Questo contenuto non è disponibile nella lingua selezionata.

Chapter 10. Deprecated functionality

This part provides an overview of functionality that has been deprecated in Red Hat Enterprise Linux 8.

Deprecated devices are fully supported, which means that they are tested and maintained, and their support status remains unchanged within Red Hat Enterprise Linux 8. However, these devices will likely not be supported in the next major version release, and are not recommended for new deployments on the current or future major versions of RHEL.

For the most recent list of deprecated functionality within a particular major release, see the latest version of release documentation. For information about the length of support, see Red Hat Enterprise Linux Life Cycle and Red Hat Enterprise Linux Application Streams Life Cycle.

A package can be deprecated and not recommended for further use. Under certain circumstances, a package can be removed from the product. Product documentation then identifies more recent packages that offer functionality similar, identical, or more advanced to the one deprecated, and provides further recommendations.

For information regarding functionality that is present in RHEL 7 but has been removed in RHEL 8, see Considerations in adopting RHEL 8.

For information regarding functionality that is present in RHEL 8 but has been removed in RHEL 9, see Considerations in adopting RHEL 9.

10.1. Installer and image creation

Several Kickstart commands and options have been deprecated

Using the following commands and options in RHEL 8 Kickstart files will print a warning in the logs:

auth or authconfig
device
deviceprobe
dmraid
install
lilo
lilocheck
mouse
multipath
bootloader --upgrade
ignoredisk --interactive
partition --active
reboot --kexec

Where only specific options are listed, the base command and its other options are still available and not deprecated.

For more details and related changes in Kickstart, see the Kickstart changes section of the Considerations in adopting RHEL 8 document.

Bugzilla:1642765^[1]

The --interactive option of the ignoredisk Kickstart command has been deprecated

Using the --interactive option in future releases of Red Hat Enterprise Linux will result in a fatal installation error. It is recommended that you modify your Kickstart file to remove the option.

Bugzilla:1637872^[1]

The Kickstart autostep command has been deprecated

The autostep command has been deprecated. The related section about this command has been removed from the RHEL 8 documentation.

Bugzilla:1904251^[1]

10.2. Security

NSS SEED ciphers are deprecated

The Mozilla Network Security Services (NSS) library will not support TLS cipher suites that use a SEED cipher in a future release. To ensure smooth transition of deployments that rely on SEED ciphers when NSS removes support, Red Hat recommends enabling support for other cipher suites.

Note that SEED ciphers are already disabled by default in RHEL.

Bugzilla:1817533

TLS 1.0 and TLS 1.1 are deprecated

The TLS 1.0 and TLS 1.1 protocols are disabled in the DEFAULT system-wide cryptographic policy level. If your scenario, for example, a video conferencing application in the Firefox web browser, requires using the deprecated protocols, switch the system-wide cryptographic policy to the LEGACY level:

# update-crypto-policies --set LEGACY

For more information, see the Strong crypto defaults in RHEL 8 and deprecation of weak crypto algorithms Knowledgebase article on the Red Hat Customer Portal and the update-crypto-policies(8) man page.

Bugzilla:1660839

DSA is deprecated in RHEL 8

The Digital Signature Algorithm (DSA) is considered deprecated in Red Hat Enterprise Linux 8. Authentication mechanisms that depend on DSA keys do not work in the default configuration. Note that OpenSSH clients do not accept DSA host keys even in the LEGACY system-wide cryptographic policy level.

Bugzilla:1646541^[1]

fapolicyd.rules is deprecated

The /etc/fapolicyd/rules.d/ directory for files containing allow and deny execution rules replaces the /etc/fapolicyd/fapolicyd.rules file. The fagenrules script now merges all component rule files in this directory to the /etc/fapolicyd/compiled.rules file. Rules in /etc/fapolicyd/fapolicyd.trust are still processed by the fapolicyd framework but only for ensuring backward compatibility.

Bugzilla:2054741

SSL2 Client Hello has been deprecated in NSS

The Transport Layer Security (TLS) protocol version 1.2 and earlier allow to start a negotiation with a Client Hello message formatted in a way that is backward compatible with the Secure Sockets Layer (SSL) protocol version 2. Support for this feature in the Network Security Services (NSS) library has been deprecated and it is disabled by default.

Applications that require support for this feature need to use the new SSL_ENABLE_V2_COMPATIBLE_HELLO API to enable it. Support for this feature may be removed completely in future releases of Red Hat Enterprise Linux 8.

Bugzilla:1645153^[1]

NTLM and Krb4 are deprecated in Cyrus SASL

The NTLM and Kerberos 4 authentication protocols have been deprecated and might be removed in a future major version of RHEL. These protocols are no longer considered secure and have already been removed from upstream implementations.

Jira:RHELDOCS-17380^[1]

Runtime disabling SELinux using /etc/selinux/config is now deprecated

Runtime disabling SELinux using the SELINUX=disabled option in the /etc/selinux/config file has been deprecated. In RHEL 9, when you disable SELinux only through /etc/selinux/config, the system starts with SELinux enabled but with no policy loaded.

If your scenario really requires to completely disable SELinux, Red Hat recommends disabling SELinux by adding the selinux=0 parameter to the kernel command line as described in the Changing SELinux modes at boot time section of the Using SELinux title.

Bugzilla:1932222

The ipa SELinux module removed from selinux-policy

The ipa SELinux module has been removed from the selinux-policy package because it is no longer maintained. The functionality is now included in the ipa-selinux subpackage.

If your scenario requires the use of types or interfaces from the ipa module in a local SELinux policy, install the ipa-selinux package.

Bugzilla:1461914^[1]

TPM 1.2 is deprecated

The Trusted Platform Module (TPM) secure cryptoprocessor standard was updated to version 2.0 in 2016. TPM 2.0 provides many improvements over TPM 1.2, and it is not backward compatible with the previous version. TPM 1.2 is deprecated in RHEL 8, and it might be removed in the next major release.

Bugzilla:1657927^[1]

crypto-policies derived properties are now deprecated

With the introduction of scopes for crypto-policies directives in custom policies, the following derived properties have been deprecated: tls_cipher, ssh_cipher, ssh_group, ike_protocol, and sha1_in_dnssec. Additionally, the use of the protocol property without specifying a scope is now deprecated as well. See the crypto-policies(7) man page for recommended replacements.

Bugzilla:2011208

10.3. Subscription management

The --token option of the subscription-manager command is deprecated

The --token=<TOKEN> option of the subscription-manager register command is an authentication method that helps register your system to Red Hat. This option depends on capabilities offered by the entitlement server. The default entitlement server, subscription.rhsm.redhat.com, is planning to turn off this capability. As a consequence, attempting to use subscription-manager register --token=<TOKEN> might fail with the following error message:

Token authentication not supported by the entitlement server

You can continue registering your system using other authorization methods, such as including paired options --username / --password and --org / --activationkey of the subscription-manager register command.

Bugzilla:2170082

10.4. Software management

rpmbuild --sign is deprecated

The rpmbuild --sign command is deprecated since RHEL 8.1. Using this command in future releases of Red Hat Enterprise Linux can result in an error. It is recommended that you use the rpmsign command instead.

Bugzilla:1688849

10.5. Shells and command-line tools

The OpenEXR component has been deprecated

The OpenEXR component has been deprecated. Hence, the support for the EXR image format has been dropped from the imagecodecs module.

Bugzilla:1886310

The dump utility from the dump package has been deprecated

The dump utility used for backup of file systems has been deprecated and will not be available in RHEL 9.

In RHEL 9, Red Hat recommends using the tar, dd, or bacula, backup utility, based on type of usage, which provides full and safe backups on ext2, ext3, and ext4 file systems.

Note that the restore utility from the dump package remains available and supported in RHEL 9 and is available as the restore package.

Bugzilla:1997366^[1]

The hidepid=n mount option is not supported in RHEL 8 systemd

The mount option hidepid=n, which controls who can access information in /proc/[pid] directories, is not compatible with systemd infrastructure provided in RHEL 8.

In addition, using this option might cause certain services started by systemd to produce SELinux AVC denial messages and prevent other operations from completing.

For more information, see the related Knowledgebase solution Is mounting /proc with "hidepid=2" recommended with RHEL7 and RHEL8?.

Bugzilla:2038929

The /usr/lib/udev/rename_device utility has been deprecated

The udev helper utility /usr/lib/udev/rename_device for renaming network interfaces has been deprecated.

