Chapter 17. System and Subscription Management
cockpit rebased to version 154
The cockpit packages, which provide the
Cockpit
browser-based administration console, have been upgraded to version 154. This version provides a number of bug fixes and enhancements. Notable changes include:
- The
Accounts
page now enables the configuration of account locking and password expiry. - Load graphs consistently ignore loopback traffic on all networks.
Cockpit
provides information about unmet conditions forsystemd
services.- Newly created timers on the
Services
page are now started and enabled automatically. - It is possible to dynamically resize the terminal window to use all available space.
- Various navigation and JavaScript errors with Internet Explorer have been fixed.
Cockpit
uses Self-Signed Certificate Generator (SSCG) to generate SSL certificates, if available.- Loading SSH keys from arbitrary paths is now supported.
- Absent or invalid
/etc/os-release
files are now handled gracefully. - Unprivileged users now cannot use the shutdown/reboot button on the
System
page.
Note that certain cockpit packages are available in the Red Hat Enterprise Linux 7 Extras channel; see https://access.redhat.com/support/policy/updates/extras. (BZ#1470780, BZ#1425887, BZ#1493756)
Users of yum-utils
now can perform actions prior to transactions
A new
yum-plugin-pre-transaction-actions
plug-in has been added to the yum-utils
collection. It allows users to perform actions before a transaction starts. The usage and configuration of the plug-in are almost identical to the existing yum-plugin-post-transaction-actions
plug-in. (BZ#1470647)
yum
can disable creation of per-user cache as a non-root user
New
usercache
option has been added to the yum.conf(5)
configuration file of the yum
utility. It allows the users to disable the creation of per-user cache when yum
runs as a non-root user. The reason for this change is that in some cases users do not want to create and populate per-user cache, for example in cases where the space in the $TMPDIR
directory is consumed by the user cache data. (BZ#1432319)
yum-builddep
now allows to define RPM macros
The
yum-builddep
utility has been enhanced to allow you to define RPM macros for a .spec file parsing. This change has been made because, in some cases, RPM macros need to be defined in order for yum-builddep
to successfully parse a .spec file. Similarly to the rpm
utility, the yum-builddep
tool now allows you to specify RPM macros with the --define
option. (BZ#1437636)
subscription-manager
now displays the host name upon registration
Until now, the user needed to search for the effective host name for a given system, which is determined by different Satellite settings. With this update, the
subscription-manager
utility displays the host name upon the registration of the system. (BZ#1463325)
A subscription-manager
plugin now runs with yum-config-manager
With this update, the
subscription-manager
plugin runs with the yum-config-manager
utility. The yum-config-manager
operations now trigger redhat.repo
generation, allowing Red Hat Enterprise Linux containers to enable or disable repositories without first running yum
commands. (BZ#1329349)
subscription-manager
now protects all product certificates in /etc/pki/product-default/
Previously, the
subscription-manager
utility only protected those product certificates provided by the redhat-release package whose tag matched rhel-#
. Consequently, product certificates such as RHEL-ALT
or High Touch Beta
were sometimes removed from the /etc/pki/product-default/
directory by the product-id yum
plugin. With this update, subscription-manager
has been modified to protect all certificates in /etc/pki/product-default/
against automatic removal. (BZ#1526622)
rhn-migrate-classic-to-rhsm
now automatically enables the subscription-manager
and product-id
yum plugins
With this update, the
rhn-migrate-classic-to-rhsm
utility automatically enables the yum
plugins: subscription-manager
and product-id
. With this update, the subscription-manager
utility automatically enables the yum
plugins: subscription-manager
and product-id
. This update benefits users of Red Hat Enterprise Linux who previously used the rhn-client-tools
utility to register their systems to Red Hat Network Classic or who still use it with Satellite 5 entitlement servers, and who have temporarily disabled the yum
plugins. As a result, rhn-migrate-classic-to-rhsm
allows an easy transition to using the newer subscription-manager
tools for entitlements. Note that running rhn-migrate-classic-to-rhsm
displays a warning message indicating how to change this default behavior if it is not desirable. (BZ#1466453)
subscription-manager
now automatically enables the subscription-manager
and product-id
yum plugins
With this update, the
subscription-manager
utility automatically enables the yum
plugins: subscription-manager
and product-id
. This update benefits users of Red Hat Enterprise Linux who previously used the rhn-client-tools
utility to register their systems to Red Hat Network Classic or who still use it with Satellite 5 entitlement servers, and who have temporarily disabled the yum
plugins. As a result, it is easier for users to start using the newer subscription-manager
tools for entitlements. Note that running subscription-manager
displays a warning message indicating how to change this default behavior if it is not desirable. (BZ#1319927)
subscription-manager-cockpit
replaces subscription functionality in cockpit-system
This update introduces a new
subscription-manager-cockpit
RPM. The new subscription-manager-cockpit
RPM provides a new dbus-based implementation and a few fixes to the same subscriptions functionality provided by cockpit-system
. If both RPMs are installed, the implementation from subscription-manager-cockpit
is used. (BZ#1499977)
virt-who
logs where the host-guest mapping is sent
The
virt-who
utility now uses the rhsm.log
file to log the owner or account to which the host-guest mapping is sent. This helps proper configuration of virt-who
. (BZ#1408556)
virt-who
now provides configuration error information
The
virt-who
utility now checks for common virt-who
configuration errors and outputs log messages that specify the configuration items that caused these errors. As a result, it is easier for a user to correct virt-who
configuration errors. (BZ#1436617)
reposync
now by default skips packages whose location falls outside the destination directory
Previously, the
reposync
command did not sanitize paths to packages specified in a remote repository, which was insecure. A security fix for CVE-2018-10897 has changed the default behavior of reposync
to not store any packages outside the specified destination directory. To restore the original insecure behavior, use the new --allow-path-traversal
option. (BZ#1609302)