Red Hat SummitChapter 7. Bug fixes
This part describes bugs fixed in Red Hat Enterprise Linux 9.7 that have a significant impact on users.
7.1. Installer and image creation
Installation no longer fails if a VDO logical volume is present
Before this update, installing RHEL failed when users attempted to remove a pre-existing Logical Volume Manager Virtual Data Optimizer (LVM VDO) volume on systems without the dm_vdo kernel module. With this update, installation succeeds when removing an LVM VDO volume on systems without VDO support.
Jira:RHEL-8008[1]
Installer now respects the BOOTIF boot argument
Previously, the RHEL installer ignored the BOOTIF=<MAC> boot argument and activated all the available network interfaces. With this fix, the installation program now properly processes the BOOTIF argument and ensures that only the designated network device is activated during the installation process.
Jira:RHEL-78272[1]
7.2. Security
SSH connection fail no longer displays verbose help message
Before this update, when SSH connection failed, a message with common SSH errors and a link to Red Hat help was displayed. As a consequence, the help message in the error output broke user scripts and automation. With this update, the help message displays only when SSH is run with log level debug1 or higher. As a result, the error output does not include any unexpected messages by default.
Jira:RHEL-104580[1]
OpenSC avoids memory freeing before dereferencing
Before this update, dereferencing would free members when OpenSC was reading public keys. This caused unpredictable behavior of the values stored in the memory. This update avoids freeing the memory before dereferencing. As a result, OpenSC correctly handles reading public keys.
fapolicyd no longer causes the RPM database to crash with repeated updates
Before this update, repeated updates of the RPM database when fapolicyd was in enforcing mode caused a bus error (SIGBUS), which caused the RPM database to terminate unexpectedly. With this release, fapolicyd SIGBUS protection for RPM database updates has been improved. As a result, the RPM database no longer crashes when repeatedly updating it with fapolicyd enabled.
Jira:RHEL-63090[1]
fapolicyd-cli --file add no longer fails when processing non-regular files
Before this update, the fapolicyd-cli --file add command failed to add directories containing non-regular files, such as sockets, to the trust database. With this update, the problem is resolved and fapolicyd-cli --file add no longer fails in the described scenario.
fapolicyd no longer fails to identify user accounts from a network source
Before this update, due to an incorrect security policy configuration, the fapolicyd service did not correctly identify users from a network source, which caused errors. This update fixes the security policy to allow the necessary communication. As a result, you can use fapolicyd with rules that require a network connection to identify users.
7.3. Subscription management
subscription-manager no longer retains nonessential text in the terminal
Starting with RHEL 9.1, subscription-manager displays progress information while processing any operation. Previously, for some languages, typically non-Latin, progress messages did not clean up after the operation finished. With this update, all the messages are cleaned up properly when the operation finishes.
If you have disabled the progress messages before, you can re-enable them by entering the following command:
subscription-manager config --rhsm.progress_messages=1
# subscription-manager config --rhsm.progress_messages=1Jira:RHELPLAN-137234[1]
7.4. Software management
dnf download --url correctly reports package URLs
Before this update, when you used the dnf download --url command to obtain a package URL, DNF incorrectly reported package addresses relative to the repository metadata location instead of relative to the xml:base attribute.
With this update, DNF considers the xml:base attribute when calculating package URLs. As a result, dnf download --url reports the correct package URL.
Jira:RHEL-71125[1]
7.5. Shells and command-line tools
/var/lib/tftpboot directory is created by default in Image Mode deployments
Previously, in Image Mode deployments, installing the tftp-server package did not create the /var/lib/tftpboot directory. This occurred because changes to the /var directory were not applied when additional packages were added to existing Image Mode deployments.
With this update, the /var/lib/tftpboot directory is automatically created in all Image Mode deployments.
Jira:RHEL-77491[1]
The top -u command now displays at least one process when you sort the processes by memory
Previously, when you executed the top command with the -u <user> parameter, where the user was different from the one running the command, all processes disappeared when the M key was pressed to sort the processes by memory. With this update, the top command displays at least one process when you sort the processes by memory.
To preserve the position of the cursor, not all processes are displayed. You can scroll up through the results to display the remaining processes.
7.6. Infrastructure services
The chronyc reload sources command now correctly handles hostname-specified sources
Previously, the chronyc reload sources command in chronyd incorrectly reloaded sources from the sourcedir directory specified in the chrony.conf file. This behavior caused the chronyd to duplicate sources when a hostname resolved to multiple IP addresses, resulting in an unexpected increase in the number of sources.
With this update, the chronyc reload sources command correctly handles sources specified with a hostname. As a result, reloading of sources does not change the number of used sources.
httpd works correctly if a DAV repository location is configured by using a regular expression match
Previously, when you configured a Distributed Authoring and Versioning (DAV) repository in the Apache HTTP Server by using a regular expression match, such as LocationMatch, the mod_dav httpd module was unable to determine the root of the repository from the path name. As a consequence, httpd did not handle requests from third-party providers, for example, Subversion’s mod_dav_svn module.
This update introduces a new DavBasePath directive for the httpd.conf file, which allows you can specify the repository root path explicitly. For example:
<LocationMatch "^/repos/">
DAV svn
DavBasePath /repos
SVNParentPath /var/www/svn
</LocationMatch>
<LocationMatch "^/repos/">
DAV svn
DavBasePath /repos
SVNParentPath /var/www/svn
</LocationMatch>
As a result, httpd can correctly handle requests when you configure a DAV repository location by using a regular expression match.
httpd works correctly if a DAV repository location is configured by using a regular expression match
Previously, if a Distributed Authoring and Versioning (DAV) repository was configured in the Apache HTTP Server by using a regular expression match, such as LocationMatch, the mod_dav and httpd modules were unable to determine the root of the repository from the path name. As a consequence, httpd did not handle requests from third-party providers, such as Subversion’s mod_dav_svn module.
With this update, you can specify the repository root path by using the new DavBasePath directive in the httpd.conf file. For example:
<LocationMatch "^/repos/">
DAV svn
DavBasePath /repos
SVNParentPath /var/www/svn
</LocationMatch>
<LocationMatch "^/repos/">
DAV svn
DavBasePath /repos
SVNParentPath /var/www/svn
</LocationMatch>
As a result, httpd handles requests correctly if a DAV repository location is configured by using a regular expression match.
The DBD::MySQL driver no longer fails to establish TLS-encrypted connections to MySQL 8 servers that have caching_sha2_password enabled
In previous releases, the perl-DBD-MySQL package was incorrectly linked against the libmariadb library. Consequently, Perl applications failed to establish a connection if all of the following conditions were met:
- The application connected to a MySQL 8 server.