Bugzilla:1875485

The ABRT tool has been deprecated

The Automatic Bug Reporting Tool (ABRT) for detecting and reporting application crashes has been deprecated in RHEL 8. As a replacement, use the systemd-coredump tool to log and store core dumps, which are automatically generated files after a program crashes.

Bugzilla:2055826^[1]

The ReaR crontab has been deprecated

The /etc/cron.d/rear crontab from the rear package has been deprecated in RHEL 8 and will not be available in RHEL 9. The crontab checks every night whether the disk layout has changed, and runs rear mkrescue command if a change happened.

If you require this functionality, after an upgrade to RHEL 9, configure periodic runs of ReaR manually.

Bugzilla:2083301

The SQLite database backend in Bacula has been deprecated

The Bacula backup system supported multiple database backends: PostgreSQL, MySQL, and SQLite. The SQLite backend has been deprecated and will become unsupported in a later release of RHEL. As a replacement, migrate to one of the other backends (PostgreSQL or MySQL) and do not use the SQLite backend in new deployments.

Jira:RHEL-6859

The raw command has been deprecated

The raw (/usr/bin/raw) command has been deprecated. Using this command in future releases of Red Hat Enterprise Linux can result in an error.

Jira:RHELPLAN-133171^[1]

10.6. Networking

The PF_KEYv2 kernel API is deprecated

Applications can configure the kernel’s IPsec implementation by using the PV_KEYv2 and the newer netlink API. PV_KEYv2 is not actively maintained upstream and misses important security features, such as modern ciphers, offload, and extended sequence number support. As a result, starting with RHEL 8.9, the PV_KEYv2 API is deprecated. If you use this kernel API in your application, migrate it to use the modern netlink API as an alternative.

Jira:RHEL-1257^[1]

Network scripts are deprecated in RHEL 8

Network scripts are deprecated in Red Hat Enterprise Linux 8 and they are no longer provided by default. The basic installation provides a new version of the ifup and ifdown scripts which call the NetworkManager service through the nmcli tool. In Red Hat Enterprise Linux 8, to run the ifup and the ifdown scripts, NetworkManager must be running.

Note that custom commands in /sbin/ifup-local, ifdown-pre-local and ifdown-local scripts are not executed.

If any of these scripts are required, the installation of the deprecated network scripts in the system is still possible with the following command:

# yum install network-scripts

The ifup and ifdown scripts link to the installed legacy network scripts.

Calling the legacy network scripts shows a warning about their deprecation.

Bugzilla:1647725^[1]

The dropwatch tool is deprecated

The dropwatch tool has been deprecated. The tool will not be supported in future releases, thus it is not recommended for new deployments. As a replacement of this package, Red Hat recommends to use the perf command line tool.

For more information on using the perf command line tool, see the Getting started with Perf section on the Red Hat customer portal or the perf man page.

Bugzilla:1929173

The xinetd service has been deprecated

The xinetd service has been deprecated and will be removed in RHEL 9. As a replacement, use systemd. For further details, see How to convert xinetd service to systemd.

Bugzilla:2009113^[1]

The cgdcbxd package is deprecated

Control group data center bridging exchange daemon (cgdcbxd) is a service to monitor data center bridging (DCB) netlink events and manage the net_prio control group subsystem. Starting with RHEL 8.5, the cgdcbxd package is deprecated and will be removed in the next major RHEL release.

Bugzilla:2006665

The WEP Wi-Fi connection method is deprecated

The insecure wired equivalent privacy (WEP) Wi-Fi connection method is deprecated in RHEL 8 and will be removed in RHEL 9.0. For secure Wi-Fi connections, use the Wi-Fi Protected Access 3 (WPA3) or WPA2 connection methods.

Bugzilla:2029338

The unsupported xt_u32 module is now deprecated

Using the unsupported xt_u32 module, users of iptables can match arbitrary 32 bits in the packet header or payload. Since RHEL 8.6, the xt_u32 module is deprecated and will be removed in RHEL 9.

If you use xt_u32, migrate to the nftables packet filtering framework. For example, first change your firewall to use iptables with native matches to incrementally replace individual rules, and later use the iptables-translate and accompanying utilities to migrate to nftables. If no native match exists in nftables, use the raw payload matching feature of nftables. For details, see the raw payload expression section in the nft(8) man page.

Bugzilla:2061288

The term slaves is deprecated in the nmstate API

Red Hat is committed to using conscious language. Therefore the slaves term is deprecated in the Nmstate API. Use the term port when you use nmstatectl.

Jira:RHELDOCS-17641

10.7. Kernel

The rdma_rxe Soft-RoCE driver is deprecated

Software Remote Direct Memory Access over Converged Ethernet (Soft-RoCE), also known as RXE, is a feature that emulates Remote Direct Memory Access (RDMA). In RHEL 8, the Soft-RoCE feature is available as an unsupported Technology Preview. However, due to stability issues, this feature has been deprecated and will be removed in RHEL 9.

Bugzilla:1878207^[1]

The Linux firewire sub-system and its associated user-space components are deprecated in RHEL 8

The firewire sub-system provides interfaces to use and maintain any resources on the IEEE 1394 bus. In RHEL 9, firewire will no longer be supported in the kernel package. Note that firewire contains several user-space components provided by the libavc1394, libdc1394, libraw1394 packages. These packages are subject to the deprecation as well.

Bugzilla:1871863^[1]

Installing RHEL for Real Time 8 using diskless boot is now deprecated

Diskless booting allows multiple systems to share a root file system through the network. While convenient, diskless boot is prone to introducing network latency in real-time workloads. With a future minor update of RHEL for Real Time 8, the diskless booting feature will no longer be supported.

Bugzilla:1748980

Kernel live patching now covers all RHEL minor releases

Since RHEL 8.1, kernel live patches have been provided for selected minor release streams of RHEL covered under the Extended Update Support (EUS) policy to remediate Critical and Important Common Vulnerabilities and Exposures (CVEs). To accommodate the maximum number of concurrently covered kernels and use cases, the support window for each live patch has been decreased from 12 to 6 months for every minor, major, and zStream version of the kernel. It means that on the day a kernel live patch is released, it will cover every minor release and scheduled errata kernel delivered in the past 6 months.

For more information about this feature, see Applying patches with kernel live patching.

For details about available kernel live patches, see Kernel Live Patch life cycles.

Bugzilla:1958250

The crash-ptdump-command package is deprecated

The crash-ptdump-command package, which is a ptdump extension module for the crash utility, is deprecated and might not be available in future RHEL releases. The ptdump command fails to retrieve the log buffer when working in the Single Range Output mode and only works in the Table of Physical Addresses (ToPA) mode. crash-ptdump-command is currently not maintained upstream

Bugzilla:1838927^[1]

10.8. Boot loader

The kernelopts environment variable has been deprecated

In RHEL 8, the kernel command-line parameters for systems using the GRUB bootloader were defined in the kernelopts environment variable. The variable was stored in the /boot/grub2/grubenv file for each kernel boot entry. However, storing the kernel command-line parameters using kernelopts was not robust. Therefore, with a future major update of RHEL, kernelopts will be removed and the kernel command-line parameters will be stored in the Boot Loader Specification (BLS) snippet instead.

Bugzilla:2060759

10.9. File systems and storage

The elevator kernel command line parameter is deprecated

The elevator kernel command line parameter was used in earlier RHEL releases to set the disk scheduler for all devices. In RHEL 8, the parameter is deprecated.

The upstream Linux kernel has removed support for the elevator parameter, but it is still available in RHEL 8 for compatibility reasons.

Note that the kernel selects a default disk scheduler based on the type of device. This is typically the optimal setting. If you require a different scheduler, Red Hat recommends that you use udev rules or the TuneD service to configure it. Match the selected devices and switch the scheduler only for those devices.

For more information, see Setting the disk scheduler.

Bugzilla:1665295^[1]

NFSv3 over UDP has been disabled

The NFS server no longer opens or listens on a User Datagram Protocol (UDP) socket by default. This change affects only NFS version 3 because version 4 requires the Transmission Control Protocol (TCP).

NFS over UDP is no longer supported in RHEL 8.

Bugzilla:1592011^[1]

peripety is deprecated

The peripety package is deprecated since RHEL 8.3.

The Peripety storage event notification daemon parses system storage logs into structured storage events. It helps you investigate storage issues.

