more code in a compromised environment.
  • Performance improvements:

    • Performance of the malloc() function has been improved with a thread local cache.
    • Addition of the GLIBC_TUNABLES environment variable to alter library performance characteristics.
    • Implementation of thread semaphores has been improved and new scalable pthread_rwlock_xxx() functions have been added.
    • Performance of the math library has been improved.
  • Support for Unicode 11.0.0 has been added.
  • Improved support for 128-bit floating point numbers as defined by the ISO/IEC/IEEE 60559:2011, IEEE 754-2008, and ISO/IEC TS 18661-3:2015 standards has been added.
  • Domain Name Service (DNS) stub resolver improvements related to the /etc/resolv.conf configuration file:

    • Configuration is automatically reloaded when the file is changed.
    • Support for an arbitrary number of search domains has been added.
    • Proper random selection for the rotate option has been added.
  • New features for development have been added, including:

    • Linux wrapper functions for the preadv2 and pwritev2 kernel calls
    • New functions including reallocarray() and explicit_bzero()
    • New flags for the posix_spawnattr_setflags() function such as POSIX_SPAWN_SETSID

(BZ#1512010, BZ#1504125, BZ#506398)

CMake available in RHEL

The CMake build system version 3.11 is available in Red Hat Enterprise Linux 8 Beta as the cmake package.

(BZ#1590139, BZ#1502802)

make version 4.2.1

Red Hat Enterprise Linux 8 is distributed with the make build tool version 4.2.1. Notable changes include:

  • When a recipe fails, the name of the makefile and line number of the recipe are shown.
  • The --trace option has been added to enable tracing of targets. When this option is used, every recipe is printed before invocation even if it would be suppressed, together with the file name and line number where this recipe is located, and also with the prerequisites causing it to be invoked.
  • Mixing explicit and implicit rules no longer cause make to terminate execution. Instead, a warning is printed. Note that this syntax is deprecated and may be completely removed in the future.
  • The $(file …​) function has been added to write text to a file. When called without a text argument, it only opens and immediately closes the file.
  • A new option, --output-sync or -O, causes an output from multiple jobs to be grouped per job and enables easier debugging of parallel builds.
  • The --debug option now accepts also the n (none) flag to disable all currently enabled debugging settings.
  • The != shell assignment operator has been added as an alternative to the $(shell …​) function to increase compatibility with BSD makefiles. For more details and differences between the operator and the function, see the GNU make manual.

Note that as a consequence, variables with a name ending in exclamation mark and immediately followed by assignment, such as variable!=value, are now interpreted as the new syntax. To restore the previous behavior, add a space after the exclamation mark, such as variable! =value.

  • The ::= assignment operator defined by the POSIX standard has been added.
  • When the .POSIX variable is specified, make observes the POSIX standard requirements for handling backslash and new line. In this mode, any trailing space before the backslash is preserved, and each backslash followed by a new line and white space characters is converted to a single space character.
  • Behavior of the MAKEFLAGS and MFLAGS variables is now more precisely defined.
  • A new variable, GNUMAKEFLAGS, is parsed for make flags identically to MAKEFLAGS. As a consequence, GNU make-specific flags can be stored outside MAKEFLAGS and portability of makefiles is increased.
  • A new variable, MAKE_HOST, containing the host architecture has been added.
  • The new variables, MAKE_TERMOUT and MAKE_TERMERR, indicate whether make is writing standard output and error to a terminal.
  • Setting the -r and -R options in the MAKEFLAGS variable inside a makefile now works correctly and removes all built-in rules and variables, respectively.
  • The .RECIPEPREFIX setting is now remembered per recipe. Additionally, variables expanded in that recipe also use that recipe prefix setting.
  • The .RECIPEPREFIX setting and all target-specific variables are displayed in the output of the -p option as if in a makefile, instead of as comments.


Go programs built with Go Toolset are FIPS compliant

The cryptographic library available in Go Toolset has been changed to use the OpenSSL library version 1.1.0 if the host system is configured in FIPS mode. As a consequence, programs built with this version of Go Toolset are FIPS compliant.

To make Go programs use only the uncertified standard cryptographic routines, use the -tags no_openssl option of the go compiler at build time.


SystemTap version 4.0

Red Hat Enterprise Linux 8 Beta is distributed with the SystemTap instrumentation tool version 4.0. Notable improvements include:

  • The extended Berkeley Packet Filter (eBPF) backend has been improved, especially strings and functions. To use this backend, start SystemTap with the --runtime=bpf option.
  • A new export network service for use with the Prometheus monitoring system has been added.
  • The system call probing implementation has been improved to use the kernel tracepoints if necessary.


Improvements in binutils version 2.30

Red Hat Enterprise Linux 8 Beta includes version 2.30 of the binutils package. Notable improvements include:

  • Support for new s390x architecture extensions has been improved.


  • Support for the WebAssembly file format, and conversion of WebAssembly to the wasm32 ELF file format have been added.
  • Support for the ARMv8-R architecture and Cortex-R52, Cortex-M23, and Cortex-M33 processors has been added.
  • Support for the RISC-V architecture has been added.


  • The linker now puts code and read-only data into separate segments by default. As a result, the created executable files are bigger and more safe to run, because the dynamic loader can disable execution of any memory page containing read-only data.
  • Support for GNU Property notes which provide hints to the dynamic loader about the binary file has been added.
  • Previously, the linker generated invalid executable code for the Intel Indirect Branch Tracking (IBT) technology. As a consequence, the generated executable files could not start. This bug has been fixed.
  • Previously, the gold linker merged property notes improperly. As a consequence, wrong hardware features could be enabled in the generated code, and the code could terminate unexpectedly. This bug has been fixed.
  • Previously, the gold linker created note sections with padding bytes at the end to achieve alignment according to architecture. Because the dynamic loader did not expect the padding, it coud terminate unexpectedly the program it was loading. This bug has been fixed.

Other tools:

  • The readelf and objdump tools now have options to follow links into separate debug information files and display information in them, too.
  • The new --inlines option extends the existing --line-numbers option of the objdump tool to display nesting information for inlined functions.
  • The nm tool gained a new option --with-version-strings to display version information of a symbol after its name, if present.

(BZ#1641004, BZ#1637072, BZ#1501420, BZ#1504114, BZ#1614908, BZ#1614920)

Performace co-pilot version 4.1.3

Red Hat Enterprise Linux 8 Beta is distributed with Performance co-pilot (pcp) version 4.1.3. Notable improvements include:

  • The pcp-dstat tool now includes historical analysis and Comma-separated Values (CSV) format output.
  • The log utilities can use metric labels and help text records.
  • The pmdaperfevent tool now reports the correct CPU numbers at the lower Simultaneous Multi Threading (SMT) levels.
  • The pmdapostgresql tool now supports Postgres series 10.x.
  • The pmdaredis tool now supports Redis series 5.x.
  • The pmdabcc tool has been enhanced with dynamic process filtering and per-process syscalls, ucalls, and ustat.
  • The pmdammv tool now exports metric labels, and the format version is increased to 3.
  • The pmdagfs2 tool supports additional glock and glock holder metrics.
  • Several fixes have been made to the SELinux policy.


Memory Protection Keys

This update enables hardware features which allow per-thread page protection flag changes. The new glibc system call wrappers have been added for the pkey_alloc(), pkey_free(), and pkey_mprotect() functions. In addition, the pkey_set() and pkey_get() functions have been added to allow access to the per-thread protection flags.


GCC now defaults to z13 on IBM Z

With this update, by default GCC on the IBM Z architecture builds code for the z13 processor, and the code is tuned for the z14 processor. This is equivalent to using the -march=z13 and -mtune=z14 options. Users can override this default by explicitly using options for target architecture and tuning.


elfutils updated to version 0.174

In Red Hat Enterprise Linux 8, the elfutils package is available in version 0.174. Notable changes include:

  • Previously, the eu-readelf tool could show a variable with a negative value as if it had a large unsigned value, or show a large unsigned value as a negative value. This has been corrected and eu-readelf now looks up the size and signedness of constant value types to display them correctly.
  • A new function dwarf_next_lines() for reading .debug_line data lacking CU has been added to the libdw library. This function can be used as alternative to the dwarf_getsrclines() and dwarf_getsrcfiles() functions.
  • Previously, files with more than 65280 sections could cause errors in the libelf and libdw libraries and all tools using them. This bug has been fixed. As a result, extended shnum and shstrndx values in ELF file headers are handled correctly.


Valgrind updated to version 3.14

Red Hat Enterprise Linux 8 is distributed with the Valgrind executable code analysis tool version 3.14. Notable changes include:

  • A new --keep-debuginfo option has been added to enable retention of debug info for unloaded code. As a result, saved stack traces can include file and line information for code that is no longer present in memory.
  • Suppressions based on source file name and line number have been added.
  • The Helgrind tool has been extended with an option --delta-stacktrace to specify computation of full history stack traces. Notably, using this option together with --history-level=full can improve Helgrind performance by up to 25%.
  • False positive rate in the Memcheck tool for optimised code on the Intel and AMD 64-bit arcitectures and the ARM 64-bit architecture has been reduced. Note that you can use the --expensive-definedness-checks to control handling of definedness checks and improve the rate at the expense of performance.
  • Valgrind can now recognize more instructions of the little-endian variant of IBM Power Systems.
  • Valgrind can now partially process integer and string vector instructions of the IBM Z architecture z13 processor.

For more information about the new options and their known limitations, see the valgrind(1) manual page.

(BZ#1641029, BZ#1501419)

GDB version 8.2

Red Hat Enterprise Linux 8 is distributed with the GDB debugger version 8.2 Notable changes include:

  • The IPv6 protocol is supported for remote debugging with GDB and gdbserver.
  • Debugging without debug information has been improved.
  • Symbol completion in the GDB user interface has been improved to offer better suggestions by using more syntactic constructions such as ABI tags or namespaces.
  • Commands can now be executed in the background.
  • Debugging programs created in the Rust programming language is now possible.
  • Debugging C and C++ languages has been improved with parser support for the _Alignof and alignof operators, C++ rvalue references, and C99 variable-length automatic arrays.
  • GDB extension scripts can now use the Guile scripting language.
  • The Python scripting language interface for extensions has been improved with new API functions, frame decorators, filters, and unwinders. Additionally, scripts in the .debug_gdb_scripts section of GDB configuration are loaded automatically.
  • GDB now uses Python version 3 to run its scripts, including pretty printers, frame decorators, filters, and unwinders.
  • The ARM and 64-bit ARM architectures have been improved with process execution record and replay, including Thumb 32-bit and system call instructions.
  • Support for Intel MPX register and bound violation, the PKU register, and Intel Processor Trace has been added.
  • Record and replay functionality has been extended to include the rdrand and rdseed instructions on Intel based systems.
  • Functionality of GDB on the IBM Z architecture has been extended with suport for tracepoints and fast tracepoints, vector registers and ABI, and the Catch system call.
  • GDB can now use the SystemTap static user space probes (SDT) on the 64-bit ARM architecture.


Localization for RHEL is distributed in multiple packages

In RHEL 8.0 Beta, locales and translations are no longer provided by the single glibc-common package. Instead, every locale and language is available in a glibc-langpack-CODE package. Additionally, not all locales are installed by default, only these selected in the installer. Users must install all further locale packages that they need separately.

For more information about using langpacks, see Installing and using langpacks.


GCC version 8.2

In Red Hat Enterprise Linux 8, the GCC toolchain is based on the GCC 8.2 release series. Notable changes include:

  • Numerous general optimizations have been added, such as alias analysis, vectorizer improvements, identical code folding, inter-procedural analysis, store merging optimization pass, and others.
  • The Address Sanitizer and Undefined Behavior Sanitizer have been improved. The Leak Sanitizer for detection of memory leaks has been added.
  • Support for the DWARF 5 debug information format has been added.
  • The source code coverage analysis tool GCOV has been extended with various improvements.
  • New warnings and improved diagnostics have been added for static detection of certain likely programming errors.
  • GCC has been extended to provide tools to ensure additional hardening of the generated code. Improvements related to security include built-ins for overflow checking, additional protection against stack clash, checking target addresses of control-flow instructions, warnings for bounded string manipulation functions, and warnings to detect out-of-bounds array indices.

Improvements to architecture and processor support include:

  • Multiple new architecture-specific options for the Intel AVX-512 architecture, a number of its microarchitectures, and Intel Software Guard Extensions (SGX) have been added.
  • Code generation can now target the 64-bit ARM architecture LSE extensions, ARMv8.2-A 16-bit Floating-Point Extensions (FPE), and ARMv8.2-A, ARMv8.3-A, and ARMv8.4-A architecture versions.
  • Support for the z13 and z14 processors of the IBM Z architecture has been added.

Notable changes related to languages and standards include:

  • The default standard used when compiling code in the C language has changed to C17 with GNU extensions.
  • The default standard used when compiling code in the C++ language has changed to C++14 with GNU extensions.
  • The C++ runtime library now supports the C++11 and C++14 standards.
  • The C++ compiler now implements the C++14 standard.
  • Support for the C language standard C11 has been improved.
  • The new __auto_type GNU C extension provides a subset of the functionality of C++11 auto keyword in the C language.
  • The _FloatN and _FloatNx type names specified by the ISO/IEC TS 18661-3:2015 standard are now recognized by the C front end.
  • Passing an empty class as an argument now takes up no space on the Intel 64 and AMD64 architectures, as required by the platform ABI.
  • The value returned by the C++11 alignof operator has been corrected to match the C _Alignof operator and return minimum alignment. To find the preferred alignment, use the GNU extension __alignof__.
  • The main version of the libgfortran library for Fortran language code has been changed to 5.
  • Support for the Ada (GNAT), GCC Go, and Objective C/C++ languages has been removed.

(JIRA:RHELPLAN-7437, BZ#1512593, BZ#1512378)

4.12. File systems and storage

XFS now supports shared copy-on-write data extents

The XFS file system supports shared copy-on-write data extent functionality. This feature enables two or more files to share a common set of data blocks. When either of the files sharing common blocks changes, XFS breaks the link to common blocks and creates a new file. This is similar to the copy-on-write (COW) functionality found in other file systems.

Shared copy-on-write data extents are:

Creating shared copies does not utilize disk I/O.
Shared blocks do not consume additional disk space.
Files sharing common blocks act like regular files.

Userspace utilities can use shared copy-on-write data extents for:

  • Efficient file cloning, such as with the cp --reflink command
  • Per-file snapshots

This functionality is also used by kernel subsystems such as Overlayfs and NFS for more efficient operation.

Shared copy-on-write data extents are now enabled by default when creating an XFS file system, starting with the xfsprogs package version 4.17.0-2.el8.

Note that Direct Access (DAX) devices currently do not support XFS with shared copy-on-write data extents. To create an XFS file system without this feature, use the following command:

# mkfs.xfs -m reflink=0 block-device

Red Hat Enterprise Linux 7 can mount XFS file systems with shared copy-on-write data extents only in the read-only mode.


VDO now supports all architectures

Virtual Data Optimizer (VDO) is now available on all of the architectures supported by RHEL 8.

For the list of supported architectures, see Chapter 2, Architectures.


The BOOM boot manager simplifies the process of creating boot entries

BOOM is a boot manager for Linux systems that use boot loaders supporting the BootLoader Specification for boot entry configuration. It enables flexible boot configuration and simplifies the creation of new or modified boot entries: for example, to boot snapshot images of the system created using LVM.

BOOM does not modify the existing boot loader configuration, and only inserts additional entries. The existing configuration is maintained, and any distribution integration, such as kernel installation and update scripts, continue to function as before.

BOOM has a simplified command-line interface (CLI) and API that ease the task of creating boot entries.


LUKS2 is now the default format for encrypting volumes

In RHEL 8, the LUKS version 2 (LUKS2) format replaces the legacy LUKS (LUKS1) format. The dm-crypt subsystem and the cryptsetup tool now uses LUKS2 as the default format for encrypted volumes. LUKS2 provides encrypted volumes with metadata redundancy and auto-recovery in case of a partial metadata corruption event.

Due to the internal flexible layout, LUKS2 is also an enabler of future features. It supports auto-unlocking through the generic kernel-keyring token built in libcryptsetup that allow users unlocking of LUKS2 volumes using a passphrase stored in the kernel-keyring retention service.

Other notable enhancements include:

  • The protected key setup using the wrapped key cipher scheme.
  • Easier integration with Policy-Based Decryption (Clevis).
  • Up to 32 key slots - LUKS1 provides only 8 key slots.

For more details, see the cryptsetup(8) and cryptsetup-reencrypt(8) man pages.


NVMe/FC is fully supported on Broadcom Emulex Fibre Channel Adapters

The NVMe over Fibre Channel (NVMe/FC) transport type is now fully supported in Initiator mode when used with Broadcom Emulex Fibre Channel 32Gbit adapters.

NVMe over Fibre Channel is an additional fabric transport type for the Nonvolatile Memory Express (NVMe) protocol, in addition to the Remote Direct Memory Access (RDMA) protocol that was previously introduced in Red Hat Enterprise Linux.

To enable NVMe/FC in the lpfc driver, edit the /etc/modprobe.d/lpfc.conf file and add the following option:


Drivers other than lpfc still remain in Technology Preview.

Additional restrictions:

  • Multipath is not supported with NVMe/FC.
  • NVMe clustering is not supported with NVMe/FC.
  • Currently, Red Hat Enterprise Linux does not support using NVMe/FC and SCSI/FC on an initiator port at the same time.
  • The kernel-alt package does not support NVMe/FC.
  • kdump is not supported with NVMe/FC.
  • Booting from Storage Area Network (SAN) NVMe/FC is not supported.


New overrides section of the DM Multipath configuration file

The /etc/multipath.conf file now includes an overrides section that allows you to set a configuration value for all of your devices. These attributes are used by DM Multipath for all devices unless they are overwritten by the attributes specified in the multipaths section of the /etc/multipath.conf file for paths that contain the device. This functionality replaces the all_devs parameter of the devices section of the configuration file, which is no longer supported.


The detection of marginal paths in DM Multipath has been improved

The multipathd service now supports improved detection of marginal paths. This helps multipath devices avoid paths that are likely to fail repeatedly, and improves performance. Marginal paths are paths with persistent but intermittent I/O errors.

The following options in the /etc/multipath.conf file control marginal paths behavior:

  • marginal_path_double_failed_time,
  • marginal_path_err_sample_time,
  • marginal_path_err_rate_threshold, and
  • marginal_path_err_recheck_gap_time.

DM Multipath disables a path and tests it with repeated I/O for the configured sample time if:

  • the listed multipath.conf options are set,
  • a path fails twice in the configured time, and
  • other paths are available.

If the path has more than the configured err rate during this testing, DM Multipath ignores it for the configured gap time, and then retests it to see if it is working well enough to be reinstated.

For more information, see the multipath.conf man page.


Multiqueue default behavior

Block devices now use multiqueue scheduling in Red Hat Enterprise Linux 8. This enables the block layer performance to scale well with fast solid-state drives (SSDs) and multi-core systems.

The SCSI Multiqueue (scsi-mq) driver is now enabled by default, and the kernel boots with the scsi_mod.use_blk_mq=Y option. This change is consistent with the upstream Linux kernel.

Device Mapper Multipath (DM Multipath) requires the scsi-mq driver to be active.


Stratis is now available

Stratis is a new local storage manager. It provides managed file systems on top of pools of storage with additional features to the user.

Stratis enables you to more easily perform storage tasks like:

  • Manage snapshots and thin provisioning
  • Automatically grow file system sizes as needed
  • Maintain file systems

To administer Stratis storage, use the stratis utility, which communicates with the stratisd background service.

For more information, see the Stratis documentation: Managing layered local storage with Stratis.


4.13. High availability and clusters

New pcs commands to list available watchdog devices and test watchdog devices

In order to configure SBD with Pacemaker, a functioning watchdog device is required. This release supports the pcs stonith sbd watchdog list command to list available watchdog devices on the local node, and the pcs stonith sbd watchdog test command to test a watchdog device. For information on the sbd command line tool, see the sbd(8) man page.


The pcs command now supports filtering resource failures by an operation and its interval

Pacemaker now tracks resource failures per a resource operation on top of a resource name, and a node. The pcs resource failcount show command now allows filtering failures by a resource, node, operation, and interval. It provides an option to display failures aggregated per a resource and node or detailed per a resource, node, operation, and its interval. Additionally, the pcs resource failcount reset command now allows filtering failures by a resource, node, operation, and interval.


Timestamps enabled in corosync log

The corosync log did not previously contain timestamps, which made it difficult to relate it to logs from other nodes and daemons. With this release, timestamps are present in the corosync log.


New formats for pcs cluster setup, pcs cluster node add and pcs cluster node remove commands

In Red Hat Enterprise Linux 8, pcs fully supports Corosync 3, knet, and node names. Node names are now required and replace node addresses in the role of node identifier. Node addresses are now optional.

  • In the pcs host auth command, node addresses default to node names
  • In the pcs cluster setup and pcs cluster node add commands, node addresses default to the node addresses specified in the pcs host auth command.

With these changes, the formats for the commands to set up a cluster, add a node to a cluster, and remove a node from a cluster have changed. For information on these new command formats, see the help display for the pcs cluster setup, pcs cluster node add and pcs cluster node remove commands.


Pacemaker 2.0.0 in RHEL 8

The pacemaker packages have been upgraded to the upstream version of Pacemaker 2.0.0, which provides a number of bug fixes and enhancements over the previous version:

  • The Pacemaker detail log is now /var/log/pacemaker/pacemaker.log by default (not directly in /var/log or combined with the corosync log under /var/log/cluster).
  • The Pacemaker daemon processes have been renamed to make reading the logs more intuitive. For example, pengine has been renamed to pacemaker-schedulerd.
  • Support for the deprecated default-resource-stickiness and is-managed-default cluster properties has been dropped. The resource-stickiness and is-managed properties should be set in resource defaults instead. Existing configurations (though not newly created ones) with the deprecated syntax will automatically be updated to use the supported syntax.
  • A more complete list of changes is available at https://access.redhat.com/articles/3681151.

It is recommended that users who are upgrading an existing cluster using Red Hat Enterprise Linux 7 or earlier, run pcs cluster cib-upgrade on any cluster node before and after upgrading RHEL on all cluster nodes.


Master resources renamed to promotable clone resources

Red Hat Enterprise Linux (RHEL) 8 supports Pacemaker 2.0, in which a master/slave resource is no longer a separate type of resource but a standard clone resource with a promotable meta-attribute set to true. The following changes have been implemented in support of this update:

  • It is no longer possible to create master resources with the pcs command. Instead, it is possible to create promotable clone resources. Related keywords and commands have been changed from master to promotable.
  • All existing master resources are displayed as promotable clone resources.
  • When managing a RHEL7 cluster in the Web UI, master resources are still called master, as RHEL7 clusters do not support promotable clones.


New commands for authenticating nodes in a cluster

Red Hat Enterprise Linux (RHEL) 8 incorporates the following changes to the commands used to authenticate nodes in a cluster.

  • The new command for authentication is pcs host auth. This command allows users to specify host names, addresses and pcsd ports.
  • The pcs cluster auth command authenticates only the nodes in a local cluster and does not accept a node list
  • It is now possible to specify an address for each node. pcs/pcsd will then communicate with each node using the specified address. These addresses can be different than the ones corosync uses internally.
  • The pcs pcsd clear-auth command has been replaced by the pcs pcsd deauth and pcs host deauth commands. The new commands allow users to deauthenticate a single host as well as all hosts.
  • Previously, node authentication was bidirectional, and running the pcs cluster auth command caused all specified nodes to be authenticated against each other. The pcs host auth command, however, causes only the local host to be authenticated against the specified nodes. This allows better control of what node is authenticated against what other nodes when running this command. On cluster setup itself, and also when adding a node, pcs automatically synchronizes tokens on the cluster, so all nodes in the cluster are still automatically authenticated as before and the cluster nodes can communicate with each other.

Note that these changes are not backward compatible. Nodes that were authenticated on a RHEL 7 system will need to be authenticated again.


The pcs commands now support display, cleanup, and synchronization of fencing history

Pacemaker’s fence daemon tracks a history of all fence actions taken (pending, successful, and failed). With this release, the pcs commands allow users to access the fencing history in the following ways:

  • The pcs status command shows failed and pending fencing actions
  • The pcs status --full command shows the entire fencing history
  • The pcs stonith history command provides options to display and clean up fencing history
  • Although fencing history is synchronized automatically, the pcs stonith history command now supports an update option that allows a user to manually synchronize fencing history should that be necessary

(BZ#1620190, BZ#1615891)

4.14. Networking

nftables replaces iptables as the default network packet filtering framework

The nftables framework provides packet classification facilities and it is the designated successor to the iptables, ip6tables, arptables, and ebtables tools. It offers numerous improvements in convenience, features, and performance over previous packet-filtering tools, most notably:

  • lookup tables instead of linear processing
  • a single framework for both the IPv4 and IPv6 protocols
  • rules all applied atomically instead of fetching, updating, and storing a complete ruleset
  • support for debugging and tracing in the ruleset (nftrace) and monitoring trace events (in the nft tool)
  • more consistent and compact syntax, no protocol-specific extensions
  • a Netlink API for third-party applications

Similarly to iptables, nftables use tables for storing chains. The chains contain individual rules for performing actions. The nft tool replaces all tools from the previous packet-filtering frameworks. The libnftables library can be used for low-level interaction with nftables Netlink API over the libmnl library.

The iptables, ip6tables, ebtables and arptables tools are replaced by nftables-based drop-in replacements with the same name. While external behavior is identical to their legacy counterparts, internally they use nftables with legacy netfilter kernel modules through a compatibility interface where required.

Effect of the modules on the nftables ruleset can be observed using the nft list ruleset command. Since these tools add tables, chains, and rules to the nftables ruleset, be aware that nftables ruleset operations, such as the nft flush ruleset command, might affect rulesets installed using the formerly separate legacy commands.

To quickly identify which variant of the tool is present, version information has been updated to include the backend name. In RHEL8, the nftables-based iptables tool prints the following version string:

$ iptables --version
iptables v1.8.0 (nf_tables)

For comparison, the following version information is printed if legacy iptables tool is present:

$ iptables --version
iptables v1.8.0 (legacy)


Notable TCP features in RHEL 8

Red Hat Enterprise Linux 8 is distributed with TCP networking stack version 4.16, which provides higher performances, better scalability, and more stability. Performances are boosted especially for busy TCP server with a high ingress connection rate.

Additionally, two new TCP congestion algorithms, BBR and NV, are available, offering lower latency, and better throughput than cubic in most scenarios.


firewalld uses nftables by default

With this update, the nftables filtering subsystem is the default firewall backend for the firewalld daemon. To change the backend, use the FirewallBackend option in the /etc/firewalld.conf file.

This change introduces the following differences in behavior when using nftables:

  1. iptables rule executions always occur before firewalld rules

    • DROP in iptables means a packet is never seen by firewalld
    • ACCEPT in iptables means a packet is still subject to firewalld rules
  2. firewalld direct rules are still implemented through iptables while other firewalld features use nftables
  3. direct rule execution occurs before firewalld generic acceptance of established connections


Notable change in wpa_supplicant in RHEL 8

In Red Hat Enterprise Linux (RHEL) 8, the wpa_supplicant package is built with CONFIG_DEBUG_SYSLOG enabled. This allows reading the wpa_supplicant log using the journalctl utility instead of checking the contents of the /var/log/wpa_supplicant.log file.


NetworkManager now supports SR-IOV virtual functions

In Red Hat Enterprise Linux 8.0, NetworkManager allows configuring the number of virtual functions (VF) for interfaces that support single-root I/O virtualization (SR-IOV). Additionally, NetworkManager allows configuring some attributes of the VFs, such as the MAC address, VLAN, the spoof checking setting and allowed bitrates. Note that all properties related to SR-IOV are available in the sriov connection setting. For more details, see the nm-settings(5) man page.


IPVLAN virtual network drivers are now supported

In Red Hat Enterprise Linux 8.0, the kernel includes support for IPVLAN virtual network drivers. With this update, IPVLAN virtual Network Interface Cards (NICs) enable the network connectivity for multiple containers exposing a single MAC address to the local network. This allows a single host to have a lot of containers overcoming the possible limitation on the number of MAC addresses supported by the peer networking equipment.


NetworkManager supports a wildcard interface name match for connections

Previously, it was possible to restrict a connection to a given interface using only an exact match on the interface name. With this update, connections have a new match.interface-name property which supports wildcards. This update enables users to choose the interface for a connection in a more flexible way using a wildcard pattern.


Improvements in the networking stack 4.18

Red Hat Enterprise Linux 8.0 includes the networking stack upgraded to upstream version 4.18, which provides several bug fixes and enhancements. Notable changes include:

  • Introduced new offload features, such as UDP_GSO, and, for some device drivers, GRO_HW.
  • Improved significant scalability for the User Datagram Protocol (UDP).
  • Improved the generic busy polling code.
  • Improved scalability for the IPv6 protocol.
  • Improved scalability for the routing code.
  • Added a new default transmit queue scheduling algorithm,fq_codel, which improves a transmission delay.
  • Improved scalability for some transmit queue scheduling algorithms. For example, pfifo_fast is now lockless.


New tools to convert iptables to nftables

This update adds the iptables-translate and ip6tables-translate tools to convert the existing iptables or ip6tables rules into the equivalent ones for nftables. Note that some extensions lack translation support. If such an extension exists, the tool prints the untranslated rule prefixed with the # sign. For example:

| % iptables-translate -A INPUT -j CHECKSUM --checksum-fill
| nft # -A INPUT -j CHECKSUM --checksum-fill

Additionally, users can use the iptables-restore-translate and ip6tables-restore-translate tools to translate a dump of rules. Note that before that, users can use the iptables-save or ip6tables-save commands to print a dump of current rules. For example:

| % sudo iptables-save >/tmp/iptables.dump
| % iptables-restore-translate -f /tmp/iptables.dump
| # Translated by iptables-restore-translate v1.8.0 on Wed Oct 17 17:00:13 2018
| add table ip nat
| ...


New features added to VPN using NetworkManager

In Red Hat Enterprise Linux 8.0, NetworkManager provides the following new features to VPN:

  • Support for the Internet Key Exchange version 2 (IKEv2) protocol.
  • Added some more Libreswan options, such as the rightid, leftcert, narrowing, rekey, fragmentation options. For more details on the supported options, see the nm-settings-libreswan man page.
  • Updated the default ciphers. This means that when the user does not specify the ciphers, the NetworkManager-libreswan plugin allows the Libreswan application to choose the system default cipher. The only exception is when the user selects an IKEv1 aggressive mode configuration. In this case, the ike = aes256-sha1;modp1536 and eps = aes256-sha1 values are passed to Libreswan.


