Chapter 10. Deprecated functionality
This part provides an overview of functionality that has been deprecated in Red Hat Enterprise Linux 8.
Deprecated devices are fully supported, which means that they are tested and maintained, and their support status remains unchanged within Red Hat Enterprise Linux 8. However, these devices will likely not be supported in the next major version release, and are not recommended for new deployments on the current or future major versions of RHEL.
For the most recent list of deprecated functionality within a particular major release, see the latest version of release documentation. For information about the length of support, see Red Hat Enterprise Linux Life Cycle and Red Hat Enterprise Linux Application Streams Life Cycle.
A package can be deprecated and not recommended for further use. Under certain circumstances, a package can be removed from the product. Product documentation then identifies more recent packages that offer functionality similar, identical, or more advanced to the one deprecated, and provides further recommendations.
For information regarding functionality that is present in RHEL 7 but has been removed in RHEL 8, see Considerations in adopting RHEL 8.
For information regarding functionality that is present in RHEL 8 but has been removed in RHEL 9, see Considerations in adopting RHEL 9.
10.1. Installer and image creation
Several Kickstart commands and options have been deprecated
Using the following commands and options in RHEL 8 Kickstart files will print a warning in the logs:
-
auth
orauthconfig
-
device
-
deviceprobe
-
dmraid
-
install
-
lilo
-
lilocheck
-
mouse
-
multipath
-
bootloader --upgrade
-
ignoredisk --interactive
-
partition --active
-
reboot --kexec
Where only specific options are listed, the base command and its other options are still available and not deprecated.
For more details and related changes in Kickstart, see the Kickstart changes section of the Considerations in adopting RHEL 8 document.
Bugzilla:1642765[1]
The --interactive
option of the ignoredisk
Kickstart command has been deprecated
Using the --interactive option
in future releases of Red Hat Enterprise Linux will result in a fatal installation error. It is recommended that you modify your Kickstart file to remove the option.
Bugzilla:1637872[1]
The Kickstart autostep
command has been deprecated
The autostep
command has been deprecated. The related section about this command has been removed from the RHEL 8 documentation.
Bugzilla:1904251[1]
10.2. Security
NSS
SEED ciphers are deprecated
The Mozilla Network Security Services (NSS
) library will not support TLS cipher suites that use a SEED cipher in a future release. To ensure smooth transition of deployments that rely on SEED ciphers when NSS removes support, Red Hat recommends enabling support for other cipher suites.
Note that SEED ciphers are already disabled by default in RHEL.
TLS 1.0 and TLS 1.1 are deprecated
The TLS 1.0 and TLS 1.1 protocols are disabled in the DEFAULT
system-wide cryptographic policy level. If your scenario, for example, a video conferencing application in the Firefox web browser, requires using the deprecated protocols, switch the system-wide cryptographic policy to the LEGACY
level:
# update-crypto-policies --set LEGACY
For more information, see the Strong crypto defaults in RHEL 8 and deprecation of weak crypto algorithms Knowledgebase article on the Red Hat Customer Portal and the update-crypto-policies(8)
man page.
DSA is deprecated in RHEL 8
The Digital Signature Algorithm (DSA) is considered deprecated in Red Hat Enterprise Linux 8. Authentication mechanisms that depend on DSA keys do not work in the default configuration. Note that OpenSSH
clients do not accept DSA host keys even in the LEGACY
system-wide cryptographic policy level.
Bugzilla:1646541[1]
fapolicyd.rules
is deprecated
The /etc/fapolicyd/rules.d/
directory for files containing allow and deny execution rules replaces the /etc/fapolicyd/fapolicyd.rules
file. The fagenrules
script now merges all component rule files in this directory to the /etc/fapolicyd/compiled.rules
file. Rules in /etc/fapolicyd/fapolicyd.trust
are still processed by the fapolicyd
framework but only for ensuring backward compatibility.
SSL2
Client Hello
has been deprecated in NSS
The Transport Layer Security (TLS
) protocol version 1.2 and earlier allow to start a negotiation with a Client Hello
message formatted in a way that is backward compatible with the Secure Sockets Layer (SSL
) protocol version 2. Support for this feature in the Network Security Services (NSS
) library has been deprecated and it is disabled by default.
Applications that require support for this feature need to use the new SSL_ENABLE_V2_COMPATIBLE_HELLO
API to enable it. Support for this feature may be removed completely in future releases of Red Hat Enterprise Linux 8.
Bugzilla:1645153[1]
NTLM and Krb4 are deprecated in Cyrus SASL
The NTLM and Kerberos 4 authentication protocols have been deprecated and might be removed in a future major version of RHEL. These protocols are no longer considered secure and have already been removed from upstream implementations.
Jira:RHELDOCS-17380[1]
Runtime disabling SELinux using /etc/selinux/config
is now deprecated
Runtime disabling SELinux using the SELINUX=disabled
option in the /etc/selinux/config
file has been deprecated. In RHEL 9, when you disable SELinux only through /etc/selinux/config
, the system starts with SELinux enabled but with no policy loaded.
If your scenario really requires to completely disable SELinux, Red Hat recommends disabling SELinux by adding the selinux=0
parameter to the kernel command line as described in the Changing SELinux modes at boot time section of the Using SELinux title.
The ipa
SELinux module removed from selinux-policy
The ipa
SELinux module has been removed from the selinux-policy
package because it is no longer maintained. The functionality is now included in the ipa-selinux
subpackage.
If your scenario requires the use of types or interfaces from the ipa
module in a local SELinux policy, install the ipa-selinux
package.
Bugzilla:1461914[1]
TPM 1.2 is deprecated
The Trusted Platform Module (TPM) secure cryptoprocessor standard was updated to version 2.0 in 2016. TPM 2.0 provides many improvements over TPM 1.2, and it is not backward compatible with the previous version. TPM 1.2 is deprecated in RHEL 8, and it might be removed in the next major release.
Bugzilla:1657927[1]
crypto-policies
derived properties are now deprecated
With the introduction of scopes for crypto-policies
directives in custom policies, the following derived properties have been deprecated: tls_cipher
, ssh_cipher
, ssh_group
, ike_protocol
, and sha1_in_dnssec
. Additionally, the use of the protocol
property without specifying a scope is now deprecated as well. See the crypto-policies(7)
man page for recommended replacements.
10.3. Subscription management
The --token
option of the subscription-manager
command is deprecated
The --token=<TOKEN>
option of the subscription-manager register
command is an authentication method that helps register your system to Red Hat. This option depends on capabilities offered by the entitlement server. The default entitlement server, subscription.rhsm.redhat.com
, is planning to turn off this capability. As a consequence, attempting to use subscription-manager register --token=<TOKEN>
might fail with the following error message:
Token authentication not supported by the entitlement server
You can continue registering your system using other authorization methods, such as including paired options --username / --password
and --org / --activationkey
of the subscription-manager register
command.
10.4. Software management
rpmbuild --sign
is deprecated
The rpmbuild --sign
command is deprecated since RHEL 8.1. Using this command in future releases of Red Hat Enterprise Linux can result in an error. It is recommended that you use the rpmsign
command instead.
10.5. Shells and command-line tools
The OpenEXR
component has been deprecated
The OpenEXR
component has been deprecated. Hence, the support for the EXR
image format has been dropped from the imagecodecs
module.
The dump
utility from the dump
package has been deprecated
The dump
utility used for backup of file systems has been deprecated and will not be available in RHEL 9.
In RHEL 9, Red Hat recommends using the tar
, dd
, or bacula
, backup utility, based on type of usage, which provides full and safe backups on ext2, ext3, and ext4 file systems.
Note that the restore
utility from the dump
package remains available and supported in RHEL 9 and is available as the restore
package.
Bugzilla:1997366[1]
The hidepid=n
mount option is not supported in RHEL 8 systemd
The mount option hidepid=n
, which controls who can access information in /proc/[pid]
directories, is not compatible with systemd
infrastructure provided in RHEL 8.
In addition, using this option might cause certain services started by systemd
to produce SELinux AVC denial messages and prevent other operations from completing.
For more information, see the related Knowledgebase solution Is mounting /proc with "hidepid=2" recommended with RHEL7 and RHEL8?.
The /usr/lib/udev/rename_device
utility has been deprecated
The udev
helper utility /usr/lib/udev/rename_device
for renaming network interfaces has been deprecated.
The ABRT tool has been deprecated
The Automatic Bug Reporting Tool (ABRT) for detecting and reporting application crashes has been deprecated in RHEL 8. As a replacement, use the systemd-coredump
tool to log and store core dumps, which are automatically generated files after a program crashes.
Bugzilla:2055826[1]
The ReaR crontab has been deprecated
The /etc/cron.d/rear
crontab from the rear
package has been deprecated in RHEL 8 and will not be available in RHEL 9. The crontab checks every night whether the disk layout has changed, and runs rear mkrescue
command if a change happened.
