RHEA-2023:2804 - Product Enhancement Advisory

Topic

An update for rhel-system-roles is now available for Red Hat Enterprise Linux 8.

Description

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.8 Release Notes linked from the References section.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

• Red Hat Enterprise Linux for x86_64 8 x86_64
• Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 x86_64
• Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8 x86_64
• Red Hat Enterprise Linux for IBM z Systems 8 s390x
• Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8 s390x
• Red Hat Enterprise Linux for Power, little endian 8 ppc64le
• Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8 ppc64le
• Red Hat Enterprise Linux Server - TUS 8.8 x86_64
• Red Hat Enterprise Linux for ARM 64 8 aarch64
• Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8 aarch64
• Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le
• Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64

Fixes

• BZ - 2066864 - [RFE] podman - role for managing podman containers and systemd
• BZ - 2119600 - Add parameters shared_key_content, ike, esp, type, leftid, rightid
• BZ - 2126960 - must handle clevis-luks-askpass and clevis-luks-askpass@ systemd unit names
• BZ - 2127497 - ha_cluster - use no_log in tasks looping over pot. secret parameters
• BZ - 2129620 - Support looking up named route table in routing rule
• BZ - 2130019 - [RFE] ha_cluster: convert ha_cluster role to use firewall, selinux and certificate role
• BZ - 2130332 - [RFE] postfix: convert postfix role to use firewall and selinux role
• BZ - 2130345 - [RFE] vpn: convert vpn role to use firewall and selinux role
• BZ - 2130362 - [RFE] logging: convert logging role to use firewall, selinux role, and certificate role
• BZ - 2130921 - Sync on final OpenSSH option name RequiredRSASize in ssh and sshd roles [rhel-8.7] [rhel-8.8.0]
• BZ - 2133532 - [RFE] metrics: convert metrics role to use firewall and selinux role
• BZ - 2133856 - [RFE] Support the DNS priority
• BZ - 2133931 - [RFE] nbde_server: convert nbde_server role to use firewall and selinux role
• BZ - 2134201 - [RFE] Support setting the metric of the default route for initscripts provider
• BZ - 2137667 - [RFE] cockpit: convert cockpit role to use firewall, selinux role, and certificate role
• BZ - 2143385 - add support for the 'local' parameter
• BZ - 2143401 - Unexpected templating type error - expected str instance, int found
• BZ - 2143458 - Support cloned MAC address
• BZ - 2143814 - Allow quorum device configuration
• BZ - 2144876 - [RFE] new role to support AD integration, join to AD domain
• BZ - 2144877 - [RFE] New role for Red Hat subscription management, insights management
• BZ - 2149683 - Synchronize automation-related changes from Fedora spec file
• BZ - 2151342 - [RHEL9] ansible.parsing.yaml.objects.AnsibleUnicode object' has no attribute 'bytes'
• BZ - 2151351 - [RHEL9 system role] storage role vdo tests failed about "VDO deduplication is off but it should not"
• BZ - 2151355 - [RHEL8] disks_needed need to be set for the raid test cases
• BZ - 2153080 - Unconditionally enable the files provider
• BZ - 2153081 - Allow enabled SBD on disabled cluster
• BZ - 2154143 - [RHEL8] tests_create_thinp_then_remove_scsi_generated.yml failed at "assertion": "(storage_test_expected_size|int - storage_test_actual_size.bytes)|abs / storage_test_expected_size|int < 0.01"
• BZ - 2162788 - network role should support running tests with ANSIBLE_GATHERING=explicit
• BZ - 2164879 - managing modules is not idempotent
• BZ - 2165176 - New role - journald - manage systemd-journald
• BZ - 2167941 - Fix stonith watchdog timeout
• BZ - 2168733 - RedHat Role rhel-system-roles.network should route traffic via correct bond.

CVEs

(none)

References

• https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.8_release_notes/index