Bugzilla:1871953

VDO write modes other than async are deprecated

VDO supports several write modes in RHEL 8:

sync
async
async-unsafe
auto

Starting with RHEL 8.4, the following write modes are deprecated:

sync: Devices above the VDO layer cannot recognize if VDO is synchronous, and consequently, the devices cannot take advantage of the VDO sync mode.
async-unsafe: VDO added this write mode as a workaround for the reduced performance of async mode, which complies to Atomicity, Consistency, Isolation, and Durability (ACID). Red Hat does not recommend async-unsafe for most use cases and is not aware of any users who rely on it.
auto: This write mode only selects one of the other write modes. It is no longer necessary when VDO supports only a single write mode.

These write modes will be removed in a future major RHEL release.

The recommended VDO write mode is now async.

For more information on VDO write modes, see Selecting a VDO write mode.

Jira:RHELPLAN-70700^[1]

VDO manager has been deprecated

The python-based VDO management software has been deprecated and will be removed from RHEL 9. In RHEL 9, it will be replaced by the LVM-VDO integration. Therefore, it is recommended to create VDO volumes using the lvcreate command.

The existing volumes created using the VDO management software can be converted using the /usr/sbin/lvm_import_vdo script, provided by the lvm2 package. For more information on the LVM-VDO implementation, see Deduplicating and compressing logical volumes on RHEL.

Bugzilla:1949163

cramfs has been deprecated

Due to lack of users, the cramfs kernel module is deprecated. squashfs is recommended as an alternative solution.

Bugzilla:1794513^[1]

10.10. High availability and clusters

pcs commands that support the clufter tool have been deprecated

The pcs commands that support the clufter tool for analyzing cluster configuration formats have been deprecated. These commands now print a warning that the command has been deprecated and sections related to these commands have been removed from the pcs help display and the pcs(8) man page.

The following commands have been deprecated:

pcs config import-cman for importing CMAN / RHEL6 HA cluster configuration
pcs config export for exporting cluster configuration to a list of pcs commands which recreate the same cluster

Bugzilla:1851335^[1]

10.11. Dynamic programming languages, web and database servers

The mod_php module provided with PHP for use with the Apache HTTP Server has been deprecated

The mod_php module provided with PHP for use with the Apache HTTP Server in RHEL 8 is available but not enabled in the default configuration. The module is no longer available in RHEL 9.

Since RHEL 8, PHP scripts are run using the FastCGI Process Manager (php-fpm) by default. For more information, see Using PHP with the Apache HTTP Server.

Bugzilla:2225332

10.12. Compilers and development tools

The gdb.i686 packages are deprecated

In RHEL 8.1, the 32-bit versions of the GNU Debugger (GDB), gdb.i686, were shipped due to a dependency problem in another package. Because RHEL 8 does not support 32-bit hardware, the gdb.i686 packages are deprecated since RHEL 8.4. The 64-bit versions of GDB, gdb.x86_64, are fully capable of debugging 32-bit applications.

If you use gdb.i686, note the following important issues:

The gdb.i686 packages will no longer be updated. Users must install gdb.x86_64 instead.
If you have gdb.i686 installed, installing gdb.x86_64 will cause yum to report package gdb-8.2-14.el8.x86_64 obsoletes gdb < 8.2-14.el8 provided by gdb-8.2-12.el8.i686. This is expected. Either uninstall gdb.i686 or pass dnf the --allowerasing option to remove gdb.i686 and install gdb.x8_64.
Users will no longer be able to install the gdb.i686 packages on 64-bit systems, that is, those with the libc.so.6()(64-bit) packages.

Bugzilla:1853140^[1]

libdwarf has been deprecated

The libdwarf library has been deprecated in RHEL 8. The library will likely not be supported in future major releases. Instead, use the elfutils and libdw libraries for applications that wish to process ELF/DWARF files.

Alternatives for the libdwarf-tools dwarfdump program are the binutils readelf program or the elfutils eu-readelf program, both used by passing the --debug-dump flag.

Bugzilla:1920624

10.13. Identity Management

openssh-ldap has been deprecated

The openssh-ldap subpackage has been deprecated in Red Hat Enterprise Linux 8 and will be removed in RHEL 9. As the openssh-ldap subpackage is not maintained upstream, Red Hat recommends using SSSD and the sss_ssh_authorizedkeys helper, which integrate better with other IdM solutions and are more secure.

By default, the SSSD ldap and ipa providers read the sshPublicKey LDAP attribute of the user object, if available. Note that you cannot use the default SSSD configuration for the ad provider or IdM trusted domains to retrieve SSH public keys from Active Directory (AD), since AD does not have a default LDAP attribute to store a public key.

To allow the sss_ssh_authorizedkeys helper to get the key from SSSD, enable the ssh responder by adding ssh to the services option in the sssd.conf file. See the sssd.conf(5) man page for details.

To allow sshd to use sss_ssh_authorizedkeys, add the AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys and AuthorizedKeysCommandUser nobody options to the /etc/ssh/sshd_config file as described by the sss_ssh_authorizedkeys(1) man page.

Bugzilla:1871025

DES and 3DES encryption types have been removed

Due to security reasons, the Data Encryption Standard (DES) algorithm has been deprecated and disabled by default since RHEL 7. With the recent rebase of Kerberos packages, single-DES (DES) and triple-DES (3DES) encryption types have been removed from RHEL 8.

If you have configured services or users to only use DES or 3DES encryption, you might experience service interruptions such as:

Kerberos authentication errors
unknown enctype encryption errors
Kerberos Distribution Centers (KDCs) with DES-encrypted Database Master Keys (K/M) fail to start

Perform the following actions to prepare for the upgrade:

Check if your KDC uses DES or 3DES encryption with the krb5check open source Python scripts. See krb5check on GitHub.
If you are using DES or 3DES encryption with any Kerberos principals, re-key them with a supported encryption type, such as Advanced Encryption Standard (AES). For instructions on re-keying, see Retiring DES from MIT Kerberos Documentation.
Test independence from DES and 3DES by temporarily setting the following Kerberos options before upgrading:
1. In /var/kerberos/krb5kdc/kdc.conf on the KDC, set supported_enctypes and do not include des or des3.
2. For every host, in /etc/krb5.conf and any files in /etc/krb5.conf.d, set allow_weak_crypto to false. It is false by default.
3. For every host, in /etc/krb5.conf and any files in /etc/krb5.conf.d, set permitted_enctypes, default_tgs_enctypes, and default_tkt_enctypes, and do not include des or des3.
If you do not experience any service interruptions with the test Kerberos settings from the previous step, remove them and upgrade. You do not need those settings after upgrading to the latest Kerberos packages.

Bugzilla:1877991

The SSSD version of libwbclient has been removed

The SSSD implementation of the libwbclient package was deprecated in RHEL 8.4. As it cannot be used with recent versions of Samba, the SSSD implementation of libwbclient has now been removed.

Bugzilla:1947671

Standalone use of the ctdb service has been deprecated

Since RHEL 8.4, customers are advised to use the ctdb clustered Samba service only when both of the following conditions apply:

The ctdb service is managed as a pacemaker resource with the resource-agent ctdb.
The ctdb service uses storage volumes that contain either a GlusterFS file system provided by the Red Hat Gluster Storage product or a GFS2 file system.

The stand-alone use case of the ctdb service has been deprecated and will not be included in a next major release of Red Hat Enterprise Linux. For further information on support policies for Samba, see the Knowledgebase article Support Policies for RHEL Resilient Storage - ctdb General Policies.

Bugzilla:1916296^[1]

Indirect AD integration with IdM via WinSync has been deprecated

WinSync is no longer actively developed in RHEL 8 due to several functional limitations:

WinSync supports only one Active Directory (AD) domain.
Password synchronization requires installing additional software on AD Domain Controllers.

For a more robust solution with better resource and security separation, Red Hat recommends using a cross-forest trust for indirect integration with Active Directory. See the Indirect integration documentation.

Jira:RHELPLAN-100400^[1]

Running Samba as a PDC or BDC is deprecated

The classic domain controller mode that enabled administrators to run Samba as an NT4-like primary domain controller (PDC) and backup domain controller (BDC) is deprecated. The code and settings to configure these modes will be removed in a future Samba release.

As long as the Samba version in RHEL 8 provides the PDC and BDC modes, Red Hat supports these modes only in existing installations with Windows versions which support NT4 domains. Red Hat recommends not setting up a new Samba NT4 domain, because Microsoft operating systems later than Windows 7 and Windows Server 2008 R2 do not support NT4 domains.

