Red Hat Summit Red Hat SummitSupportConsoleDevelopersStart a trialContact

Chapter 9. Deprecated features

Deprecated functionalities are fully supported, which means that they are tested and maintained, and their support status remains unchanged within Red Hat Enterprise Linux 10. However, they will likely not be supported in a future major version release, and are not recommended for new deployments on the current or future major versions of Red Hat Enterprise Linux.

Features can be deprecated during a major version’s release cycle.

A deprecated feature is listed in all future release notes until it is removed. For a complete list of deprecated features, see the release notes for the latest minor version. For information about the length of support, see Red Hat Enterprise Linux Life Cycle and Red Hat Enterprise Linux Application Streams Life Cycle.

9.1. Installer and image creation

The cockpit-composer package has been deprecated

The cockpit-composer package has been deprecated, and will be removed in future major RHEL releases. From now on, use cockpit-image-builder.

Jira:RHELDOCS-20167[1]

The squashfs package has been deprecated

The squashfs package has been deprecated, and will be removed in a future major RHEL release. As an alternative, dracut has support for mounting erofs.

Jira:RHELDOCS-18903[1]

gdisk has been deprecated from the boot.iso

gdisk has been deprecated from the boot.iso image type. You still can use gdisk in your kickstarts. For the boot.iso image type, other tools are available for handling GPT disks, for example, the parted utility.

Jira:RHELDOCS-18904[1]

The module kickstart command has been deprecated

Anaconda has deprecated its support for DNF modularity, and as a consequence the module kickstart command has been deprecated. This might impact you if you are using modules in the %packages section of your kickstart files or the module kickstart command. This change is implemented for simplifying the installation process and ensuring a more consistent experience moving forward.

Jira:RHEL-34829

The inst.gpt boot option is now deprecated

The inst.gpt boot option is now deprecated and will be removed in the future releases. To specify a preferred disk label type, use the inst.disklabel boot option. Specify gpt or mbr to create GPT or MBR disk labels, respectively.

Jira:RHELDOCS-18491[1]

9.2. Security

ENGINE API in OpenSSL is deprecated

In RHEL 10, ENGINE API is deprecated and is planned to be removed in a future major release. No new applications should be built by using the ENGINE API. To keep application binary interface (ABI) and existing applications working, OpenSSL still exports the ENGINE symbols. To prevent new applications from using ENGINE API, OpenSSL sets the OPENSSL_NO_ENGINE flag system-wide, and the header engine.h that exposes the ENGINE API has been removed.

Jira:RHEL-45704

crypto-policies now set allow-rsa-pkcs1-encrypt = false for GnuTLS

In RHEL 10, the GnuTLS library blocks encryption and decryption with the RSA PKCS #1 v1.5 padding by default. Except for the LEGACY policy, the allow-rsa-pkcs1-encrypt = false option is specified in all system-wide cryptographic policies (DEFAULT, FUTURE, and FIPS).

Jira:RHEL-64746

HMAC-SHA-1 in FIPS mode is deprecated

The HMAC-SHA-1 cryptographic algorithm is deprecated in FIPS mode, and it may be removed in a future release. Outside FIPS mode, support for HMAC-SHA-1 is preserved.

Jira:RHELDOCS-18674

9.3. Networking

ipset has been unmaintained

In RHEL 10, the ipset utility is unmaintained and is planned to be removed in a future major release. Red Hat will provide only critical bug fixes during the current release lifecycle. As an alternative to ipset, you can use the nftables sets functionality instead.

Jira:RHELDOCS-20147[1]

9.4. File systems and storage

The squashfs package has been deprecated

SquashFS is deprecated and will be removed in the next major release. It will no longer receive enhancements and is in RHEL 10 for specific use cases that are internal to Red Hat. Consider using EROFS as an alternative solution.

Jira:RHELDOCS-18450[1]

9.5. High availability and clusters

Deprecated High Availability Add-On features

The following features have been deprecated in Red Hat Enterprise Linux 10 and will be removed in the next major release:

  • Specifying rules as multiple arguments. Use a single string argument instead.
  • Specifying score as a standalone value in pcs constraint location add and pcs constraint colocation ad. Use score=value instead.

  • Specifying the --wait option in resource commands except pcs resource restart | move, and in the commands pcs cluster node add-guest | add-remote. Use the following commands instead:

    • pcs status wait to wait for the cluster to settle into stable state.
    • pcs status query resource commands to verify that the resource is in the expected state after the wait.
  • Using the --force flag to confirm potentially destructive actions such as pcs cluster destroy, pcs quorum unblock, pcs stonith confirm, pcs stonith sbd device setup, and pcs stonith sbd watchdog test commands. You should now use the --yes flag to confirm potentially destructive actions and reserve use of the --force flag to override validation errors.
  • Using the --force flag to confirm overwriting files in pcs cluster report. Use the --overwrite flag instead.
  • Assigning and unassigning ACL roles without specifying the user or group keyword.
  • Configuring a score parameter in order constraints. The pcs command-line interface now produces a warning when a user attempts to configure a score parameter in order constraints.