-
The
caching_sha2_passwordoption was enabled in the MySQL server configuration. -
The connection used the
DBI→connect with mysql_ssl=1option.
In this update, the driver is linked against libmysql-client. As a result, Perl applications no longer fail to establish TLS-encrypted connections in the mentioned scenario.
7.7. Networking
The custom iproute2 settings in /etc/iproute2/ works as expected
Previously, if you updated to RHEL 9.6, the iproute2 package stored the default configuration in the /usr/share/iproute2/ directory. Additionally, if you had a custom configuration in /etc/iproute2/, the update renamed these files and appended the .rpmsave suffix. As a consequence, the custom settings were no longer applied. If you update to the RHEL 9.7 version of the iproute2 package, the installation script in the package no longer renames custom configuration files and, if it finds files with .rpmsave suffix in /etc/iproute2/, the script removes this suffix. As a result, custom settings work again as expected.
Note that the iproute2 default settings remain in /usr/share/iproute2/.
The kernel no longer panics if you reduce the number of SR-IOV VFs at runtime
In previous releases, the Linux kernel could panic if all of the following conditions applied:
- The host has Input-Output Memory Management Unit (IOMMU) enabled.
- A network driver uses a page pool.
- You reduced the number of Single Root I/O Virtualization (SR-IOV) Virtual Functions (VFs) of the network interface that uses this driver.
With this update, the kernel tracks which DMA-mapped memory pages belong to a page pool. When a page pool is destroyed, for example by removing a VF, the memory pages are DMA-unmapped. This prevents attempts to unmap the memory pages after the VF has already been removed. As a result, the kernel no longer panics if you reduce the number of SR-IOV VFs at runtime.
Jira:RHEL-76845[1]
The xtables modules are now again marked as deprecated
Before this update, the iptables, ip6tables, arptables, ebtables, and ip_set driver were erroneously marked as unmaintained. As a consequence, RHEL logged an Unmaintained driver is detected: <driver> warning. With this release, the mentioned drivers have been marked again as deprecated. As a result, the system no longer reports the warning with the incorrect support status.
The xdp-loader features command now works as expected
The xdp-loader utility was compiled against the previous version of libbpf. As a consequence, xdp-loader features failed with an error:
Cannot display features, because xdp-loader was compiled against an old version of libbpf without support for querying features.
Cannot display features, because xdp-loader was compiled against an old version of libbpf without support for querying features.
The utility is now compiled against the correct libbpf version. As a result, the command now works as expected.
Mellanox ConnectX-5 adapter works in the DMFS mode
Previously, while using the Ethernet switch device driver model (switchdev) mode, the mlx5 driver failed if configured in the device managed flow steering (DMFS) mode on the ConnectX-5 adapter. Consequently, the following error message appeared:
mlx5_core 0000:5e:00.0: mlx5_cmd_out_err:780:(pid 980895): DELETE_FLOW_TABLE_ENTRY(0x938) op_mod(0x0) failed, status bad resource(0x5), syndrome (0xabe70a), err(-22)
mlx5_core 0000:5e:00.0: mlx5_cmd_out_err:780:(pid 980895): DELETE_FLOW_TABLE_ENTRY(0x938) op_mod(0x0) failed, status bad resource(0x5), syndrome (0xabe70a), err(-22)
As a result, when you update the firmware version of the ConnectX-5 adapter to 16.35.3006 or later, the error message will not appear.
Jira:RHEL-9897[1]
VMware vCenter can now correctly remove a SATA disk from a running RHEL VM
Previously, when using the VMWare vCenter interface to remove a SATA disk from a running RHEL 9 guest on the VMware ESXi hypervisor, the disk did not get removed fully. It stopped being functional and disappeared from the guest in the vCenter interface, but the SCSI interface still detected the disk as attached in the guest. With this update, the SCSI interface correctly displays the disk as detached.
Jira:RHEL-79914[1]
7.8. Kernel
Updated the stalld scheduling policy regression to prevent performance degradation
Before this update, the Node Tuning Operator CI was broken because of a change in stalld scheduling policy., This change caused the service to revert to SCHED_OTHER instead of SCHED_FIFO after starting. Consequently, real-time workloads could experience performance degradation, and you could not merge PR. With this update, the systemd unit file sets stalld priority to 10, ensuring that stalld runs with SCHED_FIFO. This restores expected behavior and improves performance for real-time workloads.
osnoise/cpus allows setting a long comma-separated list of cpus
Before this update, you could not set a lengthy comma-separated list of cpus in osnoise/cpus because of an invalid argument error. This restriction impacted latency debugging and troubleshooting. With this release, you can input a long comma-separated list of cpus in osnoise/cpus to enhance RTLA latency debugging and troubleshooting.
Jira:RHEL-94317[1]
irqbalance service buffer overflow on aarch64 systems
Previously, the irqbalance service could crash due to a buffer overflow when running on specific aarch64 machines. As a consequence, latency-sensitive workloads might have experienced performance degradation because interrupts were not appropriately distributed across CPUs. With this update, the buffer overflow issue in the irqbalance service has been fixed.
As a result, the irqbalance service runs reliably, and interrupts are distributed as expected, improving performance for latency-sensitive workloads.
rtla timerlat does not reset osnoise stop tracing threshold during startup
Before this update, using the rtla timerlat multiple times without clearing the stop_tracing flags would leave/left RTLA in an inconsistent state. As a consequence, tracing did not stop correctly in case stop tracing was not requested via the -a, -T, or -i options. This led to inaccurate data being reported, since RTLA exited when it shouldn’t have. With this update, rtla-timerlat resets stop tracing variables, preventing early exit, and as a result, program stability is improved.
Jira:RHEL-86051[1]
rtla timerlat now handles high-frequency sampling on systems with 100+ CPUs
Before this update, rtla timerlat could not process timerlat samples with 100us period or faster on systems with more than 100 CPUs due to insufficient tracefs buffer handling. As a consequence, samples were dropped and timerlat measurements became inaccurate, affecting real-time performance analysis. With this release, timerlat samples are collected directly on measurement CPUs, eliminating buffer overflow issues. As a result, rtla timerlat provides accurate measurements on high-core-count systems, enabling reliable real-time performance analysis.
Jira:RHEL-77358[1]
7.9. File systems and storage
multipathd can monitor devices with offline paths
Before this update, when a user created a multipath device while some paths to the device were in the offline state, the multipathd daemon did not monitor the device or its paths. Consequently, if paths failed, they were never restored, even if they became available again. With this update, the multipathd daemon monitors the multipath device and its offline paths. multipathd also adds the paths to the multipath device if they become online.