If you require this functionality, after an upgrade to RHEL 9, configure periodic runs of ReaR manually.
The SQLite database backend in Bacula has been deprecated
The Bacula backup system supported multiple database backends: PostgreSQL, MySQL, and SQLite. The SQLite backend has been deprecated and will become unsupported in a later release of RHEL. As a replacement, migrate to one of the other backends (PostgreSQL or MySQL) and do not use the SQLite backend in new deployments.
The raw
command has been deprecated
The raw
(/usr/bin/raw
) command has been deprecated. Using this command in future releases of Red Hat Enterprise Linux can result in an error.
Jira:RHELPLAN-133171[1]
10.6. Networking
The PF_KEYv2
kernel API is deprecated
Applications can configure the kernel’s IPsec implementation by using the PV_KEYv2
and the newer netlink
API. PV_KEYv2
is not actively maintained upstream and misses important security features, such as modern ciphers, offload, and extended sequence number support. As a result, starting with RHEL 8.9, the PV_KEYv2
API is deprecated. If you use this kernel API in your application, migrate it to use the modern netlink
API as an alternative.
Jira:RHEL-1257[1]
Network scripts are deprecated in RHEL 8
Network scripts are deprecated in Red Hat Enterprise Linux 8 and they are no longer provided by default. The basic installation provides a new version of the ifup
and ifdown
scripts which call the NetworkManager service through the nmcli tool. In Red Hat Enterprise Linux 8, to run the ifup
and the ifdown
scripts, NetworkManager must be running.
Note that custom commands in /sbin/ifup-local
, ifdown-pre-local
and ifdown-local
scripts are not executed.
If any of these scripts are required, the installation of the deprecated network scripts in the system is still possible with the following command:
# yum install network-scripts
The ifup
and ifdown
scripts link to the installed legacy network scripts.
Calling the legacy network scripts shows a warning about their deprecation.
Bugzilla:1647725[1]
The dropwatch
tool is deprecated
The dropwatch
tool has been deprecated. The tool will not be supported in future releases, thus it is not recommended for new deployments. As a replacement of this package, Red Hat recommends to use the perf
command line tool.
For more information on using the perf
command line tool, see the Getting started with Perf section on the Red Hat customer portal or the perf
man page.
The xinetd
service has been deprecated
The xinetd
service has been deprecated and will be removed in RHEL 9. As a replacement, use systemd
. For further details, see How to convert xinetd service to systemd.
Bugzilla:2009113[1]
The cgdcbxd
package is deprecated
Control group data center bridging exchange daemon (cgdcbxd
) is a service to monitor data center bridging (DCB) netlink events and manage the net_prio control
group subsystem. Starting with RHEL 8.5, the cgdcbxd
package is deprecated and will be removed in the next major RHEL release.
The WEP Wi-Fi connection method is deprecated
The insecure wired equivalent privacy (WEP) Wi-Fi connection method is deprecated in RHEL 8 and will be removed in RHEL 9.0. For secure Wi-Fi connections, use the Wi-Fi Protected Access 3 (WPA3) or WPA2 connection methods.
The unsupported xt_u32
module is now deprecated
Using the unsupported xt_u32
module, users of iptables
can match arbitrary 32 bits in the packet header or payload. Since RHEL 8.6, the xt_u32
module is deprecated and will be removed in RHEL 9.
If you use xt_u32
, migrate to the nftables
packet filtering framework. For example, first change your firewall to use iptables
with native matches to incrementally replace individual rules, and later use the iptables-translate
and accompanying utilities to migrate to nftables
. If no native match exists in nftables
, use the raw payload matching feature of nftables
. For details, see the raw payload expression
section in the nft(8)
man page.
The term slaves
is deprecated in the nmstate
API
Red Hat is committed to using conscious language. Therefore the slaves
term is deprecated in the Nmstate API. Use the term port
when you use nmstatectl
.
Jira:RHELDOCS-17641
10.7. Kernel
The rdma_rxe
Soft-RoCE driver is deprecated
Software Remote Direct Memory Access over Converged Ethernet (Soft-RoCE), also known as RXE, is a feature that emulates Remote Direct Memory Access (RDMA). In RHEL 8, the Soft-RoCE feature is available as an unsupported Technology Preview. However, due to stability issues, this feature has been deprecated and will be removed in RHEL 9.
Bugzilla:1878207[1]
The Linux firewire
sub-system and its associated user-space components are deprecated in RHEL 8
The firewire
sub-system provides interfaces to use and maintain any resources on the IEEE 1394 bus. In RHEL 9, firewire
will no longer be supported in the kernel
package. Note that firewire
contains several user-space components provided by the libavc1394
, libdc1394
, libraw1394
packages. These packages are subject to the deprecation as well.
Bugzilla:1871863[1]
Installing RHEL for Real Time 8 using diskless boot is now deprecated
Diskless booting allows multiple systems to share a root file system through the network. While convenient, diskless boot is prone to introducing network latency in real-time workloads. With a future minor update of RHEL for Real Time 8, the diskless booting feature will no longer be supported.
Kernel live patching now covers all RHEL minor releases
Since RHEL 8.1, kernel live patches have been provided for selected minor release streams of RHEL covered under the Extended Update Support (EUS) policy to remediate Critical and Important Common Vulnerabilities and Exposures (CVEs). To accommodate the maximum number of concurrently covered kernels and use cases, the support window for each live patch has been decreased from 12 to 6 months for every minor, major, and zStream version of the kernel. It means that on the day a kernel live patch is released, it will cover every minor release and scheduled errata kernel delivered in the past 6 months.
For more information about this feature, see Applying patches with kernel live patching.
For details about available kernel live patches, see Kernel Live Patch life cycles.
The crash-ptdump-command
package is deprecated
The crash-ptdump-command
package, which is a ptdump
extension module for the crash utility, is deprecated and might not be available in future RHEL releases. The ptdump
command fails to retrieve the log buffer when working in the Single Range Output mode and only works in the Table of Physical Addresses (ToPA) mode. crash-ptdump-command
is currently not maintained upstream
Bugzilla:1838927[1]
10.8. Boot loader
The kernelopts
environment variable has been deprecated
In RHEL 8, the kernel command-line parameters for systems using the GRUB bootloader were defined in the kernelopts
environment variable. The variable was stored in the /boot/grub2/grubenv
file for each kernel boot entry. However, storing the kernel command-line parameters using kernelopts
was not robust. Therefore, with a future major update of RHEL, kernelopts
will be removed and the kernel command-line parameters will be stored in the Boot Loader Specification (BLS) snippet instead.
10.9. File systems and storage
The elevator
kernel command line parameter is deprecated
The elevator
kernel command line parameter was used in earlier RHEL releases to set the disk scheduler for all devices. In RHEL 8, the parameter is deprecated.
The upstream Linux kernel has removed support for the elevator
parameter, but it is still available in RHEL 8 for compatibility reasons.
Note that the kernel selects a default disk scheduler based on the type of device. This is typically the optimal setting. If you require a different scheduler, Red Hat recommends that you use udev
rules or the TuneD service to configure it. Match the selected devices and switch the scheduler only for those devices.
For more information, see Setting the disk scheduler.
Bugzilla:1665295[1]
NFSv3 over UDP has been disabled
The NFS server no longer opens or listens on a User Datagram Protocol (UDP) socket by default. This change affects only NFS version 3 because version 4 requires the Transmission Control Protocol (TCP).
NFS over UDP is no longer supported in RHEL 8.
Bugzilla:1592011[1]
peripety
is deprecated
The peripety
package is deprecated since RHEL 8.3.
The Peripety storage event notification daemon parses system storage logs into structured storage events. It helps you investigate storage issues.
VDO write modes other than async
are deprecated
VDO supports several write modes in RHEL 8:
-
sync
-
async
-
async-unsafe
-
auto
Starting with RHEL 8.4, the following write modes are deprecated:
sync
-
Devices above the VDO layer cannot recognize if VDO is synchronous, and consequently, the devices cannot take advantage of the VDO
sync
mode. async-unsafe
-
VDO added this write mode as a workaround for the reduced performance of
async
mode, which complies to Atomicity, Consistency, Isolation, and Durability (ACID). Red Hat does not recommendasync-unsafe
for most use cases and is not aware of any users who rely on it. auto
- This write mode only selects one of the other write modes. It is no longer necessary when VDO supports only a single write mode.
These write modes will be removed in a future major RHEL release.
The recommended VDO write mode is now async
.
For more information on VDO write modes, see Selecting a VDO write mode.
Jira:RHELPLAN-70700[1]
VDO manager has been deprecated
The python-based VDO management software has been deprecated and will be removed from RHEL 9. In RHEL 9, it will be replaced by the LVM-VDO integration. Therefore, it is recommended to create VDO volumes using the lvcreate
command.
