Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
3 Beta
7.3 Release Notes
Legal Notice
Co pyright 20 16 Red Hat, Inc.
This do cument is licensed by Red Hat under the Creative Co mmo ns Attributio n-ShareAlike 3.0
Unpo rted License. If yo u distribute this do cument, o r a mo dified versio n o f it, yo u must pro vide
attributio n to Red Hat, Inc. and pro vide a link to the o riginal. If the do cument is mo dified, all Red
Hat trademarks must be remo ved.
Red Hat, as the licenso r o f this do cument, waives the right to enfo rce, and agrees no t to assert,
Sectio n 4 d o f CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shado wman lo go , JBo ss, OpenShift, Fedo ra, the Infinity
lo go , and RHCE are trademarks o f Red Hat, Inc., registered in the United States and o ther
co untries.
Linux is the registered trademark o f Linus To rvalds in the United States and o ther co untries.
Java is a registered trademark o f Oracle and/o r its affiliates.
XFS is a trademark o f Silico n Graphics Internatio nal Co rp. o r its subsidiaries in the United
States and/o r o ther co untries.
MySQL is a registered trademark o f MySQL AB in the United States, the Euro pean Unio n and
o ther co untries.
No de.js is an o fficial trademark o f Jo yent. Red Hat So ftware Co llectio ns is no t fo rmally
related to o r endo rsed by the o fficial Jo yent No de.js o pen so urce o r co mmercial pro ject.
The OpenStack Wo rd Mark and OpenStack lo go are either registered trademarks/service
marks o r trademarks/service marks o f the OpenStack Fo undatio n, in the United States and o ther
co untries and are used with the OpenStack Fo undatio n's permissio n. We are no t affiliated with,
endo rsed o r spo nso red by the OpenStack Fo undatio n, o r the OpenStack co mmunity.
All o ther trademarks are the pro perty o f their respective o wners.
Abstract
The Release No tes pro vide high-level co verage o f the impro vements and additio ns that have
been implemented in Red Hat Enterprise Linux 7.3 Beta and do cument kno wn pro blems in this
release, as well as no table bug fixes, Techno lo gy Previews, deprecated functio nality, and o ther
details. No te: This do cument is under develo pment, is subject to substantial change, and is
pro vided o nly as a preview. The included info rmatio n and instructio ns sho uld no t be co nsidered
co mplete, and sho uld be used with cautio n.
T able of Contents
. .reface
P
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1. 2. . . . . . . . . .
. .hapt
C
. . . .er
. .1. .. O
. .verview
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1. 3. . . . . . . . . .
S ec urity
Id entity Manag ement
C o re Kernel
N etwo rking
P latfo rm Hard ware Enab lement
R eal-Time Kernel
S to rag e and File Sys tems
D es kto p
Internet o f Thing s
L inux Co ntainers
13
13
13
13
14
14
14
14
14
14
15
15
. .hapt
C
. . . .er
. .2. .. Archit
. . . . . ect
. . . ures
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1. 6. . . . . . . . . .
. .art
P
. . .I.. New
. . . . Feat
. . . . ures
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1. 7. . . . . . . . . .
. .hapt
C
. . . .er
. .3.
. .G. eneral
. . . . . . Updat
. . . . . .es
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1. 8. . . . . . . . . .
New variab le fo r d is ab ling c o lo red o utp ut fo r s ys temd
18
s ys temd units c an no w b e enab led us ing alias es
18
New s ys temd o p tio n: Rand o miz ed DelaySec
18
. .hapt
C
. . . .er
. .4. .. Aut
. . . hent
. . . . icat
. . . .ion
. . . and
. . . .Int
. . eroperabilit
. . . . . . . . . . .y. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1. 9. . . . . . . . . .
Server p erfo rmanc e has imp ro ved in many areas
19
Enhanc ed Id M to p o lo g y manag ement
19
Simp lified rep lic a ins tallatio n
19
Id M no w s up p o rts s mart c ard authentic atio n fo r AD us ers
20
Id M no w s up p o rts TG S autho riz atio n d ec is io ns
20
s s s d no w p ro vid es o p tio nal two -fac to r authentic atio n
20
New SSSD c o ntro l and s tatus utility
21
SSSD c o nfig uratio n file valid atio n
21
New s s s _c ac he o p tio n to mark s ud o rules as exp ired
21
New p ac kag es : c us to d ia, p ytho n-jwc ryp to
New p ac kag e: p ytho n-g s s ap i
New p ac kag e: p ytho n-netifac es
New p ac kag e: mo d _auth_o p enid c
Id M no w s up p o rts DNS lo c atio ns
Id M no w s up p o rts es tab lis hing an external trus t to an AD d o main
Id M no w s up p o rts lo g g ing in with alternative UPNs
Id M no w s up p o rts s ub -CAs
SSSD no w s up p o rts auto matic Kerb ero s ho s t keytab renewal
Id M s up p o rts us er p rinc ip al alias es
SSSD c ac he up d ate p erfo rmanc e imp ro vement
SSSD no w s up p o rts s ud o rules s to red in the Id M s c hema
SSSD no w auto matic ally ad jus ts the ID rang es fo r AD c lients in enviro nments with hig h RID
numb ers
New s s s c tl o p tio n remo ve-c ac he
Pas s wo rd c hang es o n leg ac y Id M c lients
Red Hat Ac c es s p lug -in fo r Id M is d is c o ntinued
Intro d uc ing Red Hat Sing le Sig n-O n as a rep lac ement fo r the Ip s ilo n id entity p ro vid er
21
21
21
22
22
22
22
22
23
23
23
23
24
24
24
24
24
7 .3 Release Not es
SSSD no w read s o p tio nal * .c o nf files fro m /etc /s s s d /c o nf.d /
25
25
25
26
. .hapt
C
. . . .er
. .5.
. .Clust
. . . . .ering
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2. 7. . . . . . . . . .
A Pac emaker c lus ter res o urc e that is us ed to c reate a g ues t no d e may no w b e a memb er o f a
res o urc e g ro up
27
Sup p o rt fo r q uo rum d evic es in a Pac emaker c lus ter
27
. .hapt
C
. . . .er
. .6. .. Compiler
. . . . . . . . and
. . . . T. ools
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2. 8. . . . . . . . . .
i p utils reb as ed to vers io n 20 16 0 30 8
28
Lo g g ing c ap ab ilities o f the tftp s erver have b een enhanc ed
28
New o p tio n fo r arp watc h: -p
28
The c hrt utility no w has new o p tio ns
28
New c o mmand -line utility: ls ip c
28
Searc hing us ing lib mo unt and find mnt is no w mo re reliab le
28
New --family o p tio n fo r the alternatives utility
28
s o s reb as ed to vers io n 3.3
29
e thto o l reb as ed to vers io n 4.5
29
e lfutils reb as ed to vers io n 0 .16 6
p c p reb as ed to vers io n 3.11.3
s ys temtap reb as ed to vers io n 3.0
29
30
31
31
32
32
32
32
32
32
33
33
33
33
34
34
34
34
33
. .hapt
C
. . . .er
. .7. .. Deskt
. . . . . op
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
...........
New p ac kag es : p id g in
Sc ro ll wheel inc rement c o nfig urab le in G NO ME terminal
35
35
35
35
Sep arate menu items fo r o p ening tab s and wind o ws res to red
Native G no me/G TK+ lo o k fo r Q t ap p lic atio ns
35
35
35
36
36
36
. .hapt
C
. . . .er
. .8. .. Direct
. . . . . ory
. . . .Server
. . . . . .in
. .Red
. . . .Hat
. . . .Ent
. . .erprise
. . . . . . Linux
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
...........
A b o ut Direc to ry Server fo r Red Hat Enterp ris e Linux
38
38
38
38
39
39
. .hapt
C
. . . .er
. .9. .. File
. . . .Syst
. . . .ems
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4. 0. . . . . . . . . .
XFS runtime s tatis tic s are availab le p er file s ys tem in the /s ys /fs / d irec to ry
40
A p ro g res s ind ic ato r has b een ad d ed to mkfs .g fs 2
fs c k.g fs 2 has b een enhanc ed to req uire c o ns id erab ly les s memo ry o n larg e file s ys tems
40
40
40
40
41
. .hapt
C
. . . .er
. .1. 0. .. Hardware
. . . . . . . . .Enablement
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4. 2. . . . . . . . . .
Sup p o rt ad d ed fo r the CAPI flas h b lo c k ad ap ter
MMC kernel reb as ed to vers io n 4.5
Intel DIMM manag ement API
42
42
42
42
42
42
. .hapt
C
. . . .er
. .1. 1. .. Inst
. . . .allat
. . . .ion
. . .and
. . . .Boot
. . . . ing
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4. 3. . . . . . . . . .
Imp ro ved lo g g ing when netwo rk traffic is b lo c ked d uring ins tallatio n
Sup p o rt fo r Memo ry Ad d res s Rang e Mirro ring
43
43
43
43
. .hapt
C
. . . .er
. .1. 2. .. Kernel
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4. 4. . . . . . . . . .
c riu reb as ed to vers io n 2.3 and fully s up p o rted fo r c ertain ap p lic atio ns
The CAN p ro to c o l has b een enab led in the kernel
44
44
44
44
44
45
45
45
45
45
46
46
46
46
46
46
46
46
47
47
47
. .hapt
C
. . . .er
. .1. 3.
. . Real. . . . .T. ime
. . . .Kernel
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4. 8. . . . . . . . . .
A b o ut Red Hat Enterp ris e Linux fo r Real Time Kernel
48
The c an-d ev mo d ule has b een enab led fo r the real-time kernel
48
. .hapt
C
. . . .er
. .1. 4. .. Net
. . . working
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4. 9. . . . . . . . . .
7 .3 Release Not es
. .hapt
C
. . . .er
. .1. 4. .. Net
. . . working
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4. 9. . . . . . . . . .
O p en vSwitc h no w us es kernel lig htweig ht tunnel s up p o rt
49
Bulking in the memo ry allo c ato r s ub s ys tem is no w s up p o rted
49
Netwo rkManag er no w s up p o rts LLDP
49
DHCP timeo ut in Netwo rkManag er is c o nfig urab le
Netwo rkManag er no w d etec ts d up lic ate IPv4 ad d res s es
N etwo rkManag er no w c o ntro ls the ho s t name us ing s ys temd -ho s tnamed
Sup p o rt fo r lates t Blueto o th, inc lud ing Blueto o th LE
49
49
49
49
49
50
50
50
50
50
. .hapt
C
. . . .er
. .1. 5.
. . Securit
......y
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
...........
The SELinux us ers p ac e reb as ed to vers io n 2.5
s c ap -wo rkb enc h reb as ed to vers io n 1.1.2
o p ens c ap reb as ed to vers io n 1.2.10
firewalld reb as ed to vers io n 0 .4.3.2
51
51
51
51
52
52
52
52
53
53
53
53
53
53
54
. .hapt
C
. . . .er
. .1. 6. .. Servers
. . . . . . . and
. . . . Services
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
...........
PHP c URL mo d ule no w s up p o rts TLS 1.1 and TLS 1.2
55
s q uid reb as ed to vers io n 3.5.20
55
Do vec o t has tc p _wrap p ers s up p o rt enab led
55
Nec es s ary c las s es ad d ed to allo w lo g 4j as To mc at lo g g ing mec hanis m
55
M ySQ L-p ytho n reb as ed to vers io n 1.2.5
The BIND s erver no w s up p o rts CAA rec o rd s
56
56
. .hapt
C
. . . .er
. .1. 7. .. St
. . orage
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
...........
