此内容没有您所选择的语言版本。

3. Feature Updates


3.1. All Architectures

Systemtap
Systemtap is a GPL-based infrastructure which simplifies information gathering on a running Linux system. This assists in diagnosis of performance or functional problems. With systemtap, the tedious and disruptive "instrument, recompile, install, and reboot" sequence is no longer needed to collect diagnostic data.
Systemtap is now fully supported. For more information refer to http://sources.redhat.com/systemtap.
iSNS-utils
The Internet storage name service for Linux (isns-utils) is now supported. This allows you to register iSCSI and iFCP storage devices on the network. isns-utils allows dynamic discovery of available storage targets through storage initiators.
isns-utils provides intelligent storage discovery and management services comparable to those found in fibre-channel networks. This allows an IP network to function in a similar capacity to a storage area network.
With its ability to emulate fibre-channel fabric services, isns-utils allows for seamless integration of IP and fibre-channel networks. In addition, isns-utils also provides utilities for managing both iSCSI and fibre-channel devices within the network.
For more information about isns-utils specifications, refer to http://tools.ietf.org/html/rfc4171. For usage instructions, refer to /usr/share/docs/isns-utils-[version]/README and /usr/share/docs/isns-utils-[version]/README.redhat.setup.
rsyslog
rsyslog is an enhanced multi-threaded syslogd daemon that supports the following (among others):
  • MySQL
  • syslog/tcp
  • RFC 3195
  • permitted sender lists
  • filtering on any message part
  • more granular output format control
rsyslog is compatible with the stock sysklogd, and can be used as a replacement in most cases. Its advanced features make it suitable for enterprise-class, encrypted syslog relay chains; at the same time, its user-friendly interface is designed to make setup easy for novice users.
For more information about rsyslog, refer to http://www.rsyslog.com/.
Openswan
Openswan is a free implementation of Internet Protocol Security (IPsec) and Internet Key Exchange (IKE) for Linux. IPsec uses strong cryptography to provide authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the untrusted network is encrypted by the IPsec gateway machine and decrypted by the gateway at the other end of the tunnel. The resulting tunnel is a virtual private network (VPN).
This release of Openswan supports IKEv2 (RFC 4306, 4718) and contains an IKE2 daemon that conforms to IETF RFCs. For more information about Openswan, refer to http://www.openswan.org/.
Evolution
The Evolution update for this release now features the following enhancements (among others):
  • Bogofilter compatibility for filtering junk mail.
  • An option to receive pop-up notifications for new mail.
  • Improved performance for downloading messages from a Microsoft Exchange™ server.
  • A setup assistant to guide you through both backing up and restoring data and settings.
Thunderbird
Thunderbird has been updated to version 2.0.0.12. This update applies the following features (among others):
  • Message tags, which help organize email.
  • Built-in support for Google Mail and .Mac mail.
  • Find-as-you-type, which highlights and filters message text as you type.
  • An updated extension system, which provides enhanced security and allows easier extension localization.
For more information about this update, refer to http://www.mozilla.com/en-US/thunderbird/2.0.0.0/releasenotes/.
Password Hashing Using SHA-256/SHA-512
Password hashing using the SHA-256 and SHA-512 hash functions is now supported.
To switch to SHA-256 or SHA-512 on an installed system, run authconfig --passalgo=sha256 --update or authconfig --passalgo=sha512 --update. To configure the hashing method through a GUI, use authconfig-gtk. Existing user accounts will not be affected until their passwords are changed.
For newly installed systems, using SHA-256 or SHA-512 can be configured only for kickstart installations. To do so, use the --passalgo=sha256 or --passalgo=sha512 options of the kickstart command auth; also, remove the --enablemd5 option if present.
If your installation does not use kickstart, use authconfig as described above. After installation, change all created passwords, including the root password.
Appropriate options were also added to libuser, pam, and shadow-utils to support these password hashing algorithms. authconfig configures necessary options automatically, so it is usually not necessary to modify them manually:
  • New values of the crypt_style option and new options for both hash_rounds_min and hash_rounds_max are now supported in the [defaults] section of /etc/libuser.conf. For more information, refer to man libuser.conf.
  • New options sha256, sha512, and rounds are now supported by the pam_unix PAM module. For more information, refer to /usr/share/doc/pam-[pam version]/txts/README.pam_unix.
  • The following new options in /etc/login.defs are now supported by shadow-utils:
    • ENCRYPT_METHOD — Specifies the encryption methods to be used. Valid values are DES, MD5, SHA256, and SHA512. If this option is defined, MD5_CRYPT_ENAB is ignored.
    • SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS — Specifies the number of hashing rounds to use if ENCRYPT_METHOD is set to SHA256 or SHA512. If neither option is set, a default value is chosen by glibc. If only one option is set, the encryption method specifies the number of rounds.
      If both options are used, they specify an inclusive interval from which the number of rounds is chosen randomly. The selected number of rounds is limited to the inclusive interval [1000, 999999999].
OFED in comps.xml
The group OpenFabrics Enterprise Distribution is now included in comps.xml. This group contains components used for high-performance networking and clustering (for example, InfiniBand and Remote Direct Memory Access).
Further, the Workstation group has been removed from comps.xml in the Red Hat Enterprise Linux 5.2 Client version. This group only contained the openib package, which is now part of the OpenFabrics Enterprise Distribution group.
system-config-netboot
system-config-netboot is now included in this update. This is a GUI-based tool used for enabling, configuring, and disabling network booting. It is also useful in configuring PXE-booting for network installations and diskless clients.
openmpi
In order to accommodate the use of compilers other than gcc for specific applications that use message passing interface (MPI), the following updates have been applied to the openmpi and lam packages:
  • MPI installations are now consolidated under a single installation directory. All files can now be found under /usr/lib(64)/lam and /usr/lib(64)/openmpi/[openmpi version]-[compiler name].
  • Version and compiler strings are now included in the openmpi installation path, but not the lam installation path. This enables you to install multiple versions of openmpi, or install the same version of openmpi built by different compilers.
    While this capability allows you to use a version of openmpi built by another compiler, Red Hat only supports the latest, gcc-compiled version of openmpi.
  • openmpi and lam now use mpi-selector to set which MPI implementation to use at any given time. For more information, refer to man mpi-selector and man mpi-selector-menu.
Note that when upgrading to this release's version of openmpi, you should migrate any default parameters set for lam or openmpi to /usr/lib(64)/lam/etc/ and /usr/lib(64)/openmpi/[openmpi version]-[compiler name]/etc/. All configurations for either openmpi or lam should be set in these directories.
lvm2 Snapshot Volume Warning
lvm2 will now warn if a snapshot volume is near its maximum capacity. However, this feature is not enabled by default.
To enable this feature, uncomment the following line in /etc/lvm/lvm.conf
snapshot_library = "libdevmapper-event-lvm2snapshot.so"
Ensure that the dmeventd section and its delimiters ({ }) are also uncommented.
bash
bash has been updated to version 3.2. This version fixes a number of outstanding bugs, most notably:
  • bash man page: updated to reflect the correct behavior of special built-in commands (such as eval, exec, and set. In addition, the bash man page now includes an explanation of the use of aliases in non-interactive scripts.
  • File descriptors now work as expected; in previous releases, bash did not close file descriptors with two or more digits.
  • A bug in the way bash handled certain multi-byte strings is now fixed.
Note that with this update, the output of ulimit -a has also changed from the Red Hat Enterprise Linux 5.1 version. This may cause a problems with some automated scripts. If you have any scripts that use ulimit -a output strings, you should revise them accordingly.
Red Hat logoGithubRedditYoutubeTwitter

学习

尝试、购买和销售

社区

关于红帽文档

通过我们的产品和服务,以及可以信赖的内容,帮助红帽用户创新并实现他们的目标。

让开源更具包容性

红帽致力于替换我们的代码、文档和 Web 属性中存在问题的语言。欲了解更多详情,请参阅红帽博客.

關於紅帽

我们提供强化的解决方案,使企业能够更轻松地跨平台和环境(从核心数据中心到网络边缘)工作。

© 2024 Red Hat, Inc.