The existing volumes created using the VDO management software can be converted using the /usr/sbin/lvm_import_vdo
script, provided by the lvm2
package. For more information on the LVM-VDO implementation, see Deduplicating and compressing logical volumes on RHEL.
cramfs
has been deprecated
Due to lack of users, the cramfs
kernel module is deprecated. squashfs
is recommended as an alternative solution.
Bugzilla:1794513[1]
10.10. High availability and clusters
pcs
commands that support the clufter
tool have been deprecated
The pcs
commands that support the clufter
tool for analyzing cluster configuration formats have been deprecated. These commands now print a warning that the command has been deprecated and sections related to these commands have been removed from the pcs
help display and the pcs(8)
man page.
The following commands have been deprecated:
-
pcs config import-cman
for importing CMAN / RHEL6 HA cluster configuration -
pcs config export
for exporting cluster configuration to a list ofpcs
commands which recreate the same cluster
Bugzilla:1851335[1]
10.11. Dynamic programming languages, web and database servers
The mod_php
module provided with PHP for use with the Apache HTTP Server has been deprecated
The mod_php
module provided with PHP for use with the Apache HTTP Server in RHEL 8 is available but not enabled in the default configuration. The module is no longer available in RHEL 9.
Since RHEL 8, PHP scripts are run using the FastCGI Process Manager (php-fpm
) by default. For more information, see Using PHP with the Apache HTTP Server.
10.12. Compilers and development tools
The gdb.i686
packages are deprecated
In RHEL 8.1, the 32-bit versions of the GNU Debugger (GDB), gdb.i686
, were shipped due to a dependency problem in another package. Because RHEL 8 does not support 32-bit hardware, the gdb.i686
packages are deprecated since RHEL 8.4. The 64-bit versions of GDB, gdb.x86_64
, are fully capable of debugging 32-bit applications.
If you use gdb.i686
, note the following important issues:
-
The
gdb.i686
packages will no longer be updated. Users must installgdb.x86_64
instead. -
If you have
gdb.i686
installed, installinggdb.x86_64
will causeyum
to reportpackage gdb-8.2-14.el8.x86_64 obsoletes gdb < 8.2-14.el8 provided by gdb-8.2-12.el8.i686
. This is expected. Either uninstallgdb.i686
or passdnf
the--allowerasing
option to removegdb.i686
and installgdb.x8_64
. -
Users will no longer be able to install the
gdb.i686
packages on 64-bit systems, that is, those with thelibc.so.6()(64-bit)
packages.
Bugzilla:1853140[1]
libdwarf
has been deprecated
The libdwarf
library has been deprecated in RHEL 8. The library will likely not be supported in future major releases. Instead, use the elfutils
and libdw
libraries for applications that wish to process ELF/DWARF files.
Alternatives for the libdwarf-tools
dwarfdump
program are the binutils
readelf
program or the elfutils
eu-readelf
program, both used by passing the --debug-dump
flag.
10.13. Identity Management
openssh-ldap
has been deprecated
The openssh-ldap
subpackage has been deprecated in Red Hat Enterprise Linux 8 and will be removed in RHEL 9. As the openssh-ldap
subpackage is not maintained upstream, Red Hat recommends using SSSD and the sss_ssh_authorizedkeys
helper, which integrate better with other IdM solutions and are more secure.
By default, the SSSD ldap
and ipa
providers read the sshPublicKey
LDAP attribute of the user object, if available. Note that you cannot use the default SSSD configuration for the ad
provider or IdM trusted domains to retrieve SSH public keys from Active Directory (AD), since AD does not have a default LDAP attribute to store a public key.
To allow the sss_ssh_authorizedkeys
helper to get the key from SSSD, enable the ssh
responder by adding ssh
to the services
option in the sssd.conf
file. See the sssd.conf(5)
man page for details.
To allow sshd
to use sss_ssh_authorizedkeys
, add the AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys
and AuthorizedKeysCommandUser nobody
options to the /etc/ssh/sshd_config
file as described by the sss_ssh_authorizedkeys(1)
man page.
DES and 3DES encryption types have been removed
Due to security reasons, the Data Encryption Standard (DES) algorithm has been deprecated and disabled by default since RHEL 7. With the recent rebase of Kerberos packages, single-DES (DES) and triple-DES (3DES) encryption types have been removed from RHEL 8.
If you have configured services or users to only use DES or 3DES encryption, you might experience service interruptions such as:
- Kerberos authentication errors
-
unknown enctype
encryption errors -
Kerberos Distribution Centers (KDCs) with DES-encrypted Database Master Keys (
K/M
) fail to start
Perform the following actions to prepare for the upgrade:
-
Check if your KDC uses DES or 3DES encryption with the
krb5check
open source Python scripts. See krb5check on GitHub. - If you are using DES or 3DES encryption with any Kerberos principals, re-key them with a supported encryption type, such as Advanced Encryption Standard (AES). For instructions on re-keying, see Retiring DES from MIT Kerberos Documentation.
Test independence from DES and 3DES by temporarily setting the following Kerberos options before upgrading:
-
In
/var/kerberos/krb5kdc/kdc.conf
on the KDC, setsupported_enctypes
and do not includedes
ordes3
. -
For every host, in
/etc/krb5.conf
and any files in/etc/krb5.conf.d
, setallow_weak_crypto
tofalse
. It is false by default. -
For every host, in
/etc/krb5.conf
and any files in/etc/krb5.conf.d
, setpermitted_enctypes
,default_tgs_enctypes
, anddefault_tkt_enctypes
, and do not includedes
ordes3
.
-
In
- If you do not experience any service interruptions with the test Kerberos settings from the previous step, remove them and upgrade. You do not need those settings after upgrading to the latest Kerberos packages.
The SSSD version of libwbclient
has been removed
The SSSD implementation of the libwbclient
package was deprecated in RHEL 8.4. As it cannot be used with recent versions of Samba, the SSSD implementation of libwbclient
has now been removed.
Standalone use of the ctdb
service has been deprecated
Since RHEL 8.4, customers are advised to use the ctdb
clustered Samba service only when both of the following conditions apply:
-
The
ctdb
service is managed as apacemaker
resource with the resource-agentctdb
. -
The
ctdb
service uses storage volumes that contain either a GlusterFS file system provided by the Red Hat Gluster Storage product or a GFS2 file system.
The stand-alone use case of the ctdb
service has been deprecated and will not be included in a next major release of Red Hat Enterprise Linux. For further information on support policies for Samba, see the Knowledgebase article Support Policies for RHEL Resilient Storage - ctdb General Policies.
Bugzilla:1916296[1]
Indirect AD integration with IdM via WinSync has been deprecated
WinSync is no longer actively developed in RHEL 8 due to several functional limitations:
- WinSync supports only one Active Directory (AD) domain.
- Password synchronization requires installing additional software on AD Domain Controllers.
For a more robust solution with better resource and security separation, Red Hat recommends using a cross-forest trust for indirect integration with Active Directory. See the Indirect integration documentation.
Jira:RHELPLAN-100400[1]
Running Samba as a PDC or BDC is deprecated
The classic domain controller mode that enabled administrators to run Samba as an NT4-like primary domain controller (PDC) and backup domain controller (BDC) is deprecated. The code and settings to configure these modes will be removed in a future Samba release.
As long as the Samba version in RHEL 8 provides the PDC and BDC modes, Red Hat supports these modes only in existing installations with Windows versions which support NT4 domains. Red Hat recommends not setting up a new Samba NT4 domain, because Microsoft operating systems later than Windows 7 and Windows Server 2008 R2 do not support NT4 domains.
If you use the PDC to authenticate only Linux users, Red Hat suggests migrating to Red Hat Identity Management (IdM) that is included in RHEL subscriptions. However, you cannot join Windows systems to an IdM domain. Note that Red Hat continues supporting the PDC functionality IdM uses in the background.
Red Hat does not support running Samba as an AD domain controller (DC).
The SMB1 protocol is deprecated in Samba
Starting with Samba 4.11, the insecure Server Message Block version 1 (SMB1) protocol is deprecated and will be removed in a future release.
To improve the security, by default, SMB1 is disabled in the Samba server and client utilities.
Jira:RHELDOCS-16612[1]
Limited support for FreeRADIUS
In RHEL 8, the following external authentication modules are deprecated as part of the FreeRADIUS offering:
- The MySQL, PostgreSQL, SQlite, and unixODBC database connectors
-
The
Perl
language module - The REST API module
The PAM authentication module and other authentication modules that are provided as part of the base package are not affected.
You can find replacements for the deprecated modules in community-supported packages, for example in the Fedora project.