New kernel s ub s ys tem: lib nvd imm
57
New p ac kag es : nvml
57
S CSI no w s up p o rts multip le hard ware q ueues
57
The lvextend c o mmand no lo ng er attemp ts to res iz e a file s ys tem when the s iz e o f the lo g ic al
vo lume has no t c hang ed
57
Imp ro ved LVM lo c king infras truc ture
57
Sup p o rt fo r c ac hing thinly-p ro vis io ned lo g ic al vo lumes with limitatio ns
57
. .hapt
C
. . . .er
. .1. 8. .. Virt
. . . ualiz
. . . . .at. ion
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
...........
VT-d p o s ted interrup ts
58
G ues ts us ing an RBD vo lume no w us e an enc o d ed , enc ryp ted s tartup s ec ret
58
Hyp er-V s to rag e d river (s to rvs c ) up d ated
58
Hyp er-V c lo c k s o urc e c hang ed to us e the TSC p ag e
lib g ues tfs reb as ed to vers io n 1.32.6
58
58
58
59
59
59
59
59
60
60
. .hapt
C
. . . .er
. .1. 9. .. At
. . omic
. . . . .Host
. . . . .and
. . . .Cont
. . . .ainers
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6. 1. . . . . . . . . .
R ed Hat Enterp ris e Linux Ato mic Ho s t
61
. .hapt
C
. . . .er
. .2. 0. .. Red
. . . . Hat
. . . .Soft
. . . .ware
. . . . Collect
. . . . . . ions
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6. 2. . . . . . . . . .
. .art
P
. . .II.. .Not
. . .able
. . . . Bug
. . . . Fixes
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6. 3. . . . . . . . . .
. .hapt
C
. . . .er
. .2. 1. .. G
. .eneral
. . . . . .Updat
. . . . . es
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6. 4. . . . . . . . . .
Sho rtening o f lo ng netwo rk d evic e names
64
A fix fo r s ys temd to read the d evic e id entific atio n b ytes c o rrec tly
64
The value o f net.unix.max_d g ram_q len inc reas ed to 512
64
. .hapt
C
. . . .er
. .2. 2. .. Aut
. . . hent
. . . . .icat
. . .ion
. . . and
. . . . Int
. . .eroperabilit
. . . . . . . . . .y. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6. 5. . . . . . . . . .
The id map _has h mo d ule no w wo rks c o rrec tly when us ed with o ther mo d ules
65
. .hapt
C
. . . .er
. .2. 3.
. . Clust
. . . . .ering
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6. 6. . . . . . . . . .
The DLM no w d etec ts and rep o rts c o nnec tio n p ro b lems
66
Pac emaker c o rrec tly interp rets s ys temd res p o ns es and s ys temd s ervic es are s to p p ed in p ro p er
o rd er at c lus ter s hutd o wn
66
Pac emaker no w d is ting uis hes trans ient failures fro m fatal failures when lo ad ing s ys temd units
66
Pac emaker no w remo ves no d e attrib utes fro m its memo ry when p urg ing a no d e that has b een
remo ved fro m the c
66
Pac emaker no w c o rrec tly d etermines exp ec ted res ults fo r res o urc es that are in a g ro up o r d ep end
o n a c lo ne
66
Fenc ing no w o c c urs when DLM req uires it, even when the c lus ter its elf d o es no t
67
. .hapt
C
. . . .er
. .2. 4. .. Compiler
. . . . . . . . and
. . . .T
. .ools
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6. 8. . . . . . . . . .
Remo val o f p urp o s eles s warning mes s ag e fo r p hys ic ally no n-exis ting no d es
68
O rig in p lug -in ad d ed to the s o s p ac kag e
68
Selec tio n o f O p enJDK vers io n family no w rememb ered ac ro s s up d ates
68
RC4 is no w d is ab led b y d efault in O p enJDK 6 and O p enJDK 7
68
s ys tem-s witc h-java reb as ed to vers io n 1.7
z s h no lo ng er d ead lo c ks o n mallo c () exec utio n
SCSI d evic e typ es d es c rib ed us ing multip le wo rd s are no w hand led c o rrec tly
g d b s erver no w s up p o rts s eamles s d eb ug g ing o f p ro c es s es fro m c o ntainers
68
68
69
69
G DB no lo ng er rep o rts s p urio us SIG TRAP s ig nals o n the 6 4-b it ARM arc hitec ture
G DB no lo ng er kills running p ro c es s es with d eleted exec utab les
G DB no w g enerates s maller c o re files and res p ec ts c o re-d ump filtering
The o p rep o rt and o p anno te utilities no w p ro p erly analyz e arc hive d ata.
Events with id entic al numeric al unit mas ks are no w hand led b y their names
69
69
70
70
70
Mo re ac c urate PAPI_L1_DC* event o n IBM Po wer7 and IBM Po wer8 p latfo rms
70
. .hapt
C
. . . .er
. .2. 5.
. . Deskt
. . . . . op
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7. 1. . . . . . . . . .
Sp hinx b uild s HTML d o c umentatio n in FIPS mo d e p ro p erly
P o p p ler no lo ng er rend ers c ertain c harac ters inc o rrec tly
P o p p ler no lo ng er tries to ac c es s memo ry b ehind the array
p d fto c airo no lo ng er c ras hes when p ro c es s ing a PDF witho ut g ro up c o lo r s p ac e
71
71
71
71
7 .3 Release Not es
71
p d finfo no lo ng er terminates unexp ec ted ly d ue to as s erting b ro ken enc ryp tio n info rmatio n
E vinc e no lo ng er c ras hes when viewing a PDF
Virtual mac hines s tarted b y G NO ME Bo xes are no lo ng er ac c es s ib le to every us er
FreeRDP no w rec o g niz es wild c ard c ertific ates
71
71
72
72
. .hapt
C
. . . .er
. .2. 6. .. Direct
. . . . . .ory
. . .Server
. . . . . .in
. . Red
. . . . Hat
. . . .Ent
. . .erprise
. . . . . . Linux
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7. 3. . . . . . . . . .
The c leanAllRUV tas k no lo ng er lo g s fals e attrlis t_rep lac e erro rs
73
Co nnec tio n o b jec ts no lo ng er d ead lo c k
Ab and o n req ues ts fo r s imp le p ag ed res ults s earc hes no lo ng er c aus e a c ras h
Simp le p ag ed res ults s earc h s lo ts are no w c o rrec tly releas ed after a failure
Deleting a b ac k end d atab as e no lo ng er c aus es d ead lo c ks
Deleting and ad d ing the s ame LDAP attrib ute no w c o rrec tly up d ates the eq uality ind ex
73
73
73
73
73
Ab and o n req ues ts in s imp le p ag ed res ults s earc hes no lo ng er c aus e d ead lo c ks
Simp le p ag ed res ults s earc hes no lo ng er return 0 ins tead o f the ac tual res ults
ACL p lug -in no lo ng er c ras hes d ue to mis s ing p b lo c k o b jec t
Pas s wo rd c o nvers io n fro m DES to AES no w wo rks p ro p erly
73
74
74
74
Failed rep lic atio n up d ates are no w retried c o rrec tly in the next s es s io n
The LICENSE file no w s ho ws c o rrec t lic ens e info rmatio n
Pas s wo rd s res et b y ad minis trato rs are no w s to red in p as s wo rd his to ry
Entries rejec ted b y multip le p lug -ins no lo ng er s ho w up in s earc hes
74
74
74
75
75
75
75
. .hapt
C
. . . .er
. .2. 7. .. File
. . . .Syst
. . . .ems
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7. 6. . . . . . . . . .
The q uo ta RPC s ervic e is no lo ng er unavailab le
76
. .hapt
C
. . . .er
. .2. 8. .. Hardware
. . . . . . . . .Enablement
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7. 7. . . . . . . . . .
Primary b o nd interfac e no lo ng er takes o ver ac tive interfac es that d id no t fail
77
77
77
Real-time s ys tems with many CPUs no lo ng er have larg e latenc ies d ue to run-q ueue lo c k
c o ntentio n
77
The kernel no lo ng er c ras hes when enab ling multi-q ueue s up p o rt with NVM Exp res s d evic e d river
The CPU freq uenc y no w reac hes the req ues ted value
77 77
The g et_c p u_lig ht/p ut_c p u_lig ht func tio n in FCo E c o d e has b een fixed
The p erfo rmanc e o f IBM Po wer Sys tems is no lo ng er d ec reas ed
77
78
The s ys tem no lo ng er c ras hes while s etting up the DMA trans fer
Kernel no lo ng er hang s d uring ho t-unp lug
78
78
Dis ab ling the Larg e Rec eive O fflo ad (LRO ) flag no w p ro p ag ates c o rrec tly
78
78
78
The g enwq e d river c an allo c ate memo ry even d uring memo ry p res s ure s ituatio ns
78
The c o ns o le no lo ng er hang s
LRO is no w d is ab led b y d efault in the ixg b e d river
79
79
The nx8 42 c o -p ro c es s o r fo r IBM Po wer Sys tems no lo ng er p ro vid es c o rrup ted d ata
The s ys tem no lo ng er c ras hes when c alling the mlx4_en_rec o ver_fro m_o o m() func tio n
79
79
79
. .hapt
C
. . . .er
. .2. 9. .. Inst
. . . .allat
. . . .ion
. . .and
. . . .Boot
. . . . ing
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8. 0. . . . . . . . . .
G rap hic s c ard s us ing the as t mo d ule c an no w b e us ed d uring ins tallatio n
80
Ins tallatio ns c an no w b e p erfo rmed o n d is ks c o ntaining invalid o r uns up p o rted p artitio n tab les .
Multip le ins t.d d o p tio ns are no w s up p o rted to lo ad d river d is ks
80 80
Help fo r the s ub s c rip tio n manag er s c reen d uring ins tallatio n
80
80
80
80
Hyp erPAV alias es us ed d uring ins tallatio n are no w availab le o n the ins talled s ys tem
Imp ro ved s up p o rt fo r netwo rk b o o t o n EFI p latfo rms
80
80
81
81
81
Kic ks tart files valid fo r Red Hat Enterp ris e Linux 6 are no w c o rrec tly rec o g niz ed b y ks valid ato r
A nac o nd a no lo ng er c ras hes when ad d ing iSCSI d evic es
81 81
The Anac o nd a ins taller c o rrec tly allo ws ad jus tment o f a p ro b lematic d is k s elec tio n
81
81
82
Inc o rrec t es c ap ing o f the ' /' c harac ter in s ys temd no lo ng er p revents the s ys tem fro m b o o ting
The d efault s iz e o f the /b o o t p artitio n is no w 1 G B
82
82
. .hapt
C
. . . .er
. .30
. . .. Kernel
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8. 3. . . . . . . . . .
A fix o f PT_NO TE entries that were p revio us ly c o rrup ted d uring c ras hd ump
83
Chang e o f the Red Hat Hard ware Certific atio n tes ts to avo id s ys tem hang c aus ed b y O p ro file
83
83
83
Up d ate o f the kernel with hug ep ag e mig ratio n p atc hes fro m the up s tream
Bo o ting kernel with UEFI and the s ec ure b o o t enab led
83
83
84
Chang e o f d efault s etting s o n FCo E s ervers to reac h the c o rrec t func tio nality o f the kd ump
mec hanis m
Dump -c ap ture kernel memo ry freed when kd ump mec hanis m fails
84
84
84
ks c no w returns an erro r ins tead o f c ras hing when running witho ut mand ato ry arg uments
84
. .hapt
C
. . . .er
. .31
. . .. Net
. . . working
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8. 5. . . . . . . . . .
s c tp _ac c ep t() no lo ng er c aus es a d ead lo c k when c alled d uring a timeo ut event
85
. .hapt
C
. . . .er
. .32
. . .. Securit
......y
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8. 6. . . . . . . . . .