VDO driver no longer crashes due to null pointer dereference
Before this update, writing a mix of new and duplicate data to a VDO device under certain timing conditions left a dangling pointer. As a consequence, this caused a null pointer dereference and system crash. With this release, the dangling pointer issue is fixed. As a result, the VDO driver continues to run and saves user data.
The RHEL installation program removes corrupted LVM thin volumes
Previously, the presence of corrupted LVM thin volumes caused storage configuration errors, blocking the installation process. With this fix, the RHEL installation program now detects and removes broken thin volumes. As a result, users do not have to intervene in the installation process manually.
System boots correctly when adding a NVMe-FC device as a mount point in /etc/fstab
Previously, due to a known issue in the nvme-cli nvmf-autoconnect systemd services, systems failed to boot while adding the Non-volatile Memory Express over Fibre Channel (NVMe-FC) devices as a mount point in the /etc/fstab file. Consequently, the system entered into an emergency mode. With this update, a system boots without any issue when mounting an NVMe-FC device.
Jira:RHEL-8171[1]
7.10. High availability and clusters
pcs commands no longer fail due to improperly capitalized target-role values
Before this update, if a resource’s target-role meta-attribute was set to a value that was not capitalized, such as stopped instead of Stopped, pcs failed to parse the cluster status. This parsing error caused pcs status query resource commands and commands for deleting resources, including pcs resource delete, to fail.
With this update, the cluster status parsing logic in pcs has been made more flexible.
As a result, pcs commands function correctly even when a resource has a target-role meta-attribute with an improperly capitalized value.
fence_ibm_powervs supports plain text token files
Before this update, the fence_ibm_powervs agent could only read authentication tokens from files that were formatted as JSON. It failed to read tokens from plain text files.
With this update, the file reading logic in the agent has been corrected.
As a result, the fence_ibm_powervs agent can use token files that are in either JSON or plain text format.
systemd resources with long start or stop times are handled correctly
Before this update, Pacemaker polled for the result of start and stop actions on systemd resources with a fixed timeout. If a resource took longer to start or stop than this timeout, Pacemaker incorrectly marked the resource as failed.
With this update, Pacemaker listens for DBus messages from systemd to be notified when a start or stop action completes.
As a result, Pacemaker correctly detects the status of long-running systemd services, and resources are no longer marked as failed due to a timeout.
Jira:RHEL-86143[1]
Pacemaker Remote nodes are no longer fenced unnecessarily when quorum is lost
Before this update, in certain cluster configurations, a Pacemaker Remote node could be fenced when its partition lost quorum, even if the resource managing that node could be safely restarted on a different, quorate node. This behavior caused unnecessary downtime for the services running on the Pacemaker Remote node.
With this update, a new cluster property, fence-remote-without-quorum, has been introduced to control this behavior.
As a result, with the default fence-remote-without-quorum=false setting, Pacemaker no longer fences a remote node if its managing resource can be recovered on a quorate node, thus improving service availability.
Jira:RHEL-84018[1]
fence_kubevirt powers off nodes instantly
Before this update, the fence_kubevirt agent performed a graceful shutdown of the node. This introduced a delay in the fencing process, as the node was not powered off immediately.
With this release, the agent has been modified to request an immediate, non-graceful shutdown.
As a result, when using the fence_kubevirt agent, nodes are instantly powered off.
fence_sbd is now more resilient to individual SBD device failures
Previously, the fence_sbd agent exited and failed its operation if one or more of its configured SBD devices failed an initial check. This prevented a fencing action from completing, even if other SBD devices were healthy.
With this update, the error handling in the agent is improved.
As a result, the fence_sbd agent logs an error for any failing SBD devices and continues the fencing operation with the remaining healthy devices. This increased the reliability of SBD fencing.
Jira:RHEL-13088[1]
7.11. Compilers and development tools
Improved support for recursive dlopen calls in audit modules in glibc
Previously, recursive dlopen calls from auditors could trigger an r_state == RT_CONSISTENT assertion failure in glibc’s dl-open.c. As a consequence, applications exited unexpectedly when auditors were active. With this update, the dynamic linker reports consistency of its internal data structures earlier during an in-progress dlopen call. As a result, recursive dlopen operations for auditors are supported in more cases.
glibc: Application crash during early TLS allocation in audit mode
Previously, in audit mode, an internal data structure related to thread-local storage (TLS) management was allocated using the main realloc function before the main malloc was initialized during process startup. As a consequence, applications crashed when realloc was called on memory that was not allocated by malloc.
With this update, the dynamic linker uses a stub or minimal implementation of malloc and realloc until the startup process is complete. The applications no longer crash during early TLS allocation.
Jira:RHEL-71922[1]
glibc: ctype.h macros caused segmentation faults in multithreaded programs with multiple libc.so
Previously, the internal state for <ctype.h> in secondary C library copies created by audit or with dlmopen failed to initialize for threads created with pthread_create. As a consequence, using <ctype.h> functionality, either directly or indirectly, in secondary threads and namespaces resulted in program crashes.
With this update, the internal state for <ctype.h> is initialized to refer to the C locale for secondary threads and namespaces. As a result, using functionality from <ctype.h> in these scenarios no longer causes crashes.
glibc audit logging provides complete object life cycle tracking
Previously, the glibc dynamic linker called la_objclose for the proxy ld.so link map in a secondary namespace without a preceding la_objopen, which resulted in incomplete object life cycle reporting for tools that rely on la_objopen to track shared objects.
Auditing tools that rely on la_objopen to establish tracking failed to monitor proxy link maps reliably, resulting in gaps in visibility and possible misinterpretation of unload events.
With this update, the glibc dynamic linker generates la_objopen for the applicable link maps, including the proxy ld.so in secondary namespaces, ensuring a consistent sequence for the auditing interface.
As a result, auditors can track proxy link maps throughout their life cycle with consistent la_objopen and la_objclose pairs, improving the reliability of audit tooling and diagnostics.
Certain programs no longer crash when running glibc in auditing mode
Before this update, the glibc dynamic linker in LD_AUDIT mode could allocate internal data structures by using the main calloc function before the linker initialized the main malloc subsystem. As a consequence, the process could terminate unexpectedly in the calloc function when the program started. This update rearranges the process startup sequence. Consequently, the calloc memory allocation occurs before the switch to the main malloc function by using the internal malloc implementation, which is used during the startup. As a result, programs no longer crash during startup in the calloc function when running if the dynamic linker uses the auditing mode.