In addition, the scope of support for the freeradius
package will be limited to the following use cases in future RHEL releases:
-
Using FreeRADIUS as an authentication provider with Identity Management (IdM) as the backend source of authentication. The authentication occurs through the
krb5
and LDAP authentication packages or as PAM authentication in the main FreeRADIUS package. - Using FreeRADIUS to provide a source-of-truth for authentication in IdM, through the Python 3 authentication package.
In contrast to these deprecations, Red Hat will strengthen the support of the following external authentication modules with FreeRADIUS:
-
Authentication based on
krb5
and LDAP -
Python 3
authentication
The focus on these integration options is in close alignment with the strategic direction of Red Hat IdM.
Jira:RHELDOCS-17573[1]
10.14. Desktop
The libgnome-keyring
library has been deprecated
The libgnome-keyring
library has been deprecated in favor of the libsecret
library, as libgnome-keyring
is not maintained upstream, and does not follow the necessary cryptographic policies for RHEL. The new libsecret
library is the replacement that follows the necessary security standards.
Bugzilla:1607766[1]
LibreOffice is deprecated
The LibreOffice RPM packages are now deprecated and will be removed in a future major RHEL release. LibreOffice continues to be fully supported through the entire life cycle of RHEL 7, 8, and 9.
As a replacement for the RPM packages, Red Hat recommends that you install LibreOffice from either of the following sources provided by The Document Foundation:
- The official Flatpak package in the Flathub repository: https://flathub.org/apps/org.libreoffice.LibreOffice.
- The official RPM packages: https://www.libreoffice.org/download/download-libreoffice/.
Jira:RHELDOCS-16300[1]
10.15. Graphics infrastructures
AGP graphics cards are no longer supported
Graphics cards using the Accelerated Graphics Port (AGP) bus are not supported in Red Hat Enterprise Linux 8. Use the graphics cards with PCI-Express bus as the recommended replacement.
Bugzilla:1569610[1]
Motif has been deprecated
The Motif widget toolkit has been deprecated in RHEL, because development in the upstream Motif community is inactive.
The following Motif packages have been deprecated, including their development and debugging variants:
-
motif
-
openmotif
-
openmotif21
-
openmotif22
Additionally, the motif-static
package has been removed.
Red Hat recommends using the GTK toolkit as a replacement. GTK is more maintainable and provides new features compared to Motif.
Jira:RHELPLAN-98983[1]
10.16. The web console
The web console no longer supports incomplete translations
The RHEL web console no longer provides translations for languages that have translations available for less than 50 % of the Console’s translatable strings. If the browser requests translation to such a language, the user interface will be in English instead.
The remotectl
command is deprecated
The remotectl
command has been deprecated and will not be available in future releases of RHEL. You can use the cockpit-certificate-ensure
command as a replacement. However, note that cockpit-certificate-ensure
does not have feature parity with remotectl
. It does not support bundled certificates and keychain files and requires them to be split out.
Jira:RHELPLAN-147538[1]
10.17. Red Hat Enterprise Linux system roles
The geoipupdate
package has been deprecated
The geoipupdate
package requires a third-party subscription and it also downloads proprietary content. Therefore, the geoipupdate
package has been deprecated, and will be removed in the next major RHEL version.
Bugzilla:1874892[1]
The network
system role displays a deprecation warning when configuring teams on RHEL 9 nodes
The network teaming capabilities have been deprecated in RHEL 9. As a result, using the network
RHEL system role on an RHEL 8 control node to configure a network team on RHEL 9 nodes, shows a warning about the deprecation.
Ansible Engine has been deprecated
Previous versions of RHEL 8 provided access to an Ansible Engine repository, with a limited scope of support, to enable supported RHEL Automation use cases, such as RHEL system roles and Insights remedations. Ansible Engine has been deprecated, and Ansible Engine 2.9 will have no support after September 29, 2023. For more details on the supported use cases, see Scope of support for the Ansible Core package included in the RHEL 9 AppStream.
Users must manually migrate their systems from Ansible Engine to Ansible Core. For that, follow the steps:
Procedure
Check if the system is running RHEL 8.7 or a later release:
# cat /etc/redhat-release
Uninstall Ansible Engine 2.9:
# yum remove ansible
Disable the
ansible-2-for-rhel-8-x86_64-rpms
repository:# subscription-manager repos --disable ansible-2-for-rhel-8-x86_64-rpms
Install the Ansible Core package from the RHEL 8 AppStream repository:
# yum install ansible-core
For more details, see: Using Ansible in RHEL 8.6 and later.
10.18. Virtualization
virsh iface-*
commands have become deprecated
The virsh iface-*
commands, such as virsh iface-start
and virsh iface-destroy
, are now deprecated, and will be removed in a future major version of RHEL. In addition, these commands frequently fail due to configuration dependencies.
Therefore, it is recommended not to use virsh iface-*
commands for configuring and managing host network connections. Instead, use the NetworkManager program and its related management applications, such as nmcli
.
Bugzilla:1664592[1]
virt-manager has been deprecated
The Virtual Machine Manager application, also known as virt-manager, has been deprecated. The RHEL web console, also known as Cockpit, is intended to become its replacement in a subsequent release. It is, therefore, recommended that you use the web console for managing virtualization in a GUI. Note, however, that some features available in virt-manager might not be yet available in the RHEL web console.
Jira:RHELPLAN-10304[1]
Limited support for virtual machine snapshots
Creating snapshots of virtual machines (VMs) is currently only supported for VMs not using the UEFI firmware. In addition, during the snapshot operation, the QEMU monitor may become blocked, which negatively impacts the hypervisor performance for certain workloads.
Also note that the current mechanism of creating VM snapshots has been deprecated, and Red Hat does not recommend using VM snapshots in a production environment.
The Cirrus VGA virtual GPU type has been deprecated
With a future major update of Red Hat Enterprise Linux, the Cirrus VGA GPU device will no longer be supported in KVM virtual machines. Therefore, Red Hat recommends using the stdvga or virtio-vga devices instead of Cirrus VGA.
Bugzilla:1651994[1]
SPICE has been deprecated
The SPICE remote display protocol has become deprecated. As a result, SPICE will remain supported in RHEL 8, but Red Hat recommends using alternate solutions for remote display streaming:
- For remote console access, use the VNC protocol.
- For advanced remote display functions, use third party tools such as RDP, HP RGS, or Mechdyne TGX.
Note that the QXL graphics device, which is used by SPICE, has become deprecated as well.
Bugzilla:1849563[1]
KVM on IBM POWER has been deprecated
Using KVM virtualization on IBM POWER hardware has become deprecated. As a result, KVM on IBM POWER is still supported in RHEL 8, but will become unsupported in a future major release of RHEL.
Jira:RHELPLAN-71200[1]
SecureBoot image verification using SHA1-based signatures is deprecated
Performing SecureBoot image verification using SHA1-based signatures on UEFI (PE/COFF) executables has become deprecated. Instead, Red Hat recommends using signatures based on the SHA2 algorithm, or later.
Bugzilla:1935497[1]
Using SPICE to attach smart card readers to virtual machines has been deprecated
The SPICE remote display protocol has been deprecated in RHEL 8. Since the only recommended way to attach smart card readers to virtual machines (VMs) depends on the SPICE protocol, the usage of smart cards in VMs has also become deprecated in RHEL 8.
In a future major version of RHEL, the functionality of attaching smart card readers to VMs will only be supported by third party remote visualization solutions.
RDMA-based live migration is deprecated
With this update, migrating running virtual machines using Remote Direct Memory Access (RDMA) has become deprecated. As a result, it is still possible to use the rdma://
migration URI to request migration over RDMA, but this feature will become unsupported in a future major release of RHEL.
Jira:RHELPLAN-153267[1]
10.19. Containers
The Podman varlink-based API v1.0 has been removed
The Podman varlink-based API v1.0 was deprecated in a previous release of RHEL 8. Podman v2.0 introduced a new Podman v2.0 RESTful API. With the release of Podman v3.0, the varlink-based API v1.0 has been completely removed.
Jira:RHELPLAN-45858[1]
container-tools:1.0
has been deprecated
The container-tools:1.0
module has been deprecated and will no longer receive security updates. It is recommended to use a newer supported stable module stream, such as container-tools:2.0
or container-tools:3.0
.
Jira:RHELPLAN-59825[1]
The container-tools:2.0
module has been deprecated
The container-tools:2.0 module has been deprecated and will no longer receive security updates. It is recommended to use a newer supported stable module stream, such as container-tools:3.0
.
Jira:RHELPLAN-85066[1]
Flatpak images except GIMP has been deprecated
The rhel8/firefox-flatpak
, rhel8/thunderbird-flatpak
, rhel8/inkscape-flatpak
, and rhel8/libreoffice-flatpak
RHEL 8 Flatpak Applications have been deprecated and replaced by the RHEL 9 versions. The rhel8/gimp-flatpak
Flatpak Application is not deprecated because there is no replacement yet in RHEL 9.
