Copyright © 2019, Oracle and/or its affiliates. All rights reserved. Legal Notices
Copyright © 2019, Oracle and/or its affiliates. All rights reserved.
This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited.
The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing.
If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, then the following notice is applicable:
U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs. No other rights are granted to the U.S. Government.
This software or hardware is developed for general use in a variety of information management applications. It is not developed or intended for use in any inherently dangerous applications, including applications that may create a risk of personal injury. If you use this software or hardware in dangerous applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to ensure its safe use. Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of this software or hardware in dangerous applications.
Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.
Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. AMD, Opteron, the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks of Advanced Micro Devices. UNIX is a registered trademark of The Open Group.
This software or hardware and documentation may provide access to or information about content, products, and services from third parties. Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to third-party content, products, and services unless otherwise set forth in an applicable agreement between you and Oracle. Oracle Corporation and its affiliates will not be responsible for any loss, costs, or damages incurred due to your access to or use of third-party content, products, or services, except as set forth in an applicable agreement between you and Oracle.
F21672-02
November 2019
Table of Contents
Oracle ® Linux 8: Release Notes for Oracle Linux 8 Update 1 provides a summary of the new features and known issues in the Oracle Linux 8 Update 1 release. This document may be updated after it is released.
Document generated on: 2019-11-07 (revision: 8804)
These release notes contain information that applies to both
the
x86_64
and 64-bit Arm (aarch64)
architectures. See
Chapter 6,
Release-Specific Information for Oracle Linux 8 Update 1 (aarch64)
for information that is specific to the 64-bit Arm platform.
This document is intended for users and administrators of the Oracle Linux 8 Update 1 release. It describes potential issues that you may encounter while using the operating system; and, where appropriate, any corresponding workarounds. Oracle recommends that you read this document before installing Oracle Linux 8 Update 1. It is assumed that readers have a general understanding of the Linux operating system.
The latest version of this document and other documentation for this product are available at:
The following text conventions are used in this document:
|
Convention |
Meaning |
|---|---|
|
boldface |
Boldface type indicates graphical user interface elements associated with an action, or terms defined in text or the glossary. |
|
italic |
Italic type indicates book titles, emphasis, or placeholder variables for which you supply particular values. |
|
|
Monospace type indicates commands within a paragraph, URLs, code in examples, text that appears on the screen, or text that you enter. |
For information about Oracle's commitment to accessibility, visit the Oracle Accessibility Program website at http://www.oracle.com/pls/topic/lookup?ctx=acc&id=docacc .
Oracle customers that have purchased support have access to electronic support through My Oracle Support. For information, visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=info or visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=trs if you are hearing impaired.
The Oracle Linux 8 Update 1 release ships with the
kernel-4.18.0-147.el8
Red Hat Compatible Kernel
(RHCK) kernel package.
The Oracle Linux release is tested as a bundle, as shipped on the installation media image. When installed from the installation media image, the minimum kernel version supported is the one that is included in the image. Downgrading kernel packages is not supported, unless recommended by Oracle Support.
The Oracle Linux 8 Update 1 release is supported on the
x86_64
platform (Intel and AMD).
The 64-bit Arm (aarch64) platform is also available for installation as a developer preview release in Oracle Linux 8 Update 1. See Chapter 6, Release-Specific Information for Oracle Linux 8 Update 1 (aarch64) .
Table of Contents
This chapter describes new features, major enhancements, bug fixes, and other changes that are included in the Oracle Linux 8 Update 1 release. This document is only provided as a preview. It is under development and is subject to substantial change. Consider the included information incomplete and use it with caution.
This document describes the Oracle Linux 8 Update 1 release software and is provided as a preview only. Note that the information in this document is currently under development and is subject to change. As such, some of the features and functionality that are described may not work as expected in the Oracle Linux 8 Update 1 release. Features that may not work as expected include access to the Unbreakable Linux Network (ULN) and use of Oracle Ksplice. Note also that upgrade functionality might not be fully tested in this Beta release.
Oracle Linux 8 Update 1 introduces the following notable features and improvements to installing and booting a system, and creating images:
Ability to disable modules during a kickstart installation. You can now disable a module during a kickstart installation to prevent packages from that module from being installed. Use the following command to disable a module during a kickstart installation:
# module --name=module-name --stream=stream-name--disable
New
repo.git
blueprint section added to
lorax-composer
.
The new
repo.git
blueprint section
enables you to include extra files in your image build.
Note that the files must be hosted in a git repository
that is accessible from the
lorax-composer
build server.
Image builder includes image creation capability for more cloud providers. In Oracle Linux 8 Update 1, Image Builder has been expanded to include other cloud providers for which it can create an image. For example,you can now create and deploy images on Google Cloud and Alibaba Cloud, as well as run the custom instances on these platforms.
The following notable features, enhancements, and changes apply to the Red Hat Compatible Kernel (RHCK) that is shipped with Oracle Linux 8 Update 1.
early kdump
feature included.
The
early kdump
feature enables the
crash kernel and
initramfs
to load
early so that
vmcore
can be captured
early enough to also include information about early
crashes. More details about
early kdump
can be found in the
/usr/share/doc/kexec-tools/early-kdump-howto.txt
file.
ipcmni_extend
kernel command-line parameter added.
The new
ipcmni_extend
kernel
command-line parameter extends a number of unique System V
Inter-process Communication (IPC) identifiers from the
current maximum of 32 KB (15 bits), up to 16 MB (24 bits).
This enhancement enables users with applications that
produce a large amount of shared memory segments to create
a stronger IPC identifier without exceeding the 32 KB
limit.
It should be noted that in some cases, use of the
ipcmni_extend
parameter can result in
minor performance issues. Therefore, only use this parameter
in situations where applications require more than 32 KB of
a unique IPC identifier.
Persistent memory initialization code includes parallel initialization. The inclusion of parallel initialization to the persistent memory initialization code greatly reduces the overall memory initialization time on systems that have large amounts of persistent memory. As a result, these systems boot much faster.
Optane DC memory systems include capability for EDAC reports. With this update, EDAC (Error Detection and Correction) properly reports memory corrected/uncorrected events with the accurate memory module information. Previously, EDAC did not properly report these events if the memory address was within a NVDIMM module.
This update also includes the Memory Mode for Optane DC Persistent Memory technology.
TPM tool updated to version 2.0.
The
tpm2-tools
user-space tool has been
updated to version 2.0. This version of the Trusted
Platform Module (TPM) tool provides fixes for several
defects.
rngd
daemon can run with non-root privileges.
With this update, the
rngd
daemon is
able to run with non-root user privileges. This
enhancement provides improved system security.
UBSan
utility enabled in the debug kernel.
The Undefined Behavior Sanitizer
(
UBSan
) utility has been enabled in the
debug kernel to enable the system to more easily detect
certain types of bugs that previously went undetected; for
example, in the case of compiler optimization, where
subtle, obscure bugs would appear.
bpftrace
language added.
Oracle Linux 8 Update 1 includes the
bpftrace
language,
a high-level tracing language for extended Berkeley Packet
Filter (eBPF) that is used for very specific tracing
tasks. A significant benefit of using
bpftrace
is that you can accomplish the
same outcome with one line in
bpftrace
,
compared to an entire page of code that mixes Python and C
in the BPF Compiler Collection (BCC) library.
kernel-rt
source tree matches latest Oracle Linux tree.
In Oracle Linux 8 Update 1, sources for the
kernel-rt
source
tree have been upgraded to be based on the latest RHCK
kernel source tree. This change provides a number of bug
fixes and enhancements over the previous version.
ssdd
test added for Real Time 8.
This update includes the
ssdd
test for
Real Time 8, which is used for stress testing of the
tracing subsystem. The test runs multiple tracing threads
to verify that locking is correct within the tracing
system.
In Oracle Linux 8 Update 1, the following features, enhancements, and changes for the Cockpit web console are introduced:
Capability for SMT configuration by using the Cockpit web console. Oracle Linux 8 Update 1 includes capability for Simultaneous Multi-Threading (SMT) configuration, which also includes the ability to disable SMT in the Cockpit web console. This added capability enables you to mitigate a class of CPU security vulnerabilities, such as Microarchitectural Data Sampling and L1 Terminal Fault Attack. Note that when SMT is disabled for a system, options for SMT are not displayed in the Cockpit web console. See Oracle ® Linux: Simultaneous Multithreading Notice .