Jira:RHEL-48820[1]
stdio flushing issues fixed in glibc
Before this update, specific stdio streams in glibc could fail during fclose when attempting to seek back to the correct position after buffered reads, returning EINVAL instead of the expected ESPIPE for non-seekable inputs. As a consequence, applications using fclose on pipes or other non-seekable descriptors might encounter unexpected errors, causing I/O cleanup to fail and leading to inconsistent file positioning behavior.
With this update, glibc synthesizes an ESPIPE error when lseek returns 0 after bytes are read, ensuring fclose ignores the non-seekable condition as intended, and supporting test infrastructure changes (for example, xdup) to validate the behavior. As a result, fclose and related stdio operations now behave consistently for non-seekable streams, reducing error conditions and improving reliability in applications that rely on buffered I/O.
Jira:RHEL-68805[1]
Applications no longer deadlock when invoking popen and fork in parallel
Before this update, when multi-threaded applications invoked popen and fork in separate threads and the fork occurred when popen held an internal lock, the child process could inherit the locked state and deadlock if it called popen again.
With this update, glibc releases the relevant lock state across fork, ensuring that subsequent popen calls proceed without blocking. As a result, popen no longer deadlocks after a multi-threaded fork call, improving process reliability and input-output behavior for supported architectures.
Jira:RHEL-59712[1]
Golist command-line parser fix in go-rpm-macros
Before this update, Golist handled certain files incorrectly due to a replacement of the command-line parser. As a consequence, some programs failed to build. With this update, the original command-line parser restored the original parser into Golist.
As a result, Golist processes all required files correctly and programs are built as expected.
7.12. Identity Management
ipa-cacert-manage install now permits duplicate CA subjects
Previously, attempting to add a CA certificate with an identical subject but a different private key using ipa-cacert-manage install failed with the message subject public key info mismatch, as IdM prohibited duplicate subjects.
This update relaxes that restriction, allowing ipa-cacert-manage install to accept duplicate CA subjects. However, the following limitations remain:
- Certificates cannot be added with different trust flags.
- The CAs must share the same nickname.
- An Authority Key Identifier (AKI) extension is mandatory for all CAs. Its absence leads to an unexpected chain of trust behavior.
Jira:RHEL-30658[1]
Newly created user password policies are displayed correctly
Before this update, the cosAttribute attribute in the Class of Service (CoS) template had the operational modifier instead of operational-default. As a consequence, when both subtree and user password policies existed, the pwdpolicysubentry attribute pointed to the subtree password policy instead of the user password policy. With this release, the CoS template uses the operational-default modifier. As a result, the user policy is displayed correctly.
This issue affected only displaying the policies, not the actual password policy logic.
Jira:RHEL-109892[1]
The RootDN Access Control plugin with wildcards for IP addresses no longer fails
Before this update, if you tried to set IP addresses with wildcards for the RootDN Access Control plugin configuration, the attempt failed with the Invalid IP address error. With this release, the validation function was updated. As a result, the attempt to set values with wildcards no longer fails.
Jira:RHEL-109889[1]
The Databases menu opens as expected in the Directory Server web console
Before this update, you could not open the Databases menu in the Directory Server web console if the database name that you created had an incorrect suffix syntax, for example, the name included dc=. With this update, Directory Server uses a rollback functionality when mapping tree creation fails during backend creation to prevent orphaned backends. As a result, the Databases menu opens as expected.
Jira:RHEL-109885[1]
Directory Server no longer fails when adding nsslapd-referral
Before this update, when you tried to configure Directory Server to use a referral, the incorrect handling of the paged search result caused the server failure.
With this update, If the search result code is LDAP_REFERRAL, the paged result search returns the correct value and the server no longer fails.
Jira:RHEL-107585[1]
The Directory Server monitoring information is available as expected when NDN cache is disabled
Before this update, when the Normalized DN (NDN) cache was disabled, the dsconf <instance_name> monitor dbmon command failed with an error because of improper handling of the backend get-tree command failures. This release adds a rollback functionality to prevent orphaned backends when the tree creation fails during a backend creation. As a result, Directory Server monitoring information is returned as expected.
Jira:RHEL-107005[1]
Directory Server correctly displays the number of child entries under a specific node
Before this update, the numSubordinates and numTombstoneSubordinates attributes were wrongly computed during import. Consequently, when you compared the number of child entries under a specific node, the wrong values were displayed.
With this update, Directory Server computes numSubordinates and numTombstoneSubordinates correctly.
Jira:RHEL-104593[1]
The Directory Server web console now shows the server version
Before this update, the web console did not display the server version in the Server Settings>General Settings. With this update, the server version is displayed correctly.
Jira:RHEL-104591[1]
Directory Server no longer fails during NDN cache operations
Before this update, the arc-swap library, which was used in the Rust dependency of 389-ds-base, could cause a failure in Directory Server during NDN cache operations. With this release, Directory Server uses an updated version of Rust dependency (concread) 0.5.7 that does not contain the arc-swap library. As a result, Directory Server no longer fails.
Jira:RHEL-95444[1]
Directory Server correctly displays membership in nested groups
Before this update, Directory Server displayed an incorrect value of the memberOf attribute in that entry under the following conditions:
- An entry was a member of groups that had multiple nested levels
- Groups were part of other different groups that had multiple paths in the membership relations.
With this update, the memberOf distinguished name (DN) value is added systematically, and the entry membership in groups is displayed correctly.
Jira:RHEL-89753[1]
389-ds-base no longer fails during the LMDB offline import
Before this update, a race condition occurred when a worker thread read an entry before another process finished writing the entry. As a result, offline import on an instance with the Lightning Memory-Mapped Database Manager (LMDB) backend caused a segmentation fault.
With this update, Directory Server ensures thread-safe access by locking the worker queue before writing entries, and the server no longer fails during the LMDB offline import.
Jira:RHEL-89745[1]
dsconf correctly returns replication monitoring information
Before this update, if a supplier was configured with a replica starting with 0, such as 010 or 020, the dsconf <instance_name> replication monitor command failed to retrieve information about time of a delay or the replication status.
With this update, non-significant zeros (0) at the beginning of replica ID are ignored while processing the replica ID within the replica update vector (RUV). As a result, dsconf <instance_name> replication monitor provides the expected information.
Jira:RHEL-89736[1]
ipa-healthcheck now ignores the replica busy condition
Before this update, in a topology with more than two suppliers, the ipa-healthcheck tool reported an error about replication agreement status when a supplier was receiving updates from another node. It is a standard replication situation and, with this release, ipa-healthcheck no longer reports an error when replicas are busy.
Directory Server starts correctly in the read-only mode
Before this update, Directory Server did not start if you configured the read-only mode. With this update, the nsslapd-readonly attribute is processed correctly, and the server starts in the read-only mode as expected.