If you use the PDC to authenticate only Linux users, Red Hat suggests migrating to Red Hat Identity Management (IdM) that is included in RHEL subscriptions. However, you cannot join Windows systems to an IdM domain. Note that Red Hat continues supporting the PDC functionality IdM uses in the background.

Red Hat does not support running Samba as an AD domain controller (DC).

Bugzilla:1926114

The SMB1 protocol is deprecated in Samba

Starting with Samba 4.11, the insecure Server Message Block version 1 (SMB1) protocol is deprecated and will be removed in a future release.

To improve the security, by default, SMB1 is disabled in the Samba server and client utilities.

Jira:RHELDOCS-16612^[1]

Limited support for FreeRADIUS

In RHEL 8, the following external authentication modules are deprecated as part of the FreeRADIUS offering:

The MySQL, PostgreSQL, SQlite, and unixODBC database connectors
The Perl language module
The REST API module

Note

The PAM authentication module and other authentication modules that are provided as part of the base package are not affected.

You can find replacements for the deprecated modules in community-supported packages, for example in the Fedora project.

In addition, the scope of support for the freeradius package will be limited to the following use cases in future RHEL releases:

Using FreeRADIUS as an authentication provider with Identity Management (IdM) as the backend source of authentication. The authentication occurs through the krb5 and LDAP authentication packages or as PAM authentication in the main FreeRADIUS package.
Using FreeRADIUS to provide a source-of-truth for authentication in IdM, through the Python 3 authentication package.

In contrast to these deprecations, Red Hat will strengthen the support of the following external authentication modules with FreeRADIUS:

Authentication based on krb5 and LDAP
Python 3 authentication

The focus on these integration options is in close alignment with the strategic direction of Red Hat IdM.

Jira:RHELDOCS-17573^[1]

10.14. Desktop

The libgnome-keyring library has been deprecated

The libgnome-keyring library has been deprecated in favor of the libsecret library, as libgnome-keyring is not maintained upstream, and does not follow the necessary cryptographic policies for RHEL. The new libsecret library is the replacement that follows the necessary security standards.

Bugzilla:1607766^[1]

LibreOffice is deprecated

The LibreOffice RPM packages are now deprecated and will be removed in a future major RHEL release. LibreOffice continues to be fully supported through the entire life cycle of RHEL 7, 8, and 9.

As a replacement for the RPM packages, Red Hat recommends that you install LibreOffice from either of the following sources provided by The Document Foundation:

The official Flatpak package in the Flathub repository: https://flathub.org/apps/org.libreoffice.LibreOffice.
The official RPM packages: https://www.libreoffice.org/download/download-libreoffice/.

Jira:RHELDOCS-16300^[1]

10.15. Graphics infrastructures

AGP graphics cards are no longer supported

Graphics cards using the Accelerated Graphics Port (AGP) bus are not supported in Red Hat Enterprise Linux 8. Use the graphics cards with PCI-Express bus as the recommended replacement.

Bugzilla:1569610^[1]

Motif has been deprecated

The Motif widget toolkit has been deprecated in RHEL, because development in the upstream Motif community is inactive.

The following Motif packages have been deprecated, including their development and debugging variants:

motif
openmotif
openmotif21
openmotif22

Additionally, the motif-static package has been removed.

Red Hat recommends using the GTK toolkit as a replacement. GTK is more maintainable and provides new features compared to Motif.

Jira:RHELPLAN-98983^[1]

10.16. The web console

The web console no longer supports incomplete translations

The RHEL web console no longer provides translations for languages that have translations available for less than 50 % of the Console’s translatable strings. If the browser requests translation to such a language, the user interface will be in English instead.

Bugzilla:1666722

The remotectl command is deprecated

The remotectl command has been deprecated and will not be available in future releases of RHEL. You can use the cockpit-certificate-ensure command as a replacement. However, note that cockpit-certificate-ensure does not have feature parity with remotectl. It does not support bundled certificates and keychain files and requires them to be split out.

Jira:RHELPLAN-147538^[1]

10.17. Red Hat Enterprise Linux system roles

The geoipupdate package has been deprecated

The geoipupdate package requires a third-party subscription and it also downloads proprietary content. Therefore, the geoipupdate package has been deprecated, and will be removed in the next major RHEL version.

Bugzilla:1874892^[1]

The network system role displays a deprecation warning when configuring teams on RHEL 9 nodes

The network teaming capabilities have been deprecated in RHEL 9. As a result, using the network RHEL system role on an RHEL 8 control node to configure a network team on RHEL 9 nodes, shows a warning about the deprecation.

Bugzilla:2021685

Ansible Engine has been deprecated

Previous versions of RHEL 8 provided access to an Ansible Engine repository, with a limited scope of support, to enable supported RHEL Automation use cases, such as RHEL system roles and Insights remedations. Ansible Engine has been deprecated, and Ansible Engine 2.9 will have no support after September 29, 2023. For more details on the supported use cases, see Scope of support for the Ansible Core package included in the RHEL 9 AppStream.

Users must manually migrate their systems from Ansible Engine to Ansible Core. For that, follow the steps:

Procedure

Check if the system is running RHEL 8.7 or a later release:
```
# cat /etc/redhat-release
```
Uninstall Ansible Engine 2.9:
```
# yum remove ansible
```

Disable the ansible-2-for-rhel-8-x86_64-rpms repository:

# subscription-manager repos --disable
ansible-2-for-rhel-8-x86_64-rpms

Install the Ansible Core package from the RHEL 8 AppStream repository:
```
# yum install ansible-core
```

For more details, see: Using Ansible in RHEL 8.6 and later.

Bugzilla:2006081

10.18. Virtualization

virsh iface-* commands have become deprecated

The virsh iface-* commands, such as virsh iface-start and virsh iface-destroy, are now deprecated, and will be removed in a future major version of RHEL. In addition, these commands frequently fail due to configuration dependencies.

Therefore, it is recommended not to use virsh iface-* commands for configuring and managing host network connections. Instead, use the NetworkManager program and its related management applications, such as nmcli.

Bugzilla:1664592^[1]

virt-manager has been deprecated

The Virtual Machine Manager application, also known as virt-manager, has been deprecated. The RHEL web console, also known as Cockpit, is intended to become its replacement in a subsequent release. It is, therefore, recommended that you use the web console for managing virtualization in a GUI. Note, however, that some features available in virt-manager might not be yet available in the RHEL web console.

Jira:RHELPLAN-10304^[1]

Limited support for virtual machine snapshots

Creating snapshots of virtual machines (VMs) is currently only supported for VMs not using the UEFI firmware. In addition, during the snapshot operation, the QEMU monitor may become blocked, which negatively impacts the hypervisor performance for certain workloads.

Also note that the current mechanism of creating VM snapshots has been deprecated, and Red Hat does not recommend using VM snapshots in a production environment.

Bugzilla:1686057

The Cirrus VGA virtual GPU type has been deprecated

With a future major update of Red Hat Enterprise Linux, the Cirrus VGA GPU device will no longer be supported in KVM virtual machines. Therefore, Red Hat recommends using the stdvga or virtio-vga devices instead of Cirrus VGA.

Bugzilla:1651994^[1]

SPICE has been deprecated

The SPICE remote display protocol has become deprecated. As a result, SPICE will remain supported in RHEL 8, but Red Hat recommends using alternate solutions for remote display streaming:

For remote console access, use the VNC protocol.
For advanced remote display functions, use third party tools such as RDP, HP RGS, or Mechdyne TGX.

Note that the QXL graphics device, which is used by SPICE, has become deprecated as well.

Bugzilla:1849563^[1]

KVM on IBM POWER has been deprecated

Using KVM virtualization on IBM POWER hardware has become deprecated. As a result, KVM on IBM POWER is still supported in RHEL 8, but will become unsupported in a future major release of RHEL.

Jira:RHELPLAN-71200^[1]

SecureBoot image verification using SHA1-based signatures is deprecated

Performing SecureBoot image verification using SHA1-based signatures on UEFI (PE/COFF) executables has become deprecated. Instead, Red Hat recommends using signatures based on the SHA2 algorithm, or later.

Bugzilla:1935497^[1]

Using SPICE to attach smart card readers to virtual machines has been deprecated

The SPICE remote display protocol has been deprecated in RHEL 8. Since the only recommended way to attach smart card readers to virtual machines (VMs) depends on the SPICE protocol, the usage of smart cards in VMs has also become deprecated in RHEL 8.

In a future major version of RHEL, the functionality of attaching smart card readers to VMs will only be supported by third party remote visualization solutions.