A new data chunk type, I-DATA, added to SCTP

This update adds a new data chunk type, I-DATA, and stream schedulers to the Stream Control Transmission Protocol (SCTP). Previously, SCTP sent user messages in the same order as they were sent by a user. Consequently, a large SCTP user message blocked all other messages in any stream until completely sent. When using I-DATA chunks, the Transmission Sequence Number (TSN) field is not overloaded. As a result, SCTP now can schedule the streams in different ways, and I-DATA allows user messages interleaving (RFC 8260). Note that both peers must support the I-DATA chunk type.


4.15. Security

OpenSSH rebased to version 7.8p1

The openssh packages have been upgraded to upstream version 7.8p1. Notable changes include:

  • Removed support for the SSH version 1 protocol.
  • Removed support for the hmac-ripemd160 message authentication code.
  • Removed support for RC4 (arcfour) ciphers.
  • Removed support for Blowfish ciphers.
  • Removed support for CAST ciphers.
  • Changed the default value of the UseDNS option to no.
  • Disabled DSA public key algorithms by default.
  • Changed the minimal modulus size for Diffie-Hellman parameters to 2048 bits.
  • Changed semantics of the ExposeAuthInfo configuration option.
  • The UsePrivilegeSeparation=sandbox option is now mandatory and cannot be disabled.
  • Set the minimal accepted RSA key size to 1024 bits.


RSA-PSS is now supported in OpenSC

This update adds support for the RSA-PSS cryptographic signature scheme to the OpenSC smart card driver. The new scheme enables a secure cryptographic algorithm required for the TLS 1.3 support in the client software.


rsyslog rebased to version 8.37.0

The rsyslog packages have been upgraded to upstream version 8.37.0, which provides many bug fixes and enhancements over the previous versions. Most notable changes include:

  • Enhanced processing of rsyslog internal messages; possibility of rate-limiting them; fixed possible deadlock.
  • Enhanced rate-limiting in general; the actual spam source is now logged.
  • Improved handling of oversized messages - the user can now set how to treat them both in the core and in certain modules with separate actions.
  • mmnormalize rule bases can now be embedded in the config file instead of creating separate files for them.
  • The user can now set the GnuTLS priority string for imtcp that allows fine-grained control over encryption.
  • All config variables, including variables in JSON, are now case-insensitive.
  • Various improvements of PostgreSQL output.
  • Added a possibility to use shell variables to control config processing, such as conditional loading of additional configuration files, executing statements, or including a text in config. Note that an excessive use of this feature can make it very hard to debug problems with rsyslog.
  • 4-digit file creation modes can be now specified in config.
  • Reliable Event Logging Protocol (RELP) input can now bind also only on a specified address.
  • The default value of the enable.body option of mail output is now aligned to documentation
  • The user can now specify insertion error codes that should be ignored in MongoDB output.
  • Parallel TCP (pTCP) input has now the configurable backlog for better load-balancing.


New rsyslog module: omkafka

To enable kafka centralized data storage scenarios, you can now forward logs to the kafka infrastructure using the new omkafka module.


libssh implements SSH as a core cryptographic component

This change introduces libssh as a core cryptographic component in Red Hat Enterprise Linux 8. The libssh library implements the Secure SHell (SSH) protocol.

Note that libssh does not comply with the system-wide crypto policy.


PKCS #11 support for smart cards and HSMs is now consistent across the system

With this update, using smart cards and Hardware Security Modules (HSM) with PKCS #11 cryptographic token interface becomes consistent. This means that the user and the administrator can use the same syntax for all related tools in the system. Notable enhancements include:

  • Support for the PKCS #11 Uniform Resource Identifier (URI) scheme that ensures a simplified enablement of tokens on RHEL servers both for administrators and application writers.
  • A system-wide registration method for smart cards and HSMs using the pkcs11.conf.
  • Consistent support for HSMs and smart cards is available in NSS, GnuTLS, and OpenSSL (through the openssl-pkcs11 engine) applications.
  • The Apache HTTP server (httpd) now seamlessly supports HSMs.

For more information, see the pkcs11.conf(5) man page.


System-wide cryptographic policies are applied by default

Crypto-policies is a component in Red Hat Enterprise Linux 8, which configures the core cryptographic subsystems, covering the TLS, IPSec, SSH, DNSSec, and Kerberos protocols. It provides a small set of policies, which the administrator can select using the update-crypto-policies command.

The DEFAULT system-wide cryptographic policy offers secure settings for current threat models. This policy is also compatible with PCI-DSS requirements. It allows the TLS 1.2 and 1.3 protocols, as well as the IKEv2 and SSH2 protocols. The RSA keys and Diffie-Hellman parameters are accepted if larger than 2047 bits.

See the Consistent security by crypto policies in Red Hat Enterprise Linux 8 article on the Red Hat Blog and the update-crypto-policies(8) man page for more information.


SCAP Security Guide supports OSPP 4.2

SCAP Security Guide provides a draft of the OSPP (Protection Profile for General Purpose Operating Systems) profile version 4.2 for Red Hat Enterprise Linux 8. This profile reflects mandatory configuration controls identified in the NIAP Configuration Annex to the Protection Profile for General Purpose Operating Systems (Protection Profile Version 4.2). SCAP Security Guide provides automated checks and scripts that enable users to meet requirements defined in the OSPP.


OpenSCAP command-line interface has been improved

The verbose mode is now available in all oscap modules and submodules. The tool output has improved formatting.

Deprecated options have been removed to improve the usability of the command-line interface.

The following options are no longer available:

  • --show in oscap xccdf generate report has been completely removed.
  • --probe-root in oscap oval eval has been removed. It can be replaced by setting the environment variable, OSCAP_PROBE_ROOT.
  • --sce-results in oscap xccdf eval has been replaced by --check-engine-results
  • validate-xml submodule has been dropped from CPE, OVAL, and XCCDF modules. validate submodules can be used instead to validate SCAP content against XML schemas and XSD schematrons.
  • oscap oval list-probes command has been removed, the list of available probes can be displayed using oscap --version instead.

OpenSCAP allows to evaluate all rules in a given XCCDF benchmark regardless of the profile by using --profile '(all)'.


Support for a new map permission check on the mmap syscall

The SELinux map permission has been added to control memory mapped access to files, directories, sockets, and so on. This allows the SELinux policy to prevent direct memory access to various file system objects and ensure that every such access is revalidated.


SELinux now supports systemd No New Privileges

This update introduces the nnp_nosuid_transition policy capability that enables SELinux domain transitions under No New Privileges (NNP) or nosuid if nnp_nosuid_transition is allowed between the old and new contexts. The selinux-policy packages now contain a policy for systemd services that use the NNP security feature.

The following rule describes allowing this capability for a service:

   allow source_domain  target_type:process2 { nnp_transition nosuid_transition };

For example:

   allow init_t fprintd_t:process2 { nnp_transition nosuid_transition };

The distribution policy now also contains the m4 macro interface, which can be used in SELinux security policies for services that use the init_nnp_daemon_domain() function.


SELinux now supports getrlimit permission in the process class

This update introduces a new SELinux access control check, process:getrlimit, which has been added for the prlimit() function. This enables SELinux policy developers to control when one process attempts to read and then modify the resource limits of another process using the process:setrlimit permission. Note that SELinux does not restrict a process from manipulating its own resource limits through prlimit(). See the prlimit(2) and getrlimit(2) man pages for more information.


TLS 1.3 support in cryptographic libraries

This update enables Transport Layer Security (TLS) 1.3 by default in all major back-end crypto libraries. This enables low latency across the operating system communications layer and enhances privacy and security for applications by taking advantage of new algorithms, such as RSA-PSS or X25519.


OpenSCAP rebased to version 1.3.0

The OpenSCAP suite has been upgraded to upstream version 1.3.0, which introduces many enhancements over the previous versions. The most notable features include:

  • API and ABI have been consolidated - updated, deprecated and/or unused symbols have been removed.
  • The probes are not run as independent processes, but as threads within the oscap process.
  • The command-line interface has been updated.
  • Python 2 bindings have been replaced with Python 3 bindings.


Audit 3.0 replaces audispd with auditd

With this update, functionality of audispd has been moved to auditd. As a result, audispd configuration options are now part of auditd.conf. In addition, the plugins.d directory has been moved under /etc/audit. The current status of auditd and its plug-ins can now be checked by running the service auditd state command.


rsyslog imfile now supports symlinks

With this update, the rsyslog imfile module delivers better performance and more configuration options. This allows you to use the module for more complicated file monitoring use cases. For example, you can now use file monitors with glob patterns anywhere along the configured path and rotate symlink targets with increased data throughput.


New SELinux booleans

This update of the SELinux system policy introduces the following booleans:

  • colord_use_nfs
  • mysql_connect_http
  • pdns_can_network_connect_db
  • ssh_use_tcpd
  • sslh_can_bind_any_port
  • sslh_can_connect_any_port
  • virt_use_pcscd

For more details, see the output of the following command:

# semanage boolean -l


4.16. Virtualization

KVM supports 5-level paging

With Red Hat Enterprise Linux 8, KVM virtualization supports the 5-level paging feature, which significantly increases the physical and virtual address space that the host and guest systems can use.


KVM supports UMIP in RHEL 8

KVM virtualization now supports the User-Mode Instruction Prevention (UMIP) feature, which can help prevent user-space applications from accessing to system-wide settings. This reduces the potential vectors for privilege escalation attacks, and thus makes the KVM hypervisor and its guest machines more secure.


Additional information in KVM guest crash reports

The crash information that KVM hypervisor generates if a guest terminates unexpectedly or becomes unresponsive has been expanded. This makes it easier to diagnose and fix problems in KVM virtualization deployments.


qemu-kvm 2.12 in RHEL 8

Red Hat Enterprise Linux 8 is distributed with qemu-kvm 2.12. This version fixes multiple bugs and adds a number of enhancements over the version 1.5.3, available in Red Hat Enterprise Linux 7.

Notably, the following features have been introduced:

  • Q35 guest machine type
  • UEFI guest boot
  • NUMA tuning and pinning in the guest
  • vCPU hot plug and hot unplug
  • guest I/O threading

Note that some of the features available in qemu-kvm 2.12 are not supported on Red Hat Enterprise Linux 8.


NVIDIA vGPU is now compatible with the VNC console

When using the NVIDIA virtual GPU (vGPU) feature, it is now possible to use the VNC console to display the visual output of the guest.


Ceph is supported by virtualization

With this update, Ceph storage is supported by KVM virtualization on all CPU architectures supported by Red Hat.


The Q35 machine type is now supported by virtualization

Red hat Enterprise Linux 8 introduces the support for Q35, a more modern PCI Express-based machine type. This provides a variety of improvements in features and performance of virtual devices, and ensures that a wider range of modern devices are compatible with virtualization. In addition, virtual machines created in Red Hat Enterprise Linux 8 are set to use Q35 by default.

Also note that the previously default PC machine type has become deprecated and should only be used when virtualizing older operating systems that do not support Q35.


QEMU sandboxing has been added

In Red Hat Enterprise Linux 8, the QEMU emulator introduces the sandboxing feature. QEMU sandboxing provides configurable limitations to what systems calls QEMU can perform, and thus makes virtual machines more secure. Note that this feature is enabled and configured by default.


4.17. Supportability

sosreport can report eBPF-based programs and maps

The sosreport tool has been enhanced to report any loaded extended Berkeley Packet Filtering (eBPF) programs and maps in Red Hat Enterprise Linux 8.


Chapter 5. Bug fixes

This part describes bugs fixed in Red Hat Enterprise Linux 8.0 that have a significant impact on users.

5.1. Desktop

PackageKit can now operate on rpm packages

With this update, the support for operating on rpm packages has been added into PackageKit.


5.2. Graphics infrastructures

QEMU does not handle 8-byte ggtt entries correctly

QEMU occasionally splits an 8-byte ggtt entry write to two consecutive 4-byte writes. Each of these partial writes can trigger a separate host ggtt write. Sometimes the two ggtt writes are combined incorrectly. Consequently, translation to a machine address fails, and an error log occurs.


5.3. Identity Management

The Enterprise Security Client uses the opensc library for token detection

Red Hat Enterprise Linux 8.0 only supports the opensc library for smart cards. With this update, the Enterprise Security Client (ESC) use opensc for token detection instead of the removed coolkey library. As a result, applications correctly detect supported tokens.


Certificate System now supports rotating debug logs

Previously, Certificate System used a custom logging framework, which did not support log rotation. As a consequence, debug logs such as /var/log/pki/instance_name/ca/debug grew indefinitely. With this update, Certificate System uses the java.logging.util framework, which supports log rotation. As a result, you can configure log rotation in the /var/lib/pki/instance_name/conf/logging.properties file.

For further information on log rotation, see documentation for the java.util.logging package.


Certificate System no longer logs SetAllPropertiesRule operation warnings when the service starts

Previously, Certificate System logged warnings on the SetAllPropertiesRule operation in the /var/log/messages log file when the service started. The problem has been fixed, and the mentioned warnings are no longer logged.


The Certificate System KRA client parses Key Request responses correctly

Previously, Certificate System switched to a new JSON library. As a consequence, serialization for certain objects differed, and the Python key recovery authority (KRA) client failed to parse Key Request responses. The client has been modified to support responses using both the old and the new JSON library. As a result, the Python KRA client parses Key Request responses correctly.


5.4. Compilers and development tools

GCC no longer produces false positive warnings about out-of-bounds access

Previously, when compiling with the -O3 optimization level option, the GNU Compiler Collection (GCC) occasionally returned a false positive warning about an out-of-bounds access, even if the compiled code did not contain it. The optimization has been fixed and GCC no longer displays the false positive warning.


ltrace displays large structures correctly

Previously, the ltrace tool could not correctly print large structures returned from functions. Handling of large structures in ltrace has been improved and they are now printed correctly.


5.5. File systems and storage

Higher print levels no longer cause iscsiadm to terminate unexpectedly

Previously, the iscsiadm utility terminated unexpectedly when the user specified a print level higher than 0 with the --print or -P option. This problem has been fixed, and all print levels now work as expected.


5.6. High availability and clusters

New /etc/sysconfig/pcsd option to reject client-initiated SSL/TLS renegotiation

When TLS renegotiation is enabled on the server, a client is allowed to send a renegotiation request, which initiates a new handshake. Computational requirements of a handshake are higher on a server than on a client. This makes the server vulnerable to DoS attacks. With this fix, the setting PCSD_SSL_OPTIONS in the /etc/sysconfig/pcsd configuration file accepts the OP_NO_RENEGOTIATION option to reject renegotiations. Note that the client can still open multiple connections to a server with a handshake performed in all of them.


A removed cluster node is no longer displayed in the cluster status

Previously, when a node was removed with the pcs cluster node remove command, the removed node remained visible in the output of a pcs status display. With this fix, the removed node is no longer displayed in the cluster status.


Fence agents can now be configured using either newer, preferred parameter names or deprecated parameter names

A large number of fence agent parameters have been renamed while the old parameter names are still supported as deprecated. Previously, pcs was not able to set the new parameters unless used with the --force option. With this fix, pcs now supports the renamed fence agent parameters while maintaining support for the deprecated parameters.


The pcs command now correctly reads the XML status of a cluster for display

The pcs command runs the crm_mon utility to get the status of a cluster in XML format. The crm_mon utility prints XML to standard output and warnings to standard error output. Previously pcs mixed XML and warnings into one stream and was then unable to parse it as XML. With this fix, standard and error outputs are separated in pcs and reading the XML status of a cluster works as expected.


Users no longer advised to destroy clusters when creating new clusters with nodes from existing clusters

Previously, when a user specified nodes from an existing cluster when running the pcs cluster setup command or when creating a cluster with the pcsd Web UI, pcs reported that as an error and suggested that the user destroy the cluster on the nodes. As a result, users would destroy the cluster on the nodes, breaking the cluster the nodes were part of as the remaining nodes would still consider the destroyed nodes to be part of the cluster. With this fix, users are instead advised to remove nodes from their cluster, better informing them of how to address the issue without breaking their clusters.


pcs commands no longer interactively ask for credentials

When a non-root user runs a pcs command that requires root permission, pcs connects to the locally running pcsd daemon and passes the command to it, since the pcsd daemon runs with root permissions and is capable of running the command. Previously, if the user was not authenticated to the local pcsd daemon, pcs asked for a user name and a password interactively. This was confusing to the user and required special handling in scripts running pcs. With this fix, if the user is not authenticated then pcs exits with an error advising what to do: Either run pcs as root or authenticate using the new pcs client local-auth command. As a result, pcs commands do not interactively ask for credentials, improving the user experience.


The pcsd daemon now starts with its default self-generated SSL certificate when crypto-policies is set to FUTURE.

A crypto-policies setting of FUTURE requires RSA keys in SSL certificates to be at least 3072b long. Previously, the pcsd daemon would not start when this policy was set since it generates SSL certificates with a 2048b key. With this update, the key size of pcsd self-generated SSL certificates has been increased to 3072b and pcsd now starts with its default self-generated SSL certificate.


The pcsd service now starts when the network is ready

Previously, When a user configured pcsd to bind to a specific IP address and the address was not ready during boot when pcsd attempted to start up, then pcsd failed to start and a manual intervention was required to start pcsd. With this fix, pcsd.service depends on network-online.target. As a result, pcsd starts when the network is ready and is able to bind to an IP address.


5.7. Security

SELinux policy now allows iscsiuio processes to connect to the discovery portal

Previously, SELinux policy was too restrictive for iscsiuio processes and these processes were not able to access /dev/uio* devices using the mmap system call. As a consequence, connection to the discovery portal failed. This update adds the missing rules to the SELinux policy and iscsiuio processes work as expected in the described scenario.


5.8. Virtualization

Mounting ephemeral disks on Azure now works more reliably

Previously, mounting an ephemeral disk on a virtual machine (VM) running on the Microsoft Azure platform failed if the disk was detached from the VM shortly before. This update ensures that reconnecting disks is handled correctly in the described circumstances, which prevents the problem from occurring.


Chapter 6. Technology previews

This part provides a list of all Technology Previews available in Red Hat Enterprise Linux 8.0 Beta.

For information on Red Hat scope of support for Technology Preview features, see Technology Preview Features Support Scope.

6.1. The web console

Custom system image creation with Composer available as a Technology Preview

The Composer tool enables users to create customized RHEL images. Composer is available in Application Stream as a Technology Preview in the lorax-composer package.

With Composer, users can create custom system images which include additional packages. Composer functionality can be accessed through a graphical user interface in web console, or with a command line interface in the composer-cli tool. Composer output formats include, among others:

  • live ISO installer disk image
  • qcow2 file for direct use with a virtual machine or OpenStack
  • file system image file
  • cloud images for Azure, VMWare, and AWS

To learn more about Composer, see the chapter Building Custom System Images with Composer in the documentation title Installing Red Hat Enterprise Linux 8.

(JIRA:RHELPLAN-7291, BZ#1628645, BZ#1628646, BZ#1628647, BZ#1628648)

6.2. Kernel

XDP available as a Technology Preview

The eXpress Data Path (XDP) feature, which is available as a Technology Preview, provides a means to upload Berkeley Packet Filter (BPF) programs for high performance packet processing in the kernel, making the kernel’s networking data path programmable.


eBPF is available in RHEL 8 Beta as a Technology Preview

The extended Berkeley Packet Filtering (eBPF) feature is available as a Technology Preview for both networking and tracing. eBPF enables the user space to attach custom programs onto a variety of points (sockets, trace points, packet reception) to receive and process data. The feature includes a new system call bpf(), which allows to create various types of maps, and also to insert various types of programs into the kernel. See the bpf(2) man page for more information.


BCC is available as a Technology Preview

BPF Compiler Collection (BCC) is a user space tool kit for creating efficient kernel tracing and manipulation programs that is available as a Technology Preview in Red Hat Enterprise Linux 8 Beta. BCC provides tools for I/O analysis, networking, and monitoring of Linux operating systems using the extended Berkeley Packet Filtering (eBPF).


6.3. File systems and storage

VDO available as an LVM logical volume type

LVM can now be used to create logical volumes of Virtual Data Optimizer (VDO) type. VDO is a virtual block device with the ability to compress and deduplicate data.

This is a Technology Preview feature.


Support for Data Integrity Field/Data Integrity Extension (DIF/DIX)

DIF/DIX is an addition to the SCSI Standard. It remains in Technology Preview for all HBAs and storage arrays, except for those specifically listed as supported.

DIF/DIX increases the size of the commonly used 512 byte disk block from 512 to 520 bytes, adding the Data Integrity Field (DIF). The DIF stores a checksum value for the data block that is calculated by the Host Bus Adapter (HBA) when a write occurs. The storage device then confirms the checksum on receipt, and stores both the data and the checksum. Conversely, when a read occurs, the checksum can be verified by the storage device, and by the receiving HBA.


NVMe/FC is available as a Technology Preview in Qlogic adapters using qla2xxx

The NVMe over Fibre Channel (NVMe/FC) transport type is available as a Technology Preview in Qlogic adapters using the qla2xxx driver.


6.4. High availability and clusters

Pacemaker podman bundles available as a Technology Preview

Pacemaker container bundles now run on the podman container platform, with the container bundle feature being available as a Technology Preview. There is one exception to this feature being Technology Preview: Red Hat fully supports the use of Pacemaker bundles for Red Hat Openstack.


6.5. Security

SWID tag of the RHEL 8.0 release

To enable identification of RHEL 8.0 installations using the ISO/IEC 19770-2:2015 mechanism, software identification (SWID) tags are installed in files /usr/lib/swidtag/redhat.com/com.redhat.RHEL-8-<architecture>.swidtag and /usr/lib/swidtag/redhat.com/com.redhat.RHEL-8.0-<architecture>.swidtag. The parent directory of these tags can also be found by following the /etc/swid/swidtags.d/redhat.com symbolic link.

The XML signature of the SWID tag files can be verified using the xmlsec1 verify command, for example:

xmlsec1 verify --trusted-pem /etc/pki/swid/CA/redhat.com/redhatcodesignca.cert /usr/share/redhat.com/com.redhat.RHEL-8-x86_64.swidtag

The certificate of the code signing certification authority can also be obtained from the Product Signing Keys page on the Customer Portal.


Chapter 7. Changes to packages

This part provides an overview of changes to packages in Red Hat Enterprise Linux 8.

7.1. Removed packages

The following packages are available in Red Hat Enterprise Linux 7, but are no longer present in Red Hat Enterprise Linux 8. Some of these packages may have functionally equivalent replacements available; see Section 7.2, “Package Replacements” for details.

  • a2ps
  • audit-libs-python
  • bridge-utils
  • bltk
  • breeze-icon-theme
  • compat-db
  • compat-expat1
  • compat-glibc
  • coolkey
  • crash-spu-commands
  • createrepo
  • crypto-utils
  • cryptopp
  • cvs
  • ebtables
  • ekiga
  • Electric Fence
  • empathy
  • epydoc
  • fedfs-utils
  • finger
  • ghostscript-fonts
  • glib-networking-tests
  • gnome-contacts
  • gnome-dictionary
  • gnome-documents
  • gnome-packagekit
  • gnote
  • gperftools
  • gstreamer
  • gstreamer-plugins-base
  • hmaccalc
  • ImageMagick
  • jansson-devel-doc
  • jruby
  • jBCrypt
  • kabi-yum-plugins
  • kactivities
  • kate4
  • kde-dev-scripts
  • kde-filesystem
  • kde-l10n
  • kde-runtime
  • kdelibs
  • kde-settings
  • kf5
  • kf5-archive
  • kf5-kconfig
  • kf5-kdoctools
  • kf5-ki18n
  • kpatch-patch
  • kyua-cli
  • kyua-testers
  • libcgroup
  • libcgroup-tools
  • libdbi
  • libdbi-drivers
  • libesmtp
  • libgnome-keyring
  • libkml
  • libmnl-devel
  • libmnl-static
  • libmcrypt
  • libndp-devel
  • libnet-devel
  • libnl
  • libnl-devel
  • libnm-gtk
  • libnm-gtk-devel
  • libproxy-kde
  • libproxy-mozjs
  • libproxy-python
  • libproxy-webkitgtk3
  • libreoffice-kde4
  • libssh2
  • libteam-devel
  • libunwind
  • libwvstreams
  • libXfont
  • m2crypto
  • memstomp
  • mgetty
  • mipv6-daemon
  • mkbootdisk
  • mod_auth_kerb
  • mod_revocator
  • MySQL-python
  • netsniff-ng
  • NetworkManager-glib
  • NetworkManager-glib-devel
  • nss_compat_ossl
  • nss-pem
  • ntp
  • openldap-servers
  • openobex
  • opensaml-java
  • openssl098e
  • oprofile
  • oxygen-fonts
  • oxygen-icon-theme
  • PackageKit-yum
  • pam_krb5
  • pam_pkcs11
  • perl-Class-Load
  • perl-Crypt-Blowfish
  • perl-Crypt-RC4
  • perl-Crypt-Rijndael
  • perl-Data-Serializer
  • perl-LDAP
  • perl-Spreadsheet-ParseExcel
  • perl-SQL-Translator
  • perl-WWW-Curl
  • phonon
  • phonon-backend-gstreamer
  • pm-utils
  • polkit-qt
  • pycryptopp
  • python-backports_abc
  • python-backports-functools_lru_cache
  • python-backports-lzma
  • python-backports-shutil_get_terminal_size
  • python-backports-ssl_match_hostname
  • python-cherrypy
  • python-docker-py
  • python-docs
  • python-enum34
  • python-firewall
  • python-functools32
  • python-kerberos
  • python-krbV
  • python-libteam
  • python-memcached
  • python-paramiko
  • python-requests-kerberos
  • python-subprocess32
  • python-traceback2
  • pywbem-twisted
  • python-urlgrabber
  • python-virtualenv
  • qemu
  • qemu-kvm-tools
  • qemu-sanity-check
  • qjson
  • qt5-qtwebkit
  • qt5-qtwebengine
  • rcs
  • rdate
  • rdist
  • rhdb-utils
  • rsh
  • rt
  • rtcheck
  • rubygem-json
  • rubygem-minitest
  • rubygem-net-http-persistent
  • rubygem-power_assert
  • rubygem-rake
  • rubygem-rdoc
  • rubygem-rspec2
  • rubygem-test-unit
  • rubygem-thor
  • rubygems
  • rust-rpm-macros
  • rusers
  • rwho
  • snapper
  • spice-xpi
  • subversion-kde
  • system-config-firewall
  • system-config-firewall-base
  • system-config-firewall-tui
  • system-config-printer
  • tcl-pgtcl
  • tclx
  • tcp_wrappers
  • teamd-devel
  • tomcat [1]
  • trilead-ssh2
  • tunctl
  • urw-fonts
  • valgrind-devel
  • webalizer
  • wvdial
  • wxGTK
  • x86info
  • xen
  • xemacs
  • ypserv
  • yum-metadata-parser
  • yum-NetworkManager-dispatcher
  • yum-plugin-filter-data
  • yum-plugin-fs-snapshot
  • yum-plugin-keys
  • yum-plugin-list-data
  • yum-plugin-local
  • yum-plugin-merge-conf
  • yum-plugin-ovl
  • yum-plugin-post-transaction-actions
  • yum-plugin-pre-transaction-actions
  • yum-plugin-protectbase
  • yum-plugin-ps
  • yum-plugin-rpm-warm-cache
  • yum-plugin-show-leaves
  • yum-plugin-upgrade-helper
  • yum-plugin-verify
  • yum-updateonboot

7.2. Package Replacements

The functionality of packages available in Red Hat Enterprise Linux 7 is now provided by the following packages:

Table 7.1. Replaced packages

Removed packageReplacementNotes



For more details, see Chapter 4, New features









createrepo_c is also installable as createrepo




Electric Fence







libmaxminddb, geoipupdate, geolite2

For more details, see Chapter 4, New features
















































For more details, see Using the chrony suite to configure NTP














python3’s collections.abc



python3’s @lru_cache



python3’s lzma



python3’s get_terminal_size



python3’s ssl.match_hostname






python3’s enum






python3’s functools















python3’s subprocess



python3’s traceback



python3-pycurl and librepo



python3’s venv








































firewalld does not provide all the functionality of tcp_wrappers. For more information, see Replacing TCP Wrappers in RHEL 8





lshw, util-linux




The dnf-automatic package provides similar functionality, but not compatible with yum-cron configuration files.



Localization is now an integral part of dnf.



The functionality is still installable also as yum-plugin-auto-update-debug-info.



The functionality is still installable also as yum-plugin-copr.



The fastest mirror is always chosen automatically.



The priority option is now integral part of dnf repository configuration.



The funtionality is covered by dnf remove and dnf autoremove commands, unused dependencies are removed automatically.



The functionality is provided by the --repofrompath option.



Setting the tsflags option is now integral part of dnf: --setopt=tsflags=<flags>.



The functionality is still installable also as yum-plugin-versionlock.



The functionality is still installable also as yum-rhn-plugin.



The functionality is still installable also as yum-utils.

7.3. Deprecated packages

The following packages have been deprecated and will not be included in a future major release of Red Hat Enterprise Linux:

  • custodia
  • hesiod
  • hostname
  • libidn
  • libnsl2
  • net-tools
  • nss_nis
  • nss-pam-ldap
  • sendmail
  • ypserv
  • ypbind
  • yp-tools

[1] RHEL 8 customers who need the supported version of Tomcat can have access through the Middleware Runtimes subscription which enables you to get JBoss Web Server 5 with Tomcat 9. For more information, see Red Hat JBoss Web Server

Chapter 8. Removed functionality

This chapter lists functionalities that were supported in RHEL 7 but are no longer available in RHEL 8.0.

8.1. Removed hardware support

This section lists device drivers and adapters that were supported in RHEL 7 but are no longer available in RHEL 8.0.