Jira:RHELDOCS-19607[1]

9.6. Compilers and development tools

The utmp and utmpx interfaces in glibc are deprecated

The utmp and utmpx interfaces provided by the glibc library include a counter that counts time since the Unix epoch. This counter will overflow on February 07, 2106. Therefore, utmp and utmpx are deprecated in RHEL 10 and will be removed in RHEL 11.

Jira:RHELDOCS-18080[1]

9.7. Infrastructure services

FTP clients and Servers software are now deprecated

The following FTP clients and servers software are deprecated and will be removed in the future major version of RHEL: * ftp * lftp * vsftpd

These FTP protocol implementations are no longer under active development. We recommend that customers plan to migrate workflows based on FTP to one of either:

  • OpenSSH and the sftp command, which provides an interactive interface for secure file transfer over the SSH protocol.
  • WebDAV based on Apache httpd - various client implementations are available.

Jira:RHELDOCS-20610[1]

9.8. The web console

The host switcher in the RHEL web console is deprecated

The host switcher that provides connections to multiple machines through SSH from a single RHEL web console session is deprecated and disabled by default. Due to the web technology limitations, this feature cannot be secure.

In the short term, you can enable the host switcher after assessing the risks in your scenario with the AllowMultiHost option in the cockpit.conf file: 

[WebService]
AllowMultiHost=yes
Copy to Clipboard

As more secure alternatives, you can use:

  • the web console login page (with the secure limit of one host in a web browser session)
  • the Cockpit Client flatpack

Jira:RHEL-4032[1]

9.9. Red Hat Enterprise Linux System Roles

The sshd variable deprecated and replaced by sshd_config

To unify coding standards across the RHEL system roles, the sshd variable has been replaced by the sshd_config variable. The sshd variable is now deprecated and may be removed from the sshd Ansible role in a future major version of RHEL.

Jira:RHEL-73440[1]

9.10. Virtualization

libslirp has been deprecated

In RHEL 10, the libslirp networking back end has become deprecated, and will be removed in a future major version release.

Jira:RHEL-45147

The i440fx virtual machine type has been deprecated

In RHEL 10, the i440fx machine types for virtual machines (VMs) have become deprecated, and will be removed in a future major version of RHEL.

In addition, the i440fx-rhel7.6 machine type has been replaced by i440fx-rhel10.0. As a consequence, a VM with a i440fx-rhel7.6 machine type will not boot correctly after live migrating to a RHEL 10 host. Workaround: Restart the VM after live migration. 

Jira:RHELDOCS-18672[1]

Legacy vCPU models are now deprecated

Several virtual CPU models are now deprecated and will become unsupported for use in virtual machines (VMs) in a future major release of RHEL. Notably, the deprecated models include the following:

  • Intel Xeon 55xx and 75xx Processor families (also known as Nehalem)
  • Intel Xeon v2 (also known as Ivy Bridge)
  • AMD Opteron G4 and G5

To view the complete list of deprecated CPU models, use the following command: 

# /usr/libexec/qemu-kvm -cpu help | grep depre | grep -v - -v
Copy to Clipboard

To check whether a running VM is using a deprecated CPU model, use the virsh dominfo utility, and look for a line similar to the following in the Messages section: 

tainted: use of deprecated configuration settings
deprecated configuration: CPU model 'Nehalem'
Copy to Clipboard

Jira:RHEL-28971[1]

virt-manager has been deprecated

The Virtual Machine Manager application, also known as virt-manager, has been deprecated. The RHEL web console, also known as Cockpit, is intended to become its replacement in a subsequent release. It is, therefore, recommended that you use the web console for managing virtualization in a GUI. Note, however, that some features available in virt-manager might not be yet available in the RHEL web console.

Jira:RHELPLAN-10304[1]

libvirtd has become deprecated

The monolithic libvirt daemon, libvirtd, has been deprecated in RHEL 9, and will be removed in a future major release of RHEL. Note that you can still use libvirtd for managing virtualization on your hypervisor, but Red Hat recommends switching to the newly introduced modular libvirt daemons. For instructions and details, see the RHEL 9 Configuring and Managing Virtualization document.