The SHA-3 imp lementatio n in nettle no w c o nfo rms to FIPS 20 2
86
. .hapt
C
. . . .er
. .33.
. . .Servers
. . . . . . .and
. . . .Services
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8. 7. . . . . . . . . .
The named s ervic e no w b ind s to all interfac es
87
Fix fo r to mc at-d ig es t to g enerate p as s wo rd has hes
87
To mc at c an no w us e s hell exp ans io n in c o nfig uratio n files within the new c o nf.d d irec to ry
Fix fo r the to mc at-js vc s ervic e unit to c reate two ind ep end ent To mc at s ervers
87
87
87
87
87
88
88
. .hapt
C
. . . .er
. .34
. . .. Virt
. . . ualiz
. . . . at
. . ion
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8. 9. . . . . . . . . .
SMEP and SMAP b its mas ked to enab le s ec o nd ary vCPUs
89
Fo rc e Res et menu entry in Jap anes e lo c ale Virtual Mac hine Manag er trans lated c o rrec tly
89
89
89
Data layo ut o f VMDK imag es with s treamO p timiz ed s ub -fo rmat was inc o rrec t
b lo c kc o p y with --p ivo t o p tio n no lo ng er fails
89
89
7 .3 Release Not es
b lo c kc o p y with --p ivo t o p tio n no lo ng er fails
89
89
90
90
90
. .art
P
. . .III.
. . T. echnology
. . . . . . . . . . Previews
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9. 1. . . . . . . . . .
. .hapt
C
. . . .er
. .35.
. . .G. eneral
. . . . . . Updat
. . . . . .es
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9. 2. . . . . . . . . .
The s ys temd -imp o rtd VM and c o ntainer imag e imp o rt and exp o rt s ervic e
92
. .hapt
C
. . . .er
. .36
. . .. Aut
. . . hent
. . . . icat
. . . .ion
. . . and
. . . .Int
. . eroperabilit
. . . . . . . . . . .y. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9. 3. . . . . . . . . .
Id entity Manag ement in a c o ntainer no w availab le
93
SSSD in a c o ntainer no w availab le
Us e o f AD and LDAP s ud o p ro vid ers
93
93
93
93
94
94
Id entity Manag ement JSO N-RPC API availab le as Tec hno lo g y Preview
94
. .hapt
C
. . . .er
. .37
. . .. Clust
. . . . .ering
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9. 5. . . . . . . . . .
Sup p o rt fo r c lufter, a to o l fo r trans fo rming and analyz ing c lus ter c o nfig uratio n fo rmats
95
. .hapt
C
. . . .er
. .38
. . .. Direct
. . . . . ory
. . . .Server
. . . . . .in
. .Red
. . . .Hat
. . . .Ent
. . .erprise
. . . . . . Linux
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9. 6. . . . . . . . . .
Nunc Stans event framewo rk availab le fo r Direc to ry Server
96
. .hapt
C
. . . .er
. .39
. . .. File
. . . .Syst
. . . .ems
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9. 7. . . . . . . . . .
The Cep hFS kernel c lient is no w availab le
97
ext4 and XFS file s ys tems no w s up p o rt DAX
97
97
97
98
98
98
. .hapt
C
. . . .er
. .4. 0. .. Hardware
. . . . . . . . .Enablement
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9. 9. . . . . . . . . .
Runtime Ins trumentatio n fo r IBM Sys tem z
99
99
. .hapt
C
. . . .er
. .4. 1. .. Inst
. . . .allat
. . . .ion
. . .and
. . . .Boot
. . . . ing
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.0. 0. . . . . . . . . .
Multi-thread ed xz c o mp res s io n in rp m-b uild
10 0
. .hapt
C
. . . .er
. .4. 2. .. Kernel
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.0. 1. . . . . . . . . .
Hetero g eneo us memo ry manag ement inc lud ed as a Tec hno lo g y Preview
Us er names p ac e
10 1
10 1
10 1
10 1
10 1
10 1
10 1
10 2
. .hapt
C
. . . .er
. .4. 3.
. . Real. . . . .T. ime
. . . .Kernel
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1. 0. 3. . . . . . . . . .
New s c hed uler c las s : SCHED_DEADLINE
10 3
. .hapt
C
. . . .er
. .4. 4. .. Net
. . . working
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.0. 4. . . . . . . . . .
10 4
10 4
10 4
10 4
10 4
. .hapt
C
. . . .er
. .4. 5.
. . St
. . orage
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1. 0. 5. . . . . . . . . .
l vm2 no w s up p o rts RAID-level takeo ver
10 5
Multi-q ueue I/O s c hed uling fo r SCSI
Targ etd p lug -in fro m the lib Sto rag eMg mt API
10 5
10 5
DIF/DIX
10 5
. .hapt
C
. . . .er
. .4. 6. .. Virt
. . . ualiz
. . . . .at. ion
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.0. 6. . . . . . . . . .
Nes ted virtualiz atio n
10 6
10 6
10 6
Driver ad d ed fo r d evic es that c o nnec t o ver a PCI Exp res s b us in g ues t virtual mac hine und er Hyp erV
10 6
. .art
P
. . .IV.
. . Device
. . . . . . .Drivers
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.0. 7. . . . . . . . . .
. .hapt
C
. . . .er
. .4. 7. .. New
. . . . Drivers
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.0. 8. . . . . . . . . .
S to rag e Drivers
10 8
N etwo rk Drivers
G rap hic s Drivers and Mis c ellaneo us Drivers
10 8
110
. .hapt
C
. . . .er
. .4. 8. .. Updat
. . . . . .ed
. . Drivers
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.1. 2. . . . . . . . . .
S to rag e Driver Up d ates
112
N etwo rk Driver Up d ates
112
114
. .hapt
C
. . . .er
. .4. 9. .. Deprecat
. . . . . . . . ed
. . .Funct
. . . . . ionalit
. . . . . .y. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1. 1. 5. . . . . . . . . .
s s lwrap () remo ved fro m Pytho n
Wind o ws g ues t virtual mac hine s up p o rt limited
115
115
115
115
115
115
116
. .art
P
. . .V.. .Known
. . . . . . Issues
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.1. 8. . . . . . . . . .
. .hapt
C
. . . .er
. .50
. . .. G
. .eneral
. . . . . Updat
. . . . . .es
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.1. 9. . . . . . . . . .
The TAB key d o es no t exp and $ PWD b y d efault
g no me-d ic tio nary multilib p ac kag es c o nflic ts o c c ur
119
119
119
. .hapt
C
. . . .er
. .51
. . .. Aut
. . . hent
. . . . icat
. . . .ion
. . . and
. . . .Int
. . eroperabilit
. . . . . . . . . . .y. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.2. 0. . . . . . . . . .
Pro b lem with imp o rting a us er c ertific ate fro m CA o ver SSL
S ec urity warning when us ing ip a-kra-ins tall, ip a-c a-ins tall, o r ip a-rep lic a-ins tall
120
120
The Id M web UI d is p lays all c ertific ates o n o ne p ag e in the Certific ates tab le
120
120
120
121
121
121
7 .3 Release Not es
Tree-ro o t d o mains in a trus ted AD fo res t are no t marked as reac hab le thro ug h the fo res t ro o t
The Id M web UI d o es no t s ho w c ertific ates is s ued b y s ub -CAs
121
121
Third -p arty c ertific ate trus t flag s are res et after ins talling an external CA into Id M
121
The c ertmo ng er s ervic e fails to req ues t c ertific ates fro m Id M s ub -CAs
Ad d ing an Id M O TP to ken with a c us to m key d o es no t wo rk
122
122
Mac hines jo ined to a realm are no t ab le to res o lve c entrally manag ed s up p lementary g ro up s
SSSD d efault c o nfig uratio n fails to integ rate with o ther s ervic es
122
122
123
123
123
123
. .hapt
C
. . . .er
. .52
. . .. Compiler
. . . . . . . . and
. . . . T. ools
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1. 2. 5. . . . . . . . . .
Ac c es s ing Red Hat G lus ter Sto rag e o ver lib g fap i o n KVM g ues ts fails
125
. .hapt
C
. . . .er
. .53.
. . .Deskt
. . . . .op
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.2. 6. . . . . . . . . .
Clo s ing lap to p lid b reaks the G NO ME multi-d is p lay c o nfig uratio n
126
. .hapt
C
. . . .er
. .54
. . .. File
. . . .Syst
. . . .ems
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.2. 7. . . . . . . . . .
The d efault o p tio n s p ec ific atio n is no t o verrid d en b y the ho s t-s p ec ific o p tio n in /etc /exp o rts
127
. .hapt
C
. . . .er
. .55.
. . .Hardware
. . . . . . . . .Enablement
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.2. 8. . . . . . . . . .
Serial c o ns o le is no w c o nfig ured c o rrec tly o n Cavium Thund erX 6 4-b it ARM s ys tems
i 40 e no lo ng er is s ues warn_s lo wp ath warning s d uring b o o t
128
128
128
128
128
. .hapt
C
. . . .er
. .56
. . .. Inst
. . . .allat
. . . ion
. . . .and
. . . .Boot
. . . . ing
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.2. 9. . . . . . . . . .
Dell Latitud e E6 430 lap to p s s hut d o wn unexp ec ted ly
129
The Initial Setup utility' s text-b as ed interfac e s tarts c o rrec tly o n IBM Sys tem z
Fo rmatting DASDs wo rks c o rrec tly d uring a text-b as ed ins tallatio n
129
129
Ins uffic ient /b o o t p artitio n s iz e may p revent the s ys tem fro m up g rad ing
129
. .hapt
C
. . . .er
. .57
. . .. Kernel
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1. 30
...........
Red Hat Beta p ub lic key c ertific ate need s to b e lo ad ed manually
130
130
131
d rac ut d is p lays a harmles s erro r mes s ag e ab o ut a no n-exis tent /etc /hb a.c o nf
131
131
. .hapt
C
. . . .er
. .58
. . .. Net
. . . working
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1. 32
...........
Verific atio n o f s ig natures us ing the MD5 has h alg o rithm is d is ab led in Red Hat Enterp ris e Linux 7
132
. .hapt
C
. . . .er
. .59
. . .. Securit
......y
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1. 33
...........
The o p ens c ap p ac kag es d o no t ins tall ato mic as a d ep end enc y
C IL d o es no t have a s ep arate mo d ule s tatement
133
133
. .hapt
C
. . . .er
. .6. 0. .. Servers
. . . . . . . and
. . . . Services
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1. 34
...........
ReaR c reates two ISO imag es ins tead o f o ne
134
. .hapt
C
. . . .er
. .6. 1. .. St
. . orage
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1. 35
...........
No s up p o rt fo r thin p ro vis io ning o n to p o f RAID in a c lus ter
135
10
135
When us ing thin-p ro vis io ning , it is p o s s ib le to lo s e b uffered writes to the thin-p o o l if it reac hes
c ap ac ity
135
. .hapt
C
. . . .er
. .6. 2. .. Syst
. . . . em
. . . and
. . . . Subscript
. . . . . . . . .ion
. . . Management
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1. 36
...........
The s ub s c rip tio n-manag er refres h c o mmand fails , d is p laying an erro r
136
. .hapt
C
. . . .er
. .6. 3.
. . Virt
. . . ualiz
. . . . at
. . ion
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1. 37
...........