Obsolete /var/log/tallylog log file creation removed
Before this update, an outdated configuration in the pam.conf file caused the creation of the /var/log/tallylog file. Since the system now uses pam_faillock, which replaced the obsolete pam_tally, the /var/log/tallylog file is no longer necessary.
With this update, pam.conf was updated to remove the instructions for the obsolete log file creation.
7.13. Desktop
Default GDM session definitions no longer override custom definitions
Before this update, GNOME Display Manager (GDM) sessions at /usr/ directories had higher precedence than the ones at /etc/. As a consequence, custom session definitions at /usr/ would override the ones at /etc/. With this release, sessions at /etc/ have higher precedence. As a result, the custom definitions precedence works correctly as defined in GDM Session Configuration.
7.14. Red Hat Enterprise Linux System Roles
encryption_key is no longer masked
Before this update, the encryption_key parameter was incorrectly marked as no_log. This caused the key file path to be replaced by a placeholder string, preventing disk encryption from working. With this update, the encryption_key parameter is no longer marked with the no_log flag, and you can now perform disk encryption using a key file successfully.
Jira:RHEL-104676[1]
RAID now reports clear errors for invalid or unsupported configurations
Before this update, invalid RAID levels or insufficient disks could be specified without raising clear errors. This resulted in failed or inconsistent array creation. As a consequence, the error messages were unclear, and RAID setup was less reliable. With this release, RAID parameters are validated before array creation, and a minimum disk count is enforced. As a result, clear errors are raised, and attempts to create a RAID with inadequate disks are blocked.
This fix also removes the deprecated process_device_numbers helper and uses unify_raid_level instead. In addition, failure tests for invalid RAID level and insufficient disks scenarios are also added.
Jira:RHEL-104891[1]
LVM RAID now supports encrypted and partitioned devices
Before this update, the LVM RAID code assumed that disks specified in raid_disks were the parent devices of the PVs for all LVM RAID setups. This was not applicable for encrypted or partitioned devices. As a consequence, errors occurred when encrypted LUKS layers added an extra storage layer, or when direct partitions were used without a parent device. With this release, PV resolution in LVM RAID is improved to support encrypted and partitioned devices. As a result, you can now specify the PV partition instead of the underlying disk.
This fix also adds error handling for missing or invalid RAID disk entries and introduces corresponding tests to ensure stability.
Jira:RHEL-95885[1]
Minor volume size mismatch no longer cause incorrect role reporting
Before this update, when creating or resizing volumes, the system allowed up to a 2% difference between the requested size and the actual size. This adjustment made the volume fit into the available pool free space. As a consequence, the sizes did not match when the role was run again, causing the role to incorrectly assume that something had changed. With this release, small size differences no longer cause the role to misinterpret changes. As a result the role now reports the correct state.
Jira:RHEL-82825[1]
The postfix RHEL system role auto-detects if an IPv6 interface is disabled
The default postfix configuration uses the inet_interfaces = localhost setting which tells postfix to listen on all interfaces resolving to localhost including both IPv4 and IPv6 interfaces. Before this update, a problem occurred if IPv6 was disabled on the host. In this situation, the postfix role and its command-line tools, such as postconf, returned an error. The entire role failed. With this release, the role determines if IPv6 is disabled. If so, then it sets inet_protocols = ipv4 so that postfix only uses the IPv4 interface. As a result, the postfix role works even when IPv6 is disabled.
Jira:RHEL-103889[1]
The timesync RHEL system role no longer removes the OPTIONS="-F 2" default setting from /etc/sysconfig/chronyd
Before this update, the timesync system role replaced the default OPTIONS= setting for the chronyd service with "". As a consequence, this removed the default OPTIONS="-F 2" setting which weakened the security of chronyd. With this release, -F 2 is added as the default setting for OPTIONS, and the user can override or extend this setting. As a result, the timesync role now applies the correct security settings while still allowing user customization.
Jira:RHEL-88299[1]
Improved removal of kernel options with values in rhel-system-roles
Previously, kernel boot options specified as key=value could not be removed when users provided only the key, resulting in persistent unwanted boot parameters and inconsistent management of kernel options by name. With this update, the regular expression in the mod_boot_args function was updated to match and remove kernel options with values correctly, and automated tests were added to verify correct behavior.
As a result, kernel options can now be reliably removed by name, even when set as key=value, ensuring accurate configuration and improved system management.
Jira:RHEL-101678[1]
GSSAPIIndicators added to sshd role
A new configuration option GSSAPIIndicators for setting Generic Security Services Application Programming Interface (GSS-API) was added to RHEL 10. This update adds the GSSAPIIndicators configuration option to the sshd RHEL system role. As a result, you can configure GSSAPIIndicators on RHEL 10 systems by using RHEL system roles.
Jira:RHEL-107049[1]
bootloader role rejects boolean or null type values
Before this update, the user could specify values such as value: on or value: yes expecting that these would be converted to strings "on" or "yes". But instead, YAML treats these as YAML bool type and writes them as the string "True". Consequently, users who were unaware of YAML boolean handling could not set values such as "on" or "off". With this update, the bootloader RHEL system role rejects any value of boolean or null type. As a result, users must enter such YAML boolean type values as quoted strings to write them to the bootloader configuration. The readme is updated with this information.
Jira:RHEL-107015[1]
sudo role no longer hangs when parsing Alias values
Before this update, the regex in the sudo RHEL system role was not taking into consideration that Alias values, such as Cmnd_Alias, do not have to have spaces on either side of the equal sign =. Consequently, the regex never terminated, and the role appeared to hang. With this update, the role ensures that the regex complies with the eBNF definition of the field from the sudoers file specification. As a result, the Alias values are parsed correctly with and without spaces around =.
Jira:RHEL-106733[1]
Specifying multiple users no longer causes resources to be associated with wrong user
Before this update, user data contamination occurred due to mixing facts and variables for the __podman_user and __podman_user_home_dir variable values when managing multiple users. As a consequence, user data was mixed between multiple users, causing incorrect configuration files to be used for each user. With this release, user data separation is maintained by avoiding the mixing of facts and variables for __podman_user and __podman_user_home_dir. As a result, user data is isolated for multiple users, improving resource management consistency.
Jira:RHEL-105095[1]
selinux role no longer produces error due to undefined tempdir path in Ansible check mode
Before this update, the tempdir path was not defined in Ansible check mode, and the __selinux_item.path could be undefined. Consequently, when running in check mode, the selinux RHEL system role produced an error that various variables are undefined. With this update, the role skips tasks that require the tempdir.path to be defined, and can handle cases where variables are undefined. As a result, the role works correctly in check mode.