The CNI network stack has been deprecated
The Container Network Interface (CNI) network stack is deprecated and will be removed from Podman in a future minor release of RHEL. Previously, containers connected to the single Container Network Interface (CNI) plugin only via DNS. Podman v.4.0 introduced a new Netavark network stack. You can use the Netavark network stack with Podman and other Open Container Initiative (OCI) container management applications. The Netavark network stack for Podman is also compatible with advanced Docker functionalities. Containers in multiple networks can access containers on any of those networks.
For more information, see Switching the network stack from CNI to Netavark.
Jira:RHELDOCS-16755[1]
container-tools:3.0
has been deprecated
The container-tools:3.0
module has been deprecated and will no longer receive security updates. To continue to build and run Linux Containers on RHEL, use a newer, stable, and supported module stream, such as container-tools:4.0
.
For instructions on switching to a later stream, see Switching to a later stream.
Jira:RHELPLAN-146398[1]
The Inkscape and LibreOffice Flatpak images are deprecated
The rhel9/inkscape-flatpak
and rhel9/libreoffice-flatpak
Flatpak images, which are available as Technology Previews, have been deprecated.
Red Hat recommends the following alternatives to these images:
-
To replace
rhel9/inkscape-flatpak
, use theinkscape
RPM package. -
To replace
rhel9/libreoffice-flatpak
, see the LibreOffice deprecation release note.
Jira:RHELDOCS-17102[1]
10.20. Deprecated packages
This section lists packages that have been deprecated and will probably not be included in a future major release of Red Hat Enterprise Linux.
For changes to packages between RHEL 7 and RHEL 8, see Changes to packages in the Considerations in adopting RHEL 8 document.
The support status of deprecated packages remains unchanged within RHEL 8. For more information about the length of support, see Red Hat Enterprise Linux Life Cycle and Red Hat Enterprise Linux Application Streams Life Cycle.
The following packages have been deprecated in RHEL 8:
- 389-ds-base-legacy-tools
- abrt
- abrt-addon-ccpp
- abrt-addon-kerneloops
- abrt-addon-pstoreoops
- abrt-addon-vmcore
- abrt-addon-xorg
- abrt-cli
- abrt-console-notification
- abrt-dbus
- abrt-desktop
- abrt-gui
- abrt-gui-libs
- abrt-libs
- abrt-tui
- adobe-source-sans-pro-fonts
- adwaita-qt
- alsa-plugins-pulseaudio
- amanda
- amanda-client
- amanda-libs
- amanda-server
- ant-contrib
- antlr3
- antlr32
- aopalliance
- apache-commons-collections
- apache-commons-compress
- apache-commons-exec
- apache-commons-jxpath
- apache-commons-parent
- apache-ivy
- apache-parent
- apache-resource-bundles
- apache-sshd
- apiguardian
- aspnetcore-runtime-3.0
- aspnetcore-runtime-3.1
- aspnetcore-runtime-5.0
- aspnetcore-targeting-pack-3.0
- aspnetcore-targeting-pack-3.1
- aspnetcore-targeting-pack-5.0
- assertj-core
- authd
- auto
- autoconf213
- autogen
- autogen-libopts
- awscli
- base64coder
- batik
- batik-css
- batik-util
- bea-stax
- bea-stax-api
- bind-export-devel
- bind-export-libs
- bind-libs-lite
- bind-pkcs11
- bind-pkcs11-devel
- bind-pkcs11-libs
- bind-pkcs11-utils
- bind-sdb
- bind-sdb
- bind-sdb-chroot
- bluez-hid2hci
- boost-jam
- boost-signals
- bouncycastle
- bpg-algeti-fonts
- bpg-chveulebrivi-fonts
- bpg-classic-fonts
- bpg-courier-fonts
- bpg-courier-s-fonts
- bpg-dedaena-block-fonts
- bpg-dejavu-sans-fonts
- bpg-elite-fonts
- bpg-excelsior-caps-fonts
- bpg-excelsior-condenced-fonts
- bpg-excelsior-fonts
- bpg-fonts-common
- bpg-glaho-fonts
- bpg-gorda-fonts
- bpg-ingiri-fonts
- bpg-irubaqidze-fonts
- bpg-mikhail-stephan-fonts
- bpg-mrgvlovani-caps-fonts
- bpg-mrgvlovani-fonts
- bpg-nateli-caps-fonts
- bpg-nateli-condenced-fonts
- bpg-nateli-fonts
- bpg-nino-medium-cond-fonts
- bpg-nino-medium-fonts
- bpg-sans-fonts
- bpg-sans-medium-fonts
- bpg-sans-modern-fonts
- bpg-sans-regular-fonts
- bpg-serif-fonts
- bpg-serif-modern-fonts
- bpg-ucnobi-fonts
- brlapi-java
- bsh
- buildnumber-maven-plugin
- byaccj
- cal10n
- cbi-plugins
- cdparanoia
- cdparanoia-devel
- cdparanoia-libs
- cdrdao
- cmirror
- codehaus-parent
- codemodel
- compat-exiv2-026
- compat-guile18
- compat-hwloc1
- compat-libpthread-nonshared
- compat-libtiff3
- compat-openssl10
- compat-sap-c++-11
- compat-sap-c++-10
- compat-sap-c++-9
- createrepo_c-devel
- ctags
- ctags-etags
- custodia
- cyrus-imapd-vzic
- dbus-c++
- dbus-c++-devel
- dbus-c++-glib
- dbxtool
- dhcp-libs
- directory-maven-plugin
- directory-maven-plugin-javadoc
- dirsplit
- dleyna-connector-dbus
- dleyna-core
- dleyna-renderer
- dleyna-server
- dnssec-trigger
- dnssec-trigger-panel
- dotnet-apphost-pack-3.0
- dotnet-apphost-pack-3.1
- dotnet-apphost-pack-5.0
- dotnet-host-fxr-2.1
- dotnet-host-fxr-2.1
- dotnet-hostfxr-3.0
- dotnet-hostfxr-3.1
- dotnet-hostfxr-5.0
- dotnet-runtime-2.1
- dotnet-runtime-3.0
- dotnet-runtime-3.1
- dotnet-runtime-5.0
- dotnet-sdk-2.1
- dotnet-sdk-2.1.5xx
- dotnet-sdk-3.0
- dotnet-sdk-3.1
- dotnet-sdk-5.0
- dotnet-targeting-pack-3.0
- dotnet-targeting-pack-3.1
- dotnet-targeting-pack-5.0
- dotnet-templates-3.0
- dotnet-templates-3.1
- dotnet-templates-5.0
- dotnet5.0-build-reference-packages
- dptfxtract
- drpm
- drpm-devel
- dump
- dvd+rw-tools
- dyninst-static
- eclipse-ecf
- eclipse-ecf-core
- eclipse-ecf-runtime
- eclipse-emf
- eclipse-emf-core
- eclipse-emf-runtime
- eclipse-emf-xsd
- eclipse-equinox-osgi
- eclipse-jdt
- eclipse-license
- eclipse-p2-discovery
- eclipse-pde
- eclipse-platform
- eclipse-swt
- ed25519-java
- ee4j-parent
- elfutils-devel-static
- elfutils-libelf-devel-static
- enca
- enca-devel
- environment-modules-compat
- evince-browser-plugin
- exec-maven-plugin
- farstream02
- felix-gogo-command
- felix-gogo-runtime
- felix-gogo-shell
- felix-scr
- felix-osgi-compendium
- felix-osgi-core
- felix-osgi-foundation
- felix-parent
- file-roller
- fipscheck
- fipscheck-devel
- fipscheck-lib
- firewire
- fonts-tweak-tool
- forge-parent
- freeradius-mysql
- freeradius-perl
- freeradius-postgresql
- freeradius-rest
- freeradius-sqlite
- freeradius-unixODBC
- fuse-sshfs
- fusesource-pom
- future
- gamin
- gamin-devel
- gavl
- gcc-toolset-9
- gcc-toolset-9-annobin
- gcc-toolset-9-build
- gcc-toolset-9-perftools
- gcc-toolset-9-runtime
- gcc-toolset-9-toolchain
- gcc-toolset-10
- gcc-toolset-10-annobin
- gcc-toolset-10-binutils
- gcc-toolset-10-binutils-devel
- gcc-toolset-10-build
