RHEL 7.6 Changes

Share this link

The RHEL 7.6 release brings the following main enhancements:

  • Security & compliance
    • As part of the Network Bound Disk Encryption (NBDE), the Clevis pluggable framework for Policy-Based Decryption (PBD) now supports clients that encrypt using a Trusted Platform Module 2.0 (TPM 2.0) chip.
    • The Red Hat Certificate System provides new default cryptographic algorithms for RSA and ECC, which help maintain FIPS compliance and stay current with cryptography requirements.
    • The RHEL7 DISA STIG profile now matches STIG Version 1, Release 4.
    • The nftables and libnftl packages, previously available as a Technology Preview, are now fully supported and make it easier to manage firewalls.
    • The firewalld-cmd –check-config command now checks the validity of XML configuration files.
    • The ipset packages got numerous improvements (bug fixes, new ipset types supported, etc).
    • The RPM Package Manager (RPM) now creates a SOFTWARE_UPDATE audit event whenever a package is installed or upgraded by the root user.
    • The SELinux policy provides five new booleans:
      • keepalived_connect_any – allows the keepalived service to connect to arbitrary ports.
      • tomcat_use_execmem – allows the Tomcat server to make its stack executable.
      • tomcat_can_network_connect_db – allows Tomcat to connect to the PostgreSQL port.
      • redis_enable_notify – allows the redis-sentinel service to run notification scripts.
      • zabbix_run_sudo – allows the zabbix_agent service to run the sudo utility.
  • System
    • The integration of the Extended Berkeley Packet Filter (eBPF) as a Technical Preview provides a safer, more efficient mechanism for monitoring activity within the kernel.
    • The ps utility now displays the Login ID associated with processes when called with the -o luid option.
    • The yum versionlock plug-in now displays which packages are blocked when running the yum update command.
    • The paravirtualized sched_clock() function has been added in the Red Hat Enterprise Linux kernel to improve the performance of virtual machines when running on VMWare hypervisors. The function is enabled by default and requires the no-vmw-sched-clock option in the kernel command line to be disabled.
    • sysctl now allows tuned to set kernel parameters to default values (this was previously impossible due to a bug).
    • The new tool Podman enables users to run containers and groups of containers (pods) from a familiar command-line interface without requiring a daemon, making it easier for developers to build containers (more details here).,
    • The KDE graphical interface is announced as deprecated.
  • Clustering
    • Pacemaker now supports path, mount, and timer systemd unit files.
    • Red Hat Enterprise Linux High Availability clusters are now supported on Alibaba and Google Cloud.
  • File system
    • The CephFS kernel client is now fully supported, is a more efficient alternative to the Filesystem in Userspace (FUSE) client but lacks support for CephFS quotas.
    • XFS now supports modifying labels on mounted file systems using the xfs_io utility. The same operation on unmounted file systems is still possible through the xfs_admin command.
    • Parallel NFS (pNFS) SCSI layout is now fully supported for client and server.

Sources: Red Hat RHEL 7.6 announcement and RHEL 7.6 Release Notes.

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

Upcoming Events (Local Time)

  1. Feb
    1
    Fri

    1. 8:30 am - View Details
      CentOS: Dojo, Brussels, Belgium.

RHCSA7: Task of the day

Allowed time: 5 minutes.
Create a user account named "tony" with password “redhat” and belonging to a secondary group called “team”.

RHCE7: Task of the day

Allowed time: 10 minutes.
Configure a httpd server that executes a Perl script in the /var/www/cgi-bin directory displaying "Hello!".

Follow me on Twitter

Poll for favorite RHEL 7 book

What is your favorite RHEL 7 book to prepare RHCSA & RHCE exams?

View Results

Loading ... Loading ...

Poll for most difficult RHCSA 7 topic

What do you think is the most difficult RHCSA 7 topic?

View Results

Loading ... Loading ...

Poll for most difficult RHCE 7 topic

What do you think is the most difficult RHCE 7 topic?

View Results

Loading ... Loading ...