8.1.1. Removed device drivers

  • 3w-9xxx
  • 3w-sas
  • aic79xx
  • aoe
  • arcmsr
  • ata drivers:

    • acard-ahci
    • sata_mv
    • sata_nv
    • sata_promise
    • sata_qstor
    • sata_sil
    • sata_sil24
    • sata_sis
    • sata_svw
    • sata_sx4
    • sata_uli
    • sata_via
    • sata_vsc
  • bfa
  • cxgb3
  • cxgb3i
  • e1000
  • floppy
  • hptiop
  • initio
  • isci
  • iw_cxgb3
  • mptbase
  • mptctl
  • mptsas
  • mptscsih
  • mptspi
  • mtip32xx
  • mvsas
  • mvumi
  • OSD drivers:

    • osd
    • libosd
  • osst
  • pata drivers:

    • pata_acpi
    • pata_ali
    • pata_amd
    • pata_arasan_cf
    • pata_artop
    • pata_atiixp
    • pata_atp867x
    • pata_cmd64x
    • pata_cs5536
    • pata_hpt366
    • pata_hpt37x
    • pata_hpt3x2n
    • pata_hpt3x3
    • pata_it8213
    • pata_it821x
    • pata_jmicron
    • pata_marvell
    • pata_netcell
    • pata_ninja32
    • pata_oldpiix
    • pata_pdc2027x
    • pata_pdc202xx_old
    • pata_piccolo
    • pata_rdc
    • pata_sch
    • pata_serverworks
    • pata_sil680
    • pata_sis
    • pata_via
    • pdc_adma
  • pm80xx(pm8001)
  • pmcraid
  • qla3xxx
  • stex
  • sx8
  • tulip
  • ufshcd
  • wireless drivers:

    • carl9170
    • iwl4965
    • iwl3945
    • mwl8k
    • rt73usb
    • rt61pci
    • rtl8187
    • wil6210

8.1.2. Removed adapters

  • The following adapters from the aacraid driver have been removed:

    • PERC 2/Si (Iguana/PERC2Si), PCI ID 0x1028:0x0001
    • PERC 3/Di (Opal/PERC3Di), PCI ID 0x1028:0x0002
    • PERC 3/Si (SlimFast/PERC3Si), PCI ID 0x1028:0x0003
    • PERC 3/Di (Iguana FlipChip/PERC3DiF), PCI ID 0x1028:0x0004
    • PERC 3/Di (Viper/PERC3DiV), PCI ID 0x1028:0x0002
    • PERC 3/Di (Lexus/PERC3DiL), PCI ID 0x1028:0x0002
    • PERC 3/Di (Jaguar/PERC3DiJ), PCI ID 0x1028:0x000a
    • PERC 3/Di (Dagger/PERC3DiD), PCI ID 0x1028:0x000a
    • PERC 3/Di (Boxster/PERC3DiB), PCI ID 0x1028:0x000a
    • catapult, PCI ID 0x9005:0x0283
    • tomcat, PCI ID 0x9005:0x0284
    • Adaptec 2120S (Crusader), PCI ID 0x9005:0x0285
    • Adaptec 2200S (Vulcan), PCI ID 0x9005:0x0285
    • Adaptec 2200S (Vulcan-2m), PCI ID 0x9005:0x0285
    • Legend S220 (Legend Crusader), PCI ID 0x9005:0x0285
    • Legend S230 (Legend Vulcan), PCI ID 0x9005:0x0285
    • Adaptec 3230S (Harrier), PCI ID 0x9005:0x0285
    • Adaptec 3240S (Tornado), PCI ID 0x9005:0x0285
    • ASR-2020ZCR SCSI PCI-X ZCR (Skyhawk), PCI ID 0x9005:0x0285
    • ASR-2025ZCR SCSI SO-DIMM PCI-X ZCR (Terminator), PCI ID 0x9005:0x0285
    • ASR-2230S + ASR-2230SLP PCI-X (Lancer), PCI ID 0x9005:0x0286
    • ASR-2130S (Lancer), PCI ID 0x9005:0x0286
    • AAR-2820SA (Intruder), PCI ID 0x9005:0x0286
    • AAR-2620SA (Intruder), PCI ID 0x9005:0x0286
    • AAR-2420SA (Intruder), PCI ID 0x9005:0x0286
    • ICP9024RO (Lancer), PCI ID 0x9005:0x0286
    • ICP9014RO (Lancer), PCI ID 0x9005:0x0286
    • ICP9047MA (Lancer), PCI ID 0x9005:0x0286
    • ICP9087MA (Lancer), PCI ID 0x9005:0x0286
    • ICP5445AU (Hurricane44), PCI ID 0x9005:0x0286
    • ICP9085LI (Marauder-X), PCI ID 0x9005:0x0285
    • ICP5085BR (Marauder-E), PCI ID 0x9005:0x0285
    • ICP9067MA (Intruder-6), PCI ID 0x9005:0x0286
    • Themisto Jupiter Platform, PCI ID 0x9005:0x0287
    • Themisto Jupiter Platform, PCI ID 0x9005:0x0200
    • Callisto Jupiter Platform, PCI ID 0x9005:0x0286
    • ASR-2020SA SATA PCI-X ZCR (Skyhawk), PCI ID 0x9005:0x0285
    • ASR-2025SA SATA SO-DIMM PCI-X ZCR (Terminator), PCI ID 0x9005:0x0285
    • AAR-2410SA PCI SATA 4ch (Jaguar II), PCI ID 0x9005:0x0285
    • CERC SATA RAID 2 PCI SATA 6ch (DellCorsair), PCI ID 0x9005:0x0285
    • AAR-2810SA PCI SATA 8ch (Corsair-8), PCI ID 0x9005:0x0285
    • AAR-21610SA PCI SATA 16ch (Corsair-16), PCI ID 0x9005:0x0285
    • ESD SO-DIMM PCI-X SATA ZCR (Prowler), PCI ID 0x9005:0x0285
    • AAR-2610SA PCI SATA 6ch, PCI ID 0x9005:0x0285
    • ASR-2240S (SabreExpress), PCI ID 0x9005:0x0285
    • ASR-4005, PCI ID 0x9005:0x0285
    • IBM 8i (AvonPark), PCI ID 0x9005:0x0285
    • IBM 8i (AvonPark Lite), PCI ID 0x9005:0x0285
    • IBM 8k/8k-l8 (Aurora), PCI ID 0x9005:0x0286
    • IBM 8k/8k-l4 (Aurora Lite), PCI ID 0x9005:0x0286
    • ASR-4000 (BlackBird), PCI ID 0x9005:0x0285
    • ASR-4800SAS (Marauder-X), PCI ID 0x9005:0x0285
    • ASR-4805SAS (Marauder-E), PCI ID 0x9005:0x0285
    • ASR-3800 (Hurricane44), PCI ID 0x9005:0x0286
    • Perc 320/DC, PCI ID 0x9005:0x0285
    • Adaptec 5400S (Mustang), PCI ID 0x1011:0x0046
    • Adaptec 5400S (Mustang), PCI ID 0x1011:0x0046
    • Dell PERC2/QC, PCI ID 0x1011:0x0046
    • HP NetRAID-4M, PCI ID 0x1011:0x0046
    • Dell Catchall, PCI ID 0x9005:0x0285
    • Legend Catchall, PCI ID 0x9005:0x0285
    • Adaptec Catch All, PCI ID 0x9005:0x0285
    • Adaptec Rocket Catch All, PCI ID 0x9005:0x0286
    • Adaptec NEMER/ARK Catch All, PCI ID 0x9005:0x0288
  • The following adapters from the mpt2sas driver have been removed:

    • SAS2004, PCI ID 0x1000:0x0070
    • SAS2008, PCI ID 0x1000:0x0072
    • SAS2108_1, PCI ID 0x1000:0x0074
    • SAS2108_2, PCI ID 0x1000:0x0076
    • SAS2108_3, PCI ID 0x1000:0x0077
    • SAS2116_1, PCI ID 0x1000:0x0064
    • SAS2116_2, PCI ID 0x1000:0x0065
    • SSS6200, PCI ID 0x1000:0x007E
  • The following adapters from the megaraid_sas driver have been removed:

    • Dell PERC5, PCI ID 0x1028:0x15
    • SAS1078R, PCI ID 0x1000:0x60
    • SAS1078DE, PCI ID 0x1000:0x7C
    • SAS1064R, PCI ID 0x1000:0x411
    • VERDE_ZCR, PCI ID 0x1000:0x413
    • SAS1078GEN2, PCI ID 0x1000:0x78
    • SAS0079GEN2, PCI ID 0x1000:0x79
    • SAS0073SKINNY, PCI ID 0x1000:0x73
    • SAS0071SKINNY, PCI ID 0x1000:0x71
  • The following adapters from the qla2xxx driver have been removed:

    • ISP24xx, PCI ID 0x1077:0x2422
    • ISP24xx, PCI ID 0x1077:0x2432
    • ISP2422, PCI ID 0x1077:0x5422
    • QLE220, PCI ID 0x1077:0x5432
    • QLE81xx, PCI ID 0x1077:0x8001
    • QLE10000, PCI ID 0x1077:0xF000
    • QLE84xx, PCI ID 0x1077:0x8044
    • QLE8000, PCI ID 0x1077:0x8432
    • QLE82xx, PCI ID 0x1077:0x8021
  • The following adapters from the qla4xxx driver have been removed:

    • QLOGIC_ISP8022, PCI ID 0x1077:0x8022
    • QLOGIC_ISP8324, PCI ID 0x1077:0x8032
    • QLOGIC_ISP8042, PCI ID 0x1077:0x8042
  • The following adapters from the be2iscsi driver have been removed:

    • BladeEngine 2 (BE2) devices

      • BladeEngine2 10Gb iSCSI Initiator (generic), PCI ID 0x19a2:0x212
      • OneConnect OCe10101, OCm10101, OCe10102, OCm10102 BE2 adapter family, PCI ID 0x19a2:0x702
      • OCe10100 BE2 adapter family, PCI ID 0x19a2:0x703
    • BladeEngine 3 (BE3) devices

      • OneConnect TOMCAT iSCSI, PCI ID 0x19a2:0x0712
      • BladeEngine3 iSCSI, PCI ID 0x19a2:0x0222
  • The following Ethernet adapters controlled by the be2net driver have been removed:

    • BladeEngine 2 (BE2) devices

      • OneConnect TIGERSHARK NIC, PCI ID 0x19a2:0700
      • BladeEngine2 Network Adapter, PCI ID 0x19a2:0211
    • BladeEngine 3 (BE3) devices

      • OneConnect TOMCAT NIC, PCI ID 0x19a2:0x0710
      • BladeEngine3 Network Adapter, PCI ID 0x19a2:0221
  • The following adapters from the lpfc driver have been removed:

    • BladeEngine 2 (BE2) devices

      • OneConnect TIGERSHARK FCoE, PCI ID 0x19a2:0x0704
    • BladeEngine 3 (BE3) devices

      • OneConnect TOMCAT FCoE, PCI ID 0x19a2:0x0714
    • Fibre Channel (FC) devices

      • FIREFLY, PCI ID 0x10df:0x1ae5
      • PROTEUS_VF, PCI ID 0x10df:0xe100
      • BALIUS, PCI ID 0x10df:0xe131
      • PROTEUS_PF, PCI ID 0x10df:0xe180
      • RFLY, PCI ID 0x10df:0xf095
      • PFLY, PCI ID 0x10df:0xf098
      • LP101, PCI ID 0x10df:0xf0a1
      • TFLY, PCI ID 0x10df:0xf0a5
      • BSMB, PCI ID 0x10df:0xf0d1
      • BMID, PCI ID 0x10df:0xf0d5
      • ZSMB, PCI ID 0x10df:0xf0e1
      • ZMID, PCI ID 0x10df:0xf0e5
      • NEPTUNE, PCI ID 0x10df:0xf0f5
      • NEPTUNE_SCSP, PCI ID 0x10df:0xf0f6
      • NEPTUNE_DCSP, PCI ID 0x10df:0xf0f7
      • FALCON, PCI ID 0x10df:0xf180
      • SUPERFLY, PCI ID 0x10df:0xf700
      • DRAGONFLY, PCI ID 0x10df:0xf800
      • CENTAUR, PCI ID 0x10df:0xf900
      • PEGASUS, PCI ID 0x10df:0xf980
      • THOR, PCI ID 0x10df:0xfa00
      • VIPER, PCI ID 0x10df:0xfb00
      • LP10000S, PCI ID 0x10df:0xfc00
      • LP11000S, PCI ID 0x10df:0xfc10
      • LPE11000S, PCI ID 0x10df:0xfc20
      • PROTEUS_S, PCI ID 0x10df:0xfc50
      • HELIOS, PCI ID 0x10df:0xfd00
      • HELIOS_SCSP, PCI ID 0x10df:0xfd11
      • HELIOS_DCSP, PCI ID 0x10df:0xfd12
      • ZEPHYR, PCI ID 0x10df:0xfe00
      • HORNET, PCI ID 0x10df:0xfe05
      • ZEPHYR_SCSP, PCI ID 0x10df:0xfe11
      • ZEPHYR_DCSP, PCI ID 0x10df:0xfe12
    • Lancer FCoE CNA devices

      • OCe15104-FM, PCI ID 0x10df:0xe260
      • OCe15102-FM, PCI ID 0x10df:0xe260
      • OCm15108-F-P, PCI ID 0x10df:0xe260

To check the PCI IDs of the hardware on your system, run the lspci -nn command.

Note that other adapters from the mentioned drivers that are not listed here remain unchanged.

8.1.3. FCoE software removal

Fibre Channel over Ethernet (FCoE) software has been removed from Red Hat Enterprise Linux 8. Specifically, the fcoe.ko kernel module is no longer available for creating software FCoE interfaces over Ethernet adapters and drivers. This change is due to a lack of industry adoption for software-managed FCoE.

Specific changes to Red Hat Enterprise 8 include:

  • The fcoe.ko kernel module is no longer available. This removes support for software FCoE with Data Center Bridging enabled Ethernet adapters and drivers.
  • Link-level software configuration via Data Center Bridging eXchange (DCBX) using lldpad is no longer supported for FCoE.

    • The fcoe-utils tools (specifically fcoemon) is configured by default to not validate DCB configuration or communicate with lldpad.
    • The lldpad integration in fcoemon might be permanently disabled.
  • The libhbaapi and libhbalinux libraries are no longer used by fcoe-utils, and will not undergo any direct testing from Red Hat.

Support for the following remains unchanged:

  • Currently supported offloading FCoE adapters that appear as Fibre Channel adapters to the operating system and do not use the fcoe-utils management tools, unless stated in a separate note. This applies to select adapters supported by the lpfc and qla2xxx FCoE drivers. Note that the bfa driver is not included in Red Hat Enterprise Linux 8.
  • Currently supported offloading FCoE adapters that do use the fcoe-utils management tools but have their own kernel drivers instead of fcoe.ko and manage DCBX configuration in their drivers and/or firmware, unless stated in a separate note. The fnic, bnx2fc, and qedf drivers will continue to be fully supported in Red Hat Enterprise Linux 8.
  • The libfc.ko and libfcoe.ko kernel modules that are required for some of the supported drivers covered by the previous statement.

8.2. Other removed functionality

8.2.1. Installer and image creation

Installer support for Btrfs has been removed in RHEL 8

The Btrfs file system is not supported in Red Hat Enterprise Linux 8. As a result, the Anaconda installer Graphical User Interface (GUI) and the Kickstart commands no longer support Btrfs.


8.2.2. Infrastructure services

The ntp package has been removed

Red Hat Enterprise Linux 7 supported two implementations of the NTP protocol: ntp and chrony. In Red Hat Enterpise Linux 8, only chrony is available.

Migration from ntp to chrony is documented in Migrating to chrony.

Possible replacements for previous ntp features that are not supported by chrony are documented in Achieving some settings previously supported by ntp in chrony.


KDE unsupported in RHEL 8

With Red Hat Enterprise Linux 8, all packages related to KDE Plasma Workspaces (KDE) have been removed, and it is no longer possible to use KDE as an alternative to the default GNOME desktop environment.

Red Hat does not support migration from RHEL 7 with KDE to RHEL 8 GNOME. Users of RHEL 7 with KDE are recommended to back up their data and install RHEL 8 with GNOME.


8.2.3. Hardware enablement

The e1000 network driver is not supported in RHEL 8

In Red Hat Enterprise Linux 8, the e1000 network driver is not supported. This affects both bare metal and virtual environments. However, the newer e1000e network driver continues to be fully supported in RHEL 8.


RHEL 8 does not support the tulip driver

With this update, the tulip network driver is no longer supported. As a consequence, when using RHEL 8 on a Generation 1 virtual machine (VM) on the Microsoft Hyper-V hypervisor, the "Legacy Network Adapter" device does not work, which causes PXE installation of such VMs to fail.

For the PXE installation to work, install RHEL 8 on a Generation 2 Hyper-V VM. If you require a RHEL 8 Generation 1 VM, use ISO installation.


8.2.4. Identity Management

NSS databases not supported in OpenLDAP

The OpenLDAP suite in previous versions of Red Hat Enterprise Linux (RHEL) used the Mozilla Network Security Services (NSS) for cryptographic purposes. With RHEL 8, OpenSSL, which is supported by the OpenLDAP community, replaces NSS. OpenSSL does not support NSS databases for storing certificates and keys. However, it still supports privacy enhanced mail (PEM) files that serve the same purpose.


sssd-secrets has been removed

The sssd-secrets component of the System Security Services Daemon (SSSD) has been removed in Red Hat Enterprise Linux 8. This is because Custodia, a secrets service provider, is no longer actively developed. Use other Identity Management tools to store secrets, for example the Identity Management Vault.


Selected Python Kerberos packages have been replaced

In Red Hat Enterprise Linux (RHEL) 8, the python-gssapi package, python-requests-gssapi module, and urllib-gssapi library have replaced Python Kerberos packages such as python-krbV, python-kerberos, python-requests-kerberos, and python-urllib2_kerberos. Notable benefits include:

  • python-gssapi is easier to use than python-kerberos and python-krbV
  • python-gssapi supports both python 2 and python 3 whereas python-krbV does not
  • the GSSAPI-based packages allow the use of other Generic Security Services API (GSSAPI) mechanisms in addition to Kerberos, such as the NT LAN Manager NTLM for backward compatibility reasons

This update improves the maintainability and debuggability of GSSAPI in RHEL 8.


8.2.5. Compilers and development tools

librtkaio removed

With this update, the librtkaio library has been removed. This library provided high performance real time asynchronous I/O access for some files, which was based on Linux kernel Asynchronous I/O support (KAIO).

As a result of the removal:

  • Applications using the LD_PRELOAD method to load librtkaio display a warning about a missing library, load the librt library instead and run correctly.
  • Applications using the LD_LIBRARY_PATH method to load librtkaio load the librt library instead and run correctly, without any warning.
  • Applications using the dlopen() system call to access librtkaio directly load the librt library instead.

Users of librtkaio have the following options:

  • Use the fallback mechanism described above, without any changes to their applications.
  • Change code of their applications to use the librt library, which offers a compatible POSIX-compliant API.
  • Change code of their applications to use the libaio library, which offers a compatible API.

Both librt and libaio can provide comparable features and performance under specific conditions.

Note that the libaio package has Red Hat compatibility level of 2, while librtk and the removed librtkaio level 1.

For more details, see https://fedoraproject.org/wiki/Changes/GLIBC223_librtkaio_removal


Valgrind library for MPI debugging support removed

The libmpiwrap.so wrapper library for Valgrind provided by the valgrind-openmpi package has been removed. This library enabled Valgrind to debug programs using the Message Passing Interface (MPI). This library was specific to the Open MPI implementation version in previous versions of Red Hat Enterprise Linux.

Users of libmpiwrap.so are encouraged to build their own version from upstream sources specific to their MPI implementation and version. Supply these custom-built libraries to Valgrind using the LD_PRELOAD technique.


Development headers and static libraries removed from valgrind-devel

Previously, the valgrind-devel sub-package used to include development files for developing custom valgrind tools. This update removes these files because they do not have a guaranteed API, have to be linked statically, and are unsupported. The valgrind-devel package still does contain the development files for valgrind-aware programs and header files such as valgrind.h, callgrind.h, drd.h, helgrind.h, and memcheck.h, which are stable and well supported.


The nosegneg libraries for 32-bit Xen have been removed

Previously, the glibc i686 packages contained an alternative glibc build, which avoided the use of the thread descriptor segment register with negative offsets (nosegneg). This alternative build was only used in the 32-bit version of the Xen Project hypervisor without hardware virtualization support, as an optimization to reduce the cost of full paravirtualization. These alternative builds are no longer used and they have been removed.


GCC no longer builds Ada, Go, and Objective C/C++ code

Capability for building code in the Ada (GNAT), GCC Go, and Objective C/C++ languages has been removed from the GCC compiler.

To build Go code, use the Go Toolset instead.


make new operator != causes a different interpretation of certain existing makefile syntax

The != shell assignment operator has been added to GNU make as an alternative to the $(shell …​) function to increase compatibility with BSD makefiles. As a consequence, variables with name ending in exclamation mark and immediately followed by assignment such as variable!=value are now interpreted as the shell assignment. To restore the previous behavior, add a space after the exclamation mark, such as variable! =value.

For more details and differences between the operator and the function, see the GNU make manual.


8.2.6. File systems and storage

Btrfs has been removed

The Btrfs file system has been removed in Red Hat Enterprise Linux 8. This includes the following components:

  • The btrfs.ko kernel module
  • The btrfs-progs package
  • The snapper package

You can no longer create or mount Btrfs file systems in Red Hat Enterprise Linux 8.


The /etc/sysconfig/nfs file and legacy NFS service names are no longer available

In Red Hat Enterprise Linux 8.0, the NFS configuration has moved from the /etc/sysconfig/nfs configuration file, which was used in Red Hat Enterprise Linux 7, to /etc/nfs.conf.

The /etc/nfs.conf file uses a different syntax. Red Hat Enterprise Linux 8 attempts to automatically convert all options from /etc/sysconfig/nfs to /etc/nfs.conf when upgrading from Red Hat Enterprise Linux 7.

Both configuration files are supported in Red Hat Enterprise Linux 7. Red Hat recommends that you use the new /etc/nfs.conf file to make NFS configuration in all versions of Red Hat Enterprise Linux compatible with automated configuration systems.

Additionally, the following NFS service aliases have been removed and replaced by their upstream names:

  • nfs.service, replaced by nfs-server.service
  • nfs-secure.service, replaced by rpc-gssd.service
  • rpcgssd.service, replaced by rpc-gssd.service
  • nfs-idmap.service, replaced by nfs-idmapd.service
  • rpcidmapd.service, replaced by nfs-idmapd.service
  • nfs-lock.service, replaced by rpc-statd.service
  • nfslock.service, replaced by rpc-statd.service


VDO no longer supports read cache

The read cache functionality has been removed from Virtual Data Optimizer (VDO). The read cache is always disabled on VDO volumes, and you can no longer enable it using the --readCache option of the vdo utility.

Red Hat might reintroduce the VDO read cache in a later Red Hat Enterprise Linux release, using a different implementation.


Removal of clvmd for managing shared storage devices

LVM no longer uses clvmd (cluster lvm daemon) for managing shared storage devices. Instead, LVM now uses lvmlockd (lvm lock daemon). For details about using lvmlockd, see the lvmlockd(8) man page. For details about using shared storage in general, see the lvmsystemid(7) man page. For information on using LVM in a Pacemaker cluster, see the help screen for the LVM-activate resource agent.


Removal of lvmetad daemon

LVM no longer uses the lvmetad daemon for caching metadata, and will always read metadata from disk. LVM disk reading has been reduced, which reduces the benefits of caching.

Previously, autoactivation of logical volumes was indirectly tied to the use_lvmetad setting in the lvm.conf configuration file. The correct way to disable autoactivation continues to be setting auto_activation_volume_list=[] (an empty list) in the lvm.conf file.


LVM can no longer manage devices formatted with the GFS pool volume manager or the lvm1 metadata format.

LVM can no longer manage devices formatted with the GFS pool volume manager or the`lvm1` metadata format. Volume groups using the lvm1 format should be converted to the lvm2 format using the vgconvert command on Red Hat Enterprise Linux 7 or earlier.


LVM libraries and LVM Python bindings have been removed

The lvm2app library and LVM Python bindings, which were provided by the lvm2-python-libs package, have been removed. Red Hat recommends the following solutions instead:

  • The LVM D-Bus API in combination with the lvm2-dbusd service. This requires using Python version 3.
  • The LVM command-line utilities with JSON formatting; this formatting has been available since the lvm2 package version 2.02.158.
  • The libblockdev library, included in AppStream, for C/C++

You must port any applications using the removed libraries and bindings to the D-Bus API before upgrading to Red Hat Enterprise Linux 8.


The ability to mirror the log for LVM mirrors has been removed

The mirrored log feature of mirrored LVM volumes has been removed. Red Hat Enterprise Linux (RHEL) 8 no longer supports creating or activating LVM volumes with a mirrored mirror log.

The recommended replacements are:

  • RAID1 LVM volumes. The main advantage of RAID1 volumes is their ability to work even in degraded mode and to recover after a transient failure.
  • Disk mirror log. To convert a mirrored mirror log to disk mirror log, use the following command: lvconvert --mirrorlog disk my_vg/my_lv.


The dmraid package has been removed

The`dmraid` package has been removed from Red Hat Enterprise Linux 8. Users requiring support for combined hardware and software RAID host bus adapters (HBA) should use the mdadm utility, which supports native MD software RAID, the SNIA RAID Common Disk Data Format (DDF), and the Intel® Matrix Storage Manager (IMSM) formats.


8.2.7. Networking

The -ok option of the tc command removed

The -ok option of the tc command has been removed in Red Hat Enterprise Linux 8. As a workaround, users can implement code to communicate directly via netlink with the kernel. Response messages received, indicate completion and status of sent requests. An alternative way for less time-critical applications is to call tc for each command separately. This may happen with a custom script which simulates the tc -batch behavior by printing OK for each successful tc invocation.


8.2.8. Security

OpenSCAP API consolidated

This update provides OpenSCAP shared library API that has been consolidated. 63 symbols have been removed, 14 added, and 4 have an updated signature. The removed symbols in OpenSCAP 1.3.0 include:

  • symbols that were marked as deprecated in version 1.2.0
  • SEAP protocol symbols
  • internal helper functions
  • unused library symbols
  • unimplemented symbols


8.2.9. Virtualization

IVSHMEM has been disabled

The inter-VM shared memory device (IVSHMEM) feature, which provides shared memory between multiple virtual machines, is now disabled in Red Hat Enterprise Linux 8. A virtual machine configured with this device will fail to boot. Similarly, attempting to hot-plug such a device device will fail as well.


Chapter 9. Deprecated functionality

This part provides an overview of functionality that has been deprecated in Red Hat Enterprise Linux 8.0 Beta.

Deprecated functionality continues to be supported until the end of life of Red Hat Enterprise Linux 8. Deprecated functionality will likely not be supported in future major releases of this product and is not recommended for new deployments. For the most recent list of deprecated functionality within a particular major release, refer to the latest version of release documentation.

Deprecated hardware components are not recommended for new deployments on the current or future major releases. Hardware driver updates are limited to security and critical fixes only. Red Hat recommends replacing this hardware as soon as reasonably feasible.

A package can be deprecated and not recommended for further use. Under certain circumstances, a package can be removed from a product. Product documentation then identifies more recent packages that offer functionality similar, identical, or more advanced to the one deprecated, and provides further recommendations.

9.1. Compilers and development tools

Sun RPC and NIS interfaces removed from glibc

The glibc library no longer provides Sun RPC and NIS interfaces for new applications. These interfaces are now available only for running legacy applications. Developers must change their applications to use the libtirpc library instead of Sun RPC and libnsl2 instead of NIS. Applications can benefit from IPv6 support in the replacement libraries.


9.2. Networking

Network scripts are deprecated in RHEL 8

Network scripts are deprecated in Red Hat Enterprise Linux 8 and they are no longer provided by default. The basic installation provides a new version of the ifup and ifdown scripts which call the NetworkManager service through the nmcli tool. In Red Hat Enterprise Linux 8, to run the ifup and the ifdown scripts, NetworkManager must be running.

Note that custom commands in /sbin/ifup-local, ifdown-pre-local and ifdown-local scripts are not executed.

If any of these scripts are required, the installation of the deprecated network scripts in the system is still possible with the following command:

~]# yum install network-scripts

The ifup and ifdown scripts link to the installed legacy network scripts.

Calling the legacy network scripts shows a warning about their deprecation.


9.3. Security

DSA is deprecated in Red Hat Enterprise Linux 8

The Digital Signature Algorithm (DSA) is considered deprecated in Red Hat Enterprise Linux 8. Authentication mechanisms that depend on DSA keys do not work in the default configuration. Note that OpenSSH clients do not accept DSA host keys even in LEGACY policy.


SSL2 Client Hello has been deprecated in NSS

The Transport Layer Security (TLS) protocol version 1.2 and earlier allow to start a negotiation with a Client Hello message formatted in a way that is backward compatible with the Secure Sockets Layer (SSL) protocol version 2. Support for this feature in the Network Security Services (NSS) library has been deprecated and it is disabled by default.

Applications that require support for this feature need to use the new SSL_ENABLE_V2_COMPATIBLE_HELLO API to enable it. Support for this feature may be removed completely in future releases of Red Hat Enterprise Linux 8.


9.4. Virtualization

Creating internal snapshots of virtual machines has been deprecated

Due to their lack of optimization and stability, internal virtual machine snapshots are now deprecated. Instead, external snapshots are recommended for use.


The Cirrus VGA virtual GPU type has been deprecated

With a future major update of Red Hat Enterprise Linux, the Cirrus VGA GPU device will no longer be supported in KVM virtual machines. Therefore, Red Hat recommends using the stdvga, virtio-vga, or qxl devices instead of Cirrus VGA.


virt-manager has been deprecated

The Virtual Machine Manager application, also known as virt-manager, has been deprecated. The RHEL 8 web console, also known as Cockpit, is intended to become its replacement in a subsequent release. It is, therefore, recommended that you use the web console for managing virtualization in a GUI. However, in Red Hat Enterprise Linux 8.0, some features may only be accessible from either virt-manager or the command line.


Chapter 10. Known issues

This part describes known issues in Red Hat Enterprise Linux 8.

10.1. Installer and image creation

The auth and authconfig Kickstart commands require the AppStream repository

The authselect-compat package is required by the auth and authconfig Kickstart commands during installation. Without this package, the installation fails if auth or authconfig are used. However, by design, the authselect-compat package is only available in the AppStream repository.

To work around this problem, verify that the BaseOS and AppStream repositories are available to the installer or use the authselect Kickstart command during installation.


The --interactive option of the ignoredisk Kickstart command does not work in RHEL 8

A Red Hat Enterprise Linux 8.0 installation using the ignoredisk --interactive Kickstart command will fail with an error message. To work around this problem, remove the ignoredisk --interactive command from the Kickstart file.


10.2. Kernel

The system sometimes becomes unresponsive when many devices are connected

When Red Hat Enterprise Linux 8 configures a large number of devices, a large number of console messages occurs on the system console. This happens, for example, when there are a large number of logical unit numbers (LUNs), with multiple paths to each LUN. The flood of console messages, in addition to other work the kernel is doing, might cause the kernel watchdog to force a kernel panic because the kernel appears to be hung.

Because the scan happens early in the boot cycle, the system becomes unresponsive when many devices are connected. This typically occurs at boot time.

If kdump is enabled on your machine during the device scan event after boot, the hard lockup results in a capture of a vmcore image.

To work around this problem, increase the watchdog lockup timer. To do so, add the watchdog_thresh=N option to the kernel command line. Replace N with the number of seconds:

  • If you have less than a thousand devices, use 30.
  • If you have more than a thousand devices, use 60.

For storage, the number of device is the number of paths to all the LUNs: generally, the number of /dev/sd* devices.

After applying the workaround, the system no longer becomes unresponsive when configuring a large amount of devices.


Physical memory hotplugging does not work

Memory blocks in the movable zone occasionally cannot be reported as movable due to a race window. Consequently, the removable attribute of some memory blocks on a hot-pluggable node is set to 0 and hot removals of those hot-pluggable nodes always fail. As a result, physical memory hotplugging does not work.