Services page improvements. To improve the user experience in this update, the web console's Services page has been updated to include a search box that enables you to search services by name and description. Other changes include the following: service states have been merged into one list, and the switcher buttons located at the top of the page have been replaced with tabs.
Networking page updated with new firewall settings.
Additional firewall settings have been added to the web
console's Networking page, including capability for the
following: adding and removing zones, adding or removing
services to arbitrary zones, and custom port configuration
for the
firewalld
services.
Improvements to Virtual Machines page. Several improvements have been made to the web console's Virtual Machines page. For example, in this update, you can do the following:
Manage various types of storage pools.
Configure autostart for a virtual machine (VM).
Import existing
qcow
images.
Install VMs by using PXE boot.
Change a VM's memory allocation.
Pause and resume a VM.
Configure cache characteristics.
Change the boot order for a VM.
Oracle Linux 8 Update 1 introduces several feature enhancements and changes for developer and compiler tools.
Oracle Linux 8 Update 1 introduces the GCC Toolset 9, an Application Stream
that is distributed in the form of a Software Collection in
the
appstream_beta
repository. The GCC
Toolset is similar to the Oracle Linux Developer Toolset.
The GCC Toolset 9 contains up-to-date versions of the following developer tools:
GCC version 9.1.1
GDB version 8.3
Valgrind version 3.15.0
SystemTap version 4.1
Dyninst version 10.1.0
binutils
version 2.32
elfutils
version 0.176
dwz
version 0.12
make
version 4.2.1
strace
version 5.1
ltrace
version 0.7.91
Install the toolset as follows:
# dnf install gcc-toolset-9
You can run a tool from GCC Toolset 9 by using the following command:
$ scl enable gcc-toolset-9 tool
Use the following command to run a shell session where tool versions from the GCC Toolset 9 take precedence over system versions of the same tools:
$ scl enable gcc-toolset-9 bash
The following compiler toolsets have been updated. These toolsets are distributed as Application Streams in Oracle Linux 8 Update 1:
Clang and LLVM Toolset upgraded to version 8.0.0. This toolset provides the LLVM compiler infrastructure framework, the Clang compiler for the C and C++ languages, the LLDB debugger, and related tools for code analysis, to version 8.0.0
Rust Toolset upgraded to version 1.35. This toolset
provides the Rust programming language compiler
(
rustc
), the
cargo
build tool and dependency manager, and any required
libraries.
Go Toolset upgraded to version 1.12.6. This toolset
provides the Go (
golang
) programming
language tools and libraries/
The SystemTap instrumentation tool has been updated to upstream version 4.1. This version of SystemTab includes several improvements over the previous version of the tool, including the following notable changes:
The eBPF runtime backend can now handle more features of the scripting language, such as string variables and rich formatted printing.
Translator performance improvements.
More types of data in optimized C code can be extracted by using DWARF4 debuginfo constructs.
In Oracle Linux 8 Update 1, the
elfutils
packages have been
updated to version 0.176. This version of
elfutils
includes numerous bug fixes and
resolves following vulnerabilities:
CVE-2019-7146
CVE-2019-7149
CVE-2019-7150
CVE-2019-7664
CVE-2019-7665
The GNU C Library has been updated in Oracle Linux 8 Update 1 to include
correct Japanese era name formatting for the Reiwa era,
effective May 1st, 2019. Also updated is the time-handling API
data, which includes the data that is used by the
strftime
and
strptime
functions. As a result, all APIs now correctly print the Reiwa
era, including when
strftime
is used with
one of the era conversion specifiers such as
%EC
,
%EY
, or
%Ey
.
Oracle Linux 8 Update 1 introduces the following notable file systems and storage features, enhancements, and changes:
Btrfs file system removed from RHCK. The Btrfs file system is removed from RHCK in Oracle Linux 8. As such, you cannot create or mount Btrfs file systems when using this kernel. Also, any Btrfs user-space packages that are provided are not supported with RHCK.
OCFS2 file system removed from RHCK. The Oracle Cluster File System version 2 (OCFS2) file system is removed from RHCK in Oracle Linux 8. As such, you cannot create or mount OCFS2 file systems when using this kernel. Also, any OCFS2 user-space packages that are provided are not supported with RHCK.
Data Integrity Field/Data Integrity Extension available in Oracle Linux 8 Update 1. The Data Integrity Field/Data Integrity Extension (DIF/DIX) feature is available on configurations where the hardware vendor has qualified the configuration, which includes that host bus adapter (HBA) and storage array configuration. The feature is enabled and disabled on the storage device. The method for activating the DIF on storage devices is device-dependent.
DIF/DIX is not available for use on the boot device or on virtualized guests. Using the Automatic Storage Management library (ASMLib) when DIF/DIX is enabled is also not supported.
VDO Ansible module moved to Ansible packages.
As of this update, the VDO Ansible module is provided by
the
ansible
package and is located in
/usr/lib/python3.6/site-packages/ansible/modules/system/vdo.py
.
Previously, the module was provided by the
vdo
RPM package and was located in
/usr/share/doc/vdo/examples/ansible/vdo.py
.
Note that the
vdo
package continues to
distribute Ansible playbook.
Aero adapters included. The following two Aero adapters are included in Oracle Linux 8 Update 1:
PCI ID
0x1000:0x00e2
and
0x1000:0x00e6
. These adapters are
controlled by the
mpt3sas
driver
PCI ID
0x1000:Ox10e5
and
0x1000:0x10e6
. These adapters are
controlled by the
megaraid_sas
driver.
Previously, these adapters were available as a Technology Preview only.
Oracle Linux 8 Update 1 introduces the following infrastructure services features, enhancements, and changes:
As of this update, the
chrony
packages are
updated to version 3.5. This version of Chrony provides several
bug fixes and enhancements over the previous version.
As of this update, the
tuned
packages are
updated to version 2.12. This version of Tuned provides several
bug fixes and enhancements over the previous version.
Memory Mode for the Intel Optane DC Persistent Memory technology has been added in Oracle Linux 8 Update 1. This technology is transparent to the operating system and does not require any special drivers or specific certification.
Oracle Linux 8 Update 1 introduces the following features, enhancements, and improvements.
As of this update, the kernel can handle Internet Control Message Protocol (ICMP) "Destination Unreachable" and "Redirect Message" errors, as well as ICMPv6 "Packet Too Big" and "Destination Unreachable" messages for Virtual Extensible LAN (VXLAN) and Generic Network Virtualization Encapsulation (GENEVE) tunnels by adjusting the PMTU and modifying forwarding information. As a result, PMTU discovery and route redirection features are now included with VXLAN and GENEVE tunnels.
As of this update, the XDP and the networking eBPF features
that are in the
kernel
package have been
updated to version 5.0. This version provides a number of bug
fixes and enhancements over the previous version, including
improvements to BPF programs for better interaction with the
TCP/IP stack, flow dissection, a wider range of
bpf
helpers, and access to new map types.
XDP changes include the availability of XDP metadata to
AF_XDP sockets
.
Oracle Linux 8 Update 1 introduces the following security features, enhancements, and changes.
Oracle Linux 8 Update 1 introduces the following features, changes, and improvements for SELinux
SELinux user-space tools updated to version 2.9.
The following SELinux user-space tools have been updated
to version 2.9:
libsepol
,
libselinux
,
libsemanage
,
policycoreutils
,
checkpolicy
, and
mcstrans
. This version of the SELinux
user-space tools provide several bug fixes and
enhancements over the previous version.
SETools updated to version 4.2.2. As of this update, the SETools collection of tools and libraries has been updated to version 4.2.2. This version of the tools include several improvements over the previous version, including the removal of source policy references from manual pages (loading of source policies is no longer supported) and a fix for a performance regression in alias loading.
New
bpf
SELinux policy class added.
The new
bpf
SELinux policy class has
been introduced in this update. This class enables you
to control the Berkeley Packet Filter (BPF) flow through
SElinux and also enables the inspection and simple
manipulation of Extended Berkeley Packet Filter (eBPF)
programs and maps that are controlled by SELinux.