Mig ratio n o f c ertain g ues ts fro m Red Hat Enterp ris e Linux 7.2 to 7.3 ho s ts is no t p o s s ib le
numad c hang es Q EMU memo ry b ind ing s
137
137
. .hapt
C
. . . .er
. .6. 4. .. At
. . omic
. . . . .Host
. . . . .and
. . . .Cont
. . . .ainers
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1. 38
...........
SELinux p revents Do c ker fro m running a c o ntainer
138
. .ppendix
A
. . . . . . . A.
. . Component
. . . . . . . . . . . Versions
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1. 39
...........
. .ppendix
A
. . . . . . . B.
. . .Revision
. . . . . . . .Hist
. . . ory
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.4. 0. . . . . . . . . .
11
7 .3 Release Not es
Preface
Red Hat Enterprise Linux minor releases are an aggregation of individual security, enhancement,
and bug fix errata. The Red Hat Enterprise Linux 7.3 Beta Release Notes document describes the major
changes made to the Red Hat Enterprise Linux 7 operating system and its accompanying
applications for this minor release, as well as known problems and a complete list of all currently
available Technology Previews.
Capabilities and limits of Red Hat Enterprise Linux 7 as compared to other versions of the system are
available in the Red Hat Knowledgebase article available at https://access.redhat.com/articles/rhellimits.
For information regarding the Red Hat Enterprise Linux life cycle, refer to
https://access.redhat.com/support/policy/updates/errata/.
12
Chapt er 1 . O verview
Chapter 1. Overview
Se curit y
The SELinux userspace has been rebased and provides various enhancements and performance
improvements. Notably, the new SELinux module store supports priorities, and the SELinux
Common Intermediate Language (CIL) has been introduced.
OpenSCAP workbench now provides a new SCAP Security Guide integration dialog and enables
modification of SCAP policies using a graphical tool.
The OpenSCAP suite now includes support for scanning containers using the ato mi c scan
command.
Upgraded fi rewal l d starts and restarts significantly faster due to a new transaction model. It
also provides improved management of connections, interfaces, and sources, a new default
logging option, and i pset support.
The aud i t daemon introduces a new flush technique, which significantly improves performance.
Audit policy, configuration, and logging have been enhanced and now support a number of new
options.
Media Access Control Security (MACsec) encryption over Ethernet is now supported.
See Chapter 15, Security for more information on security enhancements.
Ide nt it y Manage m e nt
The highlighted new features and improvements related to Identity Management (IdM) include:
Improved performance of both IdM servers and clients in large customer environments
Enhanced topology management and replica installation
Extended smart card support for Active D irectory (AD ) users
Fine-grained configuration of one-time password (OTP) authentication
Improved troubleshooting capabilities of IdM clients.
For detailed information on changes in IdM, refer to Chapter 4, Authentication and Interoperability.
Co re Ke rne l
Support for Checkpoint/Restore in User space (CRIU) has been expanded to the the little-endian
variant of IBM Power Systems architecture.
Heterogeneous memory management (HMM) feature has been introduced as a Technology
Preview.
For more kernel features, refer to Chapter 12, Kernel. For information about Technology Previews
related to kernel, see Chapter 42, Kernel.
Ne t wo rking
Open vSwitch now uses kernel lightweight tunnel support.
Bulking in the memory allocator subsystem is now supported.
13
7 .3 Release Not es
N et wo rkMan ag er now supports new device types, improved stacking of virtual devices, LLD P,
stable privacy IPv6 addresses (RFC 7217), detects duplicate IPv4 addresses, and controls a host
name through systemd -ho stnamed . Additionally, the user can set a D HCP timeout property and
D NS priorities.
For more networking features, see Chapter 14, Networking.
Re al-T im e Ke rne l
A new scheduler policy, SC HED _D EAD LINE has been introduced as Technology Preview. This
new policy is available in the upstream kernel and shows promise for certain Realtime use cases.
For details, see Chapter 43, Real-Time Kernel.
De skt o p
A new instant messaging client, p id g in , has been introduced, which supports off-the-record
(OTR) messaging and the Microsoft Lync instant messaging application.
For more information regarding changes in desktop, refer to Chapter 7, Desktop.
Linux Co nt aine rs
Identity Management (IdM) and System Security Services D aemon (SSSD ) containers are now
14
Chapt er 1 . O verview
available for Red Hat Enterprise Linux Atomic Host as Technology Preview. See Chapter 36,
Authentication and Interoperability for details.
Re d Hat Insight s
Since Red Hat Enterprise Linux 6.7, the Red Hat Insights service is available. Red Hat Insights is a
proactive service designed to enable you to identify, examine, and resolve known technical issues
before they affect your deployment. Insights leverages the combined knowledge of Red Hat Support
Engineers, documented solutions, and resolved issues to deliver relevant, actionable information to
system administrators.
The service is hosted and delivered through the customer portal at
https://access.redhat.com/insights/ or through Red Hat Satellite. To register your systems, follow the
Getting Started Guide for Insights. For further information, data security, and limits, refer to
https://access.redhat.com/insights/splash/.
15
7 .3 Release Not es
Chapter 2. Architectures
Red Hat Enterprise Linux 7.3 Beta is available as a single kit on the following architectures: [1]
64-bit AMD
64-bit Intel
IBM POWER7+ and POWER8 (big endian) [2]
IBM POWER8 (little endian) [3]
IBM System z [4]
[1] No te that the Red Hat Enterp ris e Linux 7.3 Beta ins tallatio n is s up p o rted o nly o n 6 4-b it hard ware.
Red Hat Enterp ris e Linux 7.3 Beta is ab le to run 32-b it o p erating s ys tems , inc lud ing p revio us vers io ns
o f Red Hat Enterp ris e Linux, as virtual mac hines .
[2] Red Hat Enterp ris e Linux 7.3 Beta (b ig end ian) is c urrently s up p o rted as a KVM g ues t o n Red Hat
Enterp ris e Virtualiz atio n fo r Po wer, and o n Po werVM.
[3] Red Hat Enterp ris e Linux 7.3 Beta (little end ian) is c urrently s up p o rted as a KVM g ues t o n Red Hat
Enterp ris e Virtualiz atio n fo r Po wer, o n Po werVM and Po werNV (b are metal).
[4] No te that Red Hat Enterp ris e Linux 7.3 Beta s up p o rts IBM z Enterp ris e 19 6 hard ware o r later; IBM
Sys tem z 10 mainframe s ys tems are no lo ng er s up p o rted and will no t b o o t Red Hat Enterp ris e Linux 7.3
Beta.
16
17
7 .3 Release Not es
18
19
7 .3 Release Not es
Installing a replica no longer requires you to log in to the initial server, use the D irectory Manager
(D M) credentials, and copy the replica information file from the initial server to the replica. For
example, this allows for easier provisioning using an external infrastructure management system,
while retaining a reasonable level of security.
In addition, the i pa-repl i ca-i nstal l utility can now also promote an existing client to a replica.
For details, see https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7Beta/html-single/Linux_D omain_Identity_Authentication_and_Policy_Guide/index.html#install-replica
Note that the new functionality requires raising the domain level to 1. See
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7-Beta/htmlsingle/Linux_D omain_Identity_Authentication_and_Policy_Guide/index.html#domain-level
(BZ #837369)
IdM now support s smart card aut hent icat ion for AD users
This update extends smart card support in Identity Management (IdM). Users from a trusted Active
D irectory (AD ) can now authenticate using a smart card both remotely using ssh as well as locally.
The following methods are supported for local authentication:
Text console
Graphical console, such as the Gnome D isplay Manager (GD M)
Local authentication services, like su or sud o
Note that IdM only supports the above-mentioned local authentication services and ssh for smart
card authentication. Other services, such as FTP, are not supported.
The smart card certificate for AD users can be stored directly in AD , or in an IdM override object for
the AD user.
For details, see https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7Beta/html-single/Windows_Integration_Guide/index.html#smart-cards (BZ #1298966)
20
gateways, can request both factors. As a result, during the login, the user can enter either both
factors, or optionally only the password. The Kerberos ticket then uses authentication indicators to
list the used factors. (BZ #1325809)
21
7 .3 Release Not es
This update adds the python-netifaces package to Red Hat Enterprise Linux 7. This Python module
makes it possible to read information about the system network interfaces from the operating system.
It has been added as a dependency for Red Hat Identity Management (IdM). (BZ #1303046)
22
23
7 .3 Release Not es
SSSD now aut omat ically adjust s t he ID ranges for AD client s in environment s
wit h high RID numbers
The automatic ID mapping mechanism included in the System Security Services D aemon (SSSD )
service is now able to merge ID range domains. The SSSD default size of ID ranges is 200,000. In
large Active D irectory (AD ) installations, the administrator had to manually adjust the ID range
assigned by SSSD if the Active D irectory relative ID (RID ) increased 200,000 to correspond with the
RID .
With this enhancement, for AD clients having ID mapping enabled, SSSD automatically adjusts the
ID ranges in the described situation. As a result, the administrator does not have to adjust the ID
range manually, and the default ID mapping mechanism works in large AD installations.
(BZ #1059972)
Int roducing Red Hat Single Sign-On as a replacement for t he Ipsilon ident it y
provider
Red Hat Single Sign-On (SSO) is now available as a single sign-on solution based on the Keycloak
community project. Red Hat SSO is intended to replace Ipsilon, which was offered as Technology
Preview for federated single sign-on in Red Hat Enterprise Linux 7.2.
Red Hat SSO provides more capabilities than Ipsilon, and Red Hat therefore recommends to use it
instead of Ipsilon.
For details, see:
Red Hat SSO product page: https://access.redhat.com/products/red-hat-single-sign-on
24
SSSD now reads opt ional *.conf files from /etc/sssd /co nf. d /
The System Security Services D aemon (SSSD ) has been enhanced to read *.conf files from the
/etc/sssd /co nf. d / directory. This enables you to use a general /etc/sssd /sssd . co nf file on
all clients and to add additional settings in further configuration files to suit individual clients. SSSD
first reads the common /etc/sssd /sssd . co nf file, and then in alphabetical order the other files in
/etc/sssd /co nf. d /. The daemon uses the last read configuration parameter if the same one
appears multiple times in different files. (BZ #790113)
25
7 .3 Release Not es
https://www.samba.org/samba/history/samba-4.3.0.html
https://www.samba.org/samba/history/samba-4.4.0.html (BZ #1303076)
26
Chapter 5. Clustering
A Pacemaker clust er resource t hat is used t o creat e a guest node may now
be a member of a resource group
Previous Pacemaker versions did not support including a guest node in a group. As of Red Hat
Enterprise Linux 7.3, a Pacemaker cluster resource such as Vi rtual D o mai n that is used to create a
guest node may now be a member of a resource group. This can be useful, for example, to associate
a virtual machine with its storage. (BZ #1303765)
27
7 .3 Release Not es
28
This option is useful when just setting priorities for each alternative is not enough. For example, all
openjdk packages can be put into the same family to ensure that if one of them is uninstalled, the
alternative will switch to another openjdk package, and not to the java-1.7.0-oracle package (if another
openjdk package is installed). (BZ #1291340)
29
7 .3 Release Not es
new functions have been added to l i bel f and l i bd w to handle compressed ELF sections:
el f_co mpress, el f_co mpress_g nu, el f32_g etchd r, el f6 4 _g etchd r, and
g el f_g etchd r.
libdwelf: a new d wel f_scn_g nu_co mpressed _si ze() function.
New l i bel f and l i bd w pkgconfig (package configuration) files.
