RHEL 7.3 Changes

Share this link

The RHEL 7.3 release brings the following main enhancements:

  • Security
    • The SELinux userspace has been rebased and provides various enhancements and performance improvements. Notably, the new SELinux module store supports priorities, and the SELinux Common Intermediate Language (CIL) has been introduced.
    • OpenSCAP workbench now provides a new SCAP Security Guide integration dialog and enables modification of SCAP policies using a graphical tool.
    • The OpenSCAP suite now includes support for scanning containers using the atomic scan command.
    • Upgraded firewalld starts and restarts significantly faster due to a new transaction model. It also provides improved management of connections, interfaces, and sources, a new default logging option, and ipset support.
    • The audit daemon introduces a new flush technique, which significantly improves performance. Audit policy, configuration, and logging have been enhanced and now support a number of new options.
    • Media Access Control Security (MACsec) encryption over Ethernet is now supported.
  • Identity Management
    • Improved performance of both IdM servers and clients in large customer environments.
    • Enhanced topology management and replica installation.
    • Extended smart card support for Active Directory (AD) users.
    • Fine-grained configuration of One-Time Password (OTP) authentication.
    • Improved troubleshooting capabilities of IdM clients.
    • Introduction of the Red Hat Single Sign-On as a web SSO solution based on the Keycloak community project as a replacement for the Ipsilon identity provider service.
  • Core Kernel
    • Support for Checkpoint/Restore in User space (CRIU) has been expanded to the the little-endian variant of IBM Power Systems architecture.
    • Heterogeneous Memory Management (HMM) feature has been introduced as a Technology Preview.
  • Networking
    • OpenvSwitch now uses kernel lightweight tunnel support.
    • Bulking in the memory allocator subsystem is now supported.
    • NetworkManager now supports new device types, improved stacking of virtual devices, LLDP, stable privacy IPv6 addresses (RFC 7217), detects duplicate IPv4 addresses, and controls a host name through systemd-hostnamed. Additionally, the user can set a DHCP timeout property and DNS priorities.
  • Platform Hardware Enablement
    • Support for the Coherent Accelerator Processor Interface (CAPI) flash block adapter has been added.
  • Real-Time Kernel
    • A new scheduler policy, SCHED_DEADLINE has been introduced as Technology Preview. This new policy is available in the upstream kernel and shows promise for certain realtime use cases.
  • Storage and File Systems
    • Support for Non-Volatile Dual In-line Memory Module (NVDIMM) persistent memory architecture has been added, which includes the addition of the libnvdimm kernel subsystem. NVDIMM memory can be accessed either as a block storage device, which is fully supported in Red Hat Enterprise Linux 7.3, or in Direct Access (DAX) mode, which is provided by the ext4 and XFS file systems as a Technology Preview in Red Hat Enterprise Linux 7.3.
    • A new Ceph File System (CephFS) kernel module, introduced as a Technology Preview, enables Red Hat Enterprise Linux Linux nodes to mount Ceph File Systems from Red Hat Ceph Storage clusters.
    • Support for pNFS SCSI file sharing has been introduced as a Technology Preview.
    • LVM2 support for RAID-level takeover, the ability to switch between RAID types, is now available as a Technology Preview.
  • Clustering (Red Hat High Availability Add-On)
    • Ability to better configure and trigger notifications when the status of a managed cluster changes with the introduction of enhanced Pacemaker alerts.
    • Ability to configure Pacemaker to manage multi-site clusters across geo-locations for disaster recovery and scalability through the use of the Booth ticket manager. This feature is provided as a Technology Preview.
    • Ability to configure Pacemaker to manage stretch clusters using a separate Quorum Device (QDevice), which acts as a third-party arbitration device for the cluster. This functionality is provided as a Technology Preview, and its primary use is to allow a cluster to sustain more node failures than standard quorum rules allow.
  • Desktop
    • A new instant messaging client, pidgin, has been introduced, which supports Off-The-Record (OTR) messaging and the Microsoft Lync instant messaging application.
  • Internet of Things
    • Red Hat Enterprise Linux 7.3 provides latest Bluetooth support, including support for connecting to Bluetooth Low Energy (LE) devices.
    • Controller Area Network (CAN) device drivers are now supported.
    • Red Hat Enterprise Linux 7 kernel is now able to use the embedded MMC (eMMC) interface version 5.0.
  • Linux Containers
    • The System Security Services Daemon (SSSD) container is now available for Red Hat Enterprise Linux Atomic Host as Technology Preview.

The RHEL 7.3 release also introduces changes in the way certificate verification is made by Python librairies (source).

Sources: Red Hat RHEL 7.3 announcement and RHEL 7.3 Release Notes.

Finally, an article was written about the IPv6 routing scalability enhancements in RHEL7.3.

1 Star2 Stars3 Stars4 Stars5 Stars (2 votes, average: 5.00 out of 5)

RHCSA7: Task of the day

Allowed time: 10 minutes.
Set up a default configuration HTTP server with SELinux in Enforcing mode and active firewalld configuration.

RHCE7: Task of the day

Allowed time: 8 minutes.
Set up an iScsi target based on a block backstore of 100MB called lv_iscsi with basic authentication, ext4 filesystem and standard firewall configuration.

Follow me on Twitter

Poll for favorite RHEL 7 book

What is your favorite RHEL 7 book to prepare RHCSA & RHCE exams?

View Results

Loading ... Loading ...

Poll for most difficult RHCSA 7 topic

What do you think is the most difficult RHCSA 7 topic?

View Results

Loading ... Loading ...

Poll for most difficult RHCE 7 topic

What do you think is the most difficult RHCE 7 topic?

View Results

Loading ... Loading ...