New
boltd_t
SELinux type added.
The new
boltd_t
SELinux type confines
the
boltd
system daemon, which is
used to manage Thunderbolt 3 devices. The
boltd
now runs as a confined service
in SELinux enforcing mode.
selinux-policy
packages updated to version 3.14.3.
In this update, the
selinux-policy
package has been updated to version 3.14.3. This version
of the package provides a number of bug fixes and
enhancements to the allow rules over the previous
version.
"SELinux: Class not defined in policy" errors no longer displayed on
system boot.
An issue in Oracle Linux 8 that produced errors similar to the
following in the
/var/log/messages
file when booting a system in either SELinux permissive
mode or enforcing mode has been resolved:
SELinux: Class bpf not defined in policy. SELinux: Class xdp_socket not defined in policy. SELinux: the above unknown classes and permissions will be allowed
Oracle Linux 8 Update 1 introduces the following features, changes, and improvements for OpenScap.
OpenSCAP updated to version 1.3.1.
In Oracle Linux 8 Update 1, the
openscap
packages
have been updated to version 1.3.1. This version of the
packages provides many bug fixes and enhancements over
the previous version.
OpenSCAP includes SCAP version 1.3. Oracle Linux 8 Update 1 includes the OpenSCAP suite, which supports data streams that conform to the latest version of the SCAP standard (SCAP 1.3). You can use SCAP 1.3 data streams the same way that you use SCAP 1.2 data streams, with no additional usability restrictions.
scap-security-guide
packages updated to version
0.1.44.
As of this update, the
scap-security-guide
packages have
been updated to version 0.1.44. This version of the
packages provides several bug fixes and enhancements
over the previous version. Most notably, * SCAP content
conforms to the latest version of SCAP standard, and
SCAP 1.3 * SCAP content supports UBI images.
OpenSSH updated to version 8.0p1.
In Oracle Linux 8 Update 1, the
openssh
packages have
been updated to version 8.0p1. This version of the
package provides several bug fixes and enhancements over
the previous version. Some of the more impactful changes
include the following:
Default RSA key size increased to 3072 bits for the ssh-keygen tool
Support for the
ShowPatchLevel
configuration option has been removed.
Numerous GSSAPI key exchange code fixes applied, including a fix for some Kerberos clean-up tasks.
Fall back to the
sshd_net_t
SELinux
context has been removed.
Match final
blocks added.
Minor issues with the ssh-copy-id command have been fixed.
Fixes for several Common Vulnerabilities and Exposures (CVE) related to the scp utility, namely the following: CVE-2019-6111, CVE-2018-20685, and CVE-2019-6109.
libssh
complies with the system-wide crypto-policies
in Oracle Linux 8 Update 1.
In Oracle Linux 8 Update 1, the
libssh
client and
server now automatically load the
/etc/libssh/libssh_client.config
and
/etc/libssh/libssh_server.config
files, respectively. With the automatic loading of the
configuration file,
libssh
now uses
the system-wide cryptographic settings that are set by
crypto-policies
. This change
simplifies control over the set of used cryptographic
algorithms by applications.
Udica is a tool for generating SELinux policies for
containers. You can use
udica
to create a
tailored security policy, for better control of how a
container accesses host system resources. This capability
enables you to harden container deployments against security
violations, while simplifying and maintaining regulatory
compliance.
The Virtual Machine Manager application ( virt-manager ) is deprecated in Oracle Linux 8 Update 1. Oracle recommends that you use the web console (Cockpit) for managing virtualization in a graphical user interface (GUI). Note that some features in Oracle Linux 8 might only be accessible by using either virt-manager or the command line.
Oracle Linux maintains user-space compatibility with Red Hat Enterprise Linux (RHEL), which is independent of the kernel version that underlies the operating system. To minimize impact on interoperability during releases, the Oracle Linux team works closely with third-party vendors for hardware and software that have dependencies on kernel modules.
Table of Contents
This chapter describes known issues in the Oracle Linux 8 Update 1 release.
This document describes the Oracle Linux 8 Update 1 release software and is provided as a preview only. Note that the information in this document is currently under development and is subject to change. As such, some of the features and functionality that are described may not work as expected in the Oracle Linux 8 Update 1 release. Features that may not work as expected include access to the Unbreakable Linux Network (ULN) and use of Oracle Ksplice. Note also that upgrade functionality might not be fully tested in this Beta release.
The following known installation issues have been reported in Oracle Linux 8 Update 1.
If the installer is booted with the
inst.repo
option set, changing the
installation source to use a CD or DVD device within the
installer results in an error that prevents you from
continuing the installation, unless you set the source back to
the original source set at boot.
If you set the
inst.repo
option to point to
a hard disk and then attempt to change the installation source
inside the installer, the installer displays an error, but you
are still able to proceed with the install.
You can avoid these issues by not setting the
inst.repo
option at boot if you do not
intend to use the installation source provided, or to use the
inst.repo
source that is defined at boot
without attempting to change installation source inside the
installer.
(Bug ID 30316179)
On new installations of Oracle Linux 8, the ULN Registration wizard that provides you with the option to register with ULN and use Oracle Ksplice is not displayed on first boot. This behavior differs from previous Oracle Linux releases, where you were presented with the option to register with ULN and use Ksplice on the first boot after an installation.
For instructions on registering with ULN after an installation, visit https://linux.oracle.com/ .
(Bug ID 29933974)
For this Beta release, the subscription logic on ULN is
limited. No rules are in place to prevent concurrent
subscription to the
ol8_
and the
arch
_u0_baseos_base
ol8_
channels. Equally, there is no logic to automatically
subscribe dependency channels for the Beta release. This can
cause dependency issues or package conflicts if not corrected.
arch
_beta
If you subscribe to the
ol8_
channel, ensure that you remove the subscription to the
arch
_beta
ol8_
channel.
arch
_u0_baseos_base
To avoid missing dependencies when installing packages in the
ol8_
channel, subscribe to the
arch
_appstream_beta
ol8_
and
arch
_beta
ol8_
channels at the same time.
arch
_appstream_beta
To avoid missing dependencies when installing packages in the
codeready_builder_beta
channel, subscribe
to the
ol8_
,
arch
_beta
ol8_
and
arch
_appstream_beta
ol8_
channels at the same time.
arch
_codeready_builder_beta
(Bug ID 30324296)
During an Oracle Linux 8 installation, the following message is
observed in
/var/log/messages:systemd
log:
1]: Failed to insert module 'ip_tables': Operation not permitted
This error can be safely ignored, as the
ip_tables
kernel module subsequently loads
successfully, as shown in the output of the following command:
#grep IPTABLES /boot/config*CONFIG_IP_NF_IPTABLES=m CONFIG_IP6_NF_IPTABLES=m # #modinfo ip_tablesfilename: /lib/modules/4.18.0-32.el8.x86_64/kernel/net/ipv4/netfilter/ip_tables.ko.xz alias: ipt_icmp description: IPv4 packet filter author: Netfilter Core Team <coreteam@netfilter.org> license: GPL rhelversion: 8.0 srcversion: 3967C875058C2EE2475C9C2 depends: retpoline: Y intree: Y name: ip_tables vermagic: 4.18.0-32.el8.x86_64 SMP mod_unload modversions sig_id: PKCS#7 signer: sig_key: sig_hashalgo: md4 signature: 30:82:02:59:06:09:2A:86:48:86:F7:0D:01:07:02:A0:82:02:4A:30: 82:02:46:02:01:01:31:0D:30:0B:06:09:60:86:48:01:65:03:04:02: 01:30:0B:06:09:2A:86:48:86:F7:0D:01:07:01:31:82:02:23:30:82: 02:1F:02:01:01:30:7A:30:62:31:22:30:20:06:03:55:04:0A:0C:19: 4F:72:61:63:6C:65:20:41:6D:65:72:69:63:61:2C:20:49:6E:63:2E: 2C:63:3D:55:53:31:19:30:17:06:03:55:04:03:0C:10:4F:72:61:63: . . .
(Bug ID 29500599)
A successful installation of Oracle Linux 8 on an Oracle VM VirtualBox
guest, where the graphical installer is used and where the
default install of the
Server with GUI
environment is set, requires that your Oracle VM VirtualBox
guest uses the VMSVGA graphics controller and that it is
configured with at least 64MB of memory. Failure to set the
graphics controller correctly can result in an installation
where the graphical display is unable to start correctly.