Bugzilla:2059626

RDMA-based live migration is deprecated

With this update, migrating running virtual machines using Remote Direct Memory Access (RDMA) has become deprecated. As a result, it is still possible to use the rdma:// migration URI to request migration over RDMA, but this feature will become unsupported in a future major release of RHEL.

Jira:RHELPLAN-153267^[1]

10.19. Containers

The Podman varlink-based API v1.0 has been removed

The Podman varlink-based API v1.0 was deprecated in a previous release of RHEL 8. Podman v2.0 introduced a new Podman v2.0 RESTful API. With the release of Podman v3.0, the varlink-based API v1.0 has been completely removed.

Jira:RHELPLAN-45858^[1]

container-tools:1.0 has been deprecated

The container-tools:1.0 module has been deprecated and will no longer receive security updates. It is recommended to use a newer supported stable module stream, such as container-tools:2.0 or container-tools:3.0.

Jira:RHELPLAN-59825^[1]

The container-tools:2.0 module has been deprecated

The container-tools:2.0 module has been deprecated and will no longer receive security updates. It is recommended to use a newer supported stable module stream, such as container-tools:3.0.

Jira:RHELPLAN-85066^[1]

Flatpak images except GIMP has been deprecated

The rhel8/firefox-flatpak, rhel8/thunderbird-flatpak, rhel8/inkscape-flatpak, and rhel8/libreoffice-flatpak RHEL 8 Flatpak Applications have been deprecated and replaced by the RHEL 9 versions. The rhel8/gimp-flatpak Flatpak Application is not deprecated because there is no replacement yet in RHEL 9.

Bugzilla:2142499

The CNI network stack has been deprecated

The Container Network Interface (CNI) network stack is deprecated and will be removed from Podman in a future minor release of RHEL. Previously, containers connected to the single Container Network Interface (CNI) plugin only via DNS. Podman v.4.0 introduced a new Netavark network stack. You can use the Netavark network stack with Podman and other Open Container Initiative (OCI) container management applications. The Netavark network stack for Podman is also compatible with advanced Docker functionalities. Containers in multiple networks can access containers on any of those networks.

For more information, see Switching the network stack from CNI to Netavark.

Jira:RHELDOCS-16755^[1]

container-tools:3.0 has been deprecated

The container-tools:3.0 module has been deprecated and will no longer receive security updates. To continue to build and run Linux Containers on RHEL, use a newer, stable, and supported module stream, such as container-tools:4.0.

For instructions on switching to a later stream, see Switching to a later stream.

Jira:RHELPLAN-146398^[1]

The Inkscape and LibreOffice Flatpak images are deprecated

The rhel9/inkscape-flatpak and rhel9/libreoffice-flatpak Flatpak images, which are available as Technology Previews, have been deprecated.

Red Hat recommends the following alternatives to these images:

To replace rhel9/inkscape-flatpak, use the inkscape RPM package.
To replace rhel9/libreoffice-flatpak, see the LibreOffice deprecation release note.

Jira:RHELDOCS-17102^[1]

10.20. Deprecated packages

This section lists packages that have been deprecated and will probably not be included in a future major release of Red Hat Enterprise Linux.

For changes to packages between RHEL 7 and RHEL 8, see Changes to packages in the Considerations in adopting RHEL 8 document.

Important

The support status of deprecated packages remains unchanged within RHEL 8. For more information about the length of support, see Red Hat Enterprise Linux Life Cycle and Red Hat Enterprise Linux Application Streams Life Cycle.

The following packages have been deprecated in RHEL 8:

389-ds-base-legacy-tools
abrt
abrt-addon-ccpp
abrt-addon-kerneloops
abrt-addon-pstoreoops
abrt-addon-vmcore
abrt-addon-xorg
abrt-cli
abrt-console-notification
abrt-dbus
abrt-desktop
abrt-gui
abrt-gui-libs
abrt-libs
abrt-tui
adobe-source-sans-pro-fonts
adwaita-qt
alsa-plugins-pulseaudio
amanda
amanda-client
amanda-libs
amanda-server
ant-contrib
antlr3
antlr32
aopalliance
apache-commons-collections
apache-commons-compress
apache-commons-exec
apache-commons-jxpath
apache-commons-parent
apache-ivy
apache-parent
apache-resource-bundles
apache-sshd
apiguardian
aspnetcore-runtime-3.0
aspnetcore-runtime-3.1
aspnetcore-runtime-5.0
aspnetcore-targeting-pack-3.0
aspnetcore-targeting-pack-3.1
aspnetcore-targeting-pack-5.0
assertj-core
authd
auto
autoconf213
autogen
autogen-libopts
awscli
base64coder
batik
batik-css
batik-util
bea-stax
bea-stax-api
bind-export-devel
bind-export-libs
bind-libs-lite
bind-pkcs11
bind-pkcs11-devel
bind-pkcs11-libs
bind-pkcs11-utils
bind-sdb
bind-sdb
bind-sdb-chroot
bluez-hid2hci
boost-jam
boost-signals
bouncycastle
bpg-algeti-fonts
bpg-chveulebrivi-fonts
bpg-classic-fonts
bpg-courier-fonts
bpg-courier-s-fonts
bpg-dedaena-block-fonts
bpg-dejavu-sans-fonts
bpg-elite-fonts
bpg-excelsior-caps-fonts
bpg-excelsior-condenced-fonts
bpg-excelsior-fonts
bpg-fonts-common
bpg-glaho-fonts
bpg-gorda-fonts
bpg-ingiri-fonts
bpg-irubaqidze-fonts
bpg-mikhail-stephan-fonts
bpg-mrgvlovani-caps-fonts
bpg-mrgvlovani-fonts
bpg-nateli-caps-fonts
bpg-nateli-condenced-fonts
bpg-nateli-fonts
bpg-nino-medium-cond-fonts
bpg-nino-medium-fonts
bpg-sans-fonts
bpg-sans-medium-fonts
bpg-sans-modern-fonts
bpg-sans-regular-fonts
bpg-serif-fonts
bpg-serif-modern-fonts
bpg-ucnobi-fonts
brlapi-java
bsh
buildnumber-maven-plugin
byaccj
cal10n
cbi-plugins
cdparanoia
cdparanoia-devel
cdparanoia-libs
cdrdao
cmirror
codehaus-parent
codemodel
compat-exiv2-026
compat-guile18
compat-hwloc1
compat-libpthread-nonshared
compat-libtiff3
compat-openssl10
compat-sap-c++-11
compat-sap-c++-10
compat-sap-c++-9
createrepo_c-devel
ctags
ctags-etags
custodia
cyrus-imapd-vzic
dbus-c++
dbus-c++-devel
dbus-c++-glib
dbxtool
dhcp-libs
directory-maven-plugin
directory-maven-plugin-javadoc
dirsplit
dleyna-connector-dbus
dleyna-core
dleyna-renderer
dleyna-server
dnssec-trigger
dnssec-trigger-panel
dotnet-apphost-pack-3.0
dotnet-apphost-pack-3.1
dotnet-apphost-pack-5.0
dotnet-host-fxr-2.1
dotnet-host-fxr-2.1
dotnet-hostfxr-3.0
dotnet-hostfxr-3.1
dotnet-hostfxr-5.0
dotnet-runtime-2.1
dotnet-runtime-3.0
dotnet-runtime-3.1
dotnet-runtime-5.0
dotnet-sdk-2.1
dotnet-sdk-2.1.5xx
dotnet-sdk-3.0
dotnet-sdk-3.1
dotnet-sdk-5.0
dotnet-targeting-pack-3.0
dotnet-targeting-pack-3.1
dotnet-targeting-pack-5.0
dotnet-templates-3.0
dotnet-templates-3.1
dotnet-templates-5.0
dotnet5.0-build-reference-packages
dptfxtract
drpm
drpm-devel
dump
dvd+rw-tools
dyninst-static
eclipse-ecf
eclipse-ecf-core
eclipse-ecf-runtime
eclipse-emf
eclipse-emf-core
eclipse-emf-runtime
eclipse-emf-xsd
eclipse-equinox-osgi
eclipse-jdt
eclipse-license
eclipse-p2-discovery
eclipse-pde
eclipse-platform
eclipse-swt
ed25519-java
ee4j-parent
elfutils-devel-static
elfutils-libelf-devel-static
enca
enca-devel
environment-modules-compat
evince-browser-plugin
exec-maven-plugin
farstream02
felix-gogo-command
felix-gogo-runtime
felix-gogo-shell
felix-scr
felix-osgi-compendium
felix-osgi-core
felix-osgi-foundation
felix-parent
file-roller
fipscheck
fipscheck-devel
fipscheck-lib
firewire
fonts-tweak-tool
forge-parent
freeradius-mysql
freeradius-perl
freeradius-postgresql
freeradius-rest
freeradius-sqlite
freeradius-unixODBC
fuse-sshfs
fusesource-pom
future
gamin
gamin-devel
gavl
gcc-toolset-9
gcc-toolset-9-annobin
gcc-toolset-9-build
gcc-toolset-9-perftools
gcc-toolset-9-runtime
gcc-toolset-9-toolchain
gcc-toolset-10
gcc-toolset-10-annobin
gcc-toolset-10-binutils
gcc-toolset-10-binutils-devel
gcc-toolset-10-build
gcc-toolset-10-dwz
gcc-toolset-10-dyninst
gcc-toolset-10-dyninst-devel
gcc-toolset-10-elfutils
gcc-toolset-10-elfutils-debuginfod-client
gcc-toolset-10-elfutils-debuginfod-client-devel
gcc-toolset-10-elfutils-devel
gcc-toolset-10-elfutils-libelf
gcc-toolset-10-elfutils-libelf-devel
gcc-toolset-10-elfutils-libs
gcc-toolset-10-gcc
gcc-toolset-10-gcc-c++
gcc-toolset-10-gcc-gdb-plugin
gcc-toolset-10-gcc-gfortran
gcc-toolset-10-gdb
gcc-toolset-10-gdb-doc
gcc-toolset-10-gdb-gdbserver
gcc-toolset-10-libasan-devel
gcc-toolset-10-libatomic-devel
gcc-toolset-10-libitm-devel
gcc-toolset-10-liblsan-devel
gcc-toolset-10-libquadmath-devel
gcc-toolset-10-libstdc++-devel
gcc-toolset-10-libstdc++-docs
gcc-toolset-10-libtsan-devel
gcc-toolset-10-libubsan-devel
gcc-toolset-10-ltrace
gcc-toolset-10-make
gcc-toolset-10-make-devel
gcc-toolset-10-perftools
gcc-toolset-10-runtime
gcc-toolset-10-strace
gcc-toolset-10-systemtap
gcc-toolset-10-systemtap-client
gcc-toolset-10-systemtap-devel
gcc-toolset-10-systemtap-initscript
gcc-toolset-10-systemtap-runtime
gcc-toolset-10-systemtap-sdt-devel
gcc-toolset-10-systemtap-server
gcc-toolset-10-toolchain
gcc-toolset-10-valgrind
gcc-toolset-10-valgrind-devel
gcc-toolset-11-make-devel
GConf2
GConf2-devel
gegl
genisoimage
genwqe-tools
genwqe-vpd
genwqe-zlib
genwqe-zlib-devel
geoipupdate
geronimo-annotation
geronimo-jms
geronimo-jpa
geronimo-parent-poms
gfbgraph
gflags
gflags-devel
glassfish-annotation-api
glassfish-el
glassfish-fastinfoset
glassfish-jaxb-core
glassfish-jaxb-txw2
glassfish-jsp
glassfish-jsp-api
glassfish-legal
glassfish-master-pom
glassfish-servlet-api
glew-devel
glib2-fam
glog
glog-devel
gmock
gmock-devel
gnome-abrt
gnome-boxes
gnome-menus-devel
gnome-online-miners
gnome-shell-extension-disable-screenshield
gnome-shell-extension-horizontal-workspaces
gnome-shell-extension-no-hot-corner
gnome-shell-extension-window-grouper
gnome-themes-standard
gnu-free-fonts-common
gnu-free-mono-fonts
gnu-free-sans-fonts
gnu-free-serif-fonts
gnupg2-smime
gnuplot
gnuplot-common
gobject-introspection-devel
google-gson
google-noto-sans-syriac-eastern-fonts
google-noto-sans-syriac-estrangela-fonts
google-noto-sans-syriac-western-fonts
google-noto-sans-tibetan-fonts
google-noto-sans-ui-fonts
gphoto2
gsl-devel
gssntlmssp
gtest
gtest-devel
gtkmm24
gtkmm24-devel
gtkmm24-docs
gtksourceview3
gtksourceview3-devel
gtkspell
gtkspell-devel
gtkspell3
guile
gutenprint-gimp
gutenprint-libs-ui
gvfs-afc
gvfs-afp
gvfs-archive
hamcrest-core
hawtjni
hawtjni
hawtjni-runtime
HdrHistogram
HdrHistogram-javadoc
highlight-gui
hivex-devel
hostname
hplip-gui
httpcomponents-project
hwloc-plugins
hyphen-fo
hyphen-grc
hyphen-hsb
hyphen-ia
hyphen-is
hyphen-ku
hyphen-mi
hyphen-mn
hyphen-sa
hyphen-tk
ibus-sayura
icedax
icu4j
idm-console-framework
inkscape
inkscape-docs
inkscape-view
iptables
ipython
isl
isl-devel
isorelax
istack-commons-runtime
istack-commons-tools
iwl3945-firmware
iwl4965-firmware
iwl6000-firmware
jacoco
jaf
jaf-javadoc
jakarta-oro
janino
jansi-native
jarjar
java-1.8.0-ibm
java-1.8.0-ibm-demo
java-1.8.0-ibm-devel
java-1.8.0-ibm-headless
java-1.8.0-ibm-jdbc
java-1.8.0-ibm-plugin
java-1.8.0-ibm-src
java-1.8.0-ibm-webstart
java-1.8.0-openjdk-accessibility
java-1.8.0-openjdk-accessibility-slowdebug
java_cup
java-atk-wrapper
javacc
javacc-maven-plugin
javaewah
javaparser
javapoet
javassist
javassist-javadoc
jaxen
jboss-annotations-1.2-api
jboss-interceptors-1.2-api
jboss-logmanager
jboss-parent
jctools
jdepend
jdependency
jdom
jdom2
jetty
jetty-continuation
jetty-http
jetty-io
jetty-security
jetty-server
jetty-servlet
jetty-util
jffi
jflex
jgit
jline
jmc
jnr-netdb
jolokia-jvm-agent
js-uglify
jsch
json_simple
jss-javadoc
jtidy
junit5
jvnet-parent
jzlib
kernel-cross-headers
ksc
kurdit-unikurd-web-fonts
kyotocabinet-libs
ldapjdk-javadoc
lensfun
lensfun-devel
lftp-scripts
libaec
libaec-devel
libappindicator-gtk3
libappindicator-gtk3-devel
libatomic-static
libavc1394
libblocksruntime
libcacard
libcacard-devel
libcgroup
libcgroup-tools
libchamplain
libchamplain-devel
libchamplain-gtk
libcroco
libcroco-devel
libcxl
libcxl-devel
libdap
libdap-devel
libdazzle-devel
libdbusmenu
libdbusmenu-devel
libdbusmenu-doc
libdbusmenu-gtk3
libdbusmenu-gtk3-devel
libdc1394
libdnet
libdnet-devel
libdv
libdwarf
libdwarf-devel
libdwarf-static
libdwarf-tools
libeasyfc
libeasyfc-gobject
libepubgen-devel
libertas-sd8686-firmware
libertas-usb8388-firmware
libertas-usb8388-olpc-firmware
libgdither
libGLEW
libgovirt
libguestfs-benchmarking
libguestfs-devel
libguestfs-gfs2
libguestfs-gobject
libguestfs-gobject-devel
libguestfs-java
libguestfs-java-devel
libguestfs-javadoc
libguestfs-man-pages-ja
libguestfs-man-pages-uk
libguestfs-tools
libguestfs-tools-c
libhugetlbfs
libhugetlbfs-devel
libhugetlbfs-utils
libIDL
libIDL-devel
libidn
libiec61883
libindicator-gtk3
libindicator-gtk3-devel
libiscsi-devel
libjose-devel
libkkc
libkkc-common
libkkc-data