Jira:RHELPLAN-113995[1]

SecureBoot image verification using SHA1-based signatures is deprecated

Performing SecureBoot image verification using SHA1-based signatures on UEFI (PE/COFF) executables has become deprecated. Instead, Red Hat recommends using signatures based on the SHA-2 algorithm, or later.

Jira:RHELPLAN-69533[1]

The virtual floppy driver has become deprecated

The isa-fdc driver, which controls virtual floppy disk devices, is now deprecated, and will become unsupported in a future release of RHEL. Therefore, to ensure forward compatibility with migrated virtual machines (VMs), Red Hat discourages using floppy disk devices in VMs hosted on RHEL 10.0.

Jira:RHELPLAN-81033[1]

qcow2-v2 image format is deprecated

With RHEL 10.0, the qcow2-v2 format for virtual disk images has become deprecated, and will become unsupported in a future major release of RHEL. In addition, the RHEL 10.0 Image Builder cannot create disk images in the qcow2-v2 format.

Instead of qcow2-v2, Red Hat strongly recommends using qcow2-v3. To convert a qcow2-v2 image to a later format version, use the qemu-img amend command.

Jira:RHELPLAN-75969[1]

9.11. Containers

The runc container runtime has been removed

The runc container runtime is removed. The default container runtime is crun. If you upgrade from the previous RHEL versions to RHEL 10.0, you have to run the podman system migrate --new-runtime=crun command to set a new OCI runtime for all containers.

Jira:RHELDOCS-19051[1]

tzdata package is no longer installed by default in the minimal container images

The tzdata package is no longer installed in the registry.access.redhat.com/ubi10-minimal container image. As a consequence, if you migrate your minimal container builds from a previous RHEL release to RHEL 10.0, and you enter the microdnf reinstall tzdata command to reinstall the tzdata package, you get an error message because the tzdata package is no longer installed by default. In this case, enter the microdnf install tzdata command to install tzdata.

Jira:RHELDOCS-18700[1]

The Podman v5.0 deprecations

In RHEL 10.0, the following is deprecated in Podman v5.0:

  • The system connections and farm information stored in the containers.conf file are now read-only. The system connections and farm information will now be stored in the podman.connections.json file, managed only by Podman. Podman continues to support the old configuration options such as [engine.service_destinations] and the [farms] section. You can still add connections or farms manually if needed; however, it is not possible to delete a connection from the containers.conf file with the podman system connection rm command.
  • The slirp4netns network mode is deprecated and will be removed in a future major release of RHEL. The pasta network mode is the default network mode for rootless containers.

  • The containernetworking-plugins package and the CNI network stack are no longer supported.

    • If you upgrade from the previous RHEL versions to RHEL 10.0 or if you have a fresh installation of RHEL 10.0, the CNI is no longer available. As a result, you have to run the podman rmi --all --force command to remove all images and containers that are using those images.
    • If present, the cni value in the containers.conf file for the network_backend option must be changed to netavark or can be unset.

Jira:RHEL-40641

The podman-tests package has been deprecated

The podman-tests package has been deprecated in the AppStream repository. The package is now available in the CodeReady Linux Builder (CRB). More information about the CRB repository can be found at https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/package_manifest/repositories#CodeReadyLinuxBuilder-repository.

Jira:RHEL-67860

nodejs-18 and nodejs-18-minimal are deprecated

The nodejs-18 and nodejs-18-minimal container images are now deprecated and will no longer receive feature updates. Use nodejs-22 and nodejs-22-minimal instead.

Jira:RHELDOCS-20283[1]

9.12. Deprecated features identified in previous releases

This part provides an overview of functionality that has been deprecated in Red Hat Enterprise Linux 10.

9.12.1. SSSD

The SMB1 protocol is deprecated in Samba

Starting with Samba 4.11, the insecure Server Message Block version 1 (SMB1) protocol is deprecated and will be removed in a future release.

To improve the security, by default, SMB1 is disabled in the Samba server and client utilities.

Jira:RHELDOCS-16612[1]

9.13. Deprecated packages

This section lists packages that have been deprecated and will probably not be included in a future major release of Red Hat Enterprise Linux.

Important

The support status of deprecated packages remains unchanged within RHEL 10.

The following packages have been deprecated in RHEL 10:

  • daxio
  • gvisor-tap-vsock-gvforwarder
  • libpmem
  • libpmem2
  • libpmemblk
  • libpmemlog
  • libpmemobj
  • libpmemobj-cpp
  • libpmempool
  • libslirp
  • nvml
  • pmempool
  • pmreorder
  • sdl2-compat
  • wget
Back to top
Red Hat logoGithubredditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust. Explore our recent updates.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

Theme

© 2025 Red Hat