Unable to restrict bugs to the redhat Bugzilla group without permission

Previously, ksc Bugzilla submissions were restricted to redhat Bugzilla group. As a consequence, an error message displayed for users who were not able to restrict bugs to this group. To work around this issue, redhat group restriction is removed. As a result, enabling report filing using Bugzilla accounts that cannot restrict bugs to this group is now successful.


10.3. Software management

Dependent modules can cause a rejection of yum module operations

Certain modules depend on other modules. Modules consist of one or more streams that can be active or inactive. Streams are active either if marked as default or if they are explicitly enabled by a user action. Maximum one stream of a particular module can be active at a given point in time.

Yum 4 performs strict checking of package dependencies during the enable and disable module operations for all modules that have active streams. Disabling a stream can be rejected if it would break a dependent module, even if the user does not intend to make use of that module. In RHEL 8.0 Beta, the perl-App-cpanminus, perl-DBD-MySQL, perl-DBD-Pg, perl-DBD-SQLite, perl-DBI, perl-YAML, and freeradius modules depend on the perl module. Consequently, disabling the default perl:5.26 stream without enabling the perl:5.24 stream is rejected due to potential broken dependencies because it causes the perl module to have no active streams.

In addition, the freeradius module depends only on the perl:5.26 stream. Thus, when the user attempts to enable the perl:5.24 stream, the operation is also rejected due to the broken dependency.

To work around this problem:

  • Either disable modules that you do not actively use, for example:
yum module disable freeradius
  • Or use the "--skip-broken" parameter to override the dependency problem. Note that once you use this parameter, you will have to keep using the parameter for all other future module operations and for all modules, otherwise the operations will be rejected with a Modular dependency problem error message. In addition, Yum 4 will continue to return a harmless Modular dependency problem error message for all yum operations that not related to modules, such as the install, erase, search package operations.

To reset a module and its streams to the default state, use the yum module reset command, for example:

yum module reset perl


Running yum list under a non-root user causes YUM crash

When running the yum list command under a non-root user after the libdnf package has been updated, YUM can terminate unexpectedly. If you hit this bug, run yum list under root to resolve the problem. As a result, subsequent attempts to run yum list under a non-root user no longer cause YUM crash.


The yum(8) man page incorrectly mentions the yum module profile command

The yum(8) manual page incorrectly states that the YUM package management tool includes the yum module profile command to provide details about module profiles. However, this command is no longer available and when used, YUM displays an error message about an invalid command. For details about module profiles, use the new yum module info --profile command instead.


yum-plugin-aliases currently not available

The yum-plugin-aliases package, which provides the alias command for adding custom yum aliases, is currently not available. Consequently, it is not currently possible to use aliases.


yum-plugin-changelog currently not available

The yum-plugin-changelog package, which enables viewing package change logs before and after package updating, is currently not available.


10.4. Infrastructure services

Tuned does not set kernel boot command line parameters

The Tuned tool does not support Boot Loader Specification (BLS), which is enabled by default. Consequently, Tuned does not set certain kernel boot command line parameters, which causes some issues, such as performance decrease or CPU cores not being isolated. To work around this problem, disable BLS and restart Tuned.

  1. Install the grubby package.
  2. Remove the following line from the /etc/default/grub file:

  3. Re-generate the grub2.cfg file by running for non-EFI systems:

    grub2-mkconfig -o /etc/grub2.cfg
    or for EFI systems:
    grub2-mkconfig -o /etc/grub2-efi.cfg
  4. Restart Tuned by running:

    systemctl restart tuned

As a result, Tuned sets the kernel boot parameters as expected.


10.5. Shells and command-line tools

Python binding of the net-snmp package is unavailable

The Net-SNMP suite of tools currently does not provide binding for Python 3, which is the default Python implementation in RHEL 8. Consequently, python-net-snmp, python2-net-snmp, or python3-net-snmp packages are currently unavailable in RHEL 8.


TCP connections are reset or slowed down due to ECN

Currently, Explicit Congestion Notifications (ECN) are requested also on outgoing TCP connections. ECN enabled routers to report congestion by setting a flag in an IP packet header. Consequently, some network devices can drop such packets, and TCP connection is reset or slowed down significantly.

To work around this problem, remove the following line from the usr/lib/sysctl.d/50-default.conf file:

net.ipv4.tcp_ecn = 1

As a result, ECN is reset to the kernel’s default value, and ECN is not negotiated on outgoing TCP connections.


10.6. Web servers, databases, dynamic languages

Database servers are not installable in parallel

The mariadb and mysql modules cannot be installed in parallel in RHEL 8.0 Beta due to conflicting RPM packages.

By design, it is impossible to install more than one version (stream) of the same module in parallel. For example, you need to choose only one of the available streams from the postgresql module, either 10 (default) or 9.6. Parallel installation of components is possible in Red Hat Software Collections for RHEL 6 and RHEL 7. In RHEL 8, different versions of database servers can be used in containers.


Python 3 bindings for Subversion unavailable

Due to incompatibilities in the Subversion libraries used for supporting language bindings, Python 3 bindings for Subversion are currently unavailable. As a consequence, applications that require Python bindings for Subversion are unsupported at this time.


Problems in mod_cgid logging

If the mod_cgid Apache httpd module is used under a threaded multi-processing module (MPM), which is the default situation in RHEL 8, the following logging problems occur:

  • The stderr output of the CGI script is not prefixed with standard timestamp information.
  • The stderr output of the CGI script is not correctly redirected to a log file specific to the VirtualHost, if configured.


10.7. Desktop

The gnome-shell-extension-desktop-icons package is only available in BuildRoot

The gnome-shell-extension-desktop-icons package is only available in the BuildRoot repository. It will be moved to the AppStream repository by the RHEL 8.0 GA release.


10.8. Hardware enablement

The i40iw module does not load automatically on boot

Due to many i40e NICs not supporting iWarp and the i40iw module not fully supporting suspend/resume, this module is not automatically loaded by default to ensure suspend/resume works properly. To work around this problem, manually edit the /lib/udev/rules.d/90-rdma-hw-modules.rules file to enable automated load of i40iw.

Also note that if there is another RDMA device installed with a i40e device on the same machine, the non-i40e RDMA device triggers the rdma service, which loads all enabled RDMA stack modules, including the i40iw module.


Clevis does not work with tpm2-tools

The tpm2-tools packages in version 3.1.0 contain a new unified environment variable to configure the TPM (Trusted Platform Module) command transmission interface (TCTI) - TPM2TOOLS_ENV_TCTI. This variable does not offer backward compatibility with the legacy TPM2TOOLS_* environment variables. Consequently, applications that use the environment variables, such as the Clevis policy decryption framework, do not work.

To work around this problem, use the -T option to configure the TCTI module and parameters. As a result, tpm2-tools can be used after the administrator uses the described workaround, however, Clevis automated unlocking of encrypted volumes with a TPM2 device does not work at this time.


10.9. Identity Management

The KCM credential cache is not suitable for a large number of credentials in a single credential cache

If the credential cache contains too many credentials, Kerberos operations, such as kinit, fail due to a hardcoded limit on the buffer used to transfer data between the sssd-kcm component and the underlying database.

To work around this problem, add the ccache_storage = memory option in the kcm section of the /etc/sssd/sssd.conf file. This instructs the kcm responder to only store the credential caches in-memory, not persistently. Note that if you do this, restarting the system or sssd-kcm clears the credential caches.


SSSD only runs as root

Due to packaging errors, the System Security Services Daemon (SSSD) does not start if it is configured to run as a non-root user, with the user parameter set to sssd in the [sssd] section of the /etc/sssd/sssd.conf file.


Conflicting timeout values prevent SSSD from connecting to servers

Some of the default timeout values related to the failover operations used by the System Security Services Daemon (SSSD) are conflicting. Consequently, the timeout value reserved for SSSD to talk to a single server prevents SSSD from trying other servers before the connecting operation as a whole time out. To work around the problem, set the value of the ldap_opt_timeout timeout parameter higher than the value of the dns_resolver_timeout parameter, and set the value of the dns_resolver_timeout parameter higher than the value of the dns_resolver_op_timeout parameter.


Using a smart card to log into the IdM web UI does not work

When a user attempts to log in to the Identity Management (IdM) web UI using a certificate stored on their smart card, the System Security Services Daemon (SSSD) D-Bus interface code uses an incorrect callback to look the user up. Consequently, the lookup crashes. To work around the problem, use other methods of authentication.


10.10. Compilers and development tools

Synthetic functions generated by GCC confuse SystemTap

GCC optimization can generate synthetic functions for partially inlined copies of other functions. Tools such as SystemTap and GDB can not distinguish these synthetic functions from real functions. As a consequence, SystemTap can place probes on both synthetic and real function entry points, and thus register multiple probe hits for a single real function call.

To work around this problem, SystemTap scripts must be adapted with measures such as detecting recursion and suppressing probes related to inlined partial functions. For example, a script

probe kernel.function("can_nice").call { }

can try to avoid the described problem as follows:

global in_can_nice%

probe kernel.function("can_nice").call {
  in_can_nice[tid()] ++;
  if (in_can_nice[tid()] > 1) { next }
  /* code for real probe handler */

probe kernel.function("can_nice").return {
  in_can_nice[tid()] --;

Note that this example script does not take into account all possible scenarios, such as missed kprobes or kretprobes, or genuine intended recursion.


Time zone data for the Europe/Volgograd zone not yet updated

Due to the timing of the upstream release, the tzdata package has not yet been updated to reflect the recent changes for Morocco, Volgograd, Fiji, and parts of Chili. These updates will be part of a future release.


Time zone data with new upstream default data format

The RHEL 8.0 Beta release provides a version of the tzdata-2018e package that supports the new default upstream data format, including negative DST offsets. As a consequence, future upstream data format changes could break tools that process the tzdata files.

A future update of tzdata will revert back to the traditional (rearguard) format to prevent the described problem.


The ltrace tool does not report function calls

Because of improvements to binary hardening applied to all RHEL components, the ltrace tool can no longer detect function calls in binary files coming from RHEL components. As a consequence, ltrace output is empty because it does not report any detected calls when used on such binary files. There is no workaround currently available.

As a note, ltrace can correctly report calls in custom binary files built without the respective hardening flags.

(BZ#1618748, BZ#1655368)

10.11. File systems and storage

The I/O performance of Qlogic HBAs might be degraded

Direct I/O write performance with Qlogic Host Bus Adapters (HBAs) might be inferior compared to Red Hat Enterprise Linux 7. This might affect workloads in a Storage Area Network (SAN) environment.


The system does not boot from FCoE SAN

Red Hat Enterprise Linux 8 currently cannot boot from Storage Area Network (SAN) with supported Fibre Channel over Ethernet (FCoE) adapters. This is caused by the Blivet storage configuration tool, which lacks revised FCoE support in Red Hat Enterprise Linux 8.0 Beta.

Red Hat recommends that you defer the testing of boot from SAN with FCoE in Beta until Blivet is updated.

For more information about changes in FCoE, see Chapter 8, Removed functionality.


Unable to discover an iSCSI target using the iscsiuio package

Red Hat Enterprise Linux 8 does not allow concurrent access to PCI register areas. As a consequence, a could not set host net params (err 29) error was set and the connection to the discovery portal failed. To work around this problem, set the kernel parameter iomem=relaxed in the kernel command line for the iSCSI offload. This specifically involves any offload using the bnx2i driver. As a result, connection to the discovery portal is now successful and iscsiuio package now works correctly.


10.12. Security

Libreswan is terminated unexpectedly with a segmentation fault when loading large ike= configurations

Libreswan handling of large default ike= proposals as defined inside the system-wide crypto policy contains a memory allocation error that causes the parser to crash.

To work around this problem, remove the line starting with the ike= string from the /etc/crypto-policies/back-ends/libreswan.config file.


OpenSCAP rpmverifypackage does not work correctly

The chdir and chroot system calls are called twice by the rpmverifypackage probe. Consequently, an error occurs when the probe is utilized during an OpenSCAP scan with custom Open Vulnerability and Assessment Language (OVAL) content.

To work around this problem, do not use the rpmverifypackage_test OVAL test in your content or use only the content from the scap-security-guide package where rpmverifypackage_test is not used.


libssh does not comply with the system-wide crypto policy

The libssh library does not follow system-wide cryptographic policy settings. As a consequence, the set of supported algorithms is not changed when the administrator changes the crypto policies level using the update-crypto-policies command.

To work around this problem, the set of advertised algorithms needs to be set individually by every application that uses libssh. As a result, when the system is set to the LEGACY or FUTURE policy level, applications that use libssh behave inconsistently when compared to OpenSSH.


SCAP Workbench fails to generate results-based remediations from tailored profiles

The following error occurs when trying to generate results-based remediation roles from a customized profile using the SCAP Workbench tool:

Error generating remediation role .../remediation.sh: Exit code of oscap was 1: [output truncated]

To work around this problem, use the oscap command with the --tailoring-file option.


SCAP Security Guide PCI-DSS profile aligns with version 3.1

The SCAP Security Guide project provides the PCI-DSS (Payment Card Industry Data Security Standard) profile for Red Hat Enterprise Linux 8. However, this profile adheres to PCI-DSS version 3.1, and it has not been updated to align with the latest PCI-DSS version 3.2.1.


OpenSCAP rpmverifyfile does not work

The OpenSCAP scanner does not correctly change the current working directory in offline mode, and the fchdir function is not called with the correct arguments in the OpenSCAP rpmverifyfile probe. Consequently, scanning arbitrary file systems using the oscap-chroot command fails if rpmverifyfile_test is used in an SCAP content. As a result, oscap-chroot aborts in the described scenario.


A utility for security and compliance scanning of containers is not available

In Red Hat Enterprise Linux 7, the oscap-docker utility can be used for scanning of Docker containers based on Atomic technologies. In Red Hat Enterprise Linux 8, the Docker- and Atomic-related OpenSCAP commands are not available. As a result, oscap-docker or an equivalent utility for security and compliance scanning of containers is not available in RHEL8 at the moment.


Audit remote logging does not work with SELinux in enforcing mode.

SELinux prevents the /sbin/audisp-remote remote logging client to read local Audit events from the relevant socket. Consequently, the remote logging process is terminated unexpectedly.

To work around this problem, use the semodule -i command to load a custom policy module, which contains the following rule:

( allow audisp_remote_t auditd_t ( unix_stream_socket ( read )))

As a result, without the described workaround, the Audit remote logging does not work with SELinux in enforcing mode.


10.13. Subscription management

Repositories are not enabled as expected

Systems that have successfully registered with Satellite or the Red Hat Customer Portal may experience unexpected behavior when trying to access content from repositories that have been enabled in addition to the default BaseOS and AppStream repositories, for example, the High Availability (HA) and Core Ready Builder (CRB) repositories. As a workaround, see Enabling Repositories in Red Hat Enterprise Linux 8 Beta for more information.


10.14. Virtualization

Virtual machines can access any network services reachable by the host

As of the RHEL 8 Beta release, the newly implemented nftables backend for firewalld has not been fully integrated into the libvirt library. As a consequence, KVM virtual machines that use libvirt-managed virtual networks have access to all network services that are listening on the host, which may be a security concern.


Glusterfs storage does not work with virtual machines

Due to incompatibility with the libvirt API, glusterfs storage currently cannot be used for KVM virtual machines in Red Hat Enterprise Linux 8.


⁠virt-v2v and virt-p2v do not work on IBM POWER, IBM Z, and the 64-bit ARM architecture

The virt-v2v and virt-p2v utilities are currently only supported on the AMD64 and Intel 64 architecture, also known as x86_64. On other architectures, including IBM Z, IBM POWER, and 64-bit ARM, virt-v2v and virt-p2v do not work correctly.


10.15. Supportability

redhat-support-tool not available in RHEL 8 Beta

The redhat-support-tool utility is not included in Red Hat Enterprise Linux (RHEL) 8 Beta.


10.16. Satellite and Red Hat network client tools

The rhn-tools default profile cannot be installed

Modular metadata for rhn-tools module are currently incorrect. Consequently, the yum module install rhn-tools command fails due to incorrect modular metadata. To work around this problem, individual packages from the module can be installed using the regular yum install package operation, just like in previous RHEL releases.


Chapter 11. Notable changes to containers

A set of container images is available for Red Hat Enterprise Linux (RHEL) 8.0. Notable changes include:

  • The podman tool has been released as a fully supported feature.

    The podman tool manages pods, container images, and containers on a single node. It is built on the libpod library, which enables management of containers and groups of containers, called pods.

    For podman documentation, see Using podman to work with containers.

  • The Red Hat Software Collections, Red Hat Developer Toolset, Red Hat Developer Tools, and .NET Core container images are not provided in RHEL 8 Beta.
  • The rhel-tools container has been removed in RHEL 8. The sos and redhat-support-tool tools are provided in the support-tools container. System administrators can also use this image as a base for building system tools container image.
  • The support-tools container does not contain the strace and tcpdump packages. The description label in Beta, which states that strace and tcpdump are present, is incorrect.
  • Container images ARM for the 64-bit ARM architecture are fully supported in RHEL 8.
  • The support for rootless containers is available as a technology preview in RHEL 8 Beta.

    Rootless containers are containers that are created and managed by regular system users without administrative permissions.

  • On RHEL 7 systems, you can not build container images using the Beta version of the RHEL 8 image.
  • On RHEL 7 systems, you can not update the Beta version of the RHEL 8 image.

Appendix A. Modules available in RHEL 8.0 Beta

RHEL 8.0 Beta is distributed with the following modules and streams in the AppStream repository:

ModuleStreamsDefault stream






































client, DL1




































10, 8






5.26, 5.24



7.2, 7.1









10, 9.6















































Appendix B. Packages in BaseOS

The following packages are available in the BaseOS repository:

  • ModemManager
  • ModemManager-glib
  • NetworkManager
  • NetworkManager-adsl
  • NetworkManager-bluetooth
  • NetworkManager-config-connectivity-redhat
  • NetworkManager-config-server
  • NetworkManager-dispatcher-routing-rules
  • NetworkManager-libnm
  • NetworkManager-ovs
  • NetworkManager-ppp
  • NetworkManager-team
  • NetworkManager-tui
  • NetworkManager-wifi
  • NetworkManager-wwan
  • OpenIPMI
  • OpenIPMI-lanserv
  • OpenIPMI-libs
  • OpenIPMI-perl
  • aajohan-comfortaa-fonts
  • acl
  • acpica-tools
  • adcli
  • adcli-doc
  • arpwatch
  • at
  • atlas
  • atlas-corei2
  • atlas-corei2-devel
  • atlas-devel
  • attr
  • audispd-plugins
  • audispd-plugins-zos
  • audit
  • audit-libs
  • audit-libs-devel
  • augeas
  • augeas-libs
  • authselect
  • authselect-libs
  • autofs
  • avahi
  • avahi-autoipd
  • avahi-glib
  • avahi-gobject
  • avahi-libs
  • basesystem
  • bash
  • bash-completion
  • bash-doc
  • bc
  • bind-export-devel
  • bind-export-libs
  • binutils
  • biosdevname
  • blktrace
  • bluez
  • bluez-hid2hci
  • bluez-libs
  • bluez-obexd
  • bolt
  • boom-boot
  • boom-boot-conf
  • boom-boot-grub2
  • bpftool
  • brotli
  • bsdtar
  • bubblewrap
  • bzip2
  • bzip2-devel
  • bzip2-libs
  • c-ares
  • c-ares-devel
  • ca-certificates
  • cachefilesd
  • checkpolicy
  • chkconfig
  • chrony
  • chrpath
  • cifs-utils
  • cockpit
  • cockpit-bridge
  • cockpit-doc
  • cockpit-system
  • cockpit-ws
  • compat-openssl10
  • conntrack-tools
  • coreutils
  • coreutils-common
  • coreutils-single
  • cpio
  • cracklib
  • cracklib-dicts
  • crda
  • cronie
  • cronie-anacron
  • cronie-noanacron
  • crontabs
  • crypto-policies
  • cryptsetup
  • cryptsetup-libs
  • cryptsetup-reencrypt
  • ctdb
  • ctdb-tests
  • cups-libs
  • curl
  • cyrus-sasl
  • cyrus-sasl-devel
  • cyrus-sasl-gs2
  • cyrus-sasl-gssapi
  • cyrus-sasl-ldap
  • cyrus-sasl-lib
  • cyrus-sasl-md5
  • cyrus-sasl-ntlm
  • cyrus-sasl-plain
  • cyrus-sasl-scram
  • daxctl
  • daxctl-libs
  • dbus
  • dbus-common
  • dbus-daemon
  • dbus-glib
  • dbus-libs
  • dbus-tools
  • dbxtool
  • dejavu-fonts-common
  • dejavu-sans-fonts
  • dejavu-sans-mono-fonts
  • dejavu-serif-fonts
  • device-mapper
  • device-mapper-event
  • device-mapper-event-libs
  • device-mapper-libs
  • device-mapper-multipath
  • device-mapper-multipath-libs
  • device-mapper-persistent-data
  • dhcp-client
  • dhcp-common
  • dhcp-libs
  • dhcp-relay
  • dhcp-server
  • diffutils
  • dmidecode
  • dnf
  • dnf-automatic
  • dnf-data
  • dnf-plugin-subscription-manager
  • dnf-plugins-core
  • dnf-utils
  • dos2unix
  • dosfstools
  • dracut
  • dracut-caps
  • dracut-config-generic
  • dracut-config-rescue
  • dracut-live
  • dracut-network
  • dracut-squash
  • dracut-tools
  • dump
  • dvd+rw-tools
  • e2fsprogs
  • e2fsprogs-devel
  • e2fsprogs-libs
  • ed
  • efi-filesystem
  • efibootmgr
  • efivar
  • efivar-libs
  • elfutils
  • elfutils-default-yama-scope
  • elfutils-devel
  • elfutils-libelf
  • elfutils-libelf-devel
  • elfutils-libs
  • emacs-filesystem
  • environment-modules
  • ethtool
  • expat
  • expat-devel
  • expect
  • fcoe-utils
  • file
  • file-libs
  • filesystem
  • findutils
  • fipscheck
  • fipscheck-lib
  • firewalld
  • firewalld-filesystem
  • fontconfig
  • fontconfig-devel
  • fontpackages-filesystem
  • freeipmi
  • freeipmi-bmc-watchdog
  • freeipmi-ipmidetectd
  • freeipmi-ipmiseld
  • freetype
  • freetype-devel
  • fuse
  • fuse-common
  • fuse-devel
  • fuse-libs
  • fuse3
  • fuse3-devel
  • fuse3-libs
  • fwupd
  • fwupdate
  • fwupdate-efi
  • fwupdate-libs
  • fxload
  • gamin
  • gawk
  • gdbm
  • gdbm-devel
  • gdbm-libs
  • gdisk
  • gdk-pixbuf2
  • genisoimage
  • genwqe-tools
  • genwqe-vpd
  • genwqe-zlib
  • genwqe-zlib-devel
  • gettext
  • gettext-common-devel
  • gettext-devel
  • gettext-libs
  • gfs2-utils
  • glib-networking
  • glib2
  • glib2-devel
  • glib2-fam
  • glib2-tests
  • glibc
  • glibc-all-langpacks
  • glibc-common
  • glibc-devel
  • glibc-headers
  • glibc-langpack-aa
  • glibc-langpack-af
  • glibc-langpack-agr
  • glibc-langpack-ak
  • glibc-langpack-am
  • glibc-langpack-an
  • glibc-langpack-anp
  • glibc-langpack-ar
  • glibc-langpack-as
  • glibc-langpack-ast
  • glibc-langpack-ayc
  • glibc-langpack-az
  • glibc-langpack-be
  • glibc-langpack-bem
  • glibc-langpack-ber
  • glibc-langpack-bg
  • glibc-langpack-bhb
  • glibc-langpack-bho
  • glibc-langpack-bi
  • glibc-langpack-bn
  • glibc-langpack-bo
  • glibc-langpack-br
  • glibc-langpack-brx
  • glibc-langpack-bs
  • glibc-langpack-byn
  • glibc-langpack-ca
  • glibc-langpack-ce
  • glibc-langpack-chr
  • glibc-langpack-cmn
  • glibc-langpack-crh
  • glibc-langpack-cs
  • glibc-langpack-csb
  • glibc-langpack-cv
  • glibc-langpack-cy
  • glibc-langpack-da
  • glibc-langpack-de
  • glibc-langpack-doi
  • glibc-langpack-dsb
  • glibc-langpack-dv
  • glibc-langpack-dz
  • glibc-langpack-el
  • glibc-langpack-en
  • glibc-langpack-eo
  • glibc-langpack-es
  • glibc-langpack-et
  • glibc-langpack-eu
  • glibc-langpack-fa
  • glibc-langpack-ff
  • glibc-langpack-fi
  • glibc-langpack-fil
  • glibc-langpack-fo
  • glibc-langpack-fr
  • glibc-langpack-fur
  • glibc-langpack-fy
  • glibc-langpack-ga
  • glibc-langpack-gd
  • glibc-langpack-gez
  • glibc-langpack-gl
  • glibc-langpack-gu
  • glibc-langpack-gv
  • glibc-langpack-ha
  • glibc-langpack-hak
  • glibc-langpack-he
  • glibc-langpack-hi
  • glibc-langpack-hif
  • glibc-langpack-hne
  • glibc-langpack-hr
  • glibc-langpack-hsb
  • glibc-langpack-ht
  • glibc-langpack-hu
  • glibc-langpack-hy
  • glibc-langpack-ia
  • glibc-langpack-id
  • glibc-langpack-ig
  • glibc-langpack-ik
  • glibc-langpack-is
  • glibc-langpack-it
  • glibc-langpack-iu
  • glibc-langpack-ja
  • glibc-langpack-ka
  • glibc-langpack-kab
  • glibc-langpack-kk
  • glibc-langpack-kl
  • glibc-langpack-km
  • glibc-langpack-kn
  • glibc-langpack-ko
  • glibc-langpack-kok
  • glibc-langpack-ks
  • glibc-langpack-ku
  • glibc-langpack-kw
  • glibc-langpack-ky
  • glibc-langpack-lb
  • glibc-langpack-lg
  • glibc-langpack-li
  • glibc-langpack-lij
  • glibc-langpack-ln
  • glibc-langpack-lo
  • glibc-langpack-lt
  • glibc-langpack-lv
  • glibc-langpack-lzh
  • glibc-langpack-mag
  • glibc-langpack-mai
  • glibc-langpack-mfe
  • glibc-langpack-mg
  • glibc-langpack-mhr
  • glibc-langpack-mi
  • glibc-langpack-miq
  • glibc-langpack-mjw
  • glibc-langpack-mk
  • glibc-langpack-ml
  • glibc-langpack-mn
  • glibc-langpack-mni
  • glibc-langpack-mr
  • glibc-langpack-ms
  • glibc-langpack-mt
  • glibc-langpack-my
  • glibc-langpack-nan
  • glibc-langpack-nb
  • glibc-langpack-nds
  • glibc-langpack-ne
  • glibc-langpack-nhn
  • glibc-langpack-niu
  • glibc-langpack-nl
  • glibc-langpack-nn
  • glibc-langpack-nr
  • glibc-langpack-nso
  • glibc-langpack-oc
  • glibc-langpack-om
  • glibc-langpack-or
  • glibc-langpack-os
  • glibc-langpack-pa
  • glibc-langpack-pap
  • glibc-langpack-pl
  • glibc-langpack-ps
  • glibc-langpack-pt
  • glibc-langpack-quz
  • glibc-langpack-raj
  • glibc-langpack-ro
  • glibc-langpack-ru
  • glibc-langpack-rw
  • glibc-langpack-sa
  • glibc-langpack-sah
  • glibc-langpack-sat
  • glibc-langpack-sc
  • glibc-langpack-sd
  • glibc-langpack-se
  • glibc-langpack-sgs
  • glibc-langpack-shn
  • glibc-langpack-shs
  • glibc-langpack-si
  • glibc-langpack-sid
  • glibc-langpack-sk
  • glibc-langpack-sl
  • glibc-langpack-sm
  • glibc-langpack-so
  • glibc-langpack-sq
  • glibc-langpack-sr
  • glibc-langpack-ss
  • glibc-langpack-st
  • glibc-langpack-sv
  • glibc-langpack-sw
  • glibc-langpack-szl
  • glibc-langpack-ta
  • glibc-langpack-tcy
  • glibc-langpack-te
  • glibc-langpack-tg
  • glibc-langpack-th
  • glibc-langpack-the
  • glibc-langpack-ti
  • glibc-langpack-tig
  • glibc-langpack-tk
  • glibc-langpack-tl
  • glibc-langpack-tn
  • glibc-langpack-to
  • glibc-langpack-tpi
  • glibc-langpack-tr
  • glibc-langpack-ts
  • glibc-langpack-tt
  • glibc-langpack-ug
  • glibc-langpack-uk
  • glibc-langpack-unm
  • glibc-langpack-ur
  • glibc-langpack-uz
  • glibc-langpack-ve
  • glibc-langpack-vi
  • glibc-langpack-wa
  • glibc-langpack-wae
  • glibc-langpack-wal
  • glibc-langpack-wo
  • glibc-langpack-xh
  • glibc-langpack-yi
  • glibc-langpack-yo
  • glibc-langpack-yue
  • glibc-langpack-yuw
  • glibc-langpack-zh
  • glibc-langpack-zu
  • glibc-locale-source
  • glibc-minimal-langpack
  • glusterfs
  • glusterfs-client-xlators
  • glusterfs-fuse
  • glusterfs-libs
  • glusterfs-rdma
  • gmp
  • gmp-c++
  • gmp-devel
  • gnupg2
  • gnupg2-smime
  • gnutls
  • gobject-introspection
  • gpgme
  • gpgmepp
  • grep
  • groff-base
  • grub2-common
  • grub2-efi-aa64-modules
  • grub2-efi-ia32
  • grub2-efi-ia32-cdboot
  • grub2-efi-ia32-modules
  • grub2-efi-x64
  • grub2-efi-x64-cdboot
  • grub2-efi-x64-modules
  • grub2-pc
  • grub2-pc-modules
  • grub2-ppc64le-modules
  • grub2-tools
  • grub2-tools-efi
  • grub2-tools-extra
  • grub2-tools-minimal
  • grubby
  • gsettings-desktop-schemas
  • gssproxy
  • gzip
  • hardlink
  • hdparm
  • hesiod
  • hostname
  • hwdata
  • hwloc
  • hwloc-libs
  • ibacm
  • icu
  • ima-evm-utils
  • infiniband-diags
  • info
  • initscripts
  • intel-cmt-cat
  • iotop
  • ipcalc
  • iproute
  • iproute-tc
  • iprutils
  • ipset
  • ipset-libs
  • ipset-service
  • iptables
  • iptables-devel
  • iptables-ebtables
  • iptables-libs
  • iptables-services
  • iptables-utils
  • iptraf-ng
  • iptstate
  • iputils
  • iputils-ninfod
  • irqbalance
  • iscsi-initiator-utils
  • iscsi-initiator-utils-iscsiuio
  • isns-utils
  • isns-utils-devel
  • isns-utils-libs
  • iw
  • iwl100-firmware
  • iwl105-firmware
  • iwl135-firmware
  • iwl1000-firmware
  • iwl2000-firmware
  • iwl2030-firmware
  • iwl3160-firmware
  • iwl3945-firmware
  • iwl4965-firmware
  • iwl5000-firmware
  • iwl5150-firmware
  • iwl6000-firmware
  • iwl6000g2a-firmware
  • iwl6000g2b-firmware
  • iwl6050-firmware
  • iwl7260-firmware
  • iwpmd
  • jansson
  • jimtcl
  • json-c
  • json-glib
  • kabi-dw
  • kbd
  • kbd-legacy
  • kbd-misc
  • kernel
  • kernel-abi-whitelists
  • kernel-core
  • kernel-cross-headers
  • kernel-debug
  • kernel-debug-core
  • kernel-debug-devel
  • kernel-debug-modules
  • kernel-debug-modules-extra
  • kernel-devel
  • kernel-headers
  • kernel-modules
  • kernel-modules-extra
  • kernel-tools
  • kernel-tools-libs
  • kexec-tools
  • keyutils
  • keyutils-libs
  • keyutils-libs-devel
  • kmod
  • kmod-kvdo
  • kmod-libs
  • kpartx
  • kpatch
  • krb5-devel
  • krb5-libs
  • krb5-pkinit
  • krb5-server
  • krb5-server-ldap
  • krb5-workstation
  • ksc
  • ldb-tools
  • ledmon
  • less
  • libacl
  • libacl-devel
  • libaio
  • libaio-devel
  • libappstream-glib
  • libarchive
  • libasan
  • libassuan
  • libatomic
  • libatomic-static
  • libattr
  • libattr-devel
  • libbasicobjects
  • libblkid
  • libblkid-devel
  • libcap
  • libcap-devel
  • libcap-ng
  • libcap-ng-devel
  • libcap-ng-utils
  • libcgroup
  • libcgroup-pam
  • libcgroup-tools
  • libcollection
  • libcom_err
  • libcom_err-devel
  • libcomps
  • libcomps-devel
  • libconfig
  • libcroco
  • libcurl
  • libcurl-devel
  • libcurl-minimal
  • libdaemon
  • libdb
  • libdb-utils
  • libdhash
  • libdmmp
  • libdnf
  • libedit
  • liberation-fonts
  • liberation-fonts-common
  • liberation-mono-fonts
  • liberation-narrow-fonts
  • liberation-sans-fonts
  • liberation-serif-fonts
  • libertas-sd8686-firmware
  • libertas-sd8787-firmware
  • libertas-usb8388-firmware
  • libertas-usb8388-olpc-firmware
  • libevent
  • libevent-doc
  • libfabric
  • libfdisk
  • libfdisk-devel
  • libffi
  • libffi-devel
  • libgcab1
  • libgcc
  • libgcrypt
  • libgcrypt-devel
  • libgfortran
  • libgomp
  • libgomp-offload-nvptx
  • libgpg-error
  • libgpg-error-devel
  • libgudev
  • libgusb
  • libhbaapi
  • libhbalinux
  • libhbalinux-devel
  • libhugetlbfs
  • libhugetlbfs-devel
  • libhugetlbfs-utils
  • libibumad
  • libibverbs
  • libibverbs-utils
  • libical
  • libicu
  • libicu-devel
  • libicu-doc
  • libidn
  • libidn2
  • libini_config
  • libipa_hbac
  • libitm
  • libjpeg-turbo
  • libjpeg-turbo-devel
  • libkadm5
  • libkcapi
  • libkcapi-hmaccalc
  • libkeepalive
  • libksba
  • libldb
  • libldb-devel
  • libmbim
  • libmbim-utils
  • libmetalink
  • libmicrohttpd
  • libmnl
  • libmodman
  • libmodulemd
  • libmount
  • libndp
  • libnetfilter_conntrack
  • libnetfilter_cthelper
  • libnetfilter_cttimeout
  • libnetfilter_queue
  • libnfnetlink
  • libnfsidmap
  • libnftnl
  • libnghttp2
  • libnl3
  • libnl3-cli
  • libnl3-devel
  • libnl3-doc
  • libnsl
  • libnsl2
  • libpath_utils
  • libpcap
  • libpciaccess
  • libpeas
  • libpfm
  • libpfm-devel
  • libpipeline
  • libpkgconf
  • libpng
  • libpng-devel
  • libproxy
  • libpsl
  • libpsm2
  • libpsm2-compat
  • libpwquality
  • libqb
  • libqb-devel
  • libqmi
  • libqmi-utils
  • libquadmath
  • librabbitmq
  • librdmacm
  • librdmacm-utils
  • libref_array
  • librepo
  • libreport-filesystem
  • librhsm
  • libseccomp
  • libsecret
  • libsecret-devel
  • libselinux
  • libselinux-devel
  • libselinux-utils
  • libsemanage
  • libsepol
  • libsepol-devel
  • libsigsegv
  • libsmartcols
  • libsmartcols-devel
  • libsmbclient
  • libsmbios
  • libsolv
  • libsoup
  • libss
  • libssh
  • libsss_autofs
  • libsss_certmap
  • libsss_idmap
  • libsss_nss_idmap
  • libsss_simpleifp
  • libsss_sudo
  • libstdc++
  • libstdc++-devel
  • libstemmer
  • libstoragemgmt
  • libstoragemgmt-arcconf-plugin
  • libstoragemgmt-hpsa-plugin
  • libstoragemgmt-local-plugin
  • libstoragemgmt-megaraid-plugin
  • libstoragemgmt-netapp-plugin
  • libstoragemgmt-nfs-plugin
  • libstoragemgmt-nfs-plugin-clibs
  • libstoragemgmt-nstor-plugin
  • libstoragemgmt-smis-plugin
  • libstoragemgmt-udev
  • libsysfs
  • libtalloc
  • libtalloc-devel
  • libtasn1
  • libtdb
  • libtdb-devel
  • libteam
  • libteam-doc
  • libtevent
  • libtevent-devel
  • libtirpc
  • libtirpc-devel
  • libtool-ltdl
  • libtsan
  • libubsan
  • libunistring
  • libusal
  • libusb
  • libusbx
  • libusbx-devel
  • libusbx-devel-doc
  • libuser
  • libutempter
  • libuuid
  • libuuid-devel
  • libvarlink
  • libverto
  • libverto-devel
  • libverto-libevent
  • libwbclient
  • libxcrypt
  • libxcrypt-devel
  • libxml2
  • libxslt
  • libyaml
  • linux-firmware
  • lksctp-tools
  • lksctp-tools-devel
  • lksctp-tools-doc
  • lldpad
  • lm_sensors
  • lm_sensors-devel
  • lm_sensors-libs
  • lockdev
  • logrotate
  • logwatch
  • lrzsz
  • lshw-B.02.18
  • lsof
  • lsscsi
  • lua-libs
  • lvm2
  • lvm2-dbusd
  • lvm2-libs
  • lz4
  • lz4-devel
  • lz4-libs
  • lzo
  • lzo-devel
  • lzo-minilzo
  • lzop
  • m4
  • mailcap
  • mailx
  • make
  • make-devel
  • man-db
  • man-db-cron
  • man-pages
  • man-pages-cs
  • man-pages-es
  • man-pages-es-extra
  • man-pages-fr
  • man-pages-it
  • man-pages-ja
  • man-pages-ko
  • man-pages-pl
  • man-pages-ru
  • man-pages-zh-CN
  • mcelog
  • mcstrans
  • mdadm
  • memtest86+
  • microcode_ctl
  • microdnf
  • minicom
  • mksh
  • mlocate
  • mobile-broadband-provider-info
  • mokutil
  • mozjs52
  • mpfr
  • mtools
  • mtr
  • nano
  • ncurses
  • ncurses-base
  • ncurses-c++-libs
  • ncurses-compat-libs
  • ncurses-devel
  • ncurses-libs
  • ncurses-term
  • ndctl
  • ndctl-libs
  • net-snmp-libs
  • net-tools
  • netconsole-service
  • netlabel_tools
  • nettle
  • nettle-devel
  • network-scripts
  • newt
  • nfs-utils
  • nfs4-acl-tools
  • nftables
  • npth
  • nscd
  • nss_db
  • nss_nis
  • ntsysv
  • numactl
  • numactl-devel
  • numactl-libs
  • numad
  • nvme-cli
  • nvmetcli
  • opa-address-resolution
  • opa-basic-tools
  • opa-fastfabric
  • opa-fm
  • opa-libopamgt
  • opencryptoki
  • opencryptoki-icsftok
  • opencryptoki-libs
  • opencryptoki-swtok
  • opencryptoki-tpmtok
  • openhpi
  • openhpi-libs
  • openldap
  • openldap-clients
  • openldap-devel
  • opensc
  • opensm
  • opensm-libs
  • openssh
  • openssh-cavs
  • openssh-clients
  • openssh-keycat
  • openssh-ldap
  • openssh-server
  • openssl
  • openssl-devel
  • openssl-ibmpkcs11
  • openssl-libs
  • openssl-perl
  • openssl-pkcs11
  • os-prober
  • p11-kit
  • p11-kit-devel
  • p11-kit-server
  • p11-kit-trust
  • pam
  • pam-devel
  • pam_cifscreds
  • pam_ssh_agent_auth
  • papi
  • papi-devel
  • papi-libs
  • parted
  • passwd
  • patch
  • pciutils
  • pciutils-devel
  • pciutils-libs
  • pcre
  • pcre-cpp
  • pcre-devel
  • pcre-utf16
  • pcre-utf32
  • pcre2
  • pcre2-devel
  • pcre2-utf16
  • pcre2-utf32
  • pcsc-lite
  • pcsc-lite-ccid
  • pcsc-lite-doc
  • pcsc-lite-libs
  • perf
  • perftest
  • perl-Carp
  • perl-DBD-SQLite
  • perl-DBI
  • perl-Data-Dumper
  • perl-Date-Manip
  • perl-Encode
  • perl-Errno
  • perl-Exporter
  • perl-File-Path
  • perl-File-Temp
  • perl-Getopt-Long
  • perl-HTTP-Tiny
  • perl-IO
  • perl-MIME-Base64
  • perl-Math-BigInt
  • perl-Math-Complex
  • perl-Parse-Yapp
  • perl-PathTools
  • perl-Pod-Escapes
  • perl-Pod-Perldoc
  • perl-Pod-Simple
  • perl-Pod-Usage
  • perl-Scalar-List-Utils
  • perl-Socket
  • perl-Storable
  • perl-Sys-CPU
  • perl-Sys-MemInfo
  • perl-Term-ANSIColor
  • perl-Term-Cap
  • perl-Text-ParseWords
  • perl-Text-Tabs+Wrap
  • perl-Time-Local
  • perl-Unicode-Normalize
  • perl-constant
  • perl-interpreter
  • perl-libs
  • perl-macros
  • perl-parent
  • perl-podlators
  • perl-threads
  • perl-threads-shared
  • pigz
  • pkgconf
  • pkgconf-m4
  • pkgconf-pkg-config
  • platform-python
  • policycoreutils
  • policycoreutils-dbus
  • policycoreutils-devel
  • policycoreutils-newrole
  • policycoreutils-python-utils
  • policycoreutils-restorecond
  • polkit
  • polkit-devel
  • polkit-docs
  • polkit-libs
  • polkit-pkla-compat
  • popt
  • popt-devel
  • portreserve
  • postfix
  • ppp
  • prefixdevname
  • procps-ng
  • procps-ng-i18n
  • ps_mem
  • psacct
  • psmisc
  • publicsuffix-list
  • publicsuffix-list-dafsa
  • python3-IPy
  • python3-asn1crypto
  • python3-audit
  • python3-avahi
  • python3-boom
  • python3-cffi
  • python3-chardet
  • python3-configobj
  • python3-configshell
  • python3-cryptography
  • python3-dateutil
  • python3-dbus
  • python3-decorator
  • python3-dmidecode
  • python3-dnf
  • python3-dnf-plugin-versionlock
  • python3-dnf-plugins-core
  • python3-dns
  • python3-ethtool
  • python3-firewall
  • python3-gobject-base
  • python3-gpg
  • python3-hawkey
  • python3-idna
  • python3-iniparse
  • python3-inotify
  • python3-iscsi-initiator-utils
  • python3-jwt
  • python3-kmod
  • python3-ldb
  • python3-libcomps
  • python3-libdnf
  • python3-libipa_hbac
  • python3-libnl3
  • python3-libproxy
  • python3-librepo
  • python3-libs
  • python3-libselinux
  • python3-libsemanage
  • python3-libsss_nss_idmap
  • python3-libstoragemgmt
  • python3-libstoragemgmt-clibs
  • python3-libuser
  • python3-libxml2
  • python3-linux-procfs
  • python3-magic
  • python3-oauthlib
  • python3-openipmi
  • python3-perf
  • python3-pip
  • python3-ply
  • python3-policycoreutils
  • python3-pwquality
  • python3-pyOpenSSL
  • python3-pycparser
  • python3-pyparsing
  • python3-pysocks
  • python3-pyudev
  • python3-pywbem
  • python3-pyyaml
  • python3-requests
  • python3-requests-oauthlib
  • python3-rpm
  • python3-rtslib
  • python3-samba
  • python3-samba-test
  • python3-schedutils
  • python3-setools
  • python3-setuptools
  • python3-six
  • python3-slip
  • python3-slip-dbus
  • python3-sss
  • python3-sss-murmur
  • python3-sssdconfig
  • python3-subscription-manager-rhsm
  • python3-syspurpose
  • python3-talloc
  • python3-tdb
  • python3-test
  • python3-tevent
  • python3-urllib3
  • python3-urwid
  • python3-varlink
  • quota
  • quota-doc
  • quota-nld
  • quota-nls
  • quota-rpc
  • quota-warnquota
  • rasdaemon
  • rdma-core
  • rdma-core-devel
  • readline
  • readline-devel
  • readonly-root
  • realmd
  • redhat-indexhtml
  • redhat-logos
  • redhat-logos-httpd
  • redhat-release
  • rmt
  • rng-tools
  • rootfiles
  • rpcbind
  • rpm
  • rpm-apidocs
  • rpm-build-libs
  • rpm-cron
  • rpm-devel
  • rpm-libs
  • rpm-plugin-ima
  • rpm-plugin-prioreset
  • rpm-plugin-selinux
  • rpm-plugin-syslog
  • rpm-plugin-systemd-inhibit
  • rpm-sign
  • rsync
  • rsync-daemon
  • samba
  • samba-client
  • samba-client-libs
  • samba-common
  • samba-common-libs
  • samba-common-tools
  • samba-dc-libs
  • samba-krb5-printing
  • samba-libs
  • samba-pidl
  • samba-test
  • samba-test-libs
  • samba-winbind
  • samba-winbind-clients
  • samba-winbind-krb5-locator
  • samba-winbind-modules
  • sed
  • selinux-policy
  • selinux-policy-devel
  • selinux-policy-doc
  • selinux-policy-minimum
  • selinux-policy-mls
  • selinux-policy-sandbox
  • selinux-policy-targeted
  • setools-console
  • setserial
  • setup
  • sg3_utils
  • sg3_utils-libs
  • sgml-common
  • sgpio
  • shadow-utils
  • shared-mime-info
  • shim-ia32
  • shim-x64
  • slang
  • smartmontools
  • smc-tools
  • snappy
  • sos
  • sos-audit
  • spax
  • sqlite
  • sqlite-devel
  • sqlite-doc
  • sqlite-libs
  • squashfs-tools
  • srp_daemon
  • sssd
  • sssd-ad
  • sssd-client
  • sssd-common
  • sssd-common-pac
  • sssd-dbus
  • sssd-ipa
  • sssd-kcm
  • sssd-krb5
  • sssd-krb5-common
  • sssd-ldap
  • sssd-libwbclient
  • sssd-nfs-idmap
  • sssd-proxy
  • sssd-tools
  • sssd-winbind-idmap
  • star
  • strace
  • stunnel
  • subscription-manager
  • subscription-manager-cockpit
  • subscription-manager-plugin-container
  • subscription-manager-plugin-ostree
  • subscription-manager-rhsm-certificates
  • sudo
  • symlinks
  • syslinux
  • syslinux-extlinux
  • syslinux-extlinux-nonlinux
  • syslinux-nonlinux
  • syslinux-tftpboot
  • system-storage-manager
  • systemd
  • systemd-container
  • systemd-devel
  • systemd-journal-remote
  • systemd-libs
  • systemd-pam
  • systemd-tests
  • systemd-udev
  • tar
  • target-restore
  • tboot
  • tcl
  • tcl-devel
  • tcl-doc
  • tdb-tools
  • teamd
  • time
  • timedatex
  • tmpwatch
  • tmux
  • tpm-quote-tools
  • tpm-tools
  • tpm-tools-pkcs11
  • tpm2-abrmd
  • tpm2-abrmd-selinux
  • tpm2-tools
  • tpm2-tss
  • tpm2-tss-devel
  • trace-cmd
  • traceroute
  • tree
  • trousers
  • trousers-lib
  • tuna
  • tuned
  • tuned-profiles-atomic
  • tuned-profiles-compat
  • tuned-profiles-cpu-partitioning
  • tuned-profiles-mssql
  • tuned-profiles-oracle
  • tuned-profiles-sap
  • tuned-profiles-sap-hana
  • tzdata
  • units
  • unzip
  • usb_modeswitch
  • usb_modeswitch-data
  • usbutils
  • usermode
  • userspace-rcu
  • util-linux
  • util-linux-user
  • uuidd
  • vdo
  • veritysetup
  • vim-minimal
  • virt-what
  • vm-dump-metrics
  • vm-dump-metrics-devel
  • watchdog
  • which
  • words
  • wpa_supplicant
  • x3270
  • x3270-text
  • xdelta
  • xfsdump
  • xfsprogs
  • xfsprogs-devel
  • xml-common
  • xmlrpc-c
  • xmlrpc-c-client
  • xz
  • xz-devel
  • xz-libs
  • yum
  • zip
  • zlib
  • zlib-devel
  • zsh

Appendix C. Packages in AppStream

The following packages are available in the AppStream repository:

  • 389-ds-base
  • 389-ds-base-devel
  • 389-ds-base-legacy-tools
  • 389-ds-base-libs
  • 389-ds-base-snmp
  • CUnit
  • GConf2
  • Judy
  • LibRaw
  • NetworkManager-libreswan
  • NetworkManager-libreswan-gnome
  • OpenEXR-libs
  • PackageKit
  • PackageKit-command-not-found
  • PackageKit-cron
  • PackageKit-glib
  • PackageKit-gstreamer-plugin
  • PackageKit-gtk3-module
  • SDL
  • SDL-devel
  • WALinuxAgent
  • Xaw3d
  • abattis-cantarell-fonts
  • abrt
  • abrt-addon-ccpp
  • abrt-addon-coredump-helper
  • abrt-addon-kerneloops
  • abrt-addon-pstoreoops
  • abrt-addon-vmcore
  • abrt-addon-xorg
  • abrt-cli
  • abrt-cli-ng
  • abrt-console-notification
  • abrt-dbus
  • abrt-desktop
  • abrt-gui
  • abrt-gui-libs
  • abrt-java-connector
  • abrt-libs
  • abrt-plugin-machine-id
  • abrt-plugin-sosreport
  • abrt-tui
  • accountsservice
  • accountsservice-libs
  • acpid
  • acpid-sysvinit
  • adobe-mappings-cmap
  • adobe-mappings-cmap-deprecated
  • adobe-mappings-pdf
  • adwaita-cursor-theme
  • adwaita-gtk2-theme
  • adwaita-icon-theme
  • adwaita-qt
  • aide
  • alsa-firmware
  • alsa-lib
  • alsa-lib-devel
  • alsa-plugins-arcamav
  • alsa-plugins-maemo
  • alsa-plugins-oss
  • alsa-plugins-pulseaudio
  • alsa-plugins-samplerate
  • alsa-plugins-speex
  • alsa-plugins-upmix
  • alsa-plugins-usbstream
  • alsa-plugins-vdownmix
  • alsa-tools-firmware
  • alsa-ucm
  • alsa-utils
  • alsa-utils-alsabat
  • amanda
  • amanda-client
  • amanda-libs
  • amanda-server
  • anaconda
  • anaconda-core
  • anaconda-dracut
  • anaconda-gui
  • anaconda-install-env-deps
  • anaconda-tui
  • anaconda-user-help
  • anaconda-widgets
  • annobin
  • ant
  • ant-lib
  • aopalliance
  • apache-commons-cli
  • apache-commons-codec
  • apache-commons-collections
  • apache-commons-collections-javadoc
  • apache-commons-collections-testframework
  • apache-commons-io
  • apache-commons-lang
  • apache-commons-lang-javadoc
  • apache-commons-lang3
  • apache-commons-logging
  • apcu-panel
  • appstream-data
  • apr
  • apr-devel
  • apr-util
  • apr-util-bdb
  • apr-util-devel
  • apr-util-ldap
  • apr-util-mysql
  • apr-util-odbc
  • apr-util-openssl
  • apr-util-pgsql
  • apr-util-sqlite
  • asciidoc
  • aspell
  • aspell-en
  • at-spi2-atk
  • at-spi2-atk-devel
  • at-spi2-core
  • at-spi2-core-devel
  • atinject
  • atk
  • atk-devel
  • atkmm
  • authselect-compat
  • autoconf
  • autocorr-af
  • autocorr-bg
  • autocorr-ca
  • autocorr-cs
  • autocorr-da
  • autocorr-de
  • autocorr-en
  • autocorr-es
  • autocorr-fa
  • autocorr-fi
  • autocorr-fr
  • autocorr-ga
  • autocorr-hr
  • autocorr-hu
  • autocorr-is
  • autocorr-it
  • autocorr-ja
  • autocorr-ko
  • autocorr-lb
  • autocorr-lt
  • autocorr-mn
  • autocorr-nl
  • autocorr-pl
  • autocorr-pt
  • autocorr-ro
  • autocorr-ru
  • autocorr-sk
  • autocorr-sl
  • autocorr-sr
  • autocorr-sv
  • autocorr-tr
  • autocorr-vi
  • autocorr-zh
  • autogen-libopts
  • automake
  • avahi-ui-gtk3
  • babel
  • babl
  • bacula-client
  • bacula-common
  • bacula-console
  • bacula-director
  • bacula-libs
  • bacula-libs-sql
  • bacula-logwatch
  • bacula-storage
  • baobab
  • bcc
  • bcc-tools
  • bea-stax
  • bea-stax-api
  • bea-stax-javadoc
  • bind
  • bind-chroot
  • bind-devel
  • bind-dyndb-ldap
  • bind-libs
  • bind-libs-lite
  • bind-license
  • bind-lite-devel
  • bind-pkcs11
  • bind-pkcs11-devel
  • bind-pkcs11-libs
  • bind-pkcs11-utils
  • bind-sdb
  • bind-sdb-chroot
  • bind-utils
  • binutils-devel
  • bison
  • bison-runtime
  • bitmap-console-fonts
  • bitmap-fangsongti-fonts
  • bitmap-fixed-fonts
  • bitmap-fonts-compat
  • bitmap-lucida-typewriter-fonts
  • blas
  • blas64
  • blivet-data
  • bluez-cups
  • bogofilter
  • boost
  • boost-atomic
  • boost-chrono
  • boost-container
  • boost-context
  • boost-coroutine
  • boost-date-time
  • boost-devel
  • boost-fiber
  • boost-filesystem
  • boost-graph
  • boost-iostreams
  • boost-locale
  • boost-log
  • boost-math
  • boost-program-options
  • boost-random
  • boost-regex
  • boost-serialization
  • boost-signals
  • boost-stacktrace
  • boost-system
  • boost-test
  • boost-thread
  • boost-timer
  • boost-type_erasure
  • boost-wave
  • bpg-algeti-fonts
  • bpg-chveulebrivi-fonts
  • bpg-classic-fonts
  • bpg-courier-fonts
  • bpg-courier-s-fonts
  • bpg-dedaena-block-fonts
  • bpg-dejavu-sans-fonts
  • bpg-elite-fonts
  • bpg-excelsior-caps-fonts
  • bpg-excelsior-condenced-fonts
  • bpg-excelsior-fonts
  • bpg-fonts-common
  • bpg-glaho-fonts
  • bpg-gorda-fonts
  • bpg-ingiri-fonts
  • bpg-irubaqidze-fonts
  • bpg-mikhail-stephan-fonts
  • bpg-mrgvlovani-caps-fonts
  • bpg-mrgvlovani-fonts
  • bpg-nateli-caps-fonts
  • bpg-nateli-condenced-fonts
  • bpg-nateli-fonts
  • bpg-nino-medium-cond-fonts
  • bpg-nino-medium-fonts
  • bpg-sans-fonts
  • bpg-sans-medium-fonts
  • bpg-sans-modern-fonts
  • bpg-sans-regular-fonts
  • bpg-serif-fonts
  • bpg-serif-modern-fonts
  • bpg-ucnobi-fonts
  • brasero
  • brasero-libs
  • brasero-nautilus
  • brlapi
  • brlapi-java
  • brltty
  • brltty-at-spi2
  • brltty-docs
  • brltty-espeak-ng
  • brltty-xw
  • buildah
  • byacc
  • byteman
  • byteman-javadoc
  • c2esp
  • cairo
  • cairo-devel
  • cairo-gobject
  • cairo-gobject-devel
  • cairomm
  • cargo
  • cargo-doc
  • cargo-vendor
  • cdi-api
  • cdparanoia
  • cdparanoia-libs
  • cdrdao
  • celt051
  • certmonger
  • check
  • check-devel
  • cheese
  • cheese-libs
  • cim-schema
  • cjose
  • cjose-devel
  • clang
  • clang-analyzer
  • clang-devel
  • clang-libs
  • clang-tools-extra
  • cldr-emoji-annotation
  • clevis
  • clevis-dracut
  • clevis-luks
  • clevis-systemd
  • clevis-udisks2
  • cloud-init
  • cloud-utils-growpart
  • clucene-contribs-lib
  • clucene-core
  • clutter
  • clutter-gst2
  • clutter-gst3
  • clutter-gtk
  • cmake
  • cmake-data
  • cmake-doc
  • cmake-filesystem
  • cmake-gui
  • cmake-rpm-macros
  • cockpit
  • cockpit-composer
  • cockpit-dashboard
  • cockpit-machines
  • cockpit-machines-ovirt
  • cockpit-packagekit
  • cockpit-pcp
  • cockpit-session-recording
  • cockpit-storaged
  • cockpit-tests
  • cogl
  • color-filesystem
  • colord
  • colord-gtk
  • colord-libs
  • compat-libgfortran
  • compat-libpthread-nonshared
  • compat-locales-sap
  • compiler-rt
  • composer-cli
  • container-exception-logger
  • container-selinux
  • container-storage-setup
  • containernetworking-plugins
  • containers-common
  • convmv
  • copy-jdk-configs
  • cpp
  • crash
  • crash-gcore-command
  • crash-ptdump-command
  • crash-trace-command
  • createrepo_c
  • createrepo_c-devel
  • createrepo_c-libs
  • criu
  • cryptsetup-devel
  • cscope
  • ctags
  • culmus-aharoni-clm-fonts
  • culmus-caladings-clm-fonts
  • culmus-david-clm-fonts
  • culmus-drugulin-clm-fonts
  • culmus-ellinia-clm-fonts
  • culmus-fonts-common
  • culmus-frank-ruehl-clm-fonts
  • culmus-hadasim-clm-fonts
  • culmus-keteryg-fonts
  • culmus-miriam-clm-fonts
  • culmus-miriam-mono-clm-fonts
  • culmus-nachlieli-clm-fonts
  • culmus-shofar-fonts
  • culmus-simple-clm-fonts
  • culmus-stamashkenaz-clm-fonts
  • culmus-stamsefarad-clm-fonts
  • culmus-yehuda-clm-fonts
  • cups
  • cups-client
  • cups-devel
  • cups-filesystem
  • cups-filters
  • cups-filters-libs
  • cups-ipptool
  • cups-lpd
  • cups-pk-helper
  • custodia
  • cyrus-imapd
  • cyrus-imapd-utils
  • cyrus-imapd-vzic
  • cyrus-sasl-sql
  • daxio
  • dbus-devel
  • dbus-glib-devel
  • dbus-x11
  • dconf
  • dconf-editor
  • dcraw
  • desktop-file-utils
  • devhelp
  • devhelp-libs
  • dialog
  • diffstat
  • dleyna-connector-dbus
  • dleyna-core
  • dleyna-renderer
  • dleyna-server
  • dlm-lib
  • dnf-plugin-spacewalk
  • dnsmasq
  • dnsmasq-utils
  • dnssec-trigger
  • dnssec-trigger-panel
  • docbook-dtds
  • docbook-style-xsl
  • dotconf
  • dotnet
  • dotnet-host
  • dotnet-runtime
  • dotnet-sdk
  • dovecot
  • dovecot-mysql
  • dovecot-pgsql
  • dpdk
  • dpdk-devel
  • dpdk-doc
  • dpdk-tools
  • driverctl
  • dropwatch
  • drpm
  • dwz
  • dyninst
  • edk2-aarch64
  • edk2-ovmf
  • efi-srpm-macros
  • egl-wayland
  • emacs
  • emacs-common
  • emacs-lucid
  • emacs-nox
  • emacs-terminal
  • enchant
  • enchant2
  • enscript
  • eog
  • esc
  • espeak-ng
  • evemu
  • evemu-libs
  • evince
  • evince-browser-plugin
  • evince-libs
  • evince-nautilus
  • evolution
  • evolution-bogofilter
  • evolution-data-server
  • evolution-data-server-devel
  • evolution-data-server-langpacks
  • evolution-ews
  • evolution-ews-langpacks
  • evolution-help
  • evolution-langpacks
  • evolution-mapi
  • evolution-mapi-langpacks
  • evolution-pst
  • evolution-spamassassin
  • exchange-bmc-os-info
  • exempi
  • exiv2
  • exiv2-libs
  • fabtests
  • farstream02
  • fence-agents-amt-ws
  • fence-agents-apc
  • fence-agents-apc-snmp
  • fence-agents-bladecenter
  • fence-agents-brocade
  • fence-agents-cisco-mds
  • fence-agents-cisco-ucs
  • fence-agents-common
  • fence-agents-compute
  • fence-agents-drac5
  • fence-agents-eaton-snmp
  • fence-agents-emerson
  • fence-agents-eps
  • fence-agents-hpblade
  • fence-agents-ibmblade
  • fence-agents-ifmib
  • fence-agents-ilo-moonshot
  • fence-agents-ilo-mp
  • fence-agents-ilo-ssh
  • fence-agents-ilo2
  • fence-agents-intelmodular
  • fence-agents-ipdu
  • fence-agents-ipmilan
  • fence-agents-kdump
  • fence-agents-mpath
  • fence-agents-rhevm
  • fence-agents-rsa
  • fence-agents-rsb
  • fence-agents-scsi
  • fence-agents-virsh
  • fence-agents-vmware-soap
  • fence-agents-wti
  • fence-virt
  • fence-virtd
  • fence-virtd-libvirt
  • fence-virtd-multicast
  • fence-virtd-serial
  • fence-virtd-tcp
  • fetchmail
  • fftw
  • fftw-devel
  • fftw-libs
  • fftw-libs-double
  • fftw-libs-long
  • fftw-libs-quad
  • fftw-libs-single
  • fftw-static
  • file-roller
  • file-roller-nautilus
  • fio
  • firefox
  • firewall-applet
  • firewall-config
  • flac-libs
  • flatpak
  • flatpak-builder
  • flatpak-libs
  • flex
  • flex-doc
  • fltk
  • flute
  • fontawesome-fonts
  • fonts-tweak-tool
  • foomatic
  • foomatic-db
  • foomatic-db-filesystem
  • foomatic-db-ppds
  • fprintd
  • fprintd-pam
  • freeglut
  • freeglut-devel
  • freeradius
  • freeradius-devel
  • freeradius-doc
  • freeradius-krb5
  • freeradius-ldap
  • freeradius-mysql
  • freeradius-perl
  • freeradius-postgresql
  • freeradius-rest
  • freeradius-sqlite
  • freeradius-unixODBC
  • freeradius-utils
  • freerdp
  • freerdp-libs
  • frei0r-plugins
  • frei0r-plugins-opencv
  • fribidi
  • fribidi-devel
  • ftp
  • fuse-overlayfs
  • galera
  • gavl
  • gc
  • gcc
  • gcc-c++
  • gcc-gdb-plugin
  • gcc-gfortran
  • gcc-offload-nvptx
  • gcr
  • gcr-devel
  • gd
  • gd-devel
  • gdb
  • gdb-doc
  • gdb-gdbserver
  • gdb-headless
  • gdk-pixbuf2-devel
  • gdk-pixbuf2-modules
  • gdm
  • gedit
  • gegl
  • gegl04
  • geoclue2
  • geoclue2-demos
  • geoclue2-libs
  • geocode-glib
  • geocode-glib-devel
  • geoipupdate
  • geolite2-city
  • geolite2-country
  • geronimo-annotation
  • gfbgraph
  • ghc-srpm-macros
  • ghostscript
  • giflib
  • gimp
  • gimp-devel
  • gimp-devel-tools
  • gimp-libs
  • git
  • git-all
  • git-clang-format
  • git-core
  • git-core-doc
  • git-daemon
  • git-email
  • git-gui
  • git-instaweb
  • git-subtree
  • git-svn
  • gitk
  • gitweb
  • gjs
  • gl-manpages
  • glade-libs
  • glassfish-el-api
  • glassfish-fastinfoset
  • glassfish-fastinfoset-javadoc
  • glassfish-jax-rs-api
  • glassfish-jax-rs-api-javadoc
  • glassfish-jaxb-api
  • glassfish-jaxb-api-javadoc
  • glassfish-jaxb-codemodel
  • glassfish-jaxb-codemodel-annotation-compiler
  • glassfish-jaxb-core
  • glassfish-jaxb-rngom
  • glassfish-jaxb-runtime
  • glassfish-jaxb-txw2
  • glibc-utils
  • glibmm24
  • glusterfs
  • glusterfs-api
  • glusterfs-cli
  • glusterfs-client-xlators
  • glx-utils
  • gnome-abrt
  • gnome-autoar
  • gnome-backgrounds
  • gnome-backgrounds-extras
  • gnome-bluetooth
  • gnome-bluetooth-libs
  • gnome-boxes
  • gnome-calculator
  • gnome-characters
  • gnome-classic-session
  • gnome-color-manager
  • gnome-control-center
  • gnome-control-center-filesystem
  • gnome-desktop3
  • gnome-desktop3-devel
  • gnome-disk-utility
  • gnome-font-viewer
  • gnome-getting-started-docs
  • gnome-getting-started-docs-cs
  • gnome-getting-started-docs-de
  • gnome-getting-started-docs-es
  • gnome-getting-started-docs-fr
  • gnome-getting-started-docs-gl
  • gnome-getting-started-docs-hu
  • gnome-getting-started-docs-it
  • gnome-getting-started-docs-pl
  • gnome-getting-started-docs-pt_BR
  • gnome-getting-started-docs-ru
  • gnome-initial-setup
  • gnome-keyring
  • gnome-keyring-pam
  • gnome-logs
  • gnome-menus
  • gnome-online-accounts
  • gnome-online-accounts-devel
  • gnome-online-miners
  • gnome-photos
  • gnome-photos-tests
  • gnome-remote-desktop
  • gnome-screenshot
  • gnome-session
  • gnome-session-wayland-session
  • gnome-session-xsession
  • gnome-settings-daemon
  • gnome-shell
  • gnome-shell-extension-alternate-tab
  • gnome-shell-extension-apps-menu
  • gnome-shell-extension-auto-move-windows
  • gnome-shell-extension-common
  • gnome-shell-extension-drive-menu
  • gnome-shell-extension-launch-new-instance
  • gnome-shell-extension-native-window-placement
  • gnome-shell-extension-places-menu
  • gnome-shell-extension-screenshot-window-sizer
  • gnome-shell-extension-user-theme
  • gnome-shell-extension-window-list
  • gnome-shell-extension-windowsNavigator
  • gnome-shell-extension-workspace-indicator
  • gnome-software
  • gnome-software-editor
  • gnome-system-monitor
  • gnome-terminal
  • gnome-terminal-nautilus
  • gnome-themes-standard
  • gnome-tweaks
  • gnome-user-docs
  • gnome-video-effects
  • gnu-free-fonts-common
  • gnu-free-mono-fonts
  • gnu-free-sans-fonts
  • gnu-free-serif-fonts
  • gnuplot
  • gnuplot-common
  • gnutls-c++
  • gnutls-dane
  • gnutls-devel
  • gnutls-utils
  • go-srpm-macros
  • go-toolset
  • golang
  • golang-bin
  • golang-docs
  • golang-misc
  • golang-race
  • golang-src
  • golang-tests
  • gom
  • google-crosextra-caladea-fonts
  • google-crosextra-carlito-fonts
  • google-droid-kufi-fonts
  • google-droid-sans-fonts
  • google-droid-sans-mono-fonts
  • google-droid-serif-fonts
  • google-guice
  • google-noto-cjk-fonts-common
  • google-noto-emoji-color-fonts
  • google-noto-emoji-fonts
  • google-noto-fonts-common
  • google-noto-kufi-arabic-fonts
  • google-noto-mono-fonts
  • google-noto-naskh-arabic-fonts
  • google-noto-naskh-arabic-ui-fonts
  • google-noto-nastaliq-urdu-fonts
  • google-noto-sans-armenian-fonts
  • google-noto-sans-avestan-fonts
  • google-noto-sans-balinese-fonts
  • google-noto-sans-bamum-fonts
  • google-noto-sans-batak-fonts
  • google-noto-sans-bengali-fonts
  • google-noto-sans-bengali-ui-fonts
  • google-noto-sans-brahmi-fonts
  • google-noto-sans-buginese-fonts
  • google-noto-sans-buhid-fonts
  • google-noto-sans-canadian-aboriginal-fonts
  • google-noto-sans-carian-fonts
  • google-noto-sans-cham-fonts
  • google-noto-sans-cherokee-fonts
  • google-noto-sans-cjk-ttc-fonts
  • google-noto-sans-coptic-fonts
  • google-noto-sans-cuneiform-fonts
  • google-noto-sans-cypriot-fonts
  • google-noto-sans-deseret-fonts
  • google-noto-sans-devanagari-fonts
  • google-noto-sans-devanagari-ui-fonts
  • google-noto-sans-egyptian-hieroglyphs-fonts
  • google-noto-sans-ethiopic-fonts
  • google-noto-sans-fonts
  • google-noto-sans-georgian-fonts
  • google-noto-sans-glagolitic-fonts
  • google-noto-sans-gothic-fonts
  • google-noto-sans-gujarati-fonts
  • google-noto-sans-gujarati-ui-fonts
  • google-noto-sans-gurmukhi-fonts
  • google-noto-sans-gurmukhi-ui-fonts
  • google-noto-sans-hanunoo-fonts
  • google-noto-sans-hebrew-fonts
  • google-noto-sans-imperial-aramaic-fonts
  • google-noto-sans-inscriptional-pahlavi-fonts
  • google-noto-sans-inscriptional-parthian-fonts
  • google-noto-sans-javanese-fonts
  • google-noto-sans-kaithi-fonts
  • google-noto-sans-kannada-fonts
  • google-noto-sans-kannada-ui-fonts
  • google-noto-sans-kayah-li-fonts
  • google-noto-sans-kharoshthi-fonts
  • google-noto-sans-khmer-fonts
  • google-noto-sans-khmer-ui-fonts
  • google-noto-sans-lao-fonts
  • google-noto-sans-lao-ui-fonts
  • google-noto-sans-lepcha-fonts
  • google-noto-sans-limbu-fonts
  • google-noto-sans-linear-b-fonts
  • google-noto-sans-lisu-fonts
  • google-noto-sans-lycian-fonts
  • google-noto-sans-lydian-fonts
  • google-noto-sans-malayalam-fonts
  • google-noto-sans-malayalam-ui-fonts
  • google-noto-sans-mandaic-fonts
  • google-noto-sans-meetei-mayek-fonts
  • google-noto-sans-mongolian-fonts
  • google-noto-sans-myanmar-fonts
  • google-noto-sans-myanmar-ui-fonts
  • google-noto-sans-new-tai-lue-fonts
  • google-noto-sans-nko-fonts
  • google-noto-sans-ogham-fonts
  • google-noto-sans-ol-chiki-fonts
  • google-noto-sans-old-italic-fonts
  • google-noto-sans-old-persian-fonts
  • google-noto-sans-old-south-arabian-fonts
  • google-noto-sans-old-turkic-fonts
  • google-noto-sans-oriya-fonts
  • google-noto-sans-oriya-ui-fonts
  • google-noto-sans-osmanya-fonts
  • google-noto-sans-phags-pa-fonts
  • google-noto-sans-phoenician-fonts
  • google-noto-sans-rejang-fonts
  • google-noto-sans-runic-fonts
  • google-noto-sans-samaritan-fonts
  • google-noto-sans-saurashtra-fonts
  • google-noto-sans-shavian-fonts
  • google-noto-sans-sinhala-fonts
  • google-noto-sans-sundanese-fonts
  • google-noto-sans-syloti-nagri-fonts
  • google-noto-sans-symbols-fonts
  • google-noto-sans-syriac-eastern-fonts
  • google-noto-sans-syriac-estrangela-fonts
  • google-noto-sans-syriac-western-fonts
  • google-noto-sans-tagalog-fonts
  • google-noto-sans-tagbanwa-fonts
  • google-noto-sans-tai-le-fonts
  • google-noto-sans-tai-tham-fonts
  • google-noto-sans-tai-viet-fonts
  • google-noto-sans-tamil-fonts
  • google-noto-sans-tamil-ui-fonts
  • google-noto-sans-telugu-fonts
  • google-noto-sans-telugu-ui-fonts
  • google-noto-sans-thaana-fonts
  • google-noto-sans-thai-fonts
  • google-noto-sans-thai-ui-fonts
  • google-noto-sans-tibetan-fonts
  • google-noto-sans-tifinagh-fonts
  • google-noto-sans-ugaritic-fonts
  • google-noto-sans-ui-fonts
  • google-noto-sans-vai-fonts
  • google-noto-sans-yi-fonts
  • google-noto-serif-armenian-fonts
  • google-noto-serif-bengali-fonts
  • google-noto-serif-cjk-ttc-fonts
  • google-noto-serif-devanagari-fonts
  • google-noto-serif-fonts
  • google-noto-serif-georgian-fonts
  • google-noto-serif-gujarati-fonts
  • google-noto-serif-kannada-fonts
  • google-noto-serif-khmer-fonts
  • google-noto-serif-lao-fonts
  • google-noto-serif-malayalam-fonts
  • google-noto-serif-tamil-fonts
  • google-noto-serif-telugu-fonts
  • google-noto-serif-thai-fonts
  • gpm
  • gpm-devel
  • gpm-libs
  • graphite2
  • graphite2-devel
  • graphviz
  • grilo
  • grilo-plugins
  • gsettings-desktop-schemas
  • gsettings-desktop-schemas-devel
  • gsl
  • gsl-devel
  • gsm
  • gsound
  • gspell
  • gssdp
  • gssntlmssp
  • gstreamer1
  • gstreamer1-devel
  • gstreamer1-plugins-bad-free
  • gstreamer1-plugins-base
  • gstreamer1-plugins-base-devel
  • gstreamer1-plugins-good
  • gstreamer1-plugins-good-gtk
  • gstreamer1-plugins-ugly-free
  • gtk-update-icon-cache
  • gtk-vnc2
  • gtk2
  • gtk2-devel
  • gtk2-devel-docs
  • gtk2-immodule-xim
  • gtk2-immodules
  • gtk3
  • gtk3-devel
  • gtk3-immodule-xim
  • gtkmm24
  • gtkmm30
  • gtksourceview3
  • gtkspell
  • gtkspell3
  • guava20
  • gubbi-fonts
  • guile
  • gupnp
  • gupnp-av
  • gupnp-dlna
  • gupnp-igd
  • gutenprint
  • gutenprint-cups
  • gutenprint-doc
  • gutenprint-libs
  • gutenprint-libs-ui
  • gutenprint-plugin
  • gvfs
  • gvfs-afc
  • gvfs-afp
  • gvfs-archive
  • gvfs-client
  • gvfs-devel
  • gvfs-fuse
  • gvfs-goa
  • gvfs-gphoto2
  • gvfs-mtp
  • gvfs-smb
  • gvnc
  • haproxy
  • harfbuzz
  • harfbuzz-devel
  • harfbuzz-icu
  • hawtjni-runtime
  • hexchat
  • hexchat-devel
  • hexedit
  • hicolor-icon-theme
  • highlight
  • hivex
  • hivex-devel
  • hivex-static
  • hplip
  • hplip-common
  • hplip-gui
  • hplip-libs
  • hspell
  • http-parser
  • http-parser-devel
  • httpcomponents-client
  • httpcomponents-core
  • httpd
  • httpd-devel
  • httpd-filesystem
  • httpd-manual
  • httpd-tools
  • hunspell
  • hunspell-af
  • hunspell-ak
  • hunspell-am
  • hunspell-ar
  • hunspell-as
  • hunspell-ast
  • hunspell-az
  • hunspell-be
  • hunspell-ber
  • hunspell-bg
  • hunspell-bn
  • hunspell-br
  • hunspell-ca
  • hunspell-cop
  • hunspell-cs
  • hunspell-csb
  • hunspell-cv
  • hunspell-cy
  • hunspell-da
  • hunspell-de
  • hunspell-devel
  • hunspell-dsb
  • hunspell-el
  • hunspell-en
  • hunspell-en-GB
  • hunspell-en-US
  • hunspell-eo
  • hunspell-es
  • hunspell-es-AR
  • hunspell-es-BO
  • hunspell-es-CL
  • hunspell-es-CO
  • hunspell-es-CR
  • hunspell-es-CU
  • hunspell-es-DO
  • hunspell-es-EC
  • hunspell-es-ES
  • hunspell-es-GT
  • hunspell-es-HN
  • hunspell-es-MX
  • hunspell-es-NI
  • hunspell-es-PA
  • hunspell-es-PE
  • hunspell-es-PR
  • hunspell-es-PY
  • hunspell-es-SV
  • hunspell-es-US
  • hunspell-es-UY
  • hunspell-es-VE
  • hunspell-et
  • hunspell-eu
  • hunspell-fa
  • hunspell-fj
  • hunspell-fo
  • hunspell-fr
  • hunspell-fur
  • hunspell-fy
  • hunspell-ga
  • hunspell-gd
  • hunspell-gl
  • hunspell-grc
  • hunspell-gu
  • hunspell-gv
  • hunspell-haw
  • hunspell-he
  • hunspell-hi
  • hunspell-hil
  • hunspell-hr
  • hunspell-hsb
  • hunspell-ht
  • hunspell-hu
  • hunspell-hy
  • hunspell-ia
  • hunspell-id
  • hunspell-is
  • hunspell-it
  • hunspell-kk
  • hunspell-km
  • hunspell-kn
  • hunspell-ko
  • hunspell-ku
  • hunspell-ky
  • hunspell-la
  • hunspell-lb
  • hunspell-ln
  • hunspell-lt
  • hunspell-lv
  • hunspell-mai
  • hunspell-mg
  • hunspell-mi
  • hunspell-mk
  • hunspell-ml
  • hunspell-mn
  • hunspell-mos
  • hunspell-mr
  • hunspell-ms
  • hunspell-mt
  • hunspell-nb
  • hunspell-nds
  • hunspell-ne
  • hunspell-nl
  • hunspell-nn
  • hunspell-nr
  • hunspell-nso
  • hunspell-ny
  • hunspell-oc
  • hunspell-om
  • hunspell-or
  • hunspell-pa
  • hunspell-pl
  • hunspell-pt
  • hunspell-qu
  • hunspell-quh
  • hunspell-ro
  • hunspell-ru
  • hunspell-rw
  • hunspell-sc
  • hunspell-se
  • hunspell-shs
  • hunspell-si
  • hunspell-sk
  • hunspell-sl
  • hunspell-smj
  • hunspell-so
  • hunspell-sq
  • hunspell-sr
  • hunspell-ss
  • hunspell-st
  • hunspell-sv
  • hunspell-sw
  • hunspell-ta
  • hunspell-te
  • hunspell-tet
  • hunspell-th
  • hunspell-ti
  • hunspell-tk
  • hunspell-tl
  • hunspell-tn
  • hunspell-tpi
  • hunspell-ts
  • hunspell-uk
  • hunspell-ur
  • hunspell-uz
  • hunspell-ve
  • hunspell-vi
  • hunspell-wa
  • hunspell-xh
  • hunspell-yi
  • hunspell-zu
  • hwloc-gui
  • hwloc-plugins
  • hyperv-daemons
  • hyperv-daemons-license
  • hyperv-tools
  • hypervfcopyd
  • hypervkvpd
  • hypervvssd
  • hyphen
  • hyphen-af
  • hyphen-as
  • hyphen-be
  • hyphen-bg
  • hyphen-bn
  • hyphen-ca
  • hyphen-cs
  • hyphen-cy
  • hyphen-da
  • hyphen-de
  • hyphen-el
  • hyphen-en
  • hyphen-es
  • hyphen-et
  • hyphen-eu
  • hyphen-fa
  • hyphen-fo
  • hyphen-fr
  • hyphen-ga
  • hyphen-gl
  • hyphen-grc
  • hyphen-gu
  • hyphen-hi
  • hyphen-hr
  • hyphen-hsb
  • hyphen-hu
  • hyphen-ia
  • hyphen-id
  • hyphen-is
  • hyphen-it
  • hyphen-kn
  • hyphen-ku
  • hyphen-lt
  • hyphen-lv
  • hyphen-mi
  • hyphen-ml
  • hyphen-mn
  • hyphen-mr
  • hyphen-nb
  • hyphen-nl
  • hyphen-nn
  • hyphen-or
  • hyphen-pa
  • hyphen-pl
  • hyphen-pt
  • hyphen-ro
  • hyphen-ru
  • hyphen-sa
  • hyphen-sk
  • hyphen-sl
  • hyphen-sr
  • hyphen-sv
  • hyphen-ta
  • hyphen-te
  • hyphen-tk
  • hyphen-uk
  • hyphen-zu
  • i2c-tools
  • i2c-tools-perl
  • ibus
  • ibus-gtk2
  • ibus-gtk3
  • ibus-hangul
  • ibus-kkc
  • ibus-libpinyin
  • ibus-libs
  • ibus-libzhuyin
  • ibus-m17n
  • ibus-sayura
  • ibus-setup
  • ibus-table
  • ibus-table-chinese
  • ibus-table-chinese-array
  • ibus-table-chinese-cangjie
  • ibus-table-chinese-cantonese
  • ibus-table-chinese-easy
  • ibus-table-chinese-erbi
  • ibus-table-chinese-quick
  • ibus-table-chinese-scj
  • ibus-table-chinese-stroke5
  • ibus-table-chinese-wu
  • ibus-table-chinese-wubi-haifeng
  • ibus-table-chinese-wubi-jidian
  • ibus-table-chinese-yong
  • ibus-typing-booster
  • ibus-wayland
  • icedax
  • icedtea-web
  • icedtea-web-javadoc
  • icoutils
  • iio-sensor-proxy
  • ilmbase
  • initial-setup
  • initial-setup-gui
  • inkscape
  • inkscape-docs
  • inkscape-view
  • insights-client
  • intel-gpu-tools
  • intltool
  • iowatcher
  • ipa-client
  • ipa-client-common
  • ipa-common
  • ipa-idoverride-memberof-plugin
  • ipa-python-compat
  • ipa-server
  • ipa-server-common
  • ipa-server-dns
  • ipa-server-trust-ad
  • iperf3
  • ipmitool
  • ipvsadm
  • ipxe-bootimgs
  • ipxe-roms
  • ipxe-roms-qemu
  • irssi
  • isl
  • iso-codes
  • isomd5sum
  • istack-commons-runtime
  • istack-commons-tools
  • itstool
  • jackson-annotations
  • jackson-annotations-javadoc
  • jackson-core
  • jackson-core-javadoc
  • jackson-databind
  • jackson-databind-javadoc
  • jackson-jaxrs-json-provider
  • jackson-jaxrs-providers
  • jackson-jaxrs-providers-datatypes
  • jackson-jaxrs-providers-javadoc
  • jackson-module-jaxb-annotations
  • jackson-module-jaxb-annotations-javadoc
  • jakarta-commons-httpclient
  • jakarta-commons-httpclient-demo
  • jakarta-commons-httpclient-javadoc
  • jakarta-commons-httpclient-manual
  • jansi
  • jansi-native
  • jansson-devel
  • jasper-libs
  • java
  • java-atk-wrapper
  • javapackages-filesystem
  • javapackages-tools
  • javassist
  • javassist-javadoc
  • jbig2dec-libs
  • jbigkit-libs
  • jboss-annotations
  • jboss-interceptors
  • jboss-jaxrs
  • jboss-logging