- gcc-toolset-10-dwz
- gcc-toolset-10-dyninst
- gcc-toolset-10-dyninst-devel
- gcc-toolset-10-elfutils
- gcc-toolset-10-elfutils-debuginfod-client
- gcc-toolset-10-elfutils-debuginfod-client-devel
- gcc-toolset-10-elfutils-devel
- gcc-toolset-10-elfutils-libelf
- gcc-toolset-10-elfutils-libelf-devel
- gcc-toolset-10-elfutils-libs
- gcc-toolset-10-gcc
- gcc-toolset-10-gcc-c++
- gcc-toolset-10-gcc-gdb-plugin
- gcc-toolset-10-gcc-gfortran
- gcc-toolset-10-gdb
- gcc-toolset-10-gdb-doc
- gcc-toolset-10-gdb-gdbserver
- gcc-toolset-10-libasan-devel
- gcc-toolset-10-libatomic-devel
- gcc-toolset-10-libitm-devel
- gcc-toolset-10-liblsan-devel
- gcc-toolset-10-libquadmath-devel
- gcc-toolset-10-libstdc++-devel
- gcc-toolset-10-libstdc++-docs
- gcc-toolset-10-libtsan-devel
- gcc-toolset-10-libubsan-devel
- gcc-toolset-10-ltrace
- gcc-toolset-10-make
- gcc-toolset-10-make-devel
- gcc-toolset-10-perftools
- gcc-toolset-10-runtime
- gcc-toolset-10-strace
- gcc-toolset-10-systemtap
- gcc-toolset-10-systemtap-client
- gcc-toolset-10-systemtap-devel
- gcc-toolset-10-systemtap-initscript
- gcc-toolset-10-systemtap-runtime
- gcc-toolset-10-systemtap-sdt-devel
- gcc-toolset-10-systemtap-server
- gcc-toolset-10-toolchain
- gcc-toolset-10-valgrind
- gcc-toolset-10-valgrind-devel
- gcc-toolset-11-make-devel
- GConf2
- GConf2-devel
- gegl
- genisoimage
- genwqe-tools
- genwqe-vpd
- genwqe-zlib
- genwqe-zlib-devel
- geoipupdate
- geronimo-annotation
- geronimo-jms
- geronimo-jpa
- geronimo-parent-poms
- gfbgraph
- gflags
- gflags-devel
- glassfish-annotation-api
- glassfish-el
- glassfish-fastinfoset
- glassfish-jaxb-core
- glassfish-jaxb-txw2
- glassfish-jsp
- glassfish-jsp-api
- glassfish-legal
- glassfish-master-pom
- glassfish-servlet-api
- glew-devel
- glib2-fam
- glog
- glog-devel
- gmock
- gmock-devel
- gnome-abrt
- gnome-boxes
- gnome-menus-devel
- gnome-online-miners
- gnome-shell-extension-disable-screenshield
- gnome-shell-extension-horizontal-workspaces
- gnome-shell-extension-no-hot-corner
- gnome-shell-extension-window-grouper
- gnome-themes-standard
- gnu-free-fonts-common
- gnu-free-mono-fonts
- gnu-free-sans-fonts
- gnu-free-serif-fonts
- gnupg2-smime
- gnuplot
- gnuplot-common
- gobject-introspection-devel
- google-gson
- google-noto-sans-syriac-eastern-fonts
- google-noto-sans-syriac-estrangela-fonts
- google-noto-sans-syriac-western-fonts
- google-noto-sans-tibetan-fonts
- google-noto-sans-ui-fonts
- gphoto2
- gsl-devel
- gssntlmssp
- gtest
- gtest-devel
- gtkmm24
- gtkmm24-devel
- gtkmm24-docs
- gtksourceview3
- gtksourceview3-devel
- gtkspell
- gtkspell-devel
- gtkspell3
- guile
- gutenprint-gimp
- gutenprint-libs-ui
- gvfs-afc
- gvfs-afp
- gvfs-archive
- hamcrest-core
- hawtjni
- hawtjni
- hawtjni-runtime
- HdrHistogram
- HdrHistogram-javadoc
- highlight-gui
- hivex-devel
- hostname
- hplip-gui
- httpcomponents-project
- hwloc-plugins
- hyphen-fo
- hyphen-grc
- hyphen-hsb
- hyphen-ia
- hyphen-is
- hyphen-ku
- hyphen-mi
- hyphen-mn
- hyphen-sa
- hyphen-tk
- ibus-sayura
- icedax
- icu4j
- idm-console-framework
- inkscape
- inkscape-docs
- inkscape-view
- iptables
- ipython
- isl
- isl-devel
- isorelax
- istack-commons-runtime
- istack-commons-tools
- iwl3945-firmware
- iwl4965-firmware
- iwl6000-firmware
- jacoco
- jaf
- jaf-javadoc
- jakarta-oro
- janino
- jansi-native
- jarjar
- java-1.8.0-ibm
- java-1.8.0-ibm-demo
- java-1.8.0-ibm-devel
- java-1.8.0-ibm-headless
- java-1.8.0-ibm-jdbc
- java-1.8.0-ibm-plugin
- java-1.8.0-ibm-src
- java-1.8.0-ibm-webstart
- java-1.8.0-openjdk-accessibility
- java-1.8.0-openjdk-accessibility-slowdebug
- java_cup
- java-atk-wrapper
- javacc
- javacc-maven-plugin
- javaewah
- javaparser
- javapoet
- javassist
- javassist-javadoc
- jaxen
- jboss-annotations-1.2-api
- jboss-interceptors-1.2-api
- jboss-logmanager
- jboss-parent
- jctools
- jdepend
- jdependency
- jdom
- jdom2
- jetty
- jetty-continuation
- jetty-http
- jetty-io
- jetty-security
- jetty-server
- jetty-servlet
- jetty-util
- jffi
- jflex
- jgit
- jline
- jmc
- jnr-netdb
- jolokia-jvm-agent
- js-uglify
- jsch
- json_simple
- jss-javadoc
- jtidy
- junit5
- jvnet-parent
- jzlib
- kernel-cross-headers
- ksc
- kurdit-unikurd-web-fonts
- kyotocabinet-libs
- ldapjdk-javadoc
- lensfun
- lensfun-devel
- lftp-scripts
- libaec
- libaec-devel
- libappindicator-gtk3
- libappindicator-gtk3-devel
- libatomic-static
- libavc1394
- libblocksruntime
- libcacard
- libcacard-devel
- libcgroup
- libcgroup-tools
- libchamplain
- libchamplain-devel
- libchamplain-gtk
- libcroco
- libcroco-devel
- libcxl
- libcxl-devel
- libdap
- libdap-devel
- libdazzle-devel
- libdbusmenu
- libdbusmenu-devel
- libdbusmenu-doc
- libdbusmenu-gtk3
- libdbusmenu-gtk3-devel
- libdc1394
- libdnet
- libdnet-devel
- libdv
- libdwarf
- libdwarf-devel
- libdwarf-static
- libdwarf-tools
- libeasyfc
- libeasyfc-gobject
- libepubgen-devel
- libertas-sd8686-firmware
- libertas-usb8388-firmware
- libertas-usb8388-olpc-firmware
- libgdither
- libGLEW
- libgovirt
- libguestfs-benchmarking
- libguestfs-devel
- libguestfs-gfs2
- libguestfs-gobject
- libguestfs-gobject-devel
- libguestfs-java
- libguestfs-java-devel
- libguestfs-javadoc
- libguestfs-man-pages-ja
- libguestfs-man-pages-uk
- libguestfs-tools
- libguestfs-tools-c
- libhugetlbfs
- libhugetlbfs-devel
- libhugetlbfs-utils
- libIDL
- libIDL-devel
- libidn
- libiec61883
- libindicator-gtk3
- libindicator-gtk3-devel
- libiscsi-devel
- libjose-devel
- libkkc
- libkkc-common
- libkkc-data
- libldb-devel
- liblogging
- libluksmeta-devel
- libmalaga
- libmcpp
- libmemcached
- libmemcached-libs
- libmetalink
- libmodulemd1
- libmongocrypt
- libmtp-devel
- libmusicbrainz5
- libmusicbrainz5-devel
- libnbd-devel
- liboauth
- liboauth-devel
- libpfm-static
- libpng12
- libpurple
- libpurple-devel
- libraw1394
- libreport-plugin-mailx
- libreport-plugin-rhtsupport
- libreport-plugin-ureport
- libreport-rhel
- libreport-rhel-bugzilla
- librpmem
- librpmem-debug
- librpmem-devel
- libsass
- libsass-devel
- libselinux-python
- libsqlite3x
- libtalloc-devel
- libtar
- libtdb-devel
- libtevent-devel
- libtpms-devel
- libunwind
- libusal
- libvarlink
- libverto-libevent
- libvirt-admin
- libvirt-bash-completion
- libvirt-daemon-driver-storage-gluster
- libvirt-daemon-driver-storage-iscsi-direct
- libvirt-devel
- libvirt-docs
- libvirt-gconfig
- libvirt-gobject
- libvirt-lock-sanlock
- libvirt-wireshark
- libvmem
- libvmem-debug
- libvmem-devel
- libvmmalloc