Jira:RHEL-103575[1]
Ensures /var/lib/pcsd directory is available when needed by the ha_cluster RHEL system role
Before this update, the /var/lib/pcsd directory was created during the installation of pcs, but newer versions rely on the systemd service to create this directory when the pcsd service starts. As a result, the directory might not exist at the time the role attempts to access it, causing errors or failures in execution.
With this update, the role explicitly ensures that the /var/lib/pcsd directory exists before using it. As a result, it prevents runtime issues due to the missing directory and improving the reliability of role execution.
Jira:RHEL-101663[1]
Using the redhat.rhel_system_roles collection no longer displays a warning about an incompatible Ansible version
Before this update, the redhat.rhel_system_roles collection specified {{requires_ansible: ">=2.15.0"}} in the meta/runtime.yml file, but RHEL 9 contains ansible-core 2.14. As a consequence, if you used the collection in a playbook, Ansible displayed a Collection redhat.rhel_system_roles does not support Ansible version 2.14.x warning. This update changes the meta/runtime.yml file to use {{requires_ansible: ">=2.14.0"}}. As a result, the collection no longer displays the warning.
Jira:RHEL-94444[1]
selinux role persistently sets kernel SELinux parameters
Before this update, the selinux RHEL system role did not set the kernel SELinux parameter when changing the SELinux state to and from disabled. As a consequence, the SELinux state change was not persistent upon reboot. This update ensures that the kernel SELinux parameter is correctly set when the role changes SELinux state to and from disabled. As a result, the SELinux state change to and from disabled is persistent upon reboot.
Jira:RHEL-93296[1]
The systemd role uses file basename to construct the path to the destination
Before this update, if a user specified a file or a template source within a nested directory, the systemd RHEL system role used the whole path instead of the basename for the destination file. As a consequence, files and templates were placed in the same directory structure on the destination, which systemd does not support. With this release, the role uses basenames for destination files in nested directories. As a result, users can use nested directories with the role.
Introducing flexibility for package installation in ad_integration role
Previously, the ad_integration role always attempted to install the required packages, for example, realmd, sssd-ad, adcli, and many more that are listed in __ad_integration_packages. In environments where external systems handled package management, for example, via configuration management outside of this role, pre-baked images, or immutable systems, this step was redundant and undesirable.
With this update, users can now manage package installations through other means and only want this role to join a domain, offering them flexibility. The notable enhancements are:
-
New Variable: Introduced a new boolean variable
ad_integration_manage_packagesto control whether the role installs packages. -
Default Value: The default value is set to
trueindefaults/main.ymlto ensure backward compatibility. Existing playbooks using this role will continue to function as before without modification. -
Conditional Task: Added a
when: ad_integration_manage_packages | boolcondition to the "Ensure required packages are installed" task intasks/main.yml. The task will now only run if the flag istrue(the default). -
Documentation: Updated
README.mdto include the newad_integration_manage_packagesvariable, explaining its purpose and default value.
Jira:RHEL-88314[1]
The qdevice daemon now restarts automatically after certificate changes
Previously, after updating the TLS certificates used for communication between the quorum device daemon (qnetd) and the cluster nodes (qdevice), the qdevice daemon was not automatically restarted. The daemon would continue to use the old certificates, causing communication with the quorum device to fail.
With this update, the qdevice daemon on cluster nodes automatically restarts after its certificates are changed. This ensures that the new certificates are loaded immediately and that communication with the quorum device is maintained.
Jira:RHEL-88251[1]
The ha_cluster RHEL System Role now works with a system-wide HTTP proxy configured
Previously, when a system-wide HTTP proxy was configured, the ha_cluster RHEL System Role would incorrectly attempt to use the proxy for local communication with the pcsd daemon via a unix socket. This caused the role to fail.
With this release, the role has been modified to explicitly disable proxy usage for local pcsd communication.
As a result, the ha_cluster RHEL System Role works as expected on systems with a system-wide HTTP proxy defined.
Jira:RHEL-88241[1]
The network RHEL system role no longer shows errors due to incorrect routing rule validation
Before this update, the validation part in the network RHEL system role incorrectly checked for routing rule attributes at the top-level NM module instead of the NM.IPRoutingRule class. This caused validation failures and the role displayed errors. With this update, the role uses the API correctly and no longer shows incorrect validation errors.
Boolean option values are correctly rendered in TOML files
Previously, the boolean options were mishandled because the formatter code did not convert the boolean values to the correct string representation. With this fix, boolean values are properly converted to lowercase strings, ensuring correct rendering and handling in TOML files.
Boolean options are correctly written and handled in TOML files
Before this update, boolean options were not correctly handled because the code that formats into TOML format did not convert boolean values to the correct string representation.
With this update, we convert boolean options to string and then to lower case, which is the correct TOML boolean format. This ensures that TOML files correctly write and handle boolean options.
The podman RHEL system role does not report changed: true when managing authentication and configuration files
Before this update, the podman RHEL system role changed the parent path mode every time it ran if it managed both authentication and configuration files because it used two different modes for the common parent path for various configuration and authentication files.
With this fix, the role does not report changed: true unnecessarily because it uses a consistent mode for the parent path.
Podman role does not fail with UNREACHABLE error
Previously, the podman role did not wait enough for the user state to be in closing status when disabling linger for non-root users. The podman role then restarted systemd-logind to force it to cancel. On some systems, this started a timer that killed the session for root, causing the sshd session to terminate and the Ansible play to fail with UNREACHABLE error.
With this fix, the system now waits much longer for users to be in the closing state, and only restarts logind if absolutely necessary. As a result, the role does not fail with UNREACHABLE error when removing resources.
The network RHEL system role now uses a more robust interface identification method
Before this update, when both an interface name and a MAC address were provided for a network interface, the validation process performed two separate lookups: one using the interface name and another using the MAC address. This could lead to validation failures because a lookup by MAC address might match the interface’s current MAC address rather than its permanent hardware MAC address.
With this update, the validation logic has been improved. The network role now uses the interface name as the only identifier to look up the network device. It then retrieves the MAC address associated with that interface and compares it to the user-provided MAC address for validation. This approach is more reliable, because interface names are unique kernel identifiers, preventing mismatches caused by temporary MAC address changes.
The systemd role unmasks and starts units in a single run
Before this update, the systemd RHEL system role failed to enable and start services when units were masked because the role could not unmask the units first. As a result, users had to run the role twice. With this release, the systemd role correctly unmasks and starts services, eliminating the need for double runs.