  • jboss-logging-tools
  • jcl-over-slf4j
  • jdeparser
  • jline
  • jomolhari-fonts
  • jose
  • jq
  • json-glib-devel
  • jsoup
  • jss
  • jss-javadoc
  • julietaula-montserrat-fonts
  • kacst-art-fonts
  • kacst-book-fonts
  • kacst-decorative-fonts
  • kacst-digital-fonts
  • kacst-farsi-fonts
  • kacst-fonts-common
  • kacst-letter-fonts
  • kacst-naskh-fonts
  • kacst-office-fonts
  • kacst-one-fonts
  • kacst-pen-fonts
  • kacst-poster-fonts
  • kacst-qurn-fonts
  • kacst-screen-fonts
  • kacst-title-fonts
  • kacst-titlel-fonts
  • kdump-anaconda-addon
  • keepalived
  • kernel-rpm-macros
  • kernelshark
  • keybinder3
  • keycloak-httpd-client-install
  • khmeros-base-fonts
  • khmeros-battambang-fonts
  • khmeros-bokor-fonts
  • khmeros-fonts-common
  • khmeros-handwritten-fonts
  • khmeros-metal-chrieng-fonts
  • khmeros-muol-fonts
  • khmeros-siemreap-fonts
  • koan
  • ksh
  • kurdit-unikurd-web-fonts
  • kyotocabinet-libs
  • lame-libs
  • langpacks-af
  • langpacks-am
  • langpacks-ar
  • langpacks-as
  • langpacks-ast
  • langpacks-be
  • langpacks-bg
  • langpacks-bn
  • langpacks-br
  • langpacks-bs
  • langpacks-ca
  • langpacks-cs
  • langpacks-cy
  • langpacks-da
  • langpacks-de
  • langpacks-el
  • langpacks-en
  • langpacks-en_GB
  • langpacks-es
  • langpacks-et
  • langpacks-eu
  • langpacks-fa
  • langpacks-fi
  • langpacks-fr
  • langpacks-ga
  • langpacks-gl
  • langpacks-gu
  • langpacks-he
  • langpacks-hi
  • langpacks-hr
  • langpacks-hu
  • langpacks-ia
  • langpacks-id
  • langpacks-is
  • langpacks-it
  • langpacks-ja
  • langpacks-kk
  • langpacks-kn
  • langpacks-ko
  • langpacks-lt
  • langpacks-lv
  • langpacks-mai
  • langpacks-mk
  • langpacks-ml
  • langpacks-mr
  • langpacks-ms
  • langpacks-nb
  • langpacks-ne
  • langpacks-nl
  • langpacks-nn
  • langpacks-nr
  • langpacks-nso
  • langpacks-or
  • langpacks-pa
  • langpacks-pl
  • langpacks-pt
  • langpacks-pt_BR
  • langpacks-ro
  • langpacks-ru
  • langpacks-si
  • langpacks-sk
  • langpacks-sl
  • langpacks-sq
  • langpacks-sr
  • langpacks-ss
  • langpacks-sv
  • langpacks-ta
  • langpacks-te
  • langpacks-th
  • langpacks-tn
  • langpacks-tr
  • langpacks-ts
  • langpacks-uk
  • langpacks-ur
  • langpacks-ve
  • langpacks-vi
  • langpacks-xh
  • langpacks-zh_CN
  • langpacks-zh_TW
  • langpacks-zu
  • langtable
  • langtable-data
  • lapack
  • lapack64
  • lasso
  • lato-fonts
  • lcms2
  • ldapjdk
  • ldapjdk-javadoc
  • ldns
  • lemon
  • lftp
  • lftp-scripts
  • libICE
  • libICE-devel
  • libSM
  • libSM-devel
  • libX11
  • libX11-common
  • libX11-devel
  • libX11-xcb
  • libXNVCtrl
  • libXScrnSaver
  • libXScrnSaver-devel
  • libXau
  • libXau-devel
  • libXaw
  • libXaw-devel
  • libXcomposite
  • libXcomposite-devel
  • libXcursor
  • libXcursor-devel
  • libXdamage
  • libXdamage-devel
  • libXdmcp
  • libXext
  • libXext-devel
  • libXfixes
  • libXfixes-devel
  • libXfont2
  • libXft
  • libXft-devel
  • libXi
  • libXi-devel
  • libXinerama
  • libXinerama-devel
  • libXmu
  • libXmu-devel
  • libXp
  • libXp-devel
  • libXpm
  • libXpm-devel
  • libXrandr
  • libXrandr-devel
  • libXrender
  • libXrender-devel
  • libXres
  • libXt
  • libXt-devel
  • libXtst
  • libXtst-devel
  • libXv
  • libXv-devel
  • libXvMC
  • libXxf86dga
  • libXxf86dga-devel
  • libXxf86misc
  • libXxf86misc-devel
  • libXxf86vm
  • libXxf86vm-devel
  • liba52
  • libabw
  • libao
  • libappindicator-gtk3
  • libasyncns
  • libatasmart
  • libatomic_ops
  • libavc1394
  • libbabeltrace
  • libbase
  • libblockdev
  • libblockdev-crypto
  • libblockdev-dm
  • libblockdev-fs
  • libblockdev-kbd
  • libblockdev-loop
  • libblockdev-lvm
  • libblockdev-lvm-dbus
  • libblockdev-mdraid
  • libblockdev-mpath
  • libblockdev-nvdimm
  • libblockdev-part
  • libblockdev-plugins-all
  • libblockdev-swap
  • libblockdev-utils
  • libblockdev-vdo
  • libbluray
  • libburn
  • libbytesize
  • libcacard
  • libcanberra
  • libcanberra-devel
  • libcanberra-gtk2
  • libcanberra-gtk3
  • libcdio
  • libcdio-paranoia
  • libcdr
  • libcmis
  • libcmpiCppImpl0
  • libdatrie
  • libdazzle
  • libdb-devel
  • libdbusmenu
  • libdbusmenu-gtk3
  • libdc1394
  • libdmapsharing
  • libdmx
  • libdnet
  • libdrm
  • libdrm-devel
  • libdv
  • libdvdnav
  • libdvdread
  • libdwarf
  • libeasyfc
  • libeasyfc-gobject
  • libecap
  • libecap-devel
  • libepoxy
  • libepoxy-devel
  • libepubgen
  • libestr
  • libetonyek
  • libev
  • libev-devel
  • libev-libevent-devel
  • libev-source
  • libevdev
  • libevent-devel
  • libexif
  • libexttextcat
  • libfastjson
  • libfontenc
  • libfonts
  • libformula
  • libfprint
  • libfreehand
  • libgdata
  • libgdata-devel
  • libgdither
  • libgee
  • libgexiv2
  • libgit2
  • libgit2-glib
  • libglvnd
  • libglvnd-core-devel
  • libglvnd-devel
  • libglvnd-egl
  • libglvnd-gles
  • libglvnd-glx
  • libglvnd-opengl
  • libgnomekbd
  • libgovirt
  • libgphoto2
  • libgpod
  • libgs
  • libgsf
  • libgtop2
  • libguestfs
  • libguestfs-bash-completion
  • libguestfs-benchmarking
  • libguestfs-devel
  • libguestfs-gfs2
  • libguestfs-gobject
  • libguestfs-gobject-devel
  • libguestfs-inspect-icons
  • libguestfs-java
  • libguestfs-java-devel
  • libguestfs-javadoc
  • libguestfs-man-pages-ja
  • libguestfs-man-pages-uk
  • libguestfs-rescue
  • libguestfs-rsync
  • libguestfs-tools
  • libguestfs-tools-c
  • libguestfs-winsupport
  • libguestfs-xfs
  • libgweather
  • libgweather-devel
  • libgxps
  • libhangul
  • libi2c
  • libical-devel
  • libiec61883
  • libieee1284
  • libieee1284-devel
  • libijs
  • libimobiledevice
  • libindicator-gtk3
  • libinput
  • libinput-utils
  • libipt
  • libiptcdata
  • libiscsi
  • libiscsi-devel
  • libiscsi-utils
  • libisofs
  • libitm-devel
  • libjose
  • libjose-devel
  • libjpeg-turbo-utils
  • libkkc
  • libkkc-common
  • libkkc-data
  • liblangtag
  • liblangtag-data
  • liblayout
  • libloader
  • liblockfile
  • liblognorm
  • liblouis
  • libluksmeta
  • libluksmeta-devel
  • libmad
  • libmalaga
  • libmatchbox
  • libmaxminddb
  • libmcpp
  • libmediaart
  • libmemcached
  • libmemcached-libs
  • libmng
  • libmng-devel
  • libmpc
  • libmpcdec
  • libmspack
  • libmspub
  • libmtp
  • libmusicbrainz5
  • libmwaw
  • libnet
  • libnice
  • libnice-gstreamer1
  • libnma
  • libnotify
  • libnotify-devel
  • liboauth
  • liboauth-devel
  • libodfgen
  • libogg
  • libomp
  • libomp-devel
  • libomp-test
  • libopenraw
  • liborcus
  • libosinfo
  • libotf
  • libpagemaker
  • libpaper
  • libpeas-gtk
  • libpeas-loader-python3
  • libpinyin
  • libpinyin-data
  • libplist
  • libpmem
  • libpmem-devel
  • libpmemblk
  • libpmemblk-devel
  • libpmemcto
  • libpmemcto-devel
  • libpmemlog
  • libpmemlog-devel
  • libpmemobj++-devel
  • libpmemobj
  • libpmemobj-devel
  • libpmempool
  • libpmempool-devel
  • libpng12
  • libpq
  • libpq-devel
  • libproxy-bin
  • libproxy-gnome
  • libproxy-networkmanager
  • libproxy-webkitgtk4
  • libpst-libs
  • libpurple
  • libquadmath-devel
  • libquvi
  • libquvi-scripts
  • libqxp
  • librados2
  • libraw1394
  • librbd1
  • librdkafka
  • librelp
  • libreoffice-base
  • libreoffice-calc
  • libreoffice-core
  • libreoffice-data
  • libreoffice-draw
  • libreoffice-emailmerge
  • libreoffice-graphicfilter
  • libreoffice-gtk2
  • libreoffice-gtk3
  • libreoffice-help-ar
  • libreoffice-help-bg
  • libreoffice-help-bn
  • libreoffice-help-ca
  • libreoffice-help-cs
  • libreoffice-help-da
  • libreoffice-help-de
  • libreoffice-help-dz
  • libreoffice-help-el
  • libreoffice-help-en
  • libreoffice-help-es
  • libreoffice-help-et
  • libreoffice-help-eu
  • libreoffice-help-fi
  • libreoffice-help-fr
  • libreoffice-help-gl
  • libreoffice-help-gu
  • libreoffice-help-he
  • libreoffice-help-hi
  • libreoffice-help-hr
  • libreoffice-help-hu
  • libreoffice-help-id
  • libreoffice-help-it
  • libreoffice-help-ja
  • libreoffice-help-ko
  • libreoffice-help-lt
  • libreoffice-help-lv
  • libreoffice-help-nb
  • libreoffice-help-nl
  • libreoffice-help-nn
  • libreoffice-help-pl
  • libreoffice-help-pt-BR
  • libreoffice-help-pt-PT
  • libreoffice-help-ro
  • libreoffice-help-ru
  • libreoffice-help-si
  • libreoffice-help-sk
  • libreoffice-help-sl
  • libreoffice-help-sv
  • libreoffice-help-ta
  • libreoffice-help-tr
  • libreoffice-help-uk
  • libreoffice-help-zh-Hans
  • libreoffice-help-zh-Hant
  • libreoffice-impress
  • libreoffice-langpack-af
  • libreoffice-langpack-ar
  • libreoffice-langpack-as
  • libreoffice-langpack-bg
  • libreoffice-langpack-bn
  • libreoffice-langpack-br
  • libreoffice-langpack-ca
  • libreoffice-langpack-cs
  • libreoffice-langpack-cy
  • libreoffice-langpack-da
  • libreoffice-langpack-de
  • libreoffice-langpack-dz
  • libreoffice-langpack-el
  • libreoffice-langpack-en
  • libreoffice-langpack-es
  • libreoffice-langpack-et
  • libreoffice-langpack-eu
  • libreoffice-langpack-fa
  • libreoffice-langpack-fi
  • libreoffice-langpack-fr
  • libreoffice-langpack-ga
  • libreoffice-langpack-gl
  • libreoffice-langpack-gu
  • libreoffice-langpack-he
  • libreoffice-langpack-hi
  • libreoffice-langpack-hr
  • libreoffice-langpack-hu
  • libreoffice-langpack-id
  • libreoffice-langpack-it
  • libreoffice-langpack-ja
  • libreoffice-langpack-kk
  • libreoffice-langpack-kn
  • libreoffice-langpack-ko
  • libreoffice-langpack-lt
  • libreoffice-langpack-lv
  • libreoffice-langpack-mai
  • libreoffice-langpack-ml
  • libreoffice-langpack-mr
  • libreoffice-langpack-nb
  • libreoffice-langpack-nl
  • libreoffice-langpack-nn
  • libreoffice-langpack-nr
  • libreoffice-langpack-nso
  • libreoffice-langpack-or
  • libreoffice-langpack-pa
  • libreoffice-langpack-pl
  • libreoffice-langpack-pt-BR
  • libreoffice-langpack-pt-PT
  • libreoffice-langpack-ro
  • libreoffice-langpack-ru
  • libreoffice-langpack-si
  • libreoffice-langpack-sk
  • libreoffice-langpack-sl
  • libreoffice-langpack-sr
  • libreoffice-langpack-ss
  • libreoffice-langpack-st
  • libreoffice-langpack-sv
  • libreoffice-langpack-ta
  • libreoffice-langpack-te
  • libreoffice-langpack-th
  • libreoffice-langpack-tn
  • libreoffice-langpack-tr
  • libreoffice-langpack-ts
  • libreoffice-langpack-uk
  • libreoffice-langpack-ve
  • libreoffice-langpack-xh
  • libreoffice-langpack-zh-Hans
  • libreoffice-langpack-zh-Hant
  • libreoffice-langpack-zu
  • libreoffice-math
  • libreoffice-ogltrans
  • libreoffice-opensymbol-fonts
  • libreoffice-pdfimport
  • libreoffice-pyuno
  • libreoffice-ure
  • libreoffice-ure-common
  • libreoffice-voikko
  • libreoffice-wiki-publisher
  • libreoffice-writer
  • libreoffice-x11
  • libreport
  • libreport-anaconda
  • libreport-cli
  • libreport-gtk
  • libreport-newt
  • libreport-plugin-bugzilla
  • libreport-plugin-kerneloops
  • libreport-plugin-logger
  • libreport-plugin-mailx
  • libreport-plugin-reportuploader
  • libreport-plugin-rhtsupport
  • libreport-plugin-ureport
  • libreport-rhel
  • libreport-rhel-anaconda-bugzilla
  • libreport-rhel-bugzilla
  • libreport-web
  • librepository
  • libreswan
  • librevenge
  • librpmem
  • librpmem-devel
  • librsvg2
  • librsvg2-devel
  • libsamplerate
  • libsane-hpaio
  • libselinux-ruby
  • libserf
  • libserializer
  • libshout
  • libsigc++20
  • libsmi
  • libsndfile
  • libsodium
  • libsodium-devel
  • libsodium-static
  • libsoup-devel
  • libspectre
  • libspiro
  • libsrtp
  • libssh-devel
  • libssh2
  • libstaroffice
  • libtar
  • libtasn1-devel
  • libthai
  • libtheora
  • libtiff
  • libtiff-devel
  • libtimezonemap
  • libtool
  • libtool-ltdl-devel
  • libucil
  • libudisks2
  • libunicap
  • libusbmuxd
  • libuv
  • libuv-devel
  • libv4l
  • libva
  • libva-devel
  • libvdpau
  • libvirt
  • libvirt-admin
  • libvirt-bash-completion
  • libvirt-client
  • libvirt-daemon
  • libvirt-daemon-config-network
  • libvirt-daemon-config-nwfilter
  • libvirt-daemon-driver-interface
  • libvirt-daemon-driver-network
  • libvirt-daemon-driver-nodedev
  • libvirt-daemon-driver-nwfilter
  • libvirt-daemon-driver-qemu
  • libvirt-daemon-driver-secret
  • libvirt-daemon-driver-storage
  • libvirt-daemon-driver-storage-core
  • libvirt-daemon-driver-storage-disk
  • libvirt-daemon-driver-storage-iscsi
  • libvirt-daemon-driver-storage-logical
  • libvirt-daemon-driver-storage-mpath
  • libvirt-daemon-driver-storage-rbd
  • libvirt-daemon-driver-storage-scsi
  • libvirt-daemon-kvm
  • libvirt-dbus
  • libvirt-devel
  • libvirt-docs
  • libvirt-gconfig
  • libvirt-glib
  • libvirt-gobject
  • libvirt-libs
  • libvirt-lock-sanlock
  • libvirt-nss
  • libvisio
  • libvisual
  • libvma
  • libvmem
  • libvmem-devel
  • libvmmalloc
  • libvmmalloc-devel
  • libvncserver
  • libvoikko
  • libvorbis
  • libvpx
  • libwacom
  • libwacom-data
  • libwayland-client
  • libwayland-cursor
  • libwayland-egl
  • libwayland-server
  • libwebp
  • libwebp-devel
  • libwinpr
  • libwinpr-devel
  • libwmf
  • libwmf-lite
  • libwnck3
  • libwpd
  • libwpg
  • libwps
  • libwsman1
  • libxcb
  • libxcb-devel
  • libxkbcommon
  • libxkbcommon-devel
  • libxkbcommon-x11
  • libxkbfile
  • libxklavier
  • libxml2-devel
  • libxshmfence
  • libxshmfence-devel
  • libxslt-devel
  • libzhuyin
  • libzip
  • libzip-devel
  • libzip-tools
  • libzmf
  • linuxconsoletools
  • linuxptp
  • lklug-fonts
  • lld
  • lld-devel
  • lld-libs
  • lldb
  • lldb-devel
  • lldpd
  • lldpd-devel
  • llvm
  • llvm-devel
  • llvm-doc
  • llvm-libs
  • llvm-static
  • llvm-toolset
  • lm_sensors-sensord
  • log4j12
  • log4j12-javadoc
  • lohit-assamese-fonts
  • lohit-bengali-fonts
  • lohit-devanagari-fonts
  • lohit-gujarati-fonts
  • lohit-gurmukhi-fonts
  • lohit-kannada-fonts
  • lohit-malayalam-fonts
  • lohit-marathi-fonts
  • lohit-nepali-fonts
  • lohit-odia-fonts
  • lohit-tamil-fonts
  • lohit-telugu-fonts
  • lorax
  • lorax-composer
  • lorax-lmc-novirt
  • lorax-lmc-virt
  • lorax-templates-generic
  • lorax-templates-rhel
  • lpsolve
  • lshw-gui-B.02.18
  • ltrace
  • lttng-ust
  • lua
  • lua-expat
  • lua-guestfs
  • lua-json
  • lua-lpeg
  • lua-socket
  • luksmeta
  • lvm2-lockd
  • m17n-db
  • m17n-lib
  • madan-fonts
  • mailman
  • malaga
  • malaga-suomi-voikko
  • mallard-rng
  • man-pages-overrides
  • mariadb
  • mariadb-backup
  • mariadb-common
  • mariadb-connector-c
  • mariadb-connector-c-config
  • mariadb-connector-c-devel
  • mariadb-connector-odbc
  • mariadb-devel
  • mariadb-embedded
  • mariadb-embedded-devel
  • mariadb-errmsg
  • mariadb-gssapi-server
  • mariadb-java-client
  • mariadb-oqgraph-engine
  • mariadb-server
  • mariadb-server-galera
  • mariadb-server-utils
  • mariadb-test
  • marisa
  • matchbox-window-manager
  • maven
  • maven-lib
  • maven-resolver-api
  • maven-resolver-connector-basic
  • maven-resolver-impl
  • maven-resolver-spi
  • maven-resolver-transport-wagon
  • maven-resolver-util
  • maven-shared-utils
  • maven-wagon-file
  • maven-wagon-http
  • maven-wagon-http-shared
  • maven-wagon-provider-api
  • mc
  • mcpp
  • meanwhile
  • mecab
  • mecab-ipadic
  • mecab-ipadic-EUCJP
  • media-player-info
  • memcached
  • memkind
  • mercurial
  • mercurial-hgk
  • mesa-dri-drivers
  • mesa-filesystem
  • mesa-libEGL
  • mesa-libEGL-devel
  • mesa-libGL
  • mesa-libGL-devel
  • mesa-libGLES
  • mesa-libGLU
  • mesa-libGLU-devel
  • mesa-libGLw
  • mesa-libGLw-devel
  • mesa-libOSMesa
  • mesa-libgbm
  • mesa-libglapi
  • mesa-libxatracker
  • mesa-vdpau-drivers
  • mesa-vulkan-devel
  • mesa-vulkan-drivers
  • metacity
  • mod_auth_gssapi
  • mod_auth_mellon
  • mod_auth_openidc
  • mod_authnz_pam
  • mod_dav_svn
  • mod_fcgid
  • mod_http2
  • mod_intercept_form_submit
  • mod_ldap
  • mod_lookup_identity
  • mod_md
  • mod_perl
  • mod_perl-devel
  • mod_proxy_html
  • mod_security
  • mod_security_crs
  • mod_session
  • mod_ssl
  • motif
  • motif-devel
  • motif-static
  • mousetweaks
  • mozilla-filesystem
  • mozvoikko
  • mpfr-devel
  • mpg123
  • mpg123-libs
  • mpg123-plugins-pulseaudio
  • mpich
  • mpich-devel
  • mpitests-mpich
  • mpitests-mvapich2
  • mpitests-mvapich2-psm2
  • mpitests-openmpi
  • mrtg
  • mstflint
  • msv-javadoc
  • msv-manual
  • msv-xsdlib
  • mt-st
  • mtdev
  • mtr-gtk
  • mtx
  • multilib-rpm-config
  • munge
  • munge-libs
  • mutt
  • mutter
  • mvapich2
  • mvapich2-psm2
  • mysql
  • mysql-common
  • mysql-devel
  • mysql-errmsg
  • mysql-libs
  • mysql-server
  • mysql-test
  • mythes
  • mythes-bg
  • mythes-ca
  • mythes-cs
  • mythes-da
  • mythes-de
  • mythes-el
  • mythes-en
  • mythes-es
  • mythes-fr
  • mythes-ga
  • mythes-hu
  • mythes-it
  • mythes-lb
  • mythes-lv
  • mythes-mi
  • mythes-nb
  • mythes-ne
  • mythes-nl
  • mythes-nn
  • mythes-pl
  • mythes-pt
  • mythes-ro
  • mythes-ru
  • mythes-sk
  • mythes-sl
  • mythes-sv
  • mythes-uk
  • nafees-web-naskh-fonts
  • nautilus
  • nautilus-extensions
  • nautilus-sendto
  • navilu-fonts
  • nbdkit
  • nbdkit-bash-completion
  • nbdkit-basic-plugins
  • nbdkit-devel
  • nbdkit-example-plugins
  • nbdkit-plugin-gzip
  • nbdkit-plugin-python-common
  • nbdkit-plugin-python3
  • nbdkit-plugin-vddk
  • nbdkit-plugin-xz
  • ncompress
  • neon
  • net-snmp
  • net-snmp-agent-libs
  • net-snmp-devel
  • net-snmp-utils
  • netcf
  • netcf-devel
  • netcf-libs
  • netpbm
  • netpbm-progs
  • network-manager-applet
  • newt-devel
  • nginx
  • nginx-all-modules
  • nginx-filesystem
  • nginx-mod-http-image-filter
  • nginx-mod-http-perl
  • nginx-mod-http-xslt-filter
  • nginx-mod-mail
  • nginx-mod-stream
  • nm-connection-editor
  • nmap
  • nmap-ncat
  • nodejs
  • nodejs-devel
  • nodejs-docs
  • nodejs-nodemon
  • nodejs-packaging
  • npm
  • nspr
  • nspr-devel
  • nss
  • nss-altfiles
  • nss-devel
  • nss-pam-ldapd
  • nss-softokn
  • nss-softokn-devel
  • nss-softokn-freebl
  • nss-softokn-freebl-devel
  • nss-sysinit
  • nss-tools
  • nss-util
  • nss-util-devel
  • nss_wrapper
  • ntpstat
  • nuxwdog
  • nuxwdog-client-java
  • nuxwdog-client-perl
  • nuxwdog-devel
  • ocaml-srpm-macros
  • oci-systemd-hook
  • oci-umount
  • ocl-icd
  • oddjob
  • oddjob-mkhomedir
  • omping
  • ongres-scram
  • ongres-scram-client
  • oniguruma
  • open-sans-fonts
  • open-vm-tools
  • open-vm-tools-desktop
  • openal-soft
  • openblas
  • openblas-srpm-macros
  • openblas-threads
  • opencc
  • openchange
  • opencv-contrib
  • opencv-core
  • opendnssec
  • openjpeg2
  • openjpeg2-devel-docs
  • openjpeg2-tools
  • openmpi
  • openmpi-devel
  • openscap
  • openscap-containers
  • openscap-devel
  • openscap-engine-sce
  • openscap-python3
  • openscap-scanner
  • openscap-utils
  • openslp
  • openssh-askpass
  • openwsman-client
  • openwsman-python3
  • openwsman-server
  • opus
  • orc
  • orc-compiler
  • orc-devel
  • orca
  • osad
  • oscap-anaconda-addon
  • osinfo-db
  • osinfo-db-tools
  • ostree
  • ostree-devel
  • ostree-grub2
  • ostree-libs
  • overpass-fonts
  • overpass-mono-fonts
  • pakchois
  • paktype-naqsh-fonts
  • paktype-naskh-basic-fonts
  • paktype-tehreer-fonts
  • pango
  • pango-devel
  • pangomm
  • paps
  • paps-libs
  • paratype-pt-sans-caption-fonts
  • paratype-pt-sans-fonts
  • parfait
  • parfait-examples
  • parfait-javadoc
  • patchutils
  • pavucontrol
  • pcaudiolib
  • pcp
  • pcp-conf
  • pcp-devel
  • pcp-doc
  • pcp-export-pcp2graphite
  • pcp-export-pcp2influxdb
  • pcp-export-pcp2json
  • pcp-export-pcp2xml
  • pcp-export-pcp2zabbix
  • pcp-export-zabbix-agent
  • pcp-gui
  • pcp-import-collectl2pcp
  • pcp-import-ganglia2pcp
  • pcp-import-iostat2pcp
  • pcp-import-mrtg2pcp
  • pcp-import-sar2pcp
  • pcp-libs
  • pcp-libs-devel
  • pcp-manager
  • pcp-parfait-agent
  • pcp-pmda-activemq
  • pcp-pmda-apache
  • pcp-pmda-bash
  • pcp-pmda-bcc
  • pcp-pmda-bind2
  • pcp-pmda-bonding
  • pcp-pmda-cifs
  • pcp-pmda-cisco
  • pcp-pmda-dbping
  • pcp-pmda-dm
  • pcp-pmda-docker
  • pcp-pmda-ds389
  • pcp-pmda-ds389log
  • pcp-pmda-elasticsearch
  • pcp-pmda-gfs2
  • pcp-pmda-gluster
  • pcp-pmda-gpfs
  • pcp-pmda-gpsd
  • pcp-pmda-haproxy
  • pcp-pmda-infiniband
  • pcp-pmda-json
  • pcp-pmda-libvirt
  • pcp-pmda-lio
  • pcp-pmda-lmsensors
  • pcp-pmda-logger
  • pcp-pmda-lustre
  • pcp-pmda-lustrecomm
  • pcp-pmda-mailq
  • pcp-pmda-memcache
  • pcp-pmda-mic
  • pcp-pmda-mounts
  • pcp-pmda-mysql
  • pcp-pmda-named
  • pcp-pmda-netfilter
  • pcp-pmda-news
  • pcp-pmda-nfsclient
  • pcp-pmda-nginx
  • pcp-pmda-nvidia-gpu
  • pcp-pmda-oracle
  • pcp-pmda-papi
  • pcp-pmda-pdns
  • pcp-pmda-perfevent
  • pcp-pmda-postfix
  • pcp-pmda-postgresql
  • pcp-pmda-prometheus
  • pcp-pmda-redis
  • pcp-pmda-roomtemp
  • pcp-pmda-rpm
  • pcp-pmda-rsyslog
  • pcp-pmda-samba
  • pcp-pmda-sendmail
  • pcp-pmda-shping
  • pcp-pmda-slurm
  • pcp-pmda-smart
  • pcp-pmda-snmp
  • pcp-pmda-summary
  • pcp-pmda-systemd
  • pcp-pmda-trace
  • pcp-pmda-unbound
  • pcp-pmda-vmware
  • pcp-pmda-weblog
  • pcp-pmda-zimbra
  • pcp-pmda-zswap
  • pcp-selinux
  • pcp-system-tools
  • pcp-testsuite
  • pcp-webapi
  • pcp-webapp-blinkenlights
  • pcp-webapp-grafana
  • pcp-webapp-graphite
  • pcp-webapp-vector
  • pcp-webjs
  • pcp-zeroconf
  • pentaho-libxml
  • pentaho-reporting-flow-engine
  • peripety
  • perl
  • perl-Algorithm-Diff
  • perl-Apache-Reload
  • perl-App-cpanminus
  • perl-Archive-Tar
  • perl-Archive-Zip
  • perl-Attribute-Handlers
  • perl-Authen-SASL
  • perl-B-Debug
  • perl-B-Lint
  • perl-BSD-Resource
  • perl-Bit-Vector
  • perl-CGI
  • perl-CPAN
  • perl-CPAN-DistnameInfo
  • perl-CPAN-Meta
  • perl-CPAN-Meta-Check
  • perl-CPAN-Meta-Requirements
  • perl-CPAN-Meta-YAML
  • perl-Carp
  • perl-Carp-Clan
  • perl-Class-ISA
  • perl-Class-Inspector
  • perl-Compress-Bzip2
  • perl-Compress-Raw-Bzip2
  • perl-Compress-Raw-Zlib
  • perl-Config-Perl-V
  • perl-DBD-MySQL
  • perl-DBD-Pg
  • perl-DBD-SQLite
  • perl-DBI
  • perl-DB_File
  • perl-Data-Dump
  • perl-Data-Dumper
  • perl-Data-OptList
  • perl-Data-Section
  • perl-Date-Calc
  • perl-Devel-PPPort
  • perl-Devel-Peek
  • perl-Devel-SelfStubber
  • perl-Devel-Size
  • perl-Digest
  • perl-Digest-HMAC
  • perl-Digest-MD5
  • perl-Digest-SHA
  • perl-Encode
  • perl-Encode-Locale
  • perl-Encode-devel
  • perl-Env
  • perl-Errno
  • perl-Error
  • perl-Exporter
  • perl-ExtUtils-CBuilder
  • perl-ExtUtils-Command
  • perl-ExtUtils-Embed
  • perl-ExtUtils-Install
  • perl-ExtUtils-MM-Utils
  • perl-ExtUtils-MakeMaker
  • perl-ExtUtils-Manifest
  • perl-ExtUtils-Miniperl
  • perl-ExtUtils-ParseXS
  • perl-Fedora-VSP
  • perl-File-CheckTree
  • perl-File-Fetch
  • perl-File-HomeDir
  • perl-File-Listing
  • perl-File-Path
  • perl-File-ShareDir
  • perl-File-Slurp
  • perl-File-Temp
  • perl-File-Which
  • perl-File-pushd
  • perl-Filter
  • perl-Filter-Simple
  • perl-GSSAPI
  • perl-Getopt-Long
  • perl-Git
  • perl-Git-SVN
  • perl-HTML-Parser
  • perl-HTML-Tagset
  • perl-HTTP-Cookies
  • perl-HTTP-Date
  • perl-HTTP-Message
  • perl-HTTP-Negotiate
  • perl-HTTP-Tiny
  • perl-IO
  • perl-IO-Compress
  • perl-IO-HTML
  • perl-IO-Multiplex
  • perl-IO-Socket-INET6
  • perl-IO-Socket-IP
  • perl-IO-Socket-SSL
  • perl-IO-Zlib
  • perl-IPC-Cmd
  • perl-IPC-SysV
  • perl-IPC-System-Simple
  • perl-JSON
  • perl-JSON-PP
  • perl-LWP-MediaTypes
  • perl-LWP-Protocol-https
  • perl-Linux-Pid
  • perl-Locale-Codes
  • perl-Locale-Maketext
  • perl-Locale-Maketext-Simple
  • perl-MIME-Base64
  • perl-MRO-Compat
  • perl-Mail-SPF
  • perl-MailTools
  • perl-Math-BigInt
  • perl-Math-BigInt-FastCalc
  • perl-Math-BigRat
  • perl-Math-Complex
  • perl-Memoize
  • perl-Module-Build
  • perl-Module-CPANfile
  • perl-Module-CoreList
  • perl-Module-CoreList-tools
  • perl-Module-Load
  • perl-Module-Load-Conditional
  • perl-Module-Loaded
  • perl-Module-Metadata
  • perl-Module-Pluggable
  • perl-Module-Runtime
  • perl-Mozilla-CA
  • perl-Mozilla-LDAP
  • perl-NTLM
  • perl-Net-DNS
  • perl-Net-HTTP
  • perl-Net-Ping
  • perl-Net-SMTP-SSL
  • perl-Net-SSLeay
  • perl-Net-Server
  • perl-NetAddr-IP
  • perl-PCP-LogImport
  • perl-PCP-LogSummary
  • perl-PCP-MMV
  • perl-PCP-PMDA
  • perl-Package-Generator
  • perl-Params-Check
  • perl-Params-Util
  • perl-Parse-PMFile
  • perl-PathTools
  • perl-Perl-OSType
  • perl-PerlIO-via-QuotedPrint
  • perl-Pod-Checker
  • perl-Pod-Escapes
  • perl-Pod-Html
  • perl-Pod-LaTeX
  • perl-Pod-Parser
  • perl-Pod-Perldoc
  • perl-Pod-Plainer
  • perl-Pod-Simple
  • perl-Pod-Usage
  • perl-SNMP_Session
  • perl-Scalar-List-Utils
  • perl-SelfLoader
  • perl-Socket
  • perl-Socket6
  • perl-Software-License
  • perl-Storable
  • perl-String-CRC32
  • perl-String-ShellQuote
  • perl-Sub-Exporter
  • perl-Sub-Install
  • perl-Sys-Guestfs
  • perl-Sys-Syslog
  • perl-Sys-Virt
  • perl-Term-ANSIColor
  • perl-Term-Cap
  • perl-TermReadKey
  • perl-Test
  • perl-Test-Harness
  • perl-Test-Simple
  • perl-Text-Balanced
  • perl-Text-Diff
  • perl-Text-Glob
  • perl-Text-ParseWords
  • perl-Text-Soundex
  • perl-Text-Tabs+Wrap
  • perl-Text-Template
  • perl-Text-Unidecode
  • perl-Thread-Queue
  • perl-Time-HiRes
  • perl-Time-Local
  • perl-Time-Piece
  • perl-TimeDate
  • perl-Try-Tiny
  • perl-URI
  • perl-Unicode-Collate
  • perl-Unicode-Normalize
  • perl-Unix-Syslog
  • perl-WWW-RobotRules
  • perl-XML-Catalog
  • perl-XML-LibXML
  • perl-XML-NamespaceSupport
  • perl-XML-Parser
  • perl-XML-SAX
  • perl-XML-SAX-Base
  • perl-XML-Simple
  • perl-XML-TokeParser
  • perl-XML-XPath
  • perl-YAML
  • perl-autodie
  • perl-bignum
  • perl-constant
  • perl-core
  • perl-devel
  • perl-encoding
  • perl-experimental
  • perl-generators
  • perl-hivex
  • perl-homedir
  • perl-inc-latest
  • perl-libintl-perl
  • perl-libnet
  • perl-libnetcfg
  • perl-libs