- libvmmalloc-debug
- libvmmalloc-devel
- libvncserver
- libwinpr-devel
- libwmf
- libwmf-devel
- libwmf-lite
- libXNVCtrl
- libyami
- log4j12
- log4j12-javadoc
- lohit-malayalam-fonts
- lohit-nepali-fonts
- lorax-composer
- lua-guestfs
- lucene
- lucene-analysis
- lucene-analyzers-smartcn
- lucene-queries
- lucene-queryparser
- lucene-sandbox
- lz4-java
- lz4-java-javadoc
- mailman
- mailx
- make-devel
- malaga
- malaga-suomi-voikko
- marisa
- maven-antrun-plugin
- maven-assembly-plugin
- maven-clean-plugin
- maven-dependency-analyzer
- maven-dependency-plugin
- maven-doxia
- maven-doxia-sitetools
- maven-install-plugin
- maven-invoker
- maven-invoker-plugin
- maven-parent
- maven-plugins-pom
- maven-reporting-api
- maven-reporting-impl
- maven-resolver-api
- maven-resolver-connector-basic
- maven-resolver-impl
- maven-resolver-spi
- maven-resolver-transport-wagon
- maven-resolver-util
- maven-scm
- maven-script-interpreter
- maven-shade-plugin
- maven-shared
- maven-verifier
- maven-wagon-file
- maven-wagon-http
- maven-wagon-http-shared
- maven-wagon-provider-api
- maven2
- meanwhile
- mercurial
- mercurial-hgk
- metis
- metis-devel
- mingw32-bzip2
- mingw32-bzip2-static
- mingw32-cairo
- mingw32-expat
- mingw32-fontconfig
- mingw32-freetype
- mingw32-freetype-static
- mingw32-gstreamer1
- mingw32-harfbuzz
- mingw32-harfbuzz-static
- mingw32-icu
- mingw32-libjpeg-turbo
- mingw32-libjpeg-turbo-static
- mingw32-libpng
- mingw32-libpng-static
- mingw32-libtiff
- mingw32-libtiff-static
- mingw32-openssl
- mingw32-readline
- mingw32-sqlite
- mingw32-sqlite-static
- mingw64-adwaita-icon-theme
- mingw64-bzip2
- mingw64-bzip2-static
- mingw64-cairo
- mingw64-expat
- mingw64-fontconfig
- mingw64-freetype
- mingw64-freetype-static
- mingw64-gstreamer1
- mingw64-harfbuzz
- mingw64-harfbuzz-static
- mingw64-icu
- mingw64-libjpeg-turbo
- mingw64-libjpeg-turbo-static
- mingw64-libpng
- mingw64-libpng-static
- mingw64-libtiff
- mingw64-libtiff-static
- mingw64-nettle
- mingw64-openssl
- mingw64-readline
- mingw64-sqlite
- mingw64-sqlite-static
- modello
- mojo-parent
- mongo-c-driver
- mousetweaks
- mozjs52
- mozjs52-devel
- mozjs60
- mozjs60-devel
- mozvoikko
- msv-javadoc
- msv-manual
- munge-maven-plugin
- mythes-mi
- mythes-ne
- nafees-web-naskh-fonts
- nbd
- nbdkit-devel
- nbdkit-example-plugins
- nbdkit-gzip-plugin
- nbdkit-plugin-python-common
- nbdkit-plugin-vddk
- ncompress
- ncurses-compat-libs
- net-tools
- netcf
- netcf-devel
- netcf-libs
- network-scripts
- network-scripts-ppp
- nkf
- nodejs-devel
- nodejs-packaging
- nss_nis
- nss-pam-ldapd
- objectweb-asm
- objectweb-asm-javadoc
- objectweb-pom
- ocaml-bisect-ppx
- ocaml-camlp4
- ocaml-camlp4-devel
- ocaml-lwt
- ocaml-mmap
- ocaml-ocplib-endian
- ocaml-ounit
- ocaml-result
- ocaml-seq
- opencryptoki-tpmtok
- opencv-contrib
- opencv-core
- opencv-devel
- openhpi
- openhpi-libs
- OpenIPMI-perl
- openssh-cavs
- openssh-ldap
- openssl-ibmpkcs11
- opentest4j
- os-maven-plugin
- pakchois
- pandoc
- paps-libs
- paranamer
- parfait
- parfait-examples
- parfait-javadoc
- pcp-parfait-agent
- pcp-pmda-rpm
- pcp-pmda-vmware
- pcsc-lite-doc
- peripety
- perl-B-Debug
- perl-B-Lint
- perl-Class-Factory-Util
- perl-Class-ISA
- perl-DateTime-Format-HTTP
- perl-DateTime-Format-Mail
- perl-File-CheckTree
- perl-homedir
- perl-libxml-perl
- perl-Locale-Codes
- perl-Mozilla-LDAP
- perl-NKF
- perl-Object-HashBase-tools
- perl-Package-DeprecationManager
- perl-Pod-LaTeX
- perl-Pod-Plainer
- perl-prefork
- perl-String-CRC32
- perl-SUPER
- perl-Sys-Virt
- perl-tests
- perl-YAML-Syck
- phodav
- php-recode
- php-xmlrpc
- pidgin
- pidgin-devel
- pidgin-sipe
- pinentry-emacs
- pinentry-gtk
- pipewire0.2-devel
- pipewire0.2-libs
- platform-python-coverage
- plexus-ant-factory
- plexus-bsh-factory
- plexus-cli
- plexus-component-api
- plexus-component-factories-pom
- plexus-components-pom
- plexus-i18n
- plexus-interactivity
- plexus-pom
- plexus-velocity
- plymouth-plugin-throbgress
- pmreorder
- postgresql-test-rpm-macros
- powermock
- prometheus-jmx-exporter
- prometheus-jmx-exporter-openjdk11
- ptscotch-mpich
- ptscotch-mpich-devel
- ptscotch-mpich-devel-parmetis
- ptscotch-openmpi
- ptscotch-openmpi-devel
- purple-sipe
- pygobject2-doc
- pygtk2
- pygtk2-codegen
- pygtk2-devel
- pygtk2-doc
- python-nose-docs
- python-nss-doc
- python-podman-api
- python-psycopg2-doc
- python-pymongo-doc
- python-redis
- python-schedutils
- python-slip
- python-sqlalchemy-doc
- python-varlink
- python-virtualenv-doc
- python2-backports
- python2-backports-ssl_match_hostname
- python2-bson
- python2-coverage
- python2-docs
- python2-docs-info
- python2-funcsigs
- python2-ipaddress
- python2-mock
- python2-nose
- python2-numpy-doc
- python2-psycopg2-debug
- python2-psycopg2-tests
- python2-pymongo
- python2-pymongo-gridfs
- python2-pytest-mock
- python2-sqlalchemy
- python2-tools
- python2-virtualenv
- python3-bson
- python3-click
- python3-coverage
- python3-cpio
- python3-custodia
- python3-docs
- python3-flask
- python3-gevent
- python3-gobject-base
- python3-hivex
- python3-html5lib
- python3-hypothesis
- python3-ipatests
- python3-itsdangerous
- python3-jwt
- python3-libguestfs
- python3-mock
- python3-networkx-core
- python3-nose
- python3-nss
- python3-openipmi
- python3-pillow
- python3-ptyprocess
- python3-pydbus
- python3-pymongo
- python3-pymongo-gridfs
- python3-pyOpenSSL
- python3-pytoml
- python3-reportlab
- python3-schedutils
- python3-scons
- python3-semantic_version
- python3-slip
- python3-slip-dbus
- python3-sqlalchemy
- python3-syspurpose
- python3-virtualenv
- python3-webencodings
- python3-werkzeug
- python38-asn1crypto
- python38-numpy-doc
- python38-psycopg2-doc
- python38-psycopg2-tests
- python39-numpy-doc
- python39-psycopg2-doc
- python39-psycopg2-tests
- qemu-kvm-block-gluster
- qemu-kvm-block-iscsi
- qemu-kvm-block-ssh
- qemu-kvm-hw-usbredir
- qemu-kvm-device-display-virtio-gpu-gl
- qemu-kvm-device-display-virtio-gpu-pci-gl
- qemu-kvm-device-display-virtio-vga-gl
- qemu-kvm-tests
- qpdf
- qpdf-doc
- qpid-proton
- qrencode
- qrencode-devel
- qrencode-libs
- qt5-qtcanvas3d
- qt5-qtcanvas3d-examples
- rarian
- rarian-compat
- re2c
- recode
- redhat-lsb
- redhat-lsb-core
- redhat-lsb-cxx
- redhat-lsb-desktop
- redhat-lsb-languages
- redhat-lsb-printing
- redhat-lsb-submod-multimedia
- redhat-lsb-submod-security
- redhat-lsb-supplemental
- redhat-lsb-trialuse
- redhat-menus
- redhat-support-lib-python