7.15. Virtualization
Local kdump no longer fails on virtual machines with AMD SEV-SNP
Before this update, local kdump failed on RHEL 10 virtual machines (VMs) that used the AMD Secure Encrypted Virtualization (SEV) with the Secure Nested Paging (SNP) feature. As a consequence, you could not capture kernel crash dumps on VMs with AMD SEV-SNP enabled.
With this release, the underlying code has been fixed. As a result, local kdump no longer fails on VMs with AMD SEV-SNP.
Jira:RHEL-10019[1]
The --migrate-disks-detect-zeroes option no longer fails for VM migration
Before this update, when migrating virtual machines (VMs) on RHEL 10, the --migrate-disks-detect-zeroes option might not have worked, and the migration might have proceeded without zeroed block detection on the specified disk. This problem was caused by a bug in QEMU where mirroring jobs relied on punching holes, resulting in a sparse destination file.
With this release, QEMU has been fixed to preserve sparseness if the destination system reports that it reads all zeroes, and when no extra effort is made to further sparsify the image. As a result, the --migrate-disks-detect-zeroes option works as expected for VM migration.
VMs sending misaligned discard I/O requests no longer pause when discard_granularity is not configured
Before this update, the host kernel failed misaligned discard I/O requests and QEMU used the werror= policy parameter to respond to such failures. When werror was set to stop: werror=stop, a failed discard request caused the virtual machine (VM) to pause. As a consequence, it was not possible to correct this situation and resume the VM again.
With this release, QEMU has been updated to silently ignore misaligned discard I/O requests, so that guests without a correct discard_granularity value do not pause. As a result, VMs sending discard I/O requests no longer pause when discard_granularity is not configured. However, it is still preferable to configure the discard_granularity value, so that discard requests have their intended effect instead of being ignored when misaligned.
Jira:RHEL-86032[1]
virtiofsd no longer crashes when accessing shared directories with many open files
Before this update, when accessing a virtiofs shared directory with a large number of open files from a virtual machine (VM), the operation might have failed with the following error: Too many open files, and the virtiofsd process crashed.
With this release, the underlying code has been fixed. As a result, accessing a virtiofs shared directory with a large number of open files from a VM might still result in an error in the VM, but the virtiofsd process no longer crashes, keeping the virtiofs shared directory accessible in the VM.
Jira:RHEL-87161[1]
Customizing RHEL 9 guests on ESXi no longer causes networking problems
Previously, customizing a RHEL 9 guest operating system in the VMware ESXi hypervisor did not work correctly with NetworkManager key files. As a consequence, if the guest was using such a key file, it had incorrect network settings, such as the IP address or the gateway. This problem has now been fixed, and NetworkManager key files no longer cause networking issues in the described scenario.
Jira:RHELPLAN-106947[1]
The installation program shows the expected system disk to install RHEL on VM
Previously, when installing RHEL on a VM using virtio-scsi devices, it was possible that these devices did not appear in the installation program because of a device-mapper-multipath bug. Consequently, during installation, if some devices had a serial set and some did not, the multipath command was claiming all the devices that had a serial. Due to this, the installation program was unable to find the expected system disk to install RHEL in the VM.
With this update, multipath correctly sets the devices with no serial as having no World Wide Identifier (WWID) and ignores them. On installation, multipath only claims devices that multipathd uses to bind a multipath device, and the installation program shows the expected system disk to install RHEL in the VM.
Jira:RHELPLAN-66975[1]
Windows guests boot more reliably after a v2v conversion on hosts with AMD EPYC CPUs
After using the virt-v2v utility to convert a virtual machine (VM) that uses Windows 11 or a Windows Server 2022 as the guest OS, the VM previously failed to boot. This occurred on hosts that use AMD EPYC series CPUs. Now, the underlying code has been fixed and VMs boot as expected in the described circumstances.
Jira:RHELPLAN-147926[1]
nodedev-dumpxml lists attributes correctly for certain mediated devices
Before this update, the nodedev-dumpxml utility did not list attributes correctly for mediated devices that were created using the nodedev-create command. This has been fixed, and nodedev-dumpxml now displays the attributes of the affected mediated devices properly.
Jira:RHELPLAN-139536[1]
virtiofs devices can now be attached after restarting virtqemud or libvirtd
Previously, restarting the virtqemud or libvirtd services prevented virtiofs storage devices from being attached to virtual machines (VMs) on your host. This bug has been fixed, and you can now attach virtiofs devices in the described scenario as expected.
Jira:RHELPLAN-119912[1]
blob resources now work correctly for virtio-gpu on IBM Z
Previously, the virtio-gpu device was incompatible with blob memory resources on IBM Z systems. As a consequence, if you configured a virtual machine (VM) with virtio-gpu on an IBM Z host to use blob resources, the VM did not have any graphical output.
With this update, virtio devices have an optional blob attribute. Setting blob to on enables the use of blob resources in the device. This prevents the described problem in virtio-gpu devices, and can also accelerate the display path by reducing or eliminating copying of pixel data between the guest and host. Note that blob resource support requires QEMU version 6.1 or later.
Reinstalling virtio-win drivers no longer causes DNS configuration to reset on the guest
In virtual machines (VMs) that use a Windows guest operating system, reinstalling or upgrading virtio-win drivers for the network interface card (NIC) previously caused DNS settings in the guest to reset. As a consequence, your Windows guest in some cases lost network connectivity.
With this update, the described problem has been fixed. As a result, if you reinstall or upgrade from the latest version of virtio-win, the problem no longer occurs. Note, however, that upgrading from a prior version of virtio-win will not fix the problem, and DNS resets might still occur in your Windows guests.
Jira:RHEL-1860[1]
VNC viewer correctly initializes a VM display after live migration of ramfb
This update enhances the ramfb framebuffer device, which you can configure as a primary display for a virtual machine (VM). Previously, ramfb was unable to migrate, which resulted in VMs that use ramfb showing a blank screen after live migration. Now, ramfb is compatible with live migration. As a result, you see the VM desktop display when the migration completes.
7.16. RHEL in cloud environments
Nested VM with KVM virtualization and OVMF now boots successfully on Azure or Hyper-V when using an AMD EPYC processor
Previously, a nested virtual machine (VM) with Open Virtual Machine Firmware (OVMF) failed to boot when run on a RHEL VM with KVM virtualization enabled on Microsoft Azure or Hyper-V that used an AMD EPYC processor. The VM failed to boot up with following log message:
Code=qemu-kvm: ../hw/core/cpu-sysemu.c:76 Aborted (core dumped) .
Code=qemu-kvm: ../hw/core/cpu-sysemu.c:76 Aborted (core dumped) .With this update, the problem has been fixed, and the nested VM boots as expected in the described circumstances.