  • perl-libwww-perl
  • perl-local-lib
  • perl-macros
  • perl-open
  • perl-parent
  • perl-perlfaq
  • perl-podlators
  • perl-srpm-macros
  • perl-tests
  • perl-threads
  • perl-threads-shared
  • perl-utils
  • perl-version
  • pesign
  • php
  • php-bcmath
  • php-cli
  • php-common
  • php-dba
  • php-dbg
  • php-devel
  • php-embedded
  • php-enchant
  • php-fpm
  • php-gd
  • php-gmp
  • php-intl
  • php-json
  • php-ldap
  • php-mbstring
  • php-mysqlnd
  • php-odbc
  • php-opcache
  • php-pdo
  • php-pear
  • php-pecl-apcu
  • php-pecl-apcu-devel
  • php-pecl-zip
  • php-pgsql
  • php-process
  • php-recode
  • php-snmp
  • php-soap
  • php-xml
  • php-xmlrpc
  • pidgin
  • pidgin-sipe
  • pinentry
  • pinentry-emacs
  • pinentry-gnome3
  • pinentry-gtk
  • pinfo
  • pipewire
  • pipewire-devel
  • pipewire-doc
  • pipewire-libs
  • pipewire-utils
  • pixman
  • pixman-devel
  • pki-base
  • pki-base-java
  • pki-ca
  • pki-kra
  • pki-server
  • pki-servlet
  • pki-servlet-container
  • pki-symkey
  • pki-tools
  • platform-python
  • platform-python-debug
  • platform-python-devel
  • plexus-cipher
  • plexus-classworlds
  • plexus-containers-component-annotations
  • plexus-interpolation
  • plexus-sec-dispatcher
  • plexus-utils
  • plymouth
  • plymouth-core-libs
  • plymouth-graphics-libs
  • plymouth-plugin-fade-throbber
  • plymouth-plugin-label
  • plymouth-plugin-script
  • plymouth-plugin-space-flares
  • plymouth-plugin-throbgress
  • plymouth-plugin-two-step
  • plymouth-scripts
  • plymouth-system-theme
  • plymouth-theme-charge
  • plymouth-theme-fade-in
  • plymouth-theme-script
  • plymouth-theme-solar
  • plymouth-theme-spinfinity
  • plymouth-theme-spinner
  • pmempool
  • pmix
  • pnm2ppa
  • podman
  • podman-docker
  • policycoreutils-gui
  • policycoreutils-sandbox
  • poppler
  • poppler-data
  • poppler-glib
  • poppler-utils
  • postfix-mysql
  • postfix-perl-scripts
  • postfix-pgsql
  • postgresql
  • postgresql-contrib
  • postgresql-docs
  • postgresql-jdbc
  • postgresql-jdbc-javadoc
  • postgresql-odbc
  • postgresql-odbc-tests
  • postgresql-plperl
  • postgresql-plpython3
  • postgresql-pltcl
  • postgresql-server
  • postgresql-server-devel
  • postgresql-static
  • postgresql-test
  • postgresql-test-rpm-macros
  • postgresql-upgrade
  • postgresql-upgrade-devel
  • potrace
  • powertop
  • pptp
  • procmail
  • protobuf
  • protobuf-c
  • protobuf-lite
  • pulseaudio
  • pulseaudio-libs
  • pulseaudio-libs-devel
  • pulseaudio-libs-glib2
  • pulseaudio-module-bluetooth
  • pulseaudio-module-x11
  • pulseaudio-utils
  • purple-sipe
  • pygobject2
  • pygobject2-codegen
  • pygobject2-devel
  • pygobject2-doc
  • pygtk2
  • pygtk2-codegen
  • pygtk2-devel
  • pygtk2-doc
  • python-nose-docs
  • python-psycopg2-doc
  • python-pymongo-doc
  • python-qt5-rpm-macros
  • python-rpm-macros
  • python-sqlalchemy-doc
  • python-srpm-macros
  • python-virtualenv-doc
  • python2
  • python2-Cython
  • python2-PyMySQL
  • python2-attrs
  • python2-babel
  • python2-backports
  • python2-backports-ssl_match_hostname
  • python2-bson
  • python2-cairo
  • python2-cairo-devel
  • python2-chardet
  • python2-coverage
  • python2-debug
  • python2-devel
  • python2-dns
  • python2-docutils
  • python2-funcsigs
  • python2-idna
  • python2-ipaddress
  • python2-jinja2
  • python2-libs
  • python2-lxml
  • python2-markupsafe
  • python2-mock
  • python2-nose
  • python2-numpy
  • python2-numpy-doc
  • python2-numpy-f2py
  • python2-pip
  • python2-pluggy
  • python2-psycopg2
  • python2-psycopg2-debug
  • python2-psycopg2-tests
  • python2-py
  • python2-pygments
  • python2-pymongo
  • python2-pymongo-gridfs
  • python2-pysocks
  • python2-pytest
  • python2-pytest-mock
  • python2-pytz
  • python2-pyyaml
  • python2-requests
  • python2-rpm-macros
  • python2-scipy
  • python2-scour
  • python2-setuptools
  • python2-setuptools_scm
  • python2-six
  • python2-sqlalchemy
  • python2-test
  • python2-tkinter
  • python2-tools
  • python2-urllib3
  • python2-virtualenv
  • python2-wheel
  • python3-PyMySQL
  • python3-abrt
  • python3-abrt-addon
  • python3-abrt-doc
  • python3-argcomplete
  • python3-argh
  • python3-attrs
  • python3-augeas
  • python3-babel
  • python3-bcc
  • python3-bcrypt
  • python3-bind
  • python3-blivet
  • python3-blockdev
  • python3-brlapi
  • python3-bson
  • python3-bytesize
  • python3-cairo
  • python3-click
  • python3-coverage
  • python3-cpio
  • python3-createrepo_c
  • python3-custodia
  • python3-dbus-client-gen
  • python3-dbus-python-client-gen
  • python3-dbus-signature-pyparsing
  • python3-dnf-plugin-spacewalk
  • python3-docutils
  • python3-enchant
  • python3-evdev
  • python3-flask
  • python3-gevent
  • python3-gobject
  • python3-gobject-base
  • python3-greenlet
  • python3-gssapi
  • python3-hivex
  • python3-html5lib
  • python3-humanize
  • python3-hwdata
  • python3-idle
  • python3-into-dbus-python
  • python3-ipaclient
  • python3-ipalib
  • python3-ipaserver
  • python3-itsdangerous
  • python3-jabberpy
  • python3-jinja2
  • python3-jsonpatch
  • python3-jsonpointer
  • python3-jsonschema
  • python3-justbases
  • python3-justbytes
  • python3-jwcrypto
  • python3-kdcproxy
  • python3-keycloak-httpd-client-install
  • python3-kickstart
  • python3-koan
  • python3-langtable
  • python3-ldap
  • python3-lib389
  • python3-libguestfs
  • python3-libreport
  • python3-libvirt
  • python3-libvoikko
  • python3-lit
  • python3-louis
  • python3-lxml
  • python3-mako
  • python3-markupsafe
  • python3-meh
  • python3-meh-gui
  • python3-mod_wsgi
  • python3-netaddr
  • python3-netifaces
  • python3-newt
  • python3-nose
  • python3-nss
  • python3-ntplib
  • python3-numpy
  • python3-numpy-f2py
  • python3-ordered-set
  • python3-osa-common
  • python3-osad
  • python3-paramiko
  • python3-pcp
  • python3-pexpect
  • python3-pid
  • python3-pillow
  • python3-pki
  • python3-pluggy
  • python3-podman
  • python3-prettytable
  • python3-productmd
  • python3-psycopg2
  • python3-ptyprocess
  • python3-py
  • python3-pyasn1
  • python3-pyasn1-modules
  • python3-pyatspi
  • python3-pycurl
  • python3-pydbus
  • python3-pygments
  • python3-pygpgme
  • python3-pymongo
  • python3-pymongo-gridfs
  • python3-pynacl
  • python3-pyparted
  • python3-pypodman
  • python3-pyqt5-sip
  • python3-pyserial
  • python3-pytest
  • python3-pytoml
  • python3-pytz
  • python3-pyusb
  • python3-pyxdg
  • python3-qrcode
  • python3-qrcode-core
  • python3-qt5
  • python3-qt5-base
  • python3-reportlab
  • python3-requests-file
  • python3-requests-ftp
  • python3-rhn-check
  • python3-rhn-client-tools
  • python3-rhn-setup
  • python3-rhn-setup-gnome
  • python3-rhn-virtualization-common
  • python3-rhn-virtualization-host
  • python3-rhncfg
  • python3-rhncfg-actions
  • python3-rhncfg-client
  • python3-rhncfg-management
  • python3-rhnlib
  • python3-rhnpush
  • python3-rpm-generators
  • python3-rpm-macros
  • python3-scipy
  • python3-semantic_version
  • python3-simpleline
  • python3-sip
  • python3-spacewalk-abrt
  • python3-spacewalk-backend-libs
  • python3-spacewalk-koan
  • python3-spacewalk-oscap
  • python3-spacewalk-usix
  • python3-speechd
  • python3-sqlalchemy
  • python3-suds
  • python3-systemd
  • python3-tbb
  • python3-test
  • python3-tkinter
  • python3-unbound
  • python3-virtualenv
  • python3-webencodings
  • python3-werkzeug
  • python3-wheel
  • python3-yubico
  • python36
  • python36-debug
  • python36-devel
  • python36-rpm-macros
  • qemu-guest-agent
  • qemu-img
  • qemu-kvm
  • qemu-kvm-block-curl
  • qemu-kvm-block-iscsi
  • qemu-kvm-block-rbd
  • qemu-kvm-block-ssh
  • qemu-kvm-common
  • qemu-kvm-core
  • qgnomeplatform
  • qgpgme
  • qpdf
  • qpdf-doc
  • qpdf-libs
  • qperf
  • qrencode
  • qrencode-libs
  • qt5-assistant
  • qt5-designer
  • qt5-doctools
  • qt5-linguist
  • qt5-qdbusviewer
  • qt5-qt3d
  • qt5-qt3d-devel
  • qt5-qt3d-examples
  • qt5-qtbase
  • qt5-qtbase-common
  • qt5-qtbase-devel
  • qt5-qtbase-examples
  • qt5-qtbase-gui
  • qt5-qtbase-mysql
  • qt5-qtbase-odbc
  • qt5-qtbase-postgresql
  • qt5-qtcanvas3d
  • qt5-qtcanvas3d-examples
  • qt5-qtconnectivity
  • qt5-qtconnectivity-devel
  • qt5-qtconnectivity-examples
  • qt5-qtdeclarative
  • qt5-qtdeclarative-devel
  • qt5-qtdeclarative-examples
  • qt5-qtdoc
  • qt5-qtgraphicaleffects
  • qt5-qtimageformats
  • qt5-qtlocation
  • qt5-qtlocation-devel
  • qt5-qtlocation-examples
  • qt5-qtmultimedia
  • qt5-qtmultimedia-devel
  • qt5-qtmultimedia-examples
  • qt5-qtquickcontrols
  • qt5-qtquickcontrols-examples
  • qt5-qtquickcontrols2
  • qt5-qtquickcontrols2-examples
  • qt5-qtscript
  • qt5-qtscript-devel
  • qt5-qtscript-examples
  • qt5-qtsensors
  • qt5-qtsensors-devel
  • qt5-qtsensors-examples
  • qt5-qtserialbus
  • qt5-qtserialbus-examples
  • qt5-qtserialport
  • qt5-qtserialport-devel
  • qt5-qtserialport-examples
  • qt5-qtsvg
  • qt5-qtsvg-devel
  • qt5-qtsvg-examples
  • qt5-qttools
  • qt5-qttools-common
  • qt5-qttools-devel
  • qt5-qttools-examples
  • qt5-qttools-libs-designer
  • qt5-qttools-libs-designercomponents
  • qt5-qttools-libs-help
  • qt5-qttranslations
  • qt5-qtwayland
  • qt5-qtwayland-examples
  • qt5-qtwebchannel
  • qt5-qtwebchannel-devel
  • qt5-qtwebchannel-examples
  • qt5-qtwebsockets
  • qt5-qtwebsockets-devel
  • qt5-qtwebsockets-examples
  • qt5-qtx11extras
  • qt5-qtx11extras-devel
  • qt5-qtxmlpatterns
  • qt5-qtxmlpatterns-devel
  • qt5-qtxmlpatterns-examples
  • qt5-rpm-macros
  • qt5-srpm-macros
  • quagga
  • quagga-contrib
  • radvd
  • raptor2
  • rarian
  • rarian-compat
  • rasqal
  • rear
  • recode
  • redhat-backgrounds
  • redhat-logos-ipa
  • redhat-lsb
  • redhat-lsb-core
  • redhat-lsb-cxx
  • redhat-lsb-desktop
  • redhat-lsb-languages
  • redhat-lsb-printing
  • redhat-lsb-submod-multimedia
  • redhat-lsb-submod-security
  • redhat-menus
  • redhat-rpm-config
  • redis
  • redis-devel
  • redis-doc
  • redland
  • relaxngDatatype
  • relaxngDatatype-javadoc
  • relaxngcc-javadoc
  • rest
  • resteasy
  • resteasy-javadoc
  • rhel-system-roles
  • rhn-check
  • rhn-client-tools
  • rhn-custom-info
  • rhn-setup
  • rhn-setup-gnome
  • rhn-virtualization-host
  • rhncfg
  • rhncfg-actions
  • rhncfg-client
  • rhncfg-management
  • rhnlib
  • rhnpush
  • rhnsd
  • rhsm-gtk
  • rhythmbox
  • rls-preview
  • rpm-build
  • rpm-mpi-hooks
  • rpm-ostree
  • rpm-ostree-libs
  • rpmdevtools
  • rpmemd
  • rpmlint
  • rrdtool
  • rrdtool-perl
  • rsyslog
  • rsyslog-crypto
  • rsyslog-doc
  • rsyslog-elasticsearch
  • rsyslog-gnutls
  • rsyslog-gssapi
  • rsyslog-kafka
  • rsyslog-mmaudit
  • rsyslog-mmjsonparse
  • rsyslog-mmkubernetes
  • rsyslog-mmnormalize
  • rsyslog-mmsnmptrapd
  • rsyslog-mysql
  • rsyslog-pgsql
  • rsyslog-relp
  • rsyslog-snmp
  • rtkit
  • ruby
  • ruby-devel
  • ruby-doc
  • ruby-hivex
  • ruby-irb
  • ruby-libguestfs
  • ruby-libs
  • rubygem-abrt
  • rubygem-abrt-doc
  • rubygem-bigdecimal
  • rubygem-bson
  • rubygem-bson-doc
  • rubygem-bundler
  • rubygem-bundler-doc
  • rubygem-did_you_mean
  • rubygem-io-console
  • rubygem-json
  • rubygem-minitest
  • rubygem-mongo
  • rubygem-mongo-doc
  • rubygem-mysql2
  • rubygem-mysql2-doc
  • rubygem-net-telnet
  • rubygem-openssl
  • rubygem-pg
  • rubygem-pg-doc
  • rubygem-power_assert
  • rubygem-psych
  • rubygem-rake
  • rubygem-rdoc
  • rubygem-test-unit
  • rubygem-xmlrpc
  • rubygems
  • rubygems-devel
  • runc
  • rust
  • rust-analysis
  • rust-debugger-common
  • rust-doc
  • rust-gdb
  • rust-src
  • rust-srpm-macros
  • rust-std-static
  • rust-toolset
  • rustfmt-preview
  • saab-fonts
  • sac
  • samyak-devanagari-fonts
  • samyak-fonts-common
  • samyak-gujarati-fonts
  • samyak-malayalam-fonts
  • samyak-odia-fonts
  • samyak-tamil-fonts
  • sane-backends
  • sane-backends-daemon
  • sane-backends-devel
  • sane-backends-doc
  • sane-backends-drivers-cameras
  • sane-backends-drivers-scanners
  • sane-backends-libs
  • sane-frontends
  • sanlk-reset
  • sanlock
  • sanlock-lib
  • satyr
  • sbc
  • sblim-sfcCommon
  • sblim-sfcb
  • sblim-sfcc
  • scala
  • scala-apidoc
  • scala-swing
  • scap-security-guide
  • scap-security-guide-doc
  • scap-workbench
  • scl-utils
  • scl-utils-build
  • scrub
  • seabios
  • seabios-bin
  • seahorse
  • seavgabios-bin
  • sendmail
  • sendmail-cf
  • sendmail-doc
  • sendmail-milter
  • setools
  • setroubleshoot
  • setroubleshoot-plugins
  • setroubleshoot-server
  • sgabios
  • sgabios-bin
  • si-units
  • si-units-javadoc
  • sil-abyssinica-fonts
  • sil-nuosu-fonts
  • sil-padauk-book-fonts
  • sil-padauk-fonts
  • sil-scheherazade-fonts
  • sisu-inject
  • sisu-plexus
  • skkdic
  • skopeo
  • slang-devel
  • slapi-nis
  • slf4j
  • slf4j-jdk14
  • slirp4netns
  • smc-anjalioldlipi-fonts
  • smc-dyuthi-fonts
  • smc-fonts-common
  • smc-kalyani-fonts
  • smc-meera-fonts
  • smc-rachana-fonts
  • smc-raghumalayalam-fonts
  • smc-suruma-fonts
  • socat
  • softhsm
  • softhsm-devel
  • sos-collector
  • sound-theme-freedesktop
  • soundtouch
  • source-highlight
  • spacewalk-abrt
  • spacewalk-client-cert
  • spacewalk-koan
  • spacewalk-oscap
  • spacewalk-remote-utils
  • spacewalk-usix
  • spamassassin
  • speech-dispatcher
  • speech-dispatcher-espeak-ng
  • speex
  • speexdsp
  • spice-glib
  • spice-glib-devel
  • spice-gtk
  • spice-gtk-tools
  • spice-gtk3
  • spice-gtk3-devel
  • spice-gtk3-vala
  • spice-protocol
  • spice-server
  • spice-vdagent
  • splix
  • squid
  • sscg
  • startup-notification
  • startup-notification-devel
  • stax-ex
  • stax-ex-javadoc
  • stix-fonts
  • stix-math-fonts
  • stratis-cli
  • stratisd
  • subscription-manager-initial-setup-addon
  • subscription-manager-migration
  • subscription-manager-migration-data
  • subversion
  • subversion-devel
  • subversion-gnome
  • subversion-javahl
  • subversion-libs
  • subversion-perl
  • subversion-tools
  • suitesparse
  • supermin
  • supermin-devel
  • sushi
  • swig
  • swig-doc
  • swig-gdb
  • switcheroo-control
  • sysfsutils
  • sysstat
  • systemtap
  • systemtap-client
  • systemtap-devel
  • systemtap-initscript
  • systemtap-runtime
  • systemtap-runtime-java
  • systemtap-runtime-python3
  • systemtap-runtime-virtguest
  • systemtap-runtime-virthost
  • systemtap-sdt-devel
  • systemtap-server
  • systemtap-stap-exporter
  • taglib
  • tagsoup
  • tang
  • targetcli
  • tbb
  • tbb-devel
  • tbb-doc
  • tcl
  • tcl-brlapi
  • tcpdump
  • tcsh
  • teckit
  • telnet
  • telnet-server
  • tex-fonts-hebrew
  • texlive
  • texlive-adjustbox
  • texlive-ae
  • texlive-algorithms
  • texlive-amscls
  • texlive-amsfonts
  • texlive-amsmath
  • texlive-anyfontsize
  • texlive-anysize
  • texlive-appendix
  • texlive-arabxetex
  • texlive-arphic
  • texlive-attachfile
  • texlive-avantgar
  • texlive-awesomebox
  • texlive-babel
  • texlive-babel-english
  • texlive-babelbib
  • texlive-base
  • texlive-beamer
  • texlive-bera
  • texlive-beton
  • texlive-bibtex
  • texlive-bibtopic
  • texlive-bidi
  • texlive-bigfoot
  • texlive-bookman
  • texlive-booktabs
  • texlive-breakurl
  • texlive-breqn
  • texlive-capt-of
  • texlive-caption
  • texlive-carlisle
  • texlive-changebar
  • texlive-changepage
  • texlive-charter
  • texlive-chngcntr
  • texlive-cite
  • texlive-cjk
  • texlive-classpack
  • texlive-cm
  • texlive-cm-lgc
  • texlive-cm-super
  • texlive-cmap
  • texlive-cmextra
  • texlive-cns
  • texlive-collectbox
  • texlive-collection-basic
  • texlive-collection-fontsrecommended
  • texlive-collection-htmlxml
  • texlive-collection-latex
  • texlive-collection-latexrecommended
  • texlive-collection-xetex
  • texlive-colortbl
  • texlive-courier
  • texlive-crop
  • texlive-csquotes
  • texlive-ctable
  • texlive-ctablestack
  • texlive-currfile
  • texlive-datetime
  • texlive-dvipdfmx
  • texlive-dvipng
  • texlive-dvips
  • texlive-dvisvgm
  • texlive-ec
  • texlive-eepic
  • texlive-enctex
  • texlive-enumitem
  • texlive-environ
  • texlive-epsf
  • texlive-epstopdf
  • texlive-eqparbox
  • texlive-eso-pic
  • texlive-etex
  • texlive-etex-pkg
  • texlive-etoolbox
  • texlive-euenc
  • texlive-euler
  • texlive-euro
  • texlive-eurosym
  • texlive-extsizes
  • texlive-fancybox
  • texlive-fancyhdr
  • texlive-fancyref
  • texlive-fancyvrb
  • texlive-filecontents
  • texlive-filehook
  • texlive-finstrut
  • texlive-fix2col
  • texlive-fixlatvian
  • texlive-float
  • texlive-fmtcount
  • texlive-fncychap
  • texlive-fontawesome
  • texlive-fontbook
  • texlive-fonts-tlwg
  • texlive-fontspec
  • texlive-fontware
  • texlive-fontwrap
  • texlive-footmisc
  • texlive-fp
  • texlive-fpl
  • texlive-framed
  • texlive-garuda-c90
  • texlive-geometry
  • texlive-glyphlist
  • texlive-graphics
  • texlive-graphics-cfg
  • texlive-graphics-def
  • texlive-gsftopk
  • texlive-helvetic
  • texlive-hyperref
  • texlive-hyph-utf8
  • texlive-hyphen-base
  • texlive-hyphenat
  • texlive-ifetex
  • texlive-ifluatex
  • texlive-ifmtarg
  • texlive-ifoddpage
  • texlive-iftex
  • texlive-ifxetex
  • texlive-import
  • texlive-index
  • texlive-jadetex
  • texlive-jknapltx
  • texlive-kastrup
  • texlive-kerkis
  • texlive-knuth-lib
  • texlive-knuth-local
  • texlive-koma-script
  • texlive-kpathsea
  • texlive-l3experimental
  • texlive-l3kernel
  • texlive-l3packages
  • texlive-lastpage
  • texlive-latex
  • texlive-latex-fonts
  • texlive-latex2man
  • texlive-latexconfig
  • texlive-lettrine
  • texlive-lib
  • texlive-linegoal
  • texlive-lineno
  • texlive-listings
  • texlive-lm
  • texlive-lm-math
  • texlive-ltabptch
  • texlive-ltxmisc
  • texlive-lua-alt-getopt
  • texlive-lualatex-math
  • texlive-lualibs
  • texlive-luaotfload
  • texlive-luatex
  • texlive-luatex85
  • texlive-luatexbase
  • texlive-makecmds
  • texlive-makeindex
  • texlive-manfnt-font
  • texlive-marginnote
  • texlive-marvosym
  • texlive-mathpazo
  • texlive-mathspec
  • texlive-mathtools
  • texlive-mdwtools
  • texlive-memoir
  • texlive-metafont
  • texlive-metalogo
  • texlive-metapost
  • texlive-mflogo
  • texlive-mflogo-font
  • texlive-mfnfss
  • texlive-mfware
  • texlive-microtype
  • texlive-mnsymbol
  • texlive-mparhack
  • texlive-mptopdf
  • texlive-ms
  • texlive-multido
  • texlive-multirow
  • texlive-natbib
  • texlive-ncctools
  • texlive-ncntrsbk
  • texlive-needspace
  • texlive-norasi-c90
  • texlive-ntgclass
  • texlive-oberdiek
  • texlive-overpic
  • texlive-palatino
  • texlive-paralist
  • texlive-parallel
  • texlive-parskip
  • texlive-passivetex
  • texlive-pdfpages
  • texlive-pdftex
  • texlive-pgf
  • texlive-philokalia
  • texlive-placeins
  • texlive-plain
  • texlive-polyglossia
  • texlive-powerdot
  • texlive-preprint
  • texlive-psfrag
  • texlive-pslatex
  • texlive-psnfss
  • texlive-pspicture
  • texlive-pst
  • texlive-pst-blur
  • texlive-pst-coil
  • texlive-pst-eps
  • texlive-pst-fill
  • texlive-pst-grad
  • texlive-pst-math
  • texlive-pst-node
  • texlive-pst-plot
  • texlive-pst-slpe
  • texlive-pst-text
  • texlive-pst-tree
  • texlive-pstricks
  • texlive-pstricks-add
  • texlive-ptext
  • texlive-pxfonts
  • texlive-qstest
  • texlive-rcs
  • texlive-realscripts
  • texlive-rsfs
  • texlive-sansmath
  • texlive-sauerj
  • texlive-scheme-basic
  • texlive-section
  • texlive-sectsty
  • texlive-seminar
  • texlive-sepnum
  • texlive-setspace
  • texlive-showexpl
  • texlive-soul
  • texlive-stmaryrd
  • texlive-subfig
  • texlive-subfigure
  • texlive-svn-prov
  • texlive-symbol
  • texlive-t2
  • texlive-tabu
  • texlive-tabulary
  • texlive-tetex
  • texlive-tex
  • texlive-tex-gyre
  • texlive-tex-gyre-math
  • texlive-tex-ini-files
  • texlive-tex4ht
  • texlive-texconfig
  • texlive-texlive-common-doc
  • texlive-texlive-docindex
  • texlive-texlive-en
  • texlive-texlive-msg-translations
  • texlive-texlive-scripts
  • texlive-texlive.infra
  • texlive-textcase
  • texlive-textpos
  • texlive-threeparttable
  • texlive-thumbpdf
  • texlive-times
  • texlive-tipa
  • texlive-titlesec
  • texlive-titling
  • texlive-tocloft
  • texlive-tools
  • texlive-trimspaces
  • texlive-txfonts
  • texlive-type1cm
  • texlive-typehtml
  • texlive-ucharclasses
  • texlive-ucs
  • texlive-uhc
  • texlive-ulem
  • texlive-underscore
  • texlive-unicode-data
  • texlive-unicode-math
  • texlive-unisugar
  • texlive-updmap-map
  • texlive-upquote
  • texlive-url
  • texlive-utopia
  • texlive-varwidth
  • texlive-wadalab
  • texlive-was
  • texlive-wasy
  • texlive-wasy2-ps
  • texlive-wasysym
  • texlive-wrapfig
  • texlive-xcolor
  • texlive-xdvi
  • texlive-xecjk
  • texlive-xecolor
  • texlive-xecyr
  • texlive-xeindex
  • texlive-xepersian
  • texlive-xesearch
  • texlive-xetex
  • texlive-xetex-itrans
  • texlive-xetex-pstricks
  • texlive-xetex-tibetan
  • texlive-xetexconfig
  • texlive-xetexfontinfo
  • texlive-xifthen
  • texlive-xkeyval
  • texlive-xltxtra
  • texlive-xmltex
  • texlive-xmltexconfig
  • texlive-xstring
  • texlive-xtab
  • texlive-xunicode
  • texlive-zapfchan
  • texlive-zapfding
  • tftp
  • tftp-server
  • thai-scalable-fonts-common
  • thai-scalable-garuda-fonts
  • thai-scalable-kinnari-fonts
  • thai-scalable-laksaman-fonts
  • thai-scalable-loma-fonts
  • thai-scalable-norasi-fonts
  • thai-scalable-purisa-fonts
  • thai-scalable-sawasdee-fonts
  • thai-scalable-tlwgmono-fonts
  • thai-scalable-tlwgtypewriter-fonts
  • thai-scalable-tlwgtypist-fonts
  • thai-scalable-tlwgtypo-fonts
  • thai-scalable-umpush-fonts
  • thai-scalable-waree-fonts
  • theora-tools
  • thunderbird
  • tibetan-machine-uni-fonts
  • tigervnc
  • tigervnc-icons
  • tigervnc-license
  • tigervnc-server
  • tigervnc-server-applet
  • tigervnc-server-minimal
  • tigervnc-server-module
  • tk
  • tk-devel
  • tlog
  • tokyocabinet
  • tomcatjss
  • torque-libs
  • totem
  • totem-nautilus
  • totem-pl-parser
  • tracker
  • tracker-miners
  • ttmkfdir
  • tuned-gtk
  • tuned-utils
  • tuned-utils-systemtap
  • turbojpeg
  • twolame-libs
  • tzdata-java
  • ucs-miscfixed-fonts
  • udisks2
  • udisks2-iscsi
  • udisks2-lvm2
  • unbound
  • unbound-devel
  • unbound-libs
  • unicode-ucd
  • unit-api
  • unit-api-javadoc
  • unixODBC
  • unixODBC-devel
  • uom-lib
  • uom-lib-javadoc
  • uom-parent
  • uom-se
  • uom-se-javadoc
  • uom-systems
  • uom-systems-javadoc
  • upower
  • urlview
  • urw-base35-bookman-fonts
  • urw-base35-c059-fonts
  • urw-base35-d050000l-fonts
  • urw-base35-fonts
  • urw-base35-fonts-common
  • urw-base35-gothic-fonts
  • urw-base35-nimbus-mono-ps-fonts
  • urw-base35-nimbus-roman-fonts
  • urw-base35-nimbus-sans-fonts
  • urw-base35-p052-fonts
  • urw-base35-standard-symbols-ps-fonts
  • urw-base35-z003-fonts
  • usbguard
  • usbguard-dbus
  • usbguard-tools
  • usbmuxd
  • usbredir
  • usermode-gtk
  • utf8proc
  • uuid
  • valgrind
  • varnish
  • varnish-devel
  • varnish-docs
  • varnish-modules
  • velocity
  • velocity-demo
  • velocity-javadoc
  • velocity-manual
  • vhostmd
  • vim-X11
  • vim-common
  • vim-enhanced
  • vim-filesystem
  • vinagre
  • vino
  • virt-dib
  • virt-install
  • virt-manager
  • virt-manager-common
  • virt-p2v-maker
  • virt-top
  • virt-v2v
  • virt-viewer
  • virt-who
  • voikko-tools
  • volume_key
  • volume_key-devel
  • volume_key-libs
  • vorbis-tools
  • vsftpd
  • vte-profile
  • vte291
  • vulkan-headers
  • vulkan-loader
  • vulkan-loader-devel
  • wavpack
  • wayland-devel
  • wayland-protocols-devel
  • webkit2gtk3
  • webkit2gtk3-devel
  • webkit2gtk3-jsc
  • webkit2gtk3-jsc-devel
  • webkit2gtk3-plugin-process-gtk2
  • webrtc-audio-processing
  • wget
  • wireshark
  • wireshark-cli
  • wodim
  • woff2
  • wqy-microhei-fonts
  • wqy-unibit-fonts
  • x3270-x11
  • xalan-j2
  • xcb-util
  • xcb-util-image
  • xcb-util-keysyms
  • xcb-util-renderutil
  • xcb-util-wm
  • xdg-desktop-portal
  • xdg-desktop-portal-gtk
  • xdg-user-dirs
  • xdg-user-dirs-gtk
  • xdg-utils
  • xerces-j2
  • xerces-j2-demo
  • xerces-j2-javadoc
  • xinetd
  • xkeyboard-config
  • xml-commons-apis
  • xml-commons-apis-javadoc
  • xml-commons-apis-manual
  • xml-commons-resolver
  • xml-commons-resolver-javadoc
  • xml-stylebook
  • xml-stylebook-demo
  • xml-stylebook-javadoc
  • xmlsec1
  • xmlsec1-nss
  • xmlsec1-openssl
  • xmlstreambuffer
  • xmlstreambuffer-javadoc
  • xmlto
  • xorg-sgml-doctools
  • xorg-x11-docs
  • xorg-x11-drivers
  • xorg-x11-drv-ati
  • xorg-x11-drv-dummy
  • xorg-x11-drv-evdev
  • xorg-x11-drv-evdev-devel
  • xorg-x11-drv-fbdev
  • xorg-x11-drv-intel
  • xorg-x11-drv-libinput
  • xorg-x11-drv-nouveau
  • xorg-x11-drv-qxl
  • xorg-x11-drv-v4l
  • xorg-x11-drv-vesa
  • xorg-x11-drv-vmware
  • xorg-x11-drv-wacom
  • xorg-x11-drv-wacom-serial-support
  • xorg-x11-font-utils
  • xorg-x11-fonts
  • xorg-x11-fonts-ISO8859
  • xorg-x11-fonts-Type1
  • xorg-x11-fonts-cyrillic
  • xorg-x11-fonts-ethiopic
  • xorg-x11-fonts-misc
  • xorg-x11-proto-devel
  • xorg-x11-server-Xdmx
  • xorg-x11-server-Xephyr
  • xorg-x11-server-Xnest
  • xorg-x11-server-Xorg
  • xorg-x11-server-Xspice
  • xorg-x11-server-Xvfb
  • xorg-x11-server-Xwayland
  • xorg-x11-server-common
  • xorg-x11-server-utils
  • xorg-x11-utils
  • xorg-x11-xauth
  • xorg-x11-xbitmaps
  • xorg-x11-xinit
  • xorg-x11-xkb-utils
  • xrestop
  • xsane
  • xsane-common
  • xsane-gimp
  • xsom
  • xsom-javadoc
  • xterm
  • xterm-resize
  • yajl
  • yelp
  • yelp-libs
  • yelp-tools
  • yelp-xsl
  • yp-tools
  • ypbind
  • ypserv
  • zenity
  • zsh-html
  • zziplib
  • zziplib-utils

Legal Notice

Copyright © 2019 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat Software Collections is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.