RHEL 7.7 has Come with Kernel Live Patching

Red Hat has released latest version of RHEL 7.x for the customers that who wants to to keep servies o RHEL 7.x and has no migration plan to RHEL 8.x.

New Features and Major Enhancements

RHEL 7.7 has come with new features and lot of enhancements and bug fixes. Let’s review important new features which has been added to this new release.

Authentication and Interoperability

SSSD now fully supports sudo rules stored in AD

The System Security Services Daemon (SSSD) now fully supports sudo rules stored in Active Directory (AD). This feature was first introduced in Red Hat Enterprise Linux 7.0 as a Technology Preview. Note that the administrator must update the AD schema to support sudo rules.

Clustering

With this release, Red Hat supports cluster deployments of up to 32 full cluster nodes.

Kernel

Live patching for the kernel is now available

Live patching for the kernel, kpatch, provides a mechanism to patch a running kernel without rebooting or restarting any processes. Live kernel patches will be provided for selected minor release streams of RHEL covered under the Extended Update Support (EUS) policy to remediate Critical and Important CVEs.

Servers and Services

chrony rebased to version 3.4

The chrony packages have been upgraded to upstream version 3.4, which provides a number of bug fixes and enhancements over the previous version, notably:

  • The support for hardware time stamping has received improvements.
  • The range of supported polling intervals has been extended.
  • Burst and filter options have been added to NTP sources.
  • A pid file has been moved to prevent the chronyd -q command from breaking the system service.
  • An compatibility with NTPv1 clients has been fixed.

Storage

Support for Data Integrity Field/Data Integrity Extension (DIF/DIX)

DIF/DIX is supported on configurations where the hardware vendor has qualified it and provides full support for the particular host bus adapter (HBA) and storage array configuration on RHEL.

DIF/DIX is not supported on the following configurations:

  • It is not supported for use on the boot device.
  • It is not supported on virtualized guests.
  • Red Hat does not support using the Automatic Storage Management library (ASMLib) when DIF/DIX is enabled.

DIF/DIX is enabled or disabled at the storage device, which involves various layers up to (and including) the application. The method for activating the DIF on storage devices is device-dependent.

System and Subscription Management

The web console rebased to version 195

The web console, provided by the cockpit packages, has been upgraded to version 195, which provides a number of new features and bug fixes.

The cockpit packages distributed in the Base channel of RHEL 7 include the following features:

  • You can now open individual ports for services in the firewall.
  • The firewall page now enables adding and removing firewall zones and adding services to a specific zone.
  • Cockpit can now help you with enabling certain security vulnerability mitigations, starting with the disabling SMT (Simultaneous Multi-Threading) option.

Read more about this release on:

RHEL 7.7 Release Notes

Further Reading

How to Configure VNC Server in Red Hat Enterprise Linux 6.x/7.x

[Review]: OpenFabrics Enterprise Distribution (OFED)

Red Hat Access Labs – Review

Linux KickStart – Automated Installation

Davoud Teimouri

Davoud Teimouri is as a professional blogger, vExpert 2015/2016/2017/2018/2019, VCA, MCITP. This blog is started with simple posts and now, it has large following readers.

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to our newsletter and join other subscribers

Holler Box