libldb-devel
liblogging
libluksmeta-devel
libmalaga
libmcpp
libmemcached
libmemcached-libs
libmetalink
libmodulemd1
libmongocrypt
libmtp-devel
libmusicbrainz5
libmusicbrainz5-devel
libnbd-devel
liboauth
liboauth-devel
libpfm-static
libpng12
libpurple
libpurple-devel
libraw1394
libreport-plugin-mailx
libreport-plugin-rhtsupport
libreport-plugin-ureport
libreport-rhel
libreport-rhel-bugzilla
librpmem
librpmem-debug
librpmem-devel
libsass
libsass-devel
libselinux-python
libsqlite3x
libtalloc-devel
libtar
libtdb-devel
libtevent-devel
libtpms-devel
libunwind
libusal
libvarlink
libverto-libevent
libvirt-admin
libvirt-bash-completion
libvirt-daemon-driver-storage-gluster
libvirt-daemon-driver-storage-iscsi-direct
libvirt-devel
libvirt-docs
libvirt-gconfig
libvirt-gobject
libvirt-lock-sanlock
libvirt-wireshark
libvmem
libvmem-debug
libvmem-devel
libvmmalloc
libvmmalloc-debug
libvmmalloc-devel
libvncserver
libwinpr-devel
libwmf
libwmf-devel
libwmf-lite
libXNVCtrl
libyami
log4j12
log4j12-javadoc
lohit-malayalam-fonts
lohit-nepali-fonts
lorax-composer
lua-guestfs
lucene
lucene-analysis
lucene-analyzers-smartcn
lucene-queries
lucene-queryparser
lucene-sandbox
lz4-java
lz4-java-javadoc
mailman
mailx
make-devel
malaga
malaga-suomi-voikko
marisa
maven-antrun-plugin
maven-assembly-plugin
maven-clean-plugin
maven-dependency-analyzer
maven-dependency-plugin
maven-doxia
maven-doxia-sitetools
maven-install-plugin
maven-invoker
maven-invoker-plugin
maven-parent
maven-plugins-pom
maven-reporting-api
maven-reporting-impl
maven-resolver-api
maven-resolver-connector-basic
maven-resolver-impl
maven-resolver-spi
maven-resolver-transport-wagon
maven-resolver-util
maven-scm
maven-script-interpreter
maven-shade-plugin
maven-shared
maven-verifier
maven-wagon-file
maven-wagon-http
maven-wagon-http-shared
maven-wagon-provider-api
maven2
meanwhile
mercurial
mercurial-hgk
metis
metis-devel
mingw32-bzip2
mingw32-bzip2-static
mingw32-cairo
mingw32-expat
mingw32-fontconfig
mingw32-freetype
mingw32-freetype-static
mingw32-gstreamer1
mingw32-harfbuzz
mingw32-harfbuzz-static
mingw32-icu
mingw32-libjpeg-turbo
mingw32-libjpeg-turbo-static
mingw32-libpng
mingw32-libpng-static
mingw32-libtiff
mingw32-libtiff-static
mingw32-openssl
mingw32-readline
mingw32-sqlite
mingw32-sqlite-static
mingw64-adwaita-icon-theme
mingw64-bzip2
mingw64-bzip2-static
mingw64-cairo
mingw64-expat
mingw64-fontconfig
mingw64-freetype
mingw64-freetype-static
mingw64-gstreamer1
mingw64-harfbuzz
mingw64-harfbuzz-static
mingw64-icu
mingw64-libjpeg-turbo
mingw64-libjpeg-turbo-static
mingw64-libpng
mingw64-libpng-static
mingw64-libtiff
mingw64-libtiff-static
mingw64-nettle
mingw64-openssl
mingw64-readline
mingw64-sqlite
mingw64-sqlite-static
modello
mojo-parent
mongo-c-driver
mousetweaks
mozjs52
mozjs52-devel
mozjs60
mozjs60-devel
mozvoikko
msv-javadoc
msv-manual
munge-maven-plugin
mythes-mi
mythes-ne
nafees-web-naskh-fonts
nbd
nbdkit-devel
nbdkit-example-plugins
nbdkit-gzip-plugin
nbdkit-plugin-python-common
nbdkit-plugin-vddk
ncompress
ncurses-compat-libs
net-tools
netcf
netcf-devel
netcf-libs
network-scripts
network-scripts-ppp
nkf
nodejs-devel
nodejs-packaging
nss_nis
nss-pam-ldapd
objectweb-asm
objectweb-asm-javadoc
objectweb-pom
ocaml-bisect-ppx
ocaml-camlp4
ocaml-camlp4-devel
ocaml-lwt
ocaml-mmap
ocaml-ocplib-endian
ocaml-ounit
ocaml-result
ocaml-seq
opencryptoki-tpmtok
opencv-contrib
opencv-core
opencv-devel
openhpi
openhpi-libs
OpenIPMI-perl
openssh-cavs
openssh-ldap
openssl-ibmpkcs11
opentest4j
os-maven-plugin
pakchois
pandoc
paps-libs
paranamer
parfait
parfait-examples
parfait-javadoc
pcp-parfait-agent
pcp-pmda-rpm
pcp-pmda-vmware
pcsc-lite-doc
peripety
perl-B-Debug
perl-B-Lint
perl-Class-Factory-Util
perl-Class-ISA
perl-DateTime-Format-HTTP
perl-DateTime-Format-Mail
perl-File-CheckTree
perl-homedir
perl-libxml-perl
perl-Locale-Codes
perl-Mozilla-LDAP
perl-NKF
perl-Object-HashBase-tools
perl-Package-DeprecationManager
perl-Pod-LaTeX
perl-Pod-Plainer
perl-prefork
perl-String-CRC32
perl-SUPER
perl-Sys-Virt
perl-tests
perl-YAML-Syck
phodav
php-recode
php-xmlrpc
pidgin
pidgin-devel
pidgin-sipe
pinentry-emacs
pinentry-gtk
pipewire0.2-devel
pipewire0.2-libs
platform-python-coverage
plexus-ant-factory
plexus-bsh-factory
plexus-cli
plexus-component-api
plexus-component-factories-pom
plexus-components-pom
plexus-i18n
plexus-interactivity
plexus-pom
plexus-velocity
plymouth-plugin-throbgress
pmreorder
postgresql-test-rpm-macros
powermock
prometheus-jmx-exporter
prometheus-jmx-exporter-openjdk11
ptscotch-mpich
ptscotch-mpich-devel
ptscotch-mpich-devel-parmetis
ptscotch-openmpi
ptscotch-openmpi-devel
purple-sipe
pygobject2-doc
pygtk2
pygtk2-codegen
pygtk2-devel
pygtk2-doc
python-nose-docs
python-nss-doc
python-podman-api
python-psycopg2-doc
python-pymongo-doc
python-redis
python-schedutils
python-slip
python-sqlalchemy-doc
python-varlink
python-virtualenv-doc
python2-backports
python2-backports-ssl_match_hostname
python2-bson
python2-coverage
python2-docs
python2-docs-info
python2-funcsigs
python2-ipaddress
python2-mock
python2-nose
python2-numpy-doc
python2-psycopg2-debug
python2-psycopg2-tests
python2-pymongo
python2-pymongo-gridfs
python2-pytest-mock
python2-sqlalchemy
python2-tools
python2-virtualenv
python3-bson
python3-click
python3-coverage
python3-cpio
python3-custodia
python3-docs
python3-flask
python3-gevent
python3-gobject-base
python3-hivex
python3-html5lib
python3-hypothesis
python3-ipatests
python3-itsdangerous
python3-jwt
python3-libguestfs
python3-mock
python3-networkx-core
python3-nose
python3-nss
python3-openipmi
python3-pillow
python3-ptyprocess
python3-pydbus
python3-pymongo
python3-pymongo-gridfs
python3-pyOpenSSL
python3-pytoml
python3-reportlab
python3-schedutils
python3-scons
python3-semantic_version
python3-slip
python3-slip-dbus
python3-sqlalchemy
python3-syspurpose
python3-virtualenv
python3-webencodings
python3-werkzeug
python38-asn1crypto
python38-numpy-doc
python38-psycopg2-doc
python38-psycopg2-tests
python39-numpy-doc
python39-psycopg2-doc
python39-psycopg2-tests
qemu-kvm-block-gluster
qemu-kvm-block-iscsi
qemu-kvm-block-ssh
qemu-kvm-hw-usbredir
qemu-kvm-device-display-virtio-gpu-gl
qemu-kvm-device-display-virtio-gpu-pci-gl
qemu-kvm-device-display-virtio-vga-gl
qemu-kvm-tests
qpdf
qpdf-doc
qpid-proton
qrencode
qrencode-devel
qrencode-libs
qt5-qtcanvas3d
qt5-qtcanvas3d-examples
rarian
rarian-compat
re2c
recode
redhat-lsb
redhat-lsb-core
redhat-lsb-cxx
redhat-lsb-desktop
redhat-lsb-languages
redhat-lsb-printing
redhat-lsb-submod-multimedia
redhat-lsb-submod-security
redhat-lsb-supplemental
redhat-lsb-trialuse
redhat-menus
redhat-support-lib-python
redhat-support-tool
reflections
regexp
relaxngDatatype
rhsm-gtk
rpm-plugin-prioreset
rpmemd
rsyslog-udpspoof
ruby-hivex
ruby-libguestfs
rubygem-abrt
rubygem-abrt-doc
rubygem-bson
rubygem-bson-doc
rubygem-bundler-doc
rubygem-mongo
rubygem-mongo-doc
rubygem-net-telnet
rubygem-xmlrpc
s390utils-cmsfs
samba-pidl
samba-test
samba-test-libs
samyak-devanagari-fonts
samyak-fonts-common
samyak-gujarati-fonts
samyak-malayalam-fonts
samyak-odia-fonts
samyak-tamil-fonts
sane-frontends
sanlk-reset
sat4j
scala
scotch
scotch-devel
SDL_sound
selinux-policy-minimum
sendmail
sgabios
sgabios-bin
shrinkwrap
sisu-inject
sisu-mojos
sisu-plexus
skkdic
SLOF
smc-anjalioldlipi-fonts
smc-dyuthi-fonts
smc-fonts-common
smc-kalyani-fonts
smc-raghumalayalam-fonts
smc-suruma-fonts
softhsm-devel
sonatype-oss-parent
sonatype-plugins-parent
sos-collector
sparsehash-devel
spax
spec-version-maven-plugin
spice
spice-client-win-x64
spice-client-win-x86
spice-glib
spice-glib-devel
spice-gtk
spice-gtk-tools
spice-gtk3
spice-gtk3-devel
spice-gtk3-vala
spice-parent
spice-protocol
spice-qxl-wddm-dod
spice-server
spice-server-devel
spice-qxl-xddm
spice-server
spice-streaming-agent
spice-vdagent-win-x64
spice-vdagent-win-x86
sssd-libwbclient
star
stax-ex
stax2-api
stringtemplate
stringtemplate4
subscription-manager-initial-setup-addon
subscription-manager-migration
subscription-manager-migration-data
subversion-javahl
SuperLU
SuperLU-devel
supermin-devel
swig
swig-doc
swig-gdb
swtpm-devel
swtpm-tools-pkcs11
system-storage-manager
tcl-brlapi
testng
tibetan-machine-uni-fonts
timedatex
tpm-quote-tools
tpm-tools
tpm-tools-pkcs11
treelayout
trousers
trousers-lib
tuned-profiles-compat
tuned-profiles-nfv-host-bin
tuned-utils-systemtap
tycho
uglify-js
unbound-devel
univocity-output-tester
univocity-parsers
usbguard-notifier
usbredir-devel
utf8cpp
uthash
velocity
vinagre
vino
virt-dib
virt-p2v-maker
vm-dump-metrics-devel
weld-parent
wodim
woodstox-core
wqy-microhei-fonts
wqy-unibit-fonts
xdelta
xmlgraphics-commons
xmlstreambuffer
xinetd
xorg-x11-apps
xorg-x11-drv-qxl
xorg-x11-server-Xspice
xpp3
xsane-gimp
xsom
xz-java
xz-java-javadoc
yajl-devel
yp-tools
ypbind
ypserv