The VMSVGA graphics controller is the default controller when you create a new guest in Oracle VM VirtualBox 6.0 or later for Linux guest operating systems. This issue is more likely to appear if you attempt to install over an existing guest that was created on an earlier release of Oracle VM VirtualBox. Oracle recommends that you only attempt to install Oracle Linux 8 onto a newly created virtual machine in Oracle VM VirtualBox 6.0, or later.
(Bug ID 30004543)
After installing Oracle Linux 8 Update 1 on a KVM guest by using iPXE and
iSCSI boot, the SCSI Qualified Name (IQN) in the
/etc/iscsi/initiatorname.iscsi
file is not
correct.
Note that this incorrect configuration could impact
kdump
functionality.
The workaround for this issue is to manually modify the
/etc/iscsi/initiatorname.iscsi
file with
the correct IQN after the installation completes.
(Bug ID 29536715)
In this update, the Cockpit web console's Services page has been updated to include a search box that enables you to search services by name, description, and state. This new functionality works as expected for filtering services by Name and Description, but when you attempt to filter services by State, an error indicating there are no matching results is produced.
(Bug ID 30286168)
The Oracle Linux 8 Update 1 installer does not recognize some Serial Attached SCSI (SAS) controllers that are found on older Oracle Sun server models. If you attempt to install Oracle Linux 8 on these server models, the installer does not recognize the local disk and the installation fails. Some examples of these older server models include but are not limited to the following: Oracle Sun Fire X4170 M2 Server, Oracle Sun Fire X4170 M3 Server, Oracle Sun OVCA X3-2 Server, and the Oracle Sun X4-2 Server.
The following SAS controllers have been removed from the
mpt2sas
driver in RHCK:
SAS2004, PCI ID 0x1000:0x0070
SAS2008, PCI ID 0x1000:0x0072
SAS2108_1, PCI ID 0x1000:0x0074
SAS2108_2, PCI ID 0x1000:0x0076
SAS2108_3, PCI ID 0x1000:0x0077
SAS2116_1, PCI ID 0x1000:0x0064
SAS2116_2, PCI ID 0x1000:0x0065
SSS6200, PCI ID 0x1000:0x007E
The following SAS controllers have been removed from the
megaraid_sas
driver in RHCK:
Dell PERC5, PCI ID 0x1028:0x15
SAS1078R, PCI ID 0x1000:0x60
SAS1078DE, PCI ID 0x1000:0x7C
SAS1064R, PCI ID 0x1000:0x411
VERDE_ZCR, PCI ID 0x1000:0x413
SAS1078GEN2, PCI ID 0x1000:0x78
SAS0079GEN2, PCI ID 0x1000:0x79
SAS0073SKINNY, PCI ID 0x1000:0x73
SAS0071SKINNY, PCI ID 0x1000:0x71
(Bug ID 29120478)
Currently, there is no tool for mirroring ULN channels from ULN to a local yum server that is hosted on Oracle Linux 8 Update 1. It is still possible to perform ULN mirroring on Oracle Linux 7, as well as mirror any Oracle Linux 8 Update 1 ULN channels onto a yum server that is hosted on Oracle Linux 7.
If you use the Ksplice offline client, where a ULN mirror is required to service Oracle Linux 8 Update 1 hosts, Oracle recommends that you host the ULN mirror on an Oracle Linux 7 host. See the instructions in Creating and Using a Local ULN Mirror in the Oracle ® Linux: Unbreakable Linux Network User's Guide for Oracle Linux 6 and Oracle Linux 7 . After you configure the system as a yum server, you can subscribe it to any Oracle Linux 8 Update 1 ULN channels that you want to mirror.
For more information about the Ksplice offline client, see the Oracle ® Linux: Ksplice User's Guide .
(Bug ID 30005125)
If you are using the
dnf config-manager
--add-repo
command to add a repository, the command
does not add the GPG key file location configuration for that
repository. The result is a package installation failure; as by
default,
dnf
enables
gpgcheck
, but it requires the GPG key to be
set or imported.
One workaround for this issue is to run the following command to ensure that the GPG key file location is set and imported:
# rpm --import "file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle"
Another workaround is to add/set the GPG key for all of the
individual repository entries under
/etc/yum.repos.d
, for example:
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
(Bug ID 29535274)
The following are known file systems issues that are reported in Oracle Linux 8 Update 1.
An issue with
ext4
in Oracle Linux 8 Update 1 results in
file system corruption if unwritten extents are converted in
IO completion so that they can be merged with siblings and
both the
dioread_nolock
and
quota
options are enabled. This is a
corner-case issue that exists in upstream code. A proposed
patch is currently under review.
(Bug ID 29688421)
If a system that is using
ext4
is
repeatedly or frequently shut down, the file system might
become corrupted. This issue is considered to be a corner-case
due to the difficulty that is required to replicate it. The
issue exists in upstream code and proposed patches are
currently under review.
(Bug ID 27547113)
An issue has been identified with XFS in Oracle Linux 8 Update 1, where many
unlinked
tmp
files are created, which
causes file system corruption and results in the inability to
recover after a system crash. This issue, the cause of which
is currently unknown, has been observed when running a stress
test.
(Bug ID 29682399)
An issue that exists in Oracle Linux 8 Update 1 causes the
xfs_repair
utility to interpret a slash
(
/
) character in an extended attribute name
as file system corruption. The issue exists in upstream code
and a proposed patch is currently under review.
(Bug ID 29680752)
If you run the mkfs utility and set invalid extent hints, the file system is created, but it becomes corrupted and cannot be mounted. The following error is displayed:
[18143.814821] XFS (sdb1): Failed to read root inode 0x80, error 117 mount: /mnt: mount(2) system call failed: Structure needs cleaning.
(Bug ID 29602175)
The following are known kernel issues that are reported in Oracle Linux 8 Update 1.
The following repeated errors might be displayed when KVM guests are booting on AMD 64-bit systems:
[ 12.474069] amd64_edac_mod: Unknown symbol amd_register_ecc_decoder (err 0) [ 12.474083] amd64_edac_mod: Unknown symbol amd_report_gart_errors (err 0) [ 12.852250] amd64_edac_mod: Unknown symbol amd_unregister_ecc_decoder (err 0) [ 12.852297] amd64_edac_mod: Unknown symbol amd_register_ecc_decoder (err 0) . . .
These errors occur because the module code for the kernel
erroneously returns
-EEXIST
for modules
that failed to load and are in the process of being removed
from the module list. The
amd64_edac_mod
module will not be loaded in a VM. These errors can be
ignored, as they do not impact functionality in any way.
(Bug ID 29853602)
A bug in the Oracle Linux 8 Update 1 code causes Retropline support to not be
displayed in the output of the
modinfo
command, even though the
CONFIG_RETPOLINE
flag is set to
Y
, for example:
# modinfo -F retpoline
/usr/lib/modules/4.18.0-80.el8.x86_64/kernel/sound/usb/usx2y/snd-usb-us122l.ko.xz
#
The
CONFIG_RETPOLINE=Y
flag is still
required to add and display Retpoline support. If the
parameter is enabled, the kernel will built with a
retpoline-capable compiler.
(Bug ID 29894295)
In Oracle Linux 8 Update 1, the Kdump service fails to start on systems that
have Secure Boot enabled. This issue has been observed on both
bare metal systems, as well as KVM guests. The following
errors are reported by
syslog
:
Jun 24 03:12:18 vmx209-ps kdumpctl[930]: kexec_file_load failed: Required key not available Jun 24 03:12:18 vmx209-ps kdumpctl[930]: kexec: failed to load kdump kernel Jun 24 03:12:18 vmx209-ps kdumpctl[930]: Starting kdump: [FAILED] Jun 24 03:12:18 vmx209-ps systemd[1]: kdump.service: Failed with result 'exit-code'. Jun 24 03:12:18 vmx209-ps systemd[1]: Failed to start Crash recovery kernel arming.
If you want to use Kdump, the easiest workaround for this issue is to disable Secure Boot.