Jira:RHEL-29919[1]
7.17. Supportability
The coredump plugin now correctly limits the number of collected coredump files
Previously, the coredump plugin collected coredumpctl dump outputs, which could lead to unnecessary large archives. With this update, the plugin defaults to collecting the three most recent coredump files. Additionally, the plugin continues to provide summary information from coredumpctl info and includes symlinks to help map collected dumps to their respective metadata entries.
Users can further filter collected dumps using the executable option, which accepts a case-insensitive Python regular expression applied to the EXE field of coredumpctl list. You can further use the dumps option to limit the number of last coredumps.
Jira:RHEL-62972[1]
Plugin option overrides in sos report no longer disable unrelated options configured in /etc/sos/sos.conf or a preset
Previously, when executing the sos report command with a -k option specifying a particular plugin setting , the sos utility would incorrectly ignore other valid plugin options defined in /etc/sos/sos.conf or in a preset. This led to scenarios where global settings or user-defined presets, were silently disabled despite being correctly configured in the [plugin_options] section of the configuration file or in a preset.
This behavior affected customers attempting to collect full System Activity Reporter (SAR) data as outlined in Red Hat Knowledgebase Solution 1418303. When any -k option was used at runtime, the sar.all_sar setting reverted to off, resulting in incomplete data collection.
With this update, the sos tool now correctly merges options provided via the -k flag with those defined in the configuration file, ensuring that unrelated plugin options are preserved and applied as expected. This fix restores consistency and ensures comprehensive SAR data collection when configured.
Jira:RHEL-67097[1]
sos-audit package now includes required GPLv2 LICENSE file
Previously, while the sos-audit package was always part of the sos project and built from the same SRPM containing the license, the resulting sos-audit RPM package could be installed separately from the main sos RPM. This meant users installing only the sos-audit subpackage would not find the license readily available. This omission affected all versions of sos-audit up to the current release across RHEL 8 and RHEL 9.
With this update, the sos-audit package now correctly includes the GPLv2 LICENSE file.
iscsi plugin no longer collects plain-text CHAP credentials in sosreport
Previously, the iscsi plugin in sos collected sensitive CHAP authentication credentials in iscsi configuration files in plain text when generating a report that posed a security risk. With this update, the iscsi plugin has been modified to obscure sensitive fields, ensuring that CHAP usernames and passwords are redacted or excluded from the collected output.
Jira:RHEL-81187[1]
THP plugin now collects complete configuration to accurately reflect Transparent Huge Pages state
Previously, the memory plugin of sos collected only the enabled file from /sys/kernel/mm/transparent_hugepage/ to determine the state of Transparent Huge Pages (THP). However, recent kernel behavior changes have made this approach insufficient. For instance, it is possible for enabled to be set to [never] while shmem_enabled is set to [always], resulting in THP being active for shared memory segments despite appearing disabled.
With this update, the THP plugin now collects all relevant files under /sys/kernel/mm/transparent_hugepage/, providing a complete and accurate view of how and where THP is enabled.
Jira:RHEL-81634[1]
per-user SSH configuration is now disabled by default
Previously, the ssh plugin in sos collected detailed information from all local user .ssh directories by default. This resulted in significantly prolonged execution time, especially in environments with a large number of local users. With this update, the ssh plugin no longer collects per-user .ssh configuration data by default. To capture user configurations, enable it explicitly by setting ssh.userconfs=on.
sos collect command in the sos 4.10 version no longer produces xz/bz2 tar archive
Before this update, the sos collect command returned a compressed tar archive like tar.xz or tar.bz2. With this release, the sos collect now produces uncompressed tar archives instead of compressed ones, saving time and resources.
Jira:RHELDOCS-21013[1]
7.18. Containers
Event logs from podman events command are now available
Previously, an error in the journald driver prevented the preservation of network event attributes, so these events were not included in logs. With this update, podman events now displays network create and network rm events.
Parent directories can be created now for the mount targets with mode 0755
In this update, build failures were occurring due to modifications in the handling of --mount parameter permissions in quay.io/buildah/stable:v1 v1.41.3. Previously, specifying UID as an argument resulted in incorrect permissions for the secret. Consequently, users were unable to access build secrets due to incorrect permissions after the buildah update.
With this release, Buildah has updated secret permissions for Buildah v1.41.3, using secret-permissions instead of mount. As a result, Buildah now sets the expected permissions for secrets correctly when using the UID argument in the --mount parameter, resolving mount failures.
7.19. RHEL Lightspeed
Command-line assistant shows a meaningful error message when you try to delete a non-existent chat history
Before this update, users could delete a non-existent chat history without receiving an error message. This enhancement implements an error message for such cases.
Jira:RHELDOCS-21314[1]
Adding a description to an unnamed chat triggers a warning
Before this update, if you added a description to a chat without specifying a name for the chat, there was no error message displayed, nor was the chat with your custom description. With this update, the command-line assistant displays a warning in such cases.
Jira:RHELDOCS-21316[1]
c history shows complete history by default
Before this update, running the c history command without any options returned no history, confusing users. With this update, the default option for --all has been added. As a result, you can easily view all history with the single command: c history.
Jira:RHELDOCS-21317[1]
Command-line assistant no longer displays errors for invalid queries
Before this update, an incorrect data structure for terminal output in response led to unprocessable error messages for user queries. With this enhancement, the chat interface’s terminal output structure has been actively addressed, preventing the command-line assistant from displaying errors for invalid query requests, thereby enhancing your user experience.
Jira:RHELDOCS-21318[1]
Interactive shell starts correctly after a terminal restart
Before this update, the user’s .bashrc file did not include a reference to the .bashrc.d directory, preventing the source command from locating the CLA integration script. As a consequence, users could not access an interactive shell. With this update, a check has been added to ensure that the files necessary for shell integration are loaded. As a result, the interactive shell starts upon terminal restart.
Jira:RHELDOCS-21319[1]
Backend timeout works correctly in query.py
Before this update, extending the backend timeout in the query.py script did not work correctly. The script continued to generate timeout messages every 30 seconds because an internal timeout remained set at 30 seconds by default. With this enhancement, you can extend the backend timeout to any value that suits you by configuring this in the /etc/xdg/command-line-assistant/config.toml file, improving your response time.
Jira:RHELDOCS-21320[1]
cla chat displays help when run without arguments
Before this update, using cla chat without providing additional input caused user confusion, as they expected interactive AI assistance but received no response. With this update, when you use cla chat without arguments, the command-line assistant provides help and indicates additional input, improving your user experience with CLA’s interactive mode.
Jira:RHELDOCS-21322[1]
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}