10.21. Deprecated and unmaintained devices

This section lists devices (drivers, adapters) that

continue to be supported until the end of life of RHEL 8 but will likely not be supported in future major releases of this product and are not recommended for new deployments. Support for devices other than those listed remains unchanged. These are deprecated devices.
are available but are no longer being tested or updated on a routine basis in RHEL 8. Red Hat may fix serious bugs, including security bugs, at its discretion. These devices should no longer be used in production, and it is likely they will be disabled in the next major release. These are unmaintained devices.

PCI device IDs are in the format of vendor:device:subvendor:subdevice. If no device ID is listed, all devices associated with the corresponding driver have been deprecated. To check the PCI IDs of the hardware on your system, run the lspci -nn command.

Table 10.1. Deprecated devices
Device ID	Driver	Device name
	bnx2	QLogic BCM5706/5708/5709/5716 Driver
	hpsa	Hewlett-Packard Company: Smart Array Controllers
0x10df:0x0724	lpfc	Emulex Corporation: OneConnect FCoE Initiator (Skyhawk)
0x10df:0xe200	lpfc	Emulex Corporation: LPe15000/LPe16000 Series 8Gb/16Gb Fibre Channel Adapter
0x10df:0xf011	lpfc	Emulex Corporation: Saturn: LightPulse Fibre Channel Host Adapter
0x10df:0xf015	lpfc	Emulex Corporation: Saturn: LightPulse Fibre Channel Host Adapter
0x10df:0xf100	lpfc	Emulex Corporation: LPe12000 Series 8Gb Fibre Channel Adapter
0x10df:0xfc40	lpfc	Emulex Corporation: Saturn-X: LightPulse Fibre Channel Host Adapter
0x10df:0xe220	be2net	Emulex Corporation: OneConnect NIC (Lancer)
0x1000:0x005b	megaraid_sas	Broadcom / LSI: MegaRAID SAS 2208 [Thunderbolt]
0x1000:0x006E	mpt3sas	Broadcom / LSI: SAS2308 PCI-Express Fusion-MPT SAS-2
0x1000:0x0080	mpt3sas	Broadcom / LSI: SAS2208 PCI-Express Fusion-MPT SAS-2
0x1000:0x0081	mpt3sas	Broadcom / LSI: SAS2208 PCI-Express Fusion-MPT SAS-2
0x1000:0x0082	mpt3sas	Broadcom / LSI: SAS2208 PCI-Express Fusion-MPT SAS-2
0x1000:0x0083	mpt3sas	Broadcom / LSI: SAS2208 PCI-Express Fusion-MPT SAS-2
0x1000:0x0084	mpt3sas	Broadcom / LSI: SAS2208 PCI-Express Fusion-MPT SAS-2
0x1000:0x0085	mpt3sas	Broadcom / LSI: SAS2208 PCI-Express Fusion-MPT SAS-2
0x1000:0x0086	mpt3sas	Broadcom / LSI: SAS2308 PCI-Express Fusion-MPT SAS-2
0x1000:0x0087	mpt3sas	Broadcom / LSI: SAS2308 PCI-Express Fusion-MPT SAS-2
	myri10ge	Myricom 10G driver (10GbE)
	netxen_nic	QLogic/NetXen (1/10) GbE Intelligent Ethernet Driver
0x1077:0x2031	qla2xxx	QLogic Corp.: ISP8324-based 16Gb Fibre Channel to PCI Express Adapter
0x1077:0x2532	qla2xxx	QLogic Corp.: ISP2532-based 8Gb Fibre Channel to PCI Express HBA
0x1077:0x8031	qla2xxx	QLogic Corp.: 8300 Series 10GbE Converged Network Adapter (FCoE)
	qla3xxx	QLogic ISP3XXX Network Driver v2.03.00-k5
0x1924:0x0803	sfc	Solarflare Communications: SFC9020 10G Ethernet Controller
0x1924:0x0813	sfc	Solarflare Communications: SFL9021 10GBASE-T Ethernet Controller
	Soft-RoCE (rdma_rxe)
	HNS-RoCE	HNS GE/10GE/25GE/50GE/100GE RDMA Network Controller
	liquidio	Cavium LiquidIO Intelligent Server Adapter Driver
	liquidio_vf	Cavium LiquidIO Intelligent Server Adapter Virtual Function Driver

Table 10.2. Unmaintained devices
Device ID	Driver	Device name
	e1000	Intel® PRO/1000 Network Driver
	mptbase	Fusion MPT SAS Host driver
	mptsas	Fusion MPT SAS Host driver
	mptscsih	Fusion MPT SCSI Host driver
	mptspi	Fusion MPT SAS Host driver
0x1000:0x0071 ^[a]	megaraid_sas	Broadcom / LSI: MR SAS HBA 2004
0x1000:0x0073 ^[a]	megaraid_sas	Broadcom / LSI: MegaRAID SAS 2008 [Falcon]
0x1000:0x0079 ^[a]	megaraid_sas	Broadcom / LSI: MegaRAID SAS 2108 [Liberator]
	nvmet_tcp	NVMe/TCP target driver
	nvmet-fc	NVMe/Fabrics FC target driver
^[a] Disabled in RHEL 8.0, re-enabled in RHEL 8.4 due to customer requests.