If you require Secure Boot and wish to continue to use Kdump,
you can consider updating the UEFI key database for your
system. The key database is used as a store for the key
certificates issued by a vendor, so that signed EFI binaries
can be validated when the system is operating in secure mode.
To perform this update you may require physical access to the
system to access the UEFI console and enroll the key there.
You can use the Machine Owner Key (MOK) facility to update the
UEFI Secure Boot key database and import the keys manually.
The certificate keys that are used to sign each kernel are
contained in the
shim
source packages that
are used to verify the keys the kernels use.
Using the MOK utility with your system may depend on server firmware implementation and configuration. Check that your server supports this before attempting to manually update signature keys used for UEFI Secure Boot. If you are unsure, do not follow the instructions provided here.
Adding certificates to the UEFI Secure Boot key database by using the MOK utility requires that you have physical access to the system so that you can complete the enrollment request at the UEFI console. If you do not have physical access to the system, do not follow the instructions that are provided here.
Certificates used to sign each kernel, built by Oracle,
are contained in the
shim
source
package. You can download this package using the
yumdownloader
command available in the
dnf-utils
package:
# dnf install -y dnf-utils # mkdir /tmp/shim # cd /tmp/shim # yumdownloader --source shim
Extract the source package to access the Extended
Validation certificate that is included as a
secureboot.cer
file. Use the
rpm2cpio
command to extract the
package:
# rpm2cpio ./shim*.rpm | cpio -idmv
Use the
mokutil
command to request that
the certificate that you have extracted from the
shim
package is included in the MOK
list:
# mokutil --import ./secureboot.cer
The command prompts you to enter and confirm a password for the MOK enrollment request. You can use any password for this purpose, but you should note the password that you use, as you are prompted for it again when the system reboots.
Reboot the system.
The pending MOK key enrollment request is detected, and you must complete the enrollment from the UEFI console. You are prompted for the password that you set when you imported the certificate. When you have entered the correct password, the certificate is added to the MOK list and is automatically propagated to the system key ring on this boot, as well as subsequent boots.
(Bug ID 29954639)
An issue in Oracle Linux 8 Update 1 causes Kdump to run our of memory if you
attempt to mount
/sysroot
on a Fibre
Channel (FC) disk that uses the Logical Volume Manager (LVM).
This issue is due to a lack of memory when the crashkernel
loads.
To resolve the issue, you can do one of the following:
Override the
crashkernel=auto
boot
option so that more memory is reserved for Kdump. For
example, set the kernel boot parameter to
crashkernel=512M
.
Set the Kdump destination to a network location (NFS or SSH).
(Bug ID 29840266)
The following networking issues might be encountered in Oracle Linux 8 Update 1.
When running the
tracepath6
command in
Oracle Linux 8 Update 1, the command fails to parse the destination IPv6
address correctly. As a result, the tool traces a route to the
wrong host.
The workaround for this issue is to use another tool with
similar capability to
tracepath6
.
(Bug ID 29540588)
The
ip_tables
module fails to insert with
an 'Operation not permitted' error. This issue, which is
currently under investigation, can occur if SELinux is in
enforcing mode. A workaround for this issue is to set SELinux
to permissive mode, which can be done either temporarily by
running
setenforce 0
, or permanently by
editing the
/etc/selinux/config
file and
then rebooting.
(Bug ID 29517166)
Restarting the firewalld service leads to an SSH connection timeout from the terminal on which the service was started, while other SSH terminals remain connected and are fine.
(Bug ID 29478124)
Oracle Linux 8 Update 1 systems fail to read PID from
/var/run/rhnsd.pid
after the Spacewalk daemon
starts.
The following error is reported in the
/var/log/messages
log:
systemd: Failed to read PID from file /var/run/rhnsd.pid: Invalid argument
This error can be safely ignored.
(Bug ID 2953130)
An error indicating that the mcelog service does not support the processor can appear in the system log on systems with AMD processors, such as some Oracle Server hardware. The message might appear as follows:
mcelog: ERROR: AMD Processor family 23: mcelog does not support this processor. Please use the edac_mce_amd module instead.
The
mcelog
daemon is a service that is used
on
x86_64
platforms to log and handle
hardware error messaging but is not required on AMD systems,
where the
edac_mce_amd
kernel module handles
machine exception logging. The error should be downgraded to a
warning. (Bug ID 29501190)
The following are known issues that are reported in Oracle Linux 8 Update 1 for the Podman container management tool.
If you execute podman attach --latest and no containers exist in your environment, a runtime error occurs:
# podman attach --latest
panic: runtime error: index out of range
...
Note that as soon as there are containers in the environment, this error no longer occurs. Running the command when there are no containers is meaningless.
(Bug ID 29882537)
The default keystroke combination that you use to detach a
container (
CTRL+Q
,
CTRL+P
) does not work. This issue can be
observed when creating a container, attaching it by using the
podman attach -l
command, and then
attempting to quit or detach the container by using the
default keystroke combination that is documented in the
podman-detach
manual page.
The workaround for this issue is to open a new terminal window
and then kill the
podman attach
process.
(Bug ID 29882852)
If you attempt to pull an image by running the
podman
pull
image_name
command,
but do not specify the correct or full name of the image, an
authentication error is displayed.
For example, the following error was displayed because
oracle:latest
was specified as the name of
the image instead of
oraclelinux:latest
,
which is the correct name for the image:
$ podman pull oracle:latest
Trying to pull registry.redhat.io/oracle:latest...Failed
Trying to pull quay.io/oracle:latest...Failed
Trying to pull docker.io/oracle:latest...Failed
error pulling image "oracle:latest": unable to pull oracle:latest: 3 errors
occurred:
* Error determining manifest MIME type for
docker://registry.redhat.io/oracle:latest: unable to retrieve auth token:
invalid username/password
* Error determining manifest MIME type for docker://quay.io/oracle:latest:
Error reading manifest latest in quay.io/oracle: error parsing HTTP 404
response body: invalid character '<' looking for beginning of value:
"<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 3.2 Final//EN\">\n<title>404 Not
Found</title>\n<h1>Not Found</h1>\n<p>The requested URL was not found on the
server. If you entered the URL manually please check your spelling and try
again.</p>\n"
* Error determining manifest MIME type for docker://oracle:latest: Error
reading manifest latest in docker.io/library/oracle: errors:
denied: requested access to the resource is denied
unauthorized: authentication required
To prevent this error from occurring, always specify the correct image name with the podman pull command.
(Bug ID 29894231)
Although a non-root user can create a privileged running
container, running the
podman export -o
tar_name
.tar
container_name
command to
export the container as a tar archive fails if it is run by
the same non-root user.
If you have
root
access, the workaround for
this issue is to create the privileged running container as
the
root
user and also export it as the
root
user.
(Bug ID 29890374)
Attempts to search for an image in the Oracle Container Registry by using the podman search command fail with an authorization error, even if you are logged into the registry:
# podman search oraclelinux
ERRO[0001] error getting search results from v2 endpoint
"container-registry.oracle.com", status code 401 (Unauthorized)
...
The issue is related to how Oracle Container Registry handles token requests for access to "/v2/_catalog". The podman search command only requests a token for ping-level access and not for catalog access.
There is currently no workaround for this issue.
(Bug ID 29942671)
You can download a full Oracle Linux 8 Update 1 installation media image from the Oracle Software Delivery Cloud at https://edelivery.oracle.com/ . A smaller boot ISO is also available to perform a network based installation.
You can also install a full Oracle Linux 8 Update 1 media image for the
x86_64
platform on a compute instance on Oracle
Cloud Infrastructure. To access the image, you must first obtain
an Oracle Cloud Infrastructure account. For more information,
visit
https://cloud.oracle.com/infrastructure/compute
.
You can download the ISO for the Oracle Linux 8 release from the Oracle Technology Network at https://www.oracle.com/technetwork/server-storage/linux/downloads/linux-beta-4409163.html .
The latest Oracle Linux 8 Update 1 packages are available on the Unbreakable Linux Network (ULN) and the Oracle Linux yum server.
To obtain the latest Oracle Linux 8 Update 1 packages from ULN and install additional software for Oracle Linux 8, subscribe to the different channels on ULN, log in to https://linux.oracle.com and then view the Channels option.
