Red Hat Developers have announced the launch of the new version of its distribution "Red Hat Enterprise Linux 8.2”Which was initially published last week, but the announcement was premature and the repositories to install updates were not ready yet, so the launch ended today.
Branch 8.x is being developed according to a new predictable development cycle, which implies the formation of launches every six months at a predetermined time. The new RHEL product development cycle spans multiple tiers, including Fedora, CentOS Stream (to access packages formed for the upcoming RHEL mid-range release), a Minimalist Universal Base Image (UBI, Universal Base Image) for running containerized applications isolated and RHEL Developer Subscription for free use of RHEL in the development process.
What's New in Red Hat Enterprise Linux 8.2
In the new version full support was provided for resource management using the unified hierarchy cgroups v2, which was previously in the experimental capabilities stage. Cgroups v2 can be used, for example, to limit the consumption of memory, CPU resources and I / O.
Added the ability to customize system-wide cryptographic subsystem policies, which cover the TLS, IPSec, SSH, DNSSec, and Kerberos protocols. The administrator can now define his own policy or change certain parameters of the existing ones. Two new packages, setools-gui and setools-console-analysis, were added to analyze SELinux policies and inspect data flows.
A new utility called Healthcheck has been added to identification management tools to identify problems in IdM environments (Identity Management) and also provides support for Ansible roles and modules to simplify the installation and administration of IdM.
The design of the web console has been changed, which has been changed to use the PatternFly 4 interface, similar to the OpenShift 4 interface design, A user inactivity timeout was added, after which the session with the web console was terminated, and support for authentication using a client certificate was also added.
The interface for switching virtual desktops in the GNOME Classic environment has been changed, the switch button has been moved to the lower right corner and is designed as a strip with thumbnails.
The graphics subsystem DRM (Direct Rendering Manager) is synced with Linux kernel version 5.1.
Added support for new kernel parameters Linux-related control inclusion protection against further attacks on the speculative execution mechanism CPU: mds, tsx, mitigations.
Algorithm to start dnf-automatic.timer was modified to call the automatic update installation process. Instead of using a monotonous timer, which leads to activation at an unpredictable time after charging, lThe specified unit now starts between 6 a.m. and 7 a.m. If the system is off at this time, but startup takes place within an hour after turning it on.
Modules with new Python 3.8 branches added (was 3.6) and Maven 3.6 to the AppStream repository. Updated packages with GCC 9.2.1, Clang / LLVM 9.0.1, Rust 1.41 and Go 1.13.
Updated versions of packages: powertop 2.11, opencv 3.4.6, rsyslog 8.1911.0, audit 3.0-0.14, fapolicyd 0.9.1-2, sudo 1.8.29- 3.el8, firewalld 0.8, tpm2-tools 3.2.1, mod_md (with ACMEv2 support) , grafana 6.3.6, pcp 5.0.2, elfutils 0.178, SystemTap 4.2, 389-ds-base 1.4.2.4, samba 4.11.2.
The BIND DNS server was updated to version 9.11.13 and converted to use the base to bind addresses to the GeoIP2 location in the libmaxminddb format instead of the deprecated GeoIP, which is no longer supported. Added serve-stale (stale-answer) setting, which allows you to return stale DNS records if it is not possible to get new ones.
SELinux restricted users have the ability to manage services associated with a user session.
In the rules for firewalld, you can now use controllers to monitor connections for services running on non-standard network ports.
LVM adds support for dm-writecache caching method in addition to the previously available dm-cache. Dm-cache caches the most used read and write operations, and dm-writecache caches only write operations, putting them first on fast SSD or PMEM media and then transferring them to a slow disk in the background.