(BZ #1296313)
30
sar2pcp - support for additional mem. uti l metrics and sysstat-11.0.1 commands
pmmg r - added general monitor-program launching option
pcp-ato p - updated with latest ato p features (especially NFS-related)
l i bpcp - allowed the name of a server certificate to be customized; added support for permanent,
global derived metrics, and multi-archive contexts
pmd apro c - cg ro up bl ki o throttle throughput and IOPS metrics
pcp-i o stat - added the -R flag for device-name matching using regular expressions and the G flag for sum, avg , mi n, or max stati sti cs
pmi eco nf - new rule to automate restarting of unresponsive PMD As
(BZ #1284307)
31
7 .3 Release Not es
The bl o ck_l i st gdb monitor command has been enhanced: it can print a range of loss
records; it now accepts an optional argument, l i mi ted [max_bl o cks], to control the number
of printed blocks; if a block has been found using a heuristic, then bl o ck_l i st now shows the
heuristic after the block size; the loss records/blocks to print can be limited to the blocks found via
specified heuristics.
A new --expensi ve-d efi ned ness-checks= yes| no command-line option has been added.
This is useful for avoiding occasional invalid uninitialized-value errors in optimized code. Beware
of potential runtime degradation, as this can be up to 25% . The slowdown is highly applicationspecific though. The default value is no .
(BZ #1296318)
O penJD K 8 now support s ECC
With this update, support for Elliptic Curve Cryptography (ECC) and associated ciphers for TLS
connections has been added to O penJD K 8. In most cases, ECC is preferable to older cryptographic
solutions for establishing secure network connections. (BZ #1245810)
pycurl now provides opt ions t o require T LSv1.1 or 1.2
With this update, pycurl has been enhanced to support options that make it possible to require the
use of the 1.1 or 1.2 versions of the TLS protocol, which improves the security of communication.
(BZ #1260407)
32
New configurat ion opt ions for SSL/T LS cert ificat e verificat ion for t he HT T P
client s in t he Pyt hon st andard library
New per-application and per-process configuration options for SSL/TLS certificate verification have
been added for the HTTP clients in the Python standard library. The options are described in the 493
Python Enhancement Proposal (https://www.python.org/dev/peps/pep-0493/). The default global
setting continues to be to not verify certificates. For details, see
https://access.redhat.com/articles/2039753. (BZ #1315758)
33
7 .3 Release Not es
34
Chapt er 7 . Deskt op
Chapter 7. Desktop
New packages: pidgin
This update adds the pidgin instant messaging client that supports off-the-record (OTR) messaging
and the Microsoft Lync instant messaging application. (BZ #1066457)
Separat e menu it ems for opening t abs and windows rest ored
This update restores separate menu items for opening tabs and windows in g no me-termi nal . It is
now easier to open a mix of tabs and windows without being familiar with keyboard shortcuts.
(BZ #1300826)
35
7 .3 Release Not es
36
Chapt er 7 . Deskt op
Core:
More robust loading of XCF files
Improved performance and behavior when writing XCF files
GUI:
The widget direction automatically matches the direction of language set for GUI
Larger scroll area for tags
Fixed switching of dock tabs by drag and drop (D ND ) hovering
D ND works between images in one dockable
No unexpected termination problem in the save dialog
Plug-ins:
Improved security of the script-fu server
Fixed reading and writing of files in the BMP format
Fixed exporting of fonts in the PD F plug-in
Support of layer groups in OpenRaster files
Fixed loading of PSD files with layer groups (BZ #1298226)
37
7 .3 Release Not es
T he l d apsearch command can now ret urn all operat ional at t ribut es
LD AP searches can now return all operational attributes as described in IETF RFC 3673. Using the +
character in a search will yield all operational attributes to which the bound D istinguished Name
(D N) has access. The returned results may be limited depending on applicable Access Control
Instructions (ACIs).
An example search might look similar to the following:
ldapsearch -LLLx -h localhost -p 10002 -b ou=people,dc=example,dc=com -s
base '+'
dn: ou=People,dc=example,dc=com
See https://tools.ietf.org/html/rfc3673 for additional information about this feature. (BZ #1290111)
38
39
7 .3 Release Not es
40
The free inode btree (finobt) feature is disabled by default to ensure compatibility with earlier Red
Hat Enterprise Linux 7 kernel versions. (BZ #1309498)
41
7 .3 Release Not es
42
43
7 .3 Release Not es
New symbols for t he kABI whit elist t o support t he hpvsa and hpdsa drivers
44
Chapt er 1 2 . Kernel
This update adds a set of symbols to the kernel Application Binary Interface (kABI) whitelist, which
ensures the support for the hpvsa and hpdsa drivers.
The newly added symbols are:
scsi_add_device,
scsi_adjust_queue_depth
scsi_cmd_get_serial
scsi_dma_map
scsi_dma_unmap
scsi_scan_host (BZ #1274471)
crash rebased t o version 7.1.5
The crash packages have been upgraded to upstream version 7.1.5, which provides several bug
fixes and a number of enhancements over the previous version. Notably, this rebase adds new
options such as d i s -s, d i s -f, sys -i , l i st -l , new support for Quick Emulator (QEMU)
generated Executable and Linkable Format (ELF) vmcores on the 64-bit ARM architectures, and
several updates required for support of recent upstream kernels. It is safer and more efficient to
rebase the crash packages than to backport selectively the individual patches. (BZ #1292566)
Support of 8 T B of RAM
With this update, the kernel is certified to support 8 TB of RAM. This new feature covers the advance
in memory technology and it provides the potential to meet technological requirements of future
servers that will be released in the life time of Red Hat Enterprise Linux 7. This feature is available for
AMD 64 and Intel 64 architectures. (BZ #727077)
45
7 .3 Release Not es
46
Chapt er 1 2 . Kernel
Red Hat Ent erprise Linux 7 now support s Wacom Cint iq 27 QHD
Previously, the Wacom Cintiq 27 QHD tablets were not supported in Red Hat Enterprise Linux 7. With
this update, Wacom Cintiq 27 QHD is supported in Red Hat Enterprise Linux 7. (BZ #1342989)
47
7 .3 Release Not es
48
NetworkManager now cont rols t he host name using systemd -ho stnamed
With this update, NetworkManager uses the systemd -ho stnamed service to read and write the static
host name, which is stored in the /etc/ho stname file. D ue to this change, manual modifications
done to the /etc/ho stname file are no longer picked up automatically by NetworkManager; users
should change the system host name through the ho stnamectl utility. Also, the use of the
HO ST NAME variable in the '/etc/sysconfig/network' file is now deprecated. (BZ #1367916)
Addit ional policies for t he P R -SC T P ext ension are now support ed
49
7 .3 Release Not es
The Partially Reliable SCTP (PR-SCTP) extension defined in RFC3758 provides a generic method for
senders to abandon user messages. With this update, three additional P R -SC T P policies are
supported:
Timed Reliability: This allows the sender to specify a timeout for a user message. The SCTP stack
abandons the user message after the timeout expires.
Limited Retransmission Policy: Allows limitation of the number of retransmissions.
Priority Policy: Allows removal of lower-priority messages if space for higher-priority messages is
needed in the send buffer. (BZ #965453)
Man pages for tc filt er act ions were added t o t he iproute package
With this update, man pages for the i pro ute utility's tc filter actions have been added. Every tc
action has now a corresponding man page, which includes synopsis, options, and detailed
functional description. (BZ #1275426)
50
Chapt er 1 5. Securit y
51
7 .3 Release Not es
The firewalld packages have been upgraded to upstream version 0.4.3.2 which provides a number of
enhancements and bug fixes over the previous version. Notable changes include the following:
Performance improvements: firewalld starts and restarts significantly faster thanks to the new
transaction model which groups together rules that are applied simultaneously. This model uses
the iptables restore commands. Also, the firewall-cmd, firewall-offline-cmd, firewall-config, and
firewall-applet tools have been improved with performance in mind.
The improved management of connections, interfaces and sources: The user can now control
zone settings for connections in NetworkManager. In addition, zone settings for interfaces are also
controlled by firewalld and in the i fcfg file.
D efault logging option: With the new LogD enied setting, the user can easily debug and log
denied packets.
ipset support: firewalld now supports ipsets used as zone sources, within rich and direct rules.
(BZ #1302802)
52
Chapt er 1 5. Securit y
The rsyslog packages provide an enhanced, multi-threaded syslog daemon. With this update, the
rsyslog imfile module supports using wildcards inside file names and adding the actual file name to
the message's metadata. This is useful, when rsyslog needs to read logs under a directory and does
not know the names of files in advance. (BZ #1303617)
T he fi rewal l d -cmd command can now provide addit ional det ails
With this update, firewalld shows details of a service, zone, and IC MP type. Additionally, the user can
list the full path to the source XML file. The new options for fi rewal l d -cmd are:
53
7 .3 Release Not es
[--permanent] --info-zone=zone
[--permanent] --info-service=service
[--permanent] --info-icmptype=icmptype (BZ #1147500)
54
55
7 .3 Release Not es
56
Chapt er 1 7 . St orage
57
7 .3 Release Not es
Guest s using an RBD volume now use an encoded, encrypt ed st art up secret
Previously, when libvirt generated the QEMU command line arguments for guests using an
authenticated Rados Block D evice (RBD ) volume, the password to the RBD server would encoded as
an argument allowing for the possibility for that password to be decoded. In the current release, the
password is provided as an encoded, encrypted object that QEMU decrypts based on a shared,
encrypted domain key that is valid only while the guest is running. Usage of this form of secret
handling provides the capability for a more secure environment. Subsequent domain restarts will
always generate a unique shared private key between libvirt and QEMU. (BZ #1182074)
58
59
7 .3 Release Not es
Support for Intel Xeon v5 processors has now been added to the KVM hypervisor and kernel code,
and to the l i bvi rt API. This enables KVM guest virtual machines to use the following features:
MPX, XSAVEC, XGETBV1. (BZ #1327599)
60
61
7 .3 Release Not es
Important
Red Hat Software Collections has a shorter life cycle and support term than Red Hat
Enterprise Linux. For more information, see the Red Hat Software Collections Product Life
Cycle.
See the Red Hat Software Collections documentation for the components included in the set, system
requirements, known problems, usage, and specifics of individual Software Collections.
See the Red Hat D eveloper Toolset documentation for more information about the components
included in this Software Collection, installation, usage, known problems, and more.
62
63
7 .3 Release Not es
A fix for syst emd t o read t he device ident ificat ion byt es correct ly
D ue to an endianness problem, the version of systemd in Red Hat Enterprise Linux 7.2 read the
device identification bytes in a wrong order, causing the d ev/d i sk/by-i d /wwn-* symbolic links
to be generated incorrectly. A patch has been applied to put the device identification bytes in the
correct order and the symbolic links are now generated correctly. Any reference that depends on the
value obtained from /d ev/d i sk/by-i d /wwn-* needs to be modified to work correctly in Red Hat
Enterprise Linux 7.3 and later. (BZ #1308795)
64
65
7 .3 Release Not es
Pacemaker correct ly int erpret s syst emd responses and syst emd services
are st opped in proper order at clust er shut down
Previously, when a Pacemaker cluster was configured with systemd resources and the cluster was
stopped, Pacemaker could mistakenly assume that a systemd service had stopped before it actually
had stopped. As a consequence, services could be stopped out of order, potentially leading to stop
failures. With this update, Pacemaker now correctly interprets systemd responses and systemd
services are stopped in the proper order at cluster shutdown. (BZ #1286316)
Pacemaker now dist inguishes t ransient failures from fat al failures when
loading syst emd unit s
Previously, Pacemaker treated all errors loading a systemd unit as fatal. As a consequence,
Pacemaker would not start a systemd resource on a node where it could not load the systemd unit,
even if the load failed due to transient conditions such as CPU load. With this update, Pacemaker
now distinguishes transient failures from fatal failures when loading systemd units. Logs and cluster
status now show more appropriate messages, and the resource can start on the node once the
transient error clears. (BZ #1346726)
Pacemaker now correct ly det ermines expect ed result s for resources t hat are
in a group or depend on a clone
Previously, when restarting a service, Pacemaker's crm_reso urce tool (and thus the pcs
reso urce restart command) could fail to properly determine when affected resources successfully
started. As a result, the command could fail to restart a resource that is a member of a group, or the
command could hang indefinitely if the restarted resource depended on a cloned resource that
moved to another node. With this update, the command now properly determines expected results for
resources that are in a group or depend on a clone. The desired service is restarted, and the
command returns. (BZ #1337688)
66
Fencing now occurs when DLM requires it , even when t he clust er it self does
not
Previously, D LM could require fencing due to quorum issues, even when the cluster itself did not
require fencing, but would be unable to initiate it, As a consequence, D LM and D LM-based services
could hang waiting for fencing that never happened. With this fix, the o cf: pacemaker: co ntro l d
resource agent now checks whether D LM is in this state, and requests fencing if so. Fencing now
occurs in this situation, allowing D LM to recover. (BZ #1268313)
67
7 .3 Release Not es
68
state of zsh or while using the heap memory allocator. This ensures that the described deadlock no
longer occurs. (BZ #1267912)
SCSI device t ypes described using mult iple words are now handled correct ly
Prior to this update, the rescan-scsi -bus. sh tool misinterpreted SCSI device types that were
described using more than one word, for example, Med i um C hang er or O pti cal D evi ce.
Consequently, when the script was run on systems that had such device types attached, the script
printed multiple misleading error messages. With this update, device types described with multiple
words are handled correctly, and the proper device-type description is returned to the user without
any errors. (BZ #1298739)
g d bserver now support s seamless debugging of processes from cont ainers
Prior to this update, when G D B was executing inside a Super-Privileged Container (SPC) and
attached to a process that was running in another container on Red Hat Enterprise Linux Atomic
Host, G D B did not locate the binary images of the main executable or any shared libraries loaded by
the process to be debugged.
As a consequence, G D B may have displayed error messages relating to files not being present, or
being present but mismatched. Also, G D B may have seemed to attach correctly, but subsequent
commands may have failed or displayed corrupted information.
In Red Hat Enterprise Linux 7.3, g d bserver has been extended for seamless support of debugging
processes from containers. The Red Hat Enterprise Linux 7.3 version of g d bserver newly supports
the q Xfer: exec-fi l e: read and vFi l e: setfs packets. However, the Red Hat Enterprise Linux
7.3 version of g d b cannot use these packets. The Red Hat D eveloper Toolset 4.1 (or higher) version
of g d b is recommended for use with containers and with Red Hat Enterprise Linux 7.3 g d bserver.
The Red Hat D eveloper Toolset version of g d bserver can be used as well.
Red Hat Enterprise Linux 7.3 g d b can now suggest using g d bserver when run with the -p
parameter (or the attach command) and when, at the same time, it detects that the process being
attached is from a container. Red Hat Enterprise Linux 7.3 g d b now also suggests the explicit use of
the fi l e command to specify the location of the process executable in the container being
debugged. The fi l e command does not need to be entered when the Red Hat D eveloper Toolset
version of g d b is being used instead.
With this update, Red Hat Enterprise Linux 7.3 g d bserver provides seamless debugging of
processes from containers together with Red Hat D eveloper Toolset 4.1 (or higher) g d b. Additionally,
Red Hat Enterprise Linux 7.3 g d b guides the user through the debugging of processes from
containers when Red Hat D eveloper Toolset g d b is not available. (BZ #1186918)
G D B no longer report s spurious SIGT RAP signals on t he 64 -bit ARM
69
7 .3 Release Not es
G D B now generat es smaller core files and respect s core-dump filt ering
The g co re command, which provides G D B with its own core-dumping functionality, has been
updated to more closely simulate the function of the Linux kernel core-dumping code, thus
generating smaller core-dump files. G D B now also respects the /pro c/P ID /co red ump_fi l ter file,
which controls what memory segments are written to core-dump files. (BZ #1265351)
T he o prepo rt and o panno te ut ilit ies now properly analyz e archive dat a.
Previously, when using o parchi ve to store data, the associated samples were not included in the
archive. In addition, the o pro fi l e utilities selected data in the current working o pro fi l e_d ata
directory rather than in the archive. Consequently, the o prepo rt and o panno te utilities were unable
to properly analyze data in an archive generated by o parchi ve. This update provides a fix for
storing the profiling samples in the archive and selecting them for use with archives, and o prepo rt
and o panno te now work as expected. (BZ #1264443)
Event s wit h ident ical numerical unit masks are now handled by t heir names
The 5th-generation Core i3, i5, and i7 Intel processors have some events that have multiple unit
masks with the same numerical value. As a consequence, some events' default unit masks were not
found and selected. This update changes the events to use a name rather than a numerical value for
the default unit mask, thus fixing this bug. (BZ #1272136)
More accurat e P AP I_L1_D C * event on IBM Power7 and IBM Power8 plat forms
Previously, the PAPI event presets for cache events incorrectly computed derived values for various
IBM Power7 and Power8 processors. Consequently, the P AP I_L1_D C R , P AP I_L1_D C W, and
P AP I_L1_D C A event values were incorrect. The preset computations have been fixed and the
mentioned events are now more accurate. (BZ #1263666)
70
Chapt er 2 5. Deskt op
space
Previously, the P o ppl er library tried to access a non-existing object when processing a PD F
without group color space. As a consequence, the P o ppl er library terminated unexpectedly with a
segmentation fault. A patch has been applied to verify if group color space exists. As a result,
P o ppl er no longer crashes, and the pd fto cai ro utility works as expected in the described
situation. (BZ #1299479)
P o ppl er no longer t erminat es unexpect edly during t ext ext ract ion
Previously, a writing after the end of the lines array could cause a memory corruption. As a
consequence, the P o ppl er library could terminate unexpectedly. A patch has been applied and
array is now always relocated when an item is added. As a result, P o ppl er no longer crashes in the
described situation. (BZ #1299481)
pd fi nfo no longer t erminat es unexpect edly due t o assert ing broken
71
7 .3 Release Not es
po ppl er_fo rm_fi el d _g et_acti o n to pass P o ppl erD o cument instead of NULL. As a result,
Evi nce no longer crashes in the described situation. (BZ #1299503)
Virt ual machines st art ed by GNOME Boxes are no longer accessible t o every
user
Previously, virtual machines started by GNOME Boxes were listening on a local TCP socket. As a
consequence, any user could connect to any virtual machine started by another user. A patch has
been applied and GNOME Boxes no longer opens such sockets by default. As a result the virtual
machines are now accessible through SPICE only to the user who owns the virtual machine.
(BZ #1043950)
FreeR D P now recogniz es wildcard cert ificat es
Previously, wildcard certificates support was not implemented in FreeRD P. As a consequence,
wildcard certificates were not recognized by FreeR D P , and the following warning was displayed
when connecting:
WARNING: CERTIFICATE NAME MISMATCH!
Missing functionality has been backported from upstream and code for comparing host names was
improved. As a result, the mentioned prompt is no longer shown if a valid wildcard certificate is used.
(BZ #1275241)
72
Simple paged result s search slot s are now correct ly released aft er a failure
Previously, if a simple paged results search failed in the back end, the simple paged results slot was
not released. Consequently, multiple simple paged results slots could be accumulated in a
connection object. With this update, the simple paged results slot is released correctly when a search
fails, and unused simple paged results slots are no longer left in a connection object. (BZ #1290242)
Delet ing and adding t he same LDAP at t ribut e now correct ly updat es t he
equalit y index
Previously, when several values of the same LD AP attribute were deleted using the l d apmo d i fy
command, and at least one of them was added again during the same operation, the equality index
was not updated. As a consequence, an exact search for the re-added attribute value did not return
that entry. The logic of the index code has been modified to update the index if at least one of the
values in the entry changes, and the exact search for the re-added attribute value now returns the
correct entry. (BZ #1290600)
73
7 .3 Release Not es
An exclusive connection lock was previously added as part of a bug fix related to abandon requests
in simple paged results searches. However, in specific circumstances, this new lock causes a selfdeadlock. This update makes the lock reentrant, and self-deadlocks no longer occur during simple
paged results searches. (BZ #1295947)
Simple paged result s searches no longer ret urn 0 inst ead of t he act ual
result s
Previously, when a simple paged results slot in a connection was discarded due to an error such as
SIZELIMIT _EXC EED ED , the discarded slot was not cleaned up properly. Subsequent searches
which reused this slot then always returned 0 . With this update, discarded simple paged results slots
are cleaned up correctly, and searches return correct results even with reused slots. (BZ #1331343)
Failed replicat ion updat es are now ret ried correct ly in t he next session
If a replica update failed on the consumer side and was followed by another update that succeeded,
the consumer's replication status was updated by the successful update, which caused the
consumer to seem as if it was up to date. Consequently, the failed update was never retried, leading
to data loss. With this update, a replication failure closes the connection and stops the replication
session. This prevents further updates from changing the consumer's replication status, and allows
the supplier to retry the failed operation in the next session, avoiding data loss. (BZ #1310848)
Passwords reset by administ rat ors are now st ored in password hist ory
When a user password was reset by an administrator, the old password was previously not stored in
the user's password history. This allowed the user to reuse the same password after the reset. With
74
this update, passwords reset manually by administrators are stored in password history, and the
user must use a different password. (BZ #1332709)
Running d b2i nd ex wit h no opt ions no longer causes replicat ion failures
When running the d b2i nd ex script with no options, the script failed to handle on-disk Replica
Update Vector (RUV) entries because these entries have no parent entries. The existing RUV was
skipped and a new one was generated instead, which subsequently caused the next replication to
fail due to an ID mismatch. This update fixes handling of RUV entries in d b2i nd ex, and running this
script without specifying any options no longer causes replication failures. (BZ #1340307)
75
7 .3 Release Not es
76
Real-t ime syst ems wit h many CPUs no longer have large lat encies due t o runqueue lock cont ent ion
Previously, on real-time systems, multiple CPUs tried to take an rq lock, which resulted in lock
contention and a latency. The latency was multiplied by the number of CPUs, which caused the
systems with many CPUs to have large latencies. With this update, systems with more than 32 cores
use the \" push\" approach rather than \" pull\" , which prevents long lists of CPUs in critical areas. As
a result, real-time systems with many CPUs no longer have large latencies due to run-queue lock
contention. (BZ #1209987)
T he kernel no longer crashes when enabling mult i-queue support wit h NVM
Express device driver
Previously, there was a bug in the core block device code that could lead to the kernel terminating
unexpectedly when enabling multi-queue support on the Nonvolatile Memory (NVM) Express
(*nvme*) device driver. Though that issue was observed with the nvme driver, other block devices
could also be affected, which could also cause the kernel to crash. With this update, this bug has
been fixed, and the kernel works as expected. (BZ #1303255)
77
7 .3 Release Not es
Previously, in the Fibre Channel over Ethernet (FCoE) code in the real-time kernel, the
g et_cpu_l i g ht/put_cpu_l i g ht function had an imbalance in pairing. Consequently,
preemption was disabled, and BUG : sched ul i ng whi l e ato mi c happened in the FCoE code.
With this update, the g et_cpu_l i g ht/put_cpu_l i g ht function has been fixed, and the bug no
longer occurs. (BZ #1258295)
78
The genwqe device driver was previously using the G FP _AT O MIC flag for allocating consecutive
memory pages from the kernel's atomic memory pool - even in non-atomic situations. This could lead
to allocation failures during memory pressure. With this update, the genwqe driver's memory
allocations use the G FP _KER NEL flag, and the driver can allocate memory even during memory
pressure situations. (BZ #1270244)
79
7 .3 Release Not es
Inst allat ions can now be performed on disks cont aining invalid or
unsupport ed part it ion t ables.
Previously, when attempting to install Red Hat Enterprise Linux 7 on a disk with a corrupt or
unsupported partition table, the installation failed, most commonly when attempting to write to the
disk. Support for the removal of invalid and unsupported partition tables has been added, and
installations can now be performed on disks with such partition tables. (BZ #1266199)
Mult iple i nst. d d opt ions are now support ed t o load driver disks
The job for loading driver disks based on the i nst. d d option was scheduled with a unique option.
When multiple i nst. d d sources were specified as boot options, only the last one was actually
loaded and applied. This update ensures the job is no longer called as unique. As a result, multiple
i nst. d d boot options can now be specified to provide drivers via multiple driver update images
from different sources. (BZ #1268792)
Help for t he subscript ion manager screen during inst allat ion
The installer's built-in help system now includes information regarding the subscription manager
screen. (BZ #1260071)
HyperPAV aliases used during inst allat ion are now available on t he inst alled
syst em
Previously, HyperPAV aliases activated during installation were not correctly configured on the
installed system. HyperPAV handling has now been improved, and any HyperPAV aliases used
during installation are now automatically configured on the installed system. (BZ #1031589)
80
St at ic rout es configured during inst allat ion are now aut omat ically
configured on t he inst alled syst em
Previously, static route configuration files were not copied from the installation environment to the
installed system. Consequently, static route configuration during installation was lost after the
installation finished. These files are now copied, and static routes configured during installation are
automatically configured on the installed system. (BZ #1255801)
G R UB2 is now correct ly configured when upgrading t he kernel and redhat-
release-*
Previously, if a redhat-release-* package and a kernel package were present in the same Y um
transaction, the G R UB2 boot loader was reconfigured incorrectly. As a consequence, G R UB2 failed to
boot the newly installed kernel. With this upate, G R UB2 is now correctly reconfigured and can boot
the new kernel in this situation. (BZ #1289314)
Kickst art files valid for Red Hat Ent erprise Linux 6 are now correct ly
recogniz ed by ksval i d ato r
Previously, when using the ksval i d ato r utility to validate a Kickstart file made for Red Hat
Enterprise Linux 6 that uses the l o g vo l command with the --reserved -percent option,
ksval i d ato r incorrectly stated that --reserved -percent is not a valid option. This bug has
been fixed. (BZ #1290244)
Anaco nd a no longer crashes when adding iSCSI devices
Previously, the Anaco nd a installer terminated unexpectedly when attempting to add certain iSCSI
devices using the Ad d a d i sk button in the Sto rag e screen. This bug has now been fixed.
(BZ #1255280)
81
7 .3 Release Not es
The anaconda-user-help package was not upgraded correctly when upgrading from Red Hat
Enterprise Linux 7.1. This has been fixed and the package is now upgraded correctly. (BZ #1275285)
82
Chapt er 30 . Kernel
Change of t he Red Hat Hardware Cert ificat ion t est s t o avoid syst em hang
caused by Oprofile
Previously, when Oprofile was run on an HP server with 480 CPUs, repeated CPU stalls or soft
lockups occurred. Several unknown Non-Maskable Interrupts (NMI) were hitting multiple processors
that triggered the hpwd t driver to handle them and call the panic. One of the CPU calling panic could
initiate a crashkernel boot and successful dump, but more often the first kernel activity continued on
the same console as the crashkernel boot. Consequently, the crashkernel boot hung, or the panic
did not initiate a crashkernel boot thus blocking the Red Hat Hardware Certification tests. With this
update, the hardware certification tests have been fixed, so they now pass on the mentioned
hardware as expected. (BZ #1138935)
Removal of a race condit ion causing a deadlock when a new CPU was
at t ached
Previously, when a new CPU was attached, a race condition between the CPU hotplug and the
stop_two_cpus() function could occur causing a deadlock if that migration thread on the new CPU
was already marked as acti ve but not enabl ed . A set of patches has been applied which removes
this race condition. As a result, systems with attached new CPUs now run as intended. (BZ #1252281)
Updat e of t he kernel wit h hugepage migrat ion pat ches from t he upst ream
Previously, several types of bugs including the kernel panic could occur with the hugepage
migration. A set of patches from the upstream has been backported which fix these bugs. The
updated kernel is now more stable and hugepage migration is automatically disabled in
architectures other than AMD 64 and Intel 64. (BZ #1287322)
83
7 .3 Release Not es
New microcode added int o init ramfs images for all inst alled kernels
Previously, when the microcode_ctl package was installed, the postinstall scriptlet rebuilt the initramfs
file only for the running kernel and not for any other installed kernels. Consequently, when the build
completed, there was an initramfs file for a kernel that was not even installed. The provided fix adds
new microcode into initramfs images for all installed kernels. As a result, the superfluous initramfs file
is no longer generated. (BZ #1292158)
ksc now ret urns an error inst ead of crashing when running wit hout
mandat ory argument s
Previously, the ksc tool terminated unexpectedly when running without the mandatory arguments.
With this update, ksc returns an error message and exits gracefully in the described situation.
(BZ #1272348)
84
85
7 .3 Release Not es
86
T omcat can now use shell expansion in configurat ion files wit hin t he new
co nf. d direct ory
Previously, the /etc/sysco nfi g /to mcat and /etc/to mcat/to mcat. co nf files were loaded
without shell expansion, causing the application to terminate unexpectedly. This update provides a
mechanism for using shell expansion in the Tomcat configuration files by adding a new
configuration directory, /etc/to mcat/co nf. d . Any files placed in the new directory may now
include shell variables. (BZ #1221896)
T imer migrat ion for realt ime T uned profile has been disabled
87
7 .3 Release Not es
Previously, the realtime Tuned profile that is included in the tuned-profiles-realtime package set the
value of the kernel . ti mer_mi g rati o n variable to 1. As a consequence, realtime applications
could be negatively affected. This update disables the timer migration in the realtime profile.
(BZ #1323283)
rcu-no cbs no longer missing from kernel boot paramet ers
Previously the rcu_no cbs kernel parameter was not set in the real ti me-vi rtual -ho st and
real ti me-vi rtual -g uest tuned profiles. With this update, rcu-no cbs is set as expected.
(BZ #1334479)
T he global limit on how much t ime realt ime scheduling may use has been
removed in realt ime T uned profile
Prior to this update, the Tuned utility configuration for the kernel . sched _rt_runti me_us sysctl
variable in the realtime profile included in the tuned-profiles-realtime package was incorrect. As a
consequence, creating a virtual machine instance caused an error due to incompatible scheduling
time. Now, the value of kernel . sched _rt_runti me_us is set to -1 (no limit), and the described
problem no longer occurs. (BZ #1346715)
88
correct ly
Previously, the Fo rce R eset menu entry was translated incorrectly in the Japanese locale Virtual
Machine Manager. In this update the Fo rce R eset menu entry is translated correctly.
(BZ #1282276)
Dat a layout of VMDK images wit h st reamOpt imiz ed sub-format was incorrect
Previously, the data layout of a Virtual Machine D isk (VMD K) image with a streamOptimized subformat created by the qemu-img tool was incorrect. This prevented the VMD K image from being
bootable when imported to ESX servers. In this update, the image is converted to a valid VMD K
streamOptimized image. This results in the VMD K image being bootable. (BZ #1299250)
bl o ckco py wit h --pi vo t opt ion no longer fails
Previously, bl o ckco py always failed when the --pi vo t option was specified. With this release, the
libvirt package was updated to prevent this issue. bl o ckco py can now be used with the --pi vo t
option. (BZ #1197592)
89
7 .3 Release Not es
Windows guest virt ual machine informat ion removed from document at ion
In this update, all references to Windows guest virtual machines have been removed from the
documentation. The information was moved to the following knowledgebase article:
https://access.redhat.com/articles/2470791 (BZ #1262007)
90
91
7 .3 Release Not es
92
93
7 .3 Release Not es
This update adds responder secrets as a Technology Preview to the System Security Services
D aemon (SSSD ). This responder allows an application to communicate with SSSD over a UNIX
socket using the Custodia API. This enables SSSD to store secrets in its local database or to forward
them to a remote Custodia server. (BZ #1311056)
94
95
7 .3 Release Not es
96
OverlayFS
OverlayFS is a type of union file system. It allows the user to overlay one file system on top of
another. Changes are recorded in the upper file system, while the lower file system remains
unmodified. This allows multiple users to share a file-system image, such as a container or a D VD ROM, where the base image is on read-only media. Refer to the kernel file
D ocumentation/filesystems/overlayfs.txt for additional information.
OverlayFS remains a Technology Preview in Red Hat Enterprise Linux 7.3 under most circumstances.
As such, the kernel will log warnings when this technology is activated.
Full support is available for OverlayFS when used with D ocker under the following restrictions:
OverlayFS is only supported for use as a D ocker graph driver. Its use can only be supported for
container COW content, not for persistent storage. Any persistent storage must be placed on nonOverlayFS volumes to be supported. Only default D ocker configuration can be used; that is, one
level of overlay, one lowerdir, and both lower and upper levels are on the same file system.
Only XFS is currently supported for use as a lower layer file system.
97
7 .3 Release Not es
SELinux must be enabled and in enforcing mode on the physical machine, but must be disabled
in the container when performing container separation; that is, /etc/sysconfig/docker must not
contain --selinux-enabled. SELinux support for OverlayFS is being worked on upstream, and is
expected in a future release.
The OverlayFS kernel ABI and userspace behavior are not considered stable, and may see
changes in future updates.
In order to make the yum and rpm utilities work properly inside the container, the user should be
using the yum-plugin-ovl packages.
Note that OverlayFS provides a restricted set of the POSIX standards. Test your application
thoroughly before deploying it with OverlayFS.
Note that XFS file systems must be created with the -n ftype= 1 option enabled for use as an
overlay. With the rootfs and any file systems created during system installation, set the -mkfso pti o ns= -n ftype= 1 parameters in the Anaconda kickstart. When creating a new file system
after the installation, run the # mkfs -t xfs -n ftype= 1 /P AT H/T O /D EVIC E command. To
determine whether an existing file system is eligible for use as an overlay, run the # xfs_i nfo
/P AT H/T O /D EVIC E | g rep ftype command to see if the ftype= 1 option is enabled.
There are also several known issues associated with OverlayFS as of Red Hat Enterprise Linux 7.3
release. For details, see 'Non-standard behavior' in the D ocumentation/filesystems/overlayfs.txt file.
(BZ #1206277)
98
99
7 .3 Release Not es
100
Chapt er 4 2 . Kernel
User namespace
This feature provides additional security to servers running Linux containers by providing better
isolation between the host and the containers. Administrators of a container are no longer able to
perform administrative operations on the host, which increases security. (BZ #1138782)
101
7 .3 Release Not es
102
103
7 .3 Release Not es
104
Chapt er 4 5. St orage
DIF/DIX
D IF/D IX is a new addition to the SCSI Standard. It is fully supported in Red Hat Enterprise Linux 7.2
for the HBAs and storage arrays specified in the Features chapter, but it remains in Technology
Preview for all other HBAs and storage arrays.