To install additional software for Oracle Linux 8 Update 1 from the Oracle Linux yum server, enable the required repositories within your yum configuration. To view the Oracle Linux yum repositories that are available for Oracle Linux 8 Update 1, visit https://yum.oracle.com/ .
The Oracle Linux yum server does not provide equivalent repositories for some of the channels that are available on ULN. These channels provide non-open source packages.
Oracle also makes the Oracle Linux 8 Update 1 (aarch64) release for 64-bit Arm (aarch64) platforms available as a developer preview release on Oracle Technology Network at https://www.oracle.com/technetwork/server-storage/linux/downloads/linux-beta-4409163.html .
See Chapter 6, Release-Specific Information for Oracle Linux 8 Update 1 (aarch64) for more information about 64-bit Arm (aarch64) platforms.
Table of Contents
The following information pertains to the 64-bit Arm (aarch64) platform, which is available as a developer preview release only in Oracle Linux 8 Update 1 (aarch64).
System requirements and limitations for the 64bit Arm (aarch64) architecture are currently under review.
You can check whether your hardware is supported on Oracle Linux 8 Update 1 (aarch64) by checking the Hardware Certification List at https://linux.oracle.com/hardware-certifications . Hardware is listed as it becomes available and is validated.
In this release, the Virtual Network Computing (VNC) remote console is available as a Technology Preview on the 64-bit Arm platform. The remaining components of the graphics stack are unverified on this platform.
The following are known issues for the Oracle Linux 8 Update 1 (aarch64) release
only
. See
Chapter 4,
Known Issues
for information about known
issues on the
x86_64
platform.
System hangs might occur during a crash kernel boot on ThunderX2 and X-Gene 3 platforms that are running Oracle Linux 8 Update 1 (aarch64). The issue has been observed at different stages of the boot process. Consequently, Kdump might not work as expected on the ThunderX2 and X-Gene 3 hardware.
(Bug IDs 30339519, 30339571
The following installation and availability information applies specifically to the 64-bit Arm platform for the Oracle Linux 8 Update 1 (aarch64) release.
You can download Oracle Linux 8 Update 1 (aarch64) release for 64-bit Arm (aarch64) platforms as a developer preview installation media image from Oracle Technology Network at https://www.oracle.com/technetwork/server-storage/linux/downloads/linux-beta-4409163.html .
You can download the full Oracle Linux 8 (aarch64) installation media image from the Oracle Software Delivery Cloud at https://edelivery.oracle.com/ .
The latest Oracle Linux 8 Update 1 (aarch64) packages are available from the Unbreakable Linux Network (ULN) and the Oracle Linux yum server. To explore the channels that are available on ULN, log in to https://linux.oracle.com/ and view the Channels option.
You can obtain the latest Oracle Linux 8 (aarch64) packages from the Oracle Linux yum server at https://yum.oracle.com/ .
You can use the Oracle Linux 8 (aarch64) ISO image for a standard installation on
generic 64-bit Armv8 hardware. This ISO image can be loaded from
local media, such as DVD-ROM or USB flash drive, or can be used
to perform a network-based, kickstart installation by using PXE.
If you perform a network-based installation and you want to
access the graphical interface for the installer, you must
change kernel boot parameters to enable VNC by setting the
inst.vnc
boot option, and then set the
network address at boot, to
ip=eth0:dhcp
, for
example.
Table of Contents
The following sections list the changes to binary and source packages from the upstream release.
This section contains information about the removed, modified, and new binary packages in this release. For information about the source package changes, see Section A.2, “Changes to Source Packages” .
The following binary packages have been added to the BaseOS by Oracle:
oraclelinux-release-el8
oraclelinux-release
oracle-backgrounds
oracle-logos
oracle-logos-httpd
oracle-logos-ipa
shim-ia32
shim-x64
The following binary packages from the BaseOS upstream release have been modified:
python3-dnf-plugin-versionlock
sudo
python3-dnf-plugins-core
dnf-plugins-core
autofs
binutils
boom-boot
boom-boot-conf
boom-boot-grub2
bpftool
chrony
dracut
dracut-caps
dracut-config-generic
dracut-config-rescue
dracut-live
dracut-network
dracut-squash
dracut-tools
efibootmgr
efi-rpm-macros
firewalld
fuse
fwupd
fwupdate
glibc
glibc-all-langpacks
glibc-common
glibc-devel
glibc-headers
glibc-langpack-aa
glibc-langpack-af
glibc-langpack-agr
glibc-langpack-ak
glibc-langpack-am
glibc-langpack-an
glibc-langpack-anp
glibc-langpack-ar
glibc-langpack-as
glibc-langpack-ast
glibc-langpack-ayc
glibc-langpack-az
glibc-langpack-be
glibc-langpack-bem
glibc-langpack-ber
glibc-langpack-bg
glibc-langpack-bhb
glibc-langpack-bho
glibc-langpack-bi
glibc-langpack-bn
glibc-langpack-bo
glibc-langpack-br
glibc-langpack-brx
glibc-langpack-bs
glibc-langpack-byn
glibc-langpack-ca
glibc-langpack-ce
glibc-langpack-chr
glibc-langpack-cmn
glibc-langpack-crh
glibc-langpack-cs
glibc-langpack-csb
glibc-langpack-cv
glibc-langpack-cy
glibc-langpack-da
glibc-langpack-de
glibc-langpack-doi
glibc-langpack-dsb
glibc-langpack-dv
glibc-langpack-dz
glibc-langpack-el
glibc-langpack-en
glibc-langpack-eo
glibc-langpack-es
glibc-langpack-et
glibc-langpack-eu
glibc-langpack-fa
glibc-langpack-ff
glibc-langpack-fi
glibc-langpack-fil
glibc-langpack-fo
glibc-langpack-fr
glibc-langpack-fur
glibc-langpack-fy
glibc-langpack-ga
glibc-langpack-gd
glibc-langpack-gez
glibc-langpack-gl
glibc-langpack-gu
glibc-langpack-gv
glibc-langpack-ha
glibc-langpack-hak
glibc-langpack-he
glibc-langpack-hi
glibc-langpack-hif
glibc-langpack-hne
glibc-langpack-hr
glibc-langpack-hsb
glibc-langpack-ht
glibc-langpack-hu
glibc-langpack-hy
glibc-langpack-ia
glibc-langpack-id
glibc-langpack-ig
glibc-langpack-ik
glibc-langpack-is
glibc-langpack-it
glibc-langpack-iu
glibc-langpack-ja
glibc-langpack-ka
glibc-langpack-kab
glibc-langpack-kk
glibc-langpack-kl
glibc-langpack-km
glibc-langpack-kn
glibc-langpack-ko
glibc-langpack-kok
glibc-langpack-ks
glibc-langpack-ku
glibc-langpack-kw
glibc-langpack-ky
glibc-langpack-lb
glibc-langpack-lg
glibc-langpack-li
glibc-langpack-lij
glibc-langpack-ln
glibc-langpack-lo
glibc-langpack-lt
glibc-langpack-lv
glibc-langpack-lzh
glibc-langpack-mag