- redhat-support-tool
- reflections
- regexp
- relaxngDatatype
- rhsm-gtk
- rpm-plugin-prioreset
- rpmemd
- rsyslog-udpspoof
- ruby-hivex
- ruby-libguestfs
- rubygem-abrt
- rubygem-abrt-doc
- rubygem-bson
- rubygem-bson-doc
- rubygem-bundler-doc
- rubygem-mongo
- rubygem-mongo-doc
- rubygem-net-telnet
- rubygem-xmlrpc
- s390utils-cmsfs
- samba-pidl
- samba-test
- samba-test-libs
- samyak-devanagari-fonts
- samyak-fonts-common
- samyak-gujarati-fonts
- samyak-malayalam-fonts
- samyak-odia-fonts
- samyak-tamil-fonts
- sane-frontends
- sanlk-reset
- sat4j
- scala
- scotch
- scotch-devel
- SDL_sound
- selinux-policy-minimum
- sendmail
- sgabios
- sgabios-bin
- shrinkwrap
- sisu-inject
- sisu-mojos
- sisu-plexus
- skkdic
- SLOF
- smc-anjalioldlipi-fonts
- smc-dyuthi-fonts
- smc-fonts-common
- smc-kalyani-fonts
- smc-raghumalayalam-fonts
- smc-suruma-fonts
- softhsm-devel
- sonatype-oss-parent
- sonatype-plugins-parent
- sos-collector
- sparsehash-devel
- spax
- spec-version-maven-plugin
- spice
- spice-client-win-x64
- spice-client-win-x86
- spice-glib
- spice-glib-devel
- spice-gtk
- spice-gtk-tools
- spice-gtk3
- spice-gtk3-devel
- spice-gtk3-vala
- spice-parent
- spice-protocol
- spice-qxl-wddm-dod
- spice-server
- spice-server-devel
- spice-qxl-xddm
- spice-server
- spice-streaming-agent
- spice-vdagent-win-x64
- spice-vdagent-win-x86
- sssd-libwbclient
- star
- stax-ex
- stax2-api
- stringtemplate
- stringtemplate4
- subscription-manager-initial-setup-addon
- subscription-manager-migration
- subscription-manager-migration-data
- subversion-javahl
- SuperLU
- SuperLU-devel
- supermin-devel
- swig
- swig-doc
- swig-gdb
- swtpm-devel
- swtpm-tools-pkcs11
- system-storage-manager
- tcl-brlapi
- testng
- tibetan-machine-uni-fonts
- timedatex
- tpm-quote-tools
- tpm-tools
- tpm-tools-pkcs11
- treelayout
- trousers
- trousers-lib
- tuned-profiles-compat
- tuned-profiles-nfv-host-bin
- tuned-utils-systemtap
- tycho
- uglify-js
- unbound-devel
- univocity-output-tester
- univocity-parsers
- usbguard-notifier
- usbredir-devel
- utf8cpp
- uthash
- velocity
- vinagre
- vino
- virt-dib
- virt-p2v-maker
- vm-dump-metrics-devel
- weld-parent
- wodim
- woodstox-core
- wqy-microhei-fonts
- wqy-unibit-fonts
- xdelta
- xmlgraphics-commons
- xmlstreambuffer
- xinetd
- xorg-x11-apps
- xorg-x11-drv-qxl
- xorg-x11-server-Xspice
- xpp3
- xsane-gimp
- xsom
- xz-java
- xz-java-javadoc
- yajl-devel
- yp-tools
- ypbind
- ypserv
10.21. Deprecated and unmaintained devices
This section lists devices (drivers, adapters) that
- continue to be supported until the end of life of RHEL 8 but will likely not be supported in future major releases of this product and are not recommended for new deployments. Support for devices other than those listed remains unchanged. These are deprecated devices.
- are available but are no longer being tested or updated on a routine basis in RHEL 8. Red Hat may fix serious bugs, including security bugs, at its discretion. These devices should no longer be used in production, and it is likely they will be disabled in the next major release. These are unmaintained devices.
PCI device IDs are in the format of vendor:device:subvendor:subdevice. If no device ID is listed, all devices associated with the corresponding driver have been deprecated. To check the PCI IDs of the hardware on your system, run the lspci -nn
command.
Device ID | Driver | Device name |
---|---|---|
bnx2 | QLogic BCM5706/5708/5709/5716 Driver | |
hpsa | Hewlett-Packard Company: Smart Array Controllers | |
0x10df:0x0724 | lpfc | Emulex Corporation: OneConnect FCoE Initiator (Skyhawk) |
0x10df:0xe200 | lpfc | Emulex Corporation: LPe15000/LPe16000 Series 8Gb/16Gb Fibre Channel Adapter |
0x10df:0xf011 | lpfc | Emulex Corporation: Saturn: LightPulse Fibre Channel Host Adapter |
0x10df:0xf015 | lpfc | Emulex Corporation: Saturn: LightPulse Fibre Channel Host Adapter |
0x10df:0xf100 | lpfc | Emulex Corporation: LPe12000 Series 8Gb Fibre Channel Adapter |
0x10df:0xfc40 | lpfc | Emulex Corporation: Saturn-X: LightPulse Fibre Channel Host Adapter |
0x10df:0xe220 | be2net | Emulex Corporation: OneConnect NIC (Lancer) |
0x1000:0x005b | megaraid_sas | Broadcom / LSI: MegaRAID SAS 2208 [Thunderbolt] |
0x1000:0x006E | mpt3sas | Broadcom / LSI: SAS2308 PCI-Express Fusion-MPT SAS-2 |
0x1000:0x0080 | mpt3sas | Broadcom / LSI: SAS2208 PCI-Express Fusion-MPT SAS-2 |
0x1000:0x0081 | mpt3sas | Broadcom / LSI: SAS2208 PCI-Express Fusion-MPT SAS-2 |
0x1000:0x0082 | mpt3sas | Broadcom / LSI: SAS2208 PCI-Express Fusion-MPT SAS-2 |
0x1000:0x0083 | mpt3sas | Broadcom / LSI: SAS2208 PCI-Express Fusion-MPT SAS-2 |
0x1000:0x0084 | mpt3sas | Broadcom / LSI: SAS2208 PCI-Express Fusion-MPT SAS-2 |
0x1000:0x0085 | mpt3sas | Broadcom / LSI: SAS2208 PCI-Express Fusion-MPT SAS-2 |
0x1000:0x0086 | mpt3sas | Broadcom / LSI: SAS2308 PCI-Express Fusion-MPT SAS-2 |
0x1000:0x0087 | mpt3sas | Broadcom / LSI: SAS2308 PCI-Express Fusion-MPT SAS-2 |
myri10ge | Myricom 10G driver (10GbE) | |
netxen_nic | QLogic/NetXen (1/10) GbE Intelligent Ethernet Driver | |
0x1077:0x2031 | qla2xxx | QLogic Corp.: ISP8324-based 16Gb Fibre Channel to PCI Express Adapter |
0x1077:0x2532 | qla2xxx | QLogic Corp.: ISP2532-based 8Gb Fibre Channel to PCI Express HBA |
0x1077:0x8031 | qla2xxx | QLogic Corp.: 8300 Series 10GbE Converged Network Adapter (FCoE) |
qla3xxx | QLogic ISP3XXX Network Driver v2.03.00-k5 | |
0x1924:0x0803 | sfc | Solarflare Communications: SFC9020 10G Ethernet Controller |
0x1924:0x0813 | sfc | Solarflare Communications: SFL9021 10GBASE-T Ethernet Controller |
Soft-RoCE (rdma_rxe) | ||
HNS-RoCE | HNS GE/10GE/25GE/50GE/100GE RDMA Network Controller | |
liquidio | Cavium LiquidIO Intelligent Server Adapter Driver | |
liquidio_vf | Cavium LiquidIO Intelligent Server Adapter Virtual Function Driver |
Device ID | Driver | Device name |
---|---|---|
e1000 | Intel® PRO/1000 Network Driver | |
mptbase | Fusion MPT SAS Host driver | |
mptsas | Fusion MPT SAS Host driver | |
mptscsih | Fusion MPT SCSI Host driver | |
mptspi | Fusion MPT SAS Host driver | |
0x1000:0x0071 [a] | megaraid_sas | Broadcom / LSI: MR SAS HBA 2004 |
0x1000:0x0073 [a] | megaraid_sas | Broadcom / LSI: MegaRAID SAS 2008 [Falcon] |
0x1000:0x0079 [a] | megaraid_sas | Broadcom / LSI: MegaRAID SAS 2108 [Liberator] |
nvmet_tcp | NVMe/TCP target driver | |
nvmet-fc | NVMe/Fabrics FC target driver | |
[a]
Disabled in RHEL 8.0, re-enabled in RHEL 8.4 due to customer requests.
|