D IF/D IX increases the size of the commonly used 512 byte disk block from 512 to 520 bytes, adding
the D ata Integrity Field (D IF). The D IF stores a checksum value for the data block that is calculated
by the Host Bus Adapter (HBA) when a write occurs. The storage device then confirms the checksum
on receipt, and stores both the data and the checksum. Conversely, when a read occurs, the
checksum can be verified by the storage device, and by the receiving HBA. (BZ #1072107)
105
7 .3 Release Not es
Driver added for devices t hat connect over a PCI Express bus in guest virt ual
machine under Hyper-V
In this update, a new driver was added that exposes a root PCI bus when a devices that connects
over a PCI Express bus is passed through to a Red Hat Enterprise Linux guest virtual machine
running on the Hyper-V hypervisor. The feature is currently supported with Microsoft Windows Server
2016 Technical Preview 5. (BZ #1302147)
106
107
7 .3 Release Not es
Ne t wo rk Drive rs
ath10k_core
ath10k_pci
bnxt_en
brcmfmac
brcmsmac
brcmutil
btbcm
btcoexist
btintel
btrtl
c_can
c_can_pci
c_can_platform
can-dev
cc770
cc770_platform
ems_pci
ems_usb
esd_usb2
fjes
108
geneve
hfi1
i40iw
iwl3945
iwl4965
iwldvm
iwlegacy
iwlmvm
iwlwifi
kvaser_pci
kvaser_usb
macsec
mwifiex
mwifiex_pcie
mwifiex_sdio
mwifiex_usb
mwl8k
peak_pci
peak_usb
plx_pci
qed
qede
rdmavt
rt2800lib
rt2800mmio
rt2800pci
rt2800usb
rt2x00lib
rt2x00mmio
rt2x00pci
rt2x00usb
rt61pci
109
7 .3 Release Not es
rt73usb
rtl_pci
rtl_usb
rtl8187
rtl8188ee
rtl8192c-common
rtl8192ce
rtl8192cu
rtl8192de
rtl8192ee
rtl8192se
rtl8723-common
rtl8723ae
rtl8723be
rtl8821ae
rtlwifi
sja1000
sja1000_platform
slcan
softing
uas
usb_8dev
vcan
110
leds-lt3593
ledtrig-gpio
nfit
pci-hyperv
pwm-lpss
qat_c3xxx
qat_c3xxxvf
qat_c62x
qat_c62xvf
qat_dh895xccvf
rotary_encoder
rtsx_usb
rtsx_usb_sdmmc
sht15
tpm_st33zp24
tpm_st33zp24_i2c
virt-dma
virtio-gpu
zram
111
7 .3 Release Not es
Ne t wo rk Drive r Updat e s
The bpa10x driver has been updated to version 0.11.
The btbcm driver has been updated to version 0.1.
The btintel driver has been updated to version 0.1.
The btrtl driver has been updated to version 0.1.
The btusb driver has been updated to version 0.8.
The hci_uart driver has been updated to version 2.3.
The hci_vhci driver has been updated to version 1.5.
The hfi1 driver has been updated to version 0.9-294.
The i40iw driver has been updated to version 0.5.123.
112
113
7 .3 Release Not es
114
115
7 .3 Release Not es
116
117
7 .3 Release Not es
118
119
7 .3 Release Not es
Securit y warning when using i pa-kra-i nstal l , i pa-ca-i nstal l , or i pa-repl i cai nstal l
When using the i pa-kra-i nstal l , i pa-ca-i nstal l , and i pa-repl i ca-i nstal l commands
to install an additional key recovery authority (KRA) component, certificate authority, or replica, the
following warning appears:
SecurityWarning: Certificate has no `subjectAltName`,
falling back to check for a `commonName` for now.
This feature is being removed by major browsers and deprecated by RFC
2818.
The error occurs due to RFC 2818, which deprecates the practice of carrying the subject host name
in the subject D N common name (CN) field. However, the commands succeed. Therefore, you can
ignore the warning message. (BZ #1358457)
T he IdM web UI displays all cert ificat es on one page in t he Cert ificat es t able
The Certificates table, available under the Authentication tab in the Identity Management (IdM) web
UI, ignores the page size limit of 20 entries. When more than 20 certificates are available, the table
displays all the certificates on one page, instead of only displaying 20 certificates per page.
(BZ #1358836)
120
To work around this problem, make sure a home directory is configured for the user, for example by
installing the Identity Management (IdM) client with the --mkho med i r option, which ensures that a
home directory is created for every user at first login. (BZ #1364113)
T hird-part y cert ificat e t rust flags are reset aft er inst alling an ext ernal CA
int o IdM
121
7 .3 Release Not es
The i pa-ca-i nstal l --external -ca command, used to install an external certificate authority
(CA) into an existing Identity Management (IdM) domain, generates a certificate signing request
(CSR) that the user must submit to the external CA.
When using a previously installed third-party certificate to sign the CSR, the third-party certificate
trust flags in the NSS database are reset. Consequently, the certificate is no longer marked as
trusted. In addition, checks performed by the mod_nss module fail, and the httpd.service fails to start.
The CA installation fails with the following message in this situation:
CA failed to start after 300 seconds
As a workaround, after this message appears, reset the third-party certificate flags to their previous
state and restart httpd.service. For example, if the ca1 certificate previously had the C ,, trust flags:
# certutil -d /etc/httpd/alias -n 'ca1' -M -t C,,
# systemctl restart httpd.service
This restores the system to the correct state. (BZ #1318616)
T he cert monger service fails t o request cert ificat es from IdM sub-CAs
The certmonger service uses incorrect API calls to request certificates from IdM sub-CAs. As a
consequence, the sub-CA setting is ignored and the certificate is always issued by the IdM root CA.
There is currently no known workaround. (BZ #1367683)
Machines joined t o a realm are not able t o resolve cent rally managed
supplement ary groups
Installing an Identity Management (IdM) server or client does not add the sss option to the
i ni tg ro ups lookup entry in the /etc/nsswi tch. co nf file. As a consequence, looking up
secondary groups for users managed by SSSD does not work as expected. As a work around,
remove or comment out the line starting with i ni tg ro ups in the /etc/nsswi tch. co nf file before
the installation. This ensures that machines joined to the realm resolve centrally managed
supplementary groups as expected. (BZ #1366569)
SSSD default configurat ion fails t o int egrat e wit h ot her services
The System Security Services D aemon's (SSSD ) /usr/l i b6 4 /sssd /co nf/sssd . co nf default
configuration file uses a auto-configured domain to proxy all requests to the /etc/passwd and
/etc/g ro ups files. On systems having SELinux disabled or running in permi ssi ve mode, SSSD
copies the default configuration to /etc/sssd /sssd . co nf if this file does not exist when the
daemon is being started. However, the proxy configuration fails to integrate with tools like real md or
i pa-cl i ent-i nstal l . To work around this problem, modify the /etc/sssd /sssd . co nf file and
remove:
shad o wuti l s from the d o mai ns parameter
122
T he old realmd version is st art ed when updat ing realmd while it is running
The real md daemon starts only when requested, then performs a given action, and after some time it
times out. When real md is updated while it is still running, the old version of real md starts upon a
next request because real md is not restarted after the update. To work around this problem, make
sure that reaml d is not running before updating it. (BZ #1274368)
123
7 .3 Release Not es
Previously, the System Security Services D aemon (SSSD ) implemented incorrect default values for
autofs mappings when using the R FC 230 7 LD AP schema. A patch has been applied, which fixed the
defaults to match the schema. However, users connecting to LD AP servers that contain mappings
with the schema SSSD previously used, are not able to load the autofs attributes. Affected users see
the following error reported in the /var/l o g /messag es log file:
Your configuration uses the autofs provider with schema set to rfc2307
and default attribute mappings. The default map has changed in this
release, please make sure the configuration matches the server
attributes.
To work around this problem, modify the /etc/sssd /sssd . co nf file and set your domain to use
the existing attribute mappings:
[domain/EXAMPLE]
...
ldap_autofs_map_object_class
ldap_autofs_map_name
ldap_autofs_entry_object_class
ldap_autofs_entry_key
ldap_autofs_entry_value
=
=
=
=
=
automountMap
ou
automount
cn
automountInformation
As a result, SSSD is able to load autofs mappings from the attributes. (BZ #1372814)
124
125
7 .3 Release Not es
126
127
7 .3 Release Not es
128
T he Ini ti al Setup ut ilit y's t ext -based int erface st art s correct ly on IBM
Syst em z
An update to the Ini ti al Setup utility introduced a bug which prevented its text-based interface
from starting on IBM System z. This bug has been fixed. (BZ #1366776)
Format t ing DASDs works correct ly during a t ext -based inst allat ion
Previously, a bug prevented D ASD s from being correctly formatted during a text-based installaton.
As a consequence, D ASD s that were unformatted or incorrectly formatted had to be manually
formatted before use. This bug has been fixed, and the installer can now format D ASD s when
performing a text-based installation. (BZ #1259437)
Insufficient /bo o t part it ion siz e may prevent t he syst em from upgrading
The /bo o t partition, which contains installed kernels and initial ram disks, may become full if
multiple kernels and additional packages such as kernel-debug are installed. This is caused by the
default size of this partition being set to 500 MB during installation, and prevents the system from
being upgraded.
As a workaround, use yum to remove older kernels if you do not need them.
This known issue only affects installation made with Red Hat Enterprise Linux 7.2 and earlier. In Red
Hat Enterprise Linux 7.3, the default size of the /bo o t partition is increased to 1 GB, which avoids
this problem in future upgrades. (BZ #1270883)
129
7 .3 Release Not es
Hard lock-up of t he screen can occur on lapt ops using int egrat ed graphics
in t he 6t h Generat ion Int el Core processors
Situations causing this bug include:
moving the cursor between the edges of the monitor
moving the cursor between multiple monitors
changing any aspect of the monitor configuration
docking or undocking the machine
plugging or unplugging a monitor (BZ #1341633)
Mult iple problems somet imes occur on syst ems wit h persist ent memory
130
Chapt er 57 . Kernel
The following problems can occur during boot on systems with persistent memory, either real NonVolatile D ual In-line Memory Modules (NVD IMMs) or emulated NVD IMMs using the memmap= X! Y
kernel command-line parameter:
the onlining of persistent memory causes the following messages to be displayed for every block
(128 MB) of pmem devices:
Built 2 zonelists in Zone order, mobility grouping on.
8126731Policy zone: Normal
Total pages:
131
7 .3 Release Not es
132
Chapt er 59 . Securit y
133
7 .3 Release Not es
134
Chapt er 6 1 . St orage
135
7 .3 Release Not es
136
137
7 .3 Release Not es
138
Versio n
Kernel
QLogic q l a2xxx driver
QLogic q l a4 xxx driver
Emulex l pfc driver
iSCSI initiator utils
D M-Multipath
LVM
3.10.0-493
8.07.00.33.07.3-k
5.04.00.00.07.02-k0
0:11.1.0.2
iscsi-initiator-utils-6.2.0.873-34
device-mapper-multipath-0.4.9-96
lvm2-2.02.163-1
139
7 .3 Release Not es
Len ka p ako v
R evisio n 0.0- 7
T u e Sep 13 2016
Various additions and updates.
Len ka p ako v
R evisio n 0.0- 6
Mo n Sep 12 2016
Various additions and updates.
Len ka p ako v
R evisio n 0.0- 5
Fri Sep 09 2016
Various additions and updates.
Len ka p ako v
R evisio n 0.0- 4
Wed Au g 31 2016
Various additions and updates.
Len ka p ako v
R evisio n 0.0- 3
T h u Au g 25 2016
Len ka p ako v
Release of the Red Hat Enterprise Linux 7.3 Beta Release Notes.
14 0