glibc-langpack-mai
glibc-langpack-mfe
glibc-langpack-mg
glibc-langpack-mhr
glibc-langpack-mi
glibc-langpack-miq
glibc-langpack-mjw
glibc-langpack-mk
glibc-langpack-ml
glibc-langpack-mn
glibc-langpack-mni
glibc-langpack-mr
glibc-langpack-ms
glibc-langpack-mt
glibc-langpack-my
glibc-langpack-nan
glibc-langpack-nb
glibc-langpack-nds
glibc-langpack-ne
glibc-langpack-nhn
glibc-langpack-niu
glibc-langpack-nl
glibc-langpack-nn
glibc-langpack-nr
glibc-langpack-nso
glibc-langpack-oc
glibc-langpack-om
glibc-langpack-or
glibc-langpack-os
glibc-langpack-pa
glibc-langpack-pap
glibc-langpack-pl
glibc-langpack-ps
glibc-langpack-pt
glibc-langpack-quz
glibc-langpack-raj
glibc-langpack-ro
glibc-langpack-ru
glibc-langpack-rw
glibc-langpack-sa
glibc-langpack-sah
glibc-langpack-sat
glibc-langpack-sc
glibc-langpack-sd
glibc-langpack-se
glibc-langpack-sgs
glibc-langpack-shn
glibc-langpack-shs
glibc-langpack-si
glibc-langpack-sid
glibc-langpack-sk
glibc-langpack-sl
glibc-langpack-sm
glibc-langpack-so
glibc-langpack-sq
glibc-langpack-sr
glibc-langpack-ss
glibc-langpack-st
glibc-langpack-sv
glibc-langpack-sw
glibc-langpack-szl
glibc-langpack-ta
glibc-langpack-tcy
glibc-langpack-te
glibc-langpack-tg
glibc-langpack-th
glibc-langpack-the
glibc-langpack-ti
glibc-langpack-tig
glibc-langpack-tk
glibc-langpack-tl
glibc-langpack-tn
glibc-langpack-to
glibc-langpack-tpi
glibc-langpack-tr
glibc-langpack-ts
glibc-langpack-tt
glibc-langpack-ug
glibc-langpack-uk
glibc-langpack-unm
glibc-langpack-ur
glibc-langpack-uz
glibc-langpack-ve
glibc-langpack-vi
glibc-langpack-wa
glibc-langpack-wae
glibc-langpack-wal
glibc-langpack-wo
glibc-langpack-xh
glibc-langpack-yi
glibc-langpack-yo
glibc-langpack-yue
glibc-langpack-yuw
glibc-langpack-zh
glibc-langpack-zu
glibc-locale-source
glibc-minimal-langpack
gpgme
grub2-common
grub2-efi-aa64-modules
grub2-efi-ia32
grub2-efi-ia32-cdboot
grub2-efi-ia32-modules
grub2-efi-x64
grub2-efi-x64-cdboot
grub2-efi-x64-modules
grub2-pc
grub2-pc-modules
grub2-ppc64le-modules
grub2-tools
grub2-tools-efi
grub2-tools-extra
grub2-tools-minimal
grubby
iscsi-initiator-utils
iscsi-initiator-utils-iscsiuio
kernel
kernel-abi-whitelists
kernel-core
kernel-cross-headers
kernel-debug
kernel-debug-core
kernel-debug-devel
kernel-debug-modules
kernel-debug-modules-extra
kernel-devel
kernel-doc
kernel-headers
kernel-modules
kernel-modules-extra
kernel-tools
kernel-tools-libs
kexec-tools
kmod
kmod-kvdo
kmod-libs
ksc
libasan
libatomic
libatomic-static
libdnf
libgcc
libgfortran
libgomp
libgomp-offload-nvptx
libitm
libkcapi
libmicrohttpd
libnsl
libquadmath
libreport
libstdc++
libtsan
libubsan
libxml2
libxslt
linux-firmware
mcelog
mdadm
mksh
mozjs52
nscd
nss_db
opa-address-resolution
opa-basic-tools
opa-fastfabric
opa-ff
opa-fm
opa-libopamgt
OpenIPMI
openssl
openssl-devel
openssl-libs
openssl-perl
oraclelinux-release
oraclelinux-release-el8
oracle-logos
os-prober
parted
perf
platform-python
policycoreutils
policycoreutils-dbus
policycoreutils-devel
policycoreutils-newrole
policycoreutils-python-utils
policycoreutils-restorecond
polkit
python3-boom
python3-hawkey
python3-iscsi-initiator-utils
python3-kmod
python3-libdnf
python3-libs
python3-perf
python3-policycoreutils
python3-test
python-configshell
python-rtslib
python-urllib3
redhat-indexhtml
redhat-release
redhat-release-eula
sanlock-lib
selinux-policy
selinux-policy-devel
selinux-policy-doc
selinux-policy-minimum
selinux-policy-mls
selinux-policy-sandbox
selinux-policy-targeted
shim-ia32
shim-x64
sos
sos-audit
stunnel
systemd
systemd-container
systemd-devel
systemd-journal-remote
systemd-libs
systemd-pam
systemd-tests
systemd-udev
tuned
tuned-profiles-atomic
tuned-profiles-compat
tuned-profiles-cpu-partitioning
tuned-profiles-mssql
tuned-profiles-oracle
xfsprogs
xfsprogs-devel
The following binary packages to CodeReady Linux Builder by Oracle have been modified:
cups-filters-devel
dnf-plugin-spacewalk
gcc-plugin-devel
glibc-benchtests
glibc-nss-devel
glibc-static
gpgme
kernel-tools-libs-devel
kmod-devel
libmicrohttpd-devel
libmicrohttpd-doc
libreoffice-sdk
libreoffice-sdk-doc
libstdc++-static
libvirt
libvirt-admin
libvirt-bash-completion
libvirt-client
libvirt-daemon
libvirt-daemon-config-network
libvirt-daemon-config-nwfilter
libvirt-daemon-driver-interface
libvirt-daemon-driver-network
libvirt-daemon-driver-nodedev
libvirt-daemon-driver-nwfilter
libvirt-daemon-driver-secret
libvirt-daemon-driver-storage
libvirt-daemon-driver-storage-core
libvirt-daemon-driver-storage-disk
libvirt-daemon-driver-storage-gluster
libvirt-daemon-driver-storage-iscsi
libvirt-daemon-driver-storage-logical
libvirt-daemon-driver-storage-mpath
libvirt-daemon-driver-storage-rbd
libvirt-daemon-driver-storage-scsi
libvirt-devel
libvirt-docs
libvirt-libs
libvirt-nss
mingw32-binutils
mingw32-cpp
mingw32-gcc
mingw32-gcc-c++
mingw32-openssl
mingw64-binutils
mingw64-cpp
mingw64-gcc
mingw64-gcc-c++
mingw64-openssl
mingw-binutils-generic
mozjs52
mozjs60
nss_hesiod
nvml
ocaml-libguestfs
ocaml-libguestfs-devel
OpenIPMI
openscap-engine-sce-devel
PackageKit-glib-devel
parted
python3-dnf-plugin-spacewalk
python3-rhn-client-tools
python3-rhnlib
qemu-kvm
rhn-client-tools
rhnlib
sanlock-devel
shim-unsigned-x64
tog-pegasus
The following binary packages from the AppStream upstream release have been modified:
abrt
abrt-java-connector
anaconda
anaconda-core
anaconda-dracut
anaconda-gui
anaconda-install-env-deps
anaconda-tui
anaconda-user-help
anaconda-widgets
ansible-freeipa
autocorr-af
autocorr-bg
autocorr-ca
autocorr-cs
autocorr-da
autocorr-de
autocorr-en
autocorr-es
autocorr-fa
autocorr-fi
autocorr-fr
autocorr-ga
autocorr-hr
autocorr-hu
autocorr-is
autocorr-it
autocorr-ja
autocorr-ko
autocorr-lb
autocorr-lt
autocorr-mn
autocorr-nl
autocorr-pl
autocorr-pt
autocorr-ro
autocorr-ru
autocorr-sk
autocorr-sl
autocorr-sr
autocorr-sv
autocorr-tr
autocorr-vi
autocorr-zh
binutils-devel
blivet-data
buildah
buildah-tests
clang
clang-analyzer
clang-devel
clang-libs
clang-tools-extra
cloud-init
compat-libgfortran-48
compat-libpthread-nonshared
composer-cli
containernetworking-plugins
containers-common
cpp
cups-filters
cups-filters-libs
dnf-plugin-spacewalk
efi-rpm-macros
firefox
firewalld
gcc
gcc-c++
gcc-gdb-plugin
gcc-gfortran
gcc-offload-nvptx
git-clang-format
glibc-utils
gnome-abrt
gnome-initial-setup
gnome-settings-daemon
golang
gpgme
httpd
httpd-devel
httpd-filesystem
httpd-manual
httpd-tools
initial-setup
ipa-client
ipa-client-common
ipa-common
ipa-python-compat
ipa-server
ipa-server-common
ipa-server-dns
ipa-server-trust-ad
kernel-rpm-macros
ksh
libguestfs
libguestfs-bash-completion
libguestfs-benchmarking
libguestfs-devel
libguestfs-gfs2
libguestfs-gobject
libguestfs-gobject-devel
libguestfs-inspect-icons
libguestfs-java
libguestfs-java-devel
libguestfs-javadoc
libguestfs-man-pages-ja
libguestfs-man-pages-uk
libguestfs-rescue
libguestfs-rsync
libguestfs-tools
libguestfs-tools-c
libguestfs-xfs
libitm-devel
libquadmath-devel
libreoffice-base
libreoffice-calc
libreoffice-core
libreoffice-data
libreoffice-draw
libreoffice-emailmerge
libreoffice-filters
libreoffice-gdb-debug-support
libreoffice-graphicfilter
libreoffice-gtk2
libreoffice-gtk3
libreoffice-help-ar
libreoffice-help-bg
libreoffice-help-bn
libreoffice-help-ca
libreoffice-help-cs
libreoffice-help-da
libreoffice-help-de
libreoffice-help-dz
libreoffice-help-el
libreoffice-help-en
libreoffice-help-es
libreoffice-help-et
libreoffice-help-eu
libreoffice-help-fi
libreoffice-help-fr
libreoffice-help-gl
libreoffice-help-gu
libreoffice-help-he
libreoffice-help-hi
libreoffice-help-hr
libreoffice-help-hu
libreoffice-help-id
libreoffice-help-it
libreoffice-help-ja
libreoffice-help-ko
libreoffice-help-lt
libreoffice-help-lv
libreoffice-help-nb
libreoffice-help-nl
libreoffice-help-nn
libreoffice-help-pl
libreoffice-help-pt-BR
libreoffice-help-pt-PT
libreoffice-help-ro
libreoffice-help-ru
libreoffice-help-si
libreoffice-help-sk
libreoffice-help-sl
libreoffice-help-sv
libreoffice-help-ta
libreoffice-help-tr
libreoffice-help-uk
libreoffice-help-zh-Hans
libreoffice-help-zh-Hant
libreoffice-impress
libreofficekit
libreoffice-langpack-af
libreoffice-langpack-ar
libreoffice-langpack-as
libreoffice-langpack-bg
libreoffice-langpack-bn
libreoffice-langpack-br
libreoffice-langpack-ca
libreoffice-langpack-cs
libreoffice-langpack-cy
libreoffice-langpack-da
libreoffice-langpack-de
libreoffice-langpack-dz
libreoffice-langpack-el
libreoffice-langpack-en
libreoffice-langpack-es
libreoffice-langpack-et
libreoffice-langpack-eu
libreoffice-langpack-fa
libreoffice-langpack-fi
libreoffice-langpack-fr
libreoffice-langpack-ga
libreoffice-langpack-gl
libreoffice-langpack-gu
libreoffice-langpack-he
libreoffice-langpack-hi
libreoffice-langpack-hr
libreoffice-langpack-hu
libreoffice-langpack-id
libreoffice-langpack-it
libreoffice-langpack-ja
libreoffice-langpack-kk
libreoffice-langpack-kn
libreoffice-langpack-ko
libreoffice-langpack-lt
libreoffice-langpack-lv
libreoffice-langpack-mai
libreoffice-langpack-ml
libreoffice-langpack-mr
libreoffice-langpack-nb
libreoffice-langpack-nl
libreoffice-langpack-nn
libreoffice-langpack-nr
libreoffice-langpack-nso
libreoffice-langpack-or
libreoffice-langpack-pa
libreoffice-langpack-pl
libreoffice-langpack-pt-BR
libreoffice-langpack-pt-PT
libreoffice-langpack-ro
libreoffice-langpack-ru
libreoffice-langpack-si
libreoffice-langpack-sk
libreoffice-langpack-sl
libreoffice-langpack-sr
libreoffice-langpack-ss
libreoffice-langpack-st
libreoffice-langpack-sv
libreoffice-langpack-ta
libreoffice-langpack-te
libreoffice-langpack-th
libreoffice-langpack-tn
libreoffice-langpack-tr
libreoffice-langpack-ts
libreoffice-langpack-uk
libreoffice-langpack-ve
libreoffice-langpack-xh
libreoffice-langpack-zh-Hans
libreoffice-langpack-zh-Hant
libreoffice-langpack-zu
libreoffice-math
libreoffice-ogltrans
libreoffice-opensymbol-fonts
libreoffice-pdfimport
libreoffice-pyuno
libreoffice-ure
libreoffice-ure-common
libreoffice-wiki-publisher
libreoffice-writer
libreoffice-x11
libreoffice-xsltfilter
libreport
libreswan
libstdc++-devel
libstdc++-docs
libvirt
libvirt-admin
libvirt-bash-completion
libvirt-client
libvirt-daemon
libvirt-daemon-config-network
libvirt-daemon-config-nwfilter
libvirt-daemon-driver-interface
libvirt-daemon-driver-network
libvirt-daemon-driver-nodedev
libvirt-daemon-driver-nwfilter
libvirt-daemon-driver-qemu
libvirt-daemon-driver-secret
libvirt-daemon-driver-storage
libvirt-daemon-driver-storage-core
libvirt-daemon-driver-storage-disk
libvirt-daemon-driver-storage-gluster
libvirt-daemon-driver-storage-iscsi
libvirt-daemon-driver-storage-logical
libvirt-daemon-driver-storage-mpath
libvirt-daemon-driver-storage-rbd
libvirt-daemon-driver-storage-scsi
libvirt-daemon-kvm
libvirt-devel
libvirt-docs
libvirt-libs
libvirt-lock-sanlock
libvirt-nss
libxml2
libxslt
lld
llvm
lorax
lorax-composer
lorax-lmc-novirt
lorax-lmc-virt
lorax-templates-generic
lorax-templates-rhel
lua-guestfs
mecab-ipadic
mod_ldap
mod_md
mod_proxy_html
mod_session
mod_ssl
mozjs60
NetworkManager-libreswan
NetworkManager-libreswan-gnome
nginx
nginx-all-modules
nginx-filesystem
nginx-mod-http-image-filter
nginx-mod-http-perl
nginx-mod-http-xslt-filter
nginx-mod-mail
nginx-mod-stream
nvml
openscap
openscap-devel
openscap-engine-sce
openscap-python3
openscap-scanner
openscap-utils
open-vm-tools
open-vm-tools-desktop
osinfo-db
PackageKit
PackageKit-command-not-found
PackageKit-cron
PackageKit-glib
PackageKit-gstreamer-plugin
PackageKit-gtk3-module
perl-Sys-Guestfs
perl-XML-Parser
pesign
pki-core
platform-python
platform-python-debug
platform-python-devel
plymouth
podman
podman-docker
podman-manpages
podman-remote
podman-tests
policycoreutils-gui
policycoreutils-sandbox
pykickstart
pyparted
python2
python2-debug
python2-devel
python2-libs
python2-test
python2-tkinter
python2-tools
python3-blivet
python3-clang
python3-idle
python3-ipaclient
python3-ipalib
python3-ipaserver
python3-kickstart
python3-libguestfs
python3-spacewalk-backend-libs
python3-systemd
python3-test
python3-tkinter
python-blivet
python-urllib3
qemu-kvm
rear
redhat-lsb
redhat-rpm-config
rhn-client-tools
rhn-custom-info
rhnlib
rhnpush
rhnsd
rpmdevtools
rpm-ostree
rpm-ostree-libs
ruby
ruby-devel
ruby-doc
ruby-libs
rubygem-abrt
ruby-libguestfs
sanlk-reset
sanlock
scap-security-guide
scap-security-guide-doc
scap-workbench
setroubleshoot
setroubleshoot-plugins
setroubleshoot-server
skopeo
skopeo-tests
spacewalk-abrt
spacewalk-usix
thunderbird
tog-pegasus
tuned-gtk
tuned-utils
tuned-utils-systemtap
virt-dib
virt-install
virt-manager
virt-manager-common
virt-p2v-maker
virt-v2v
WALinuxAgent
wget
xsane
The following binary packages from the BaseOS upstream release have been removed:
dnf-plugin-subscription-manager
kpatch
libcxl
libica
libocxl
libreport-plugin-rhtsupport
libreport-rhel
libreport-rhel-anaconda-bugzilla
libreport-rhel-bugzilla
librtas
libservicelog
libvpd
libzfcphbaapi
lsvpd
opal-prd
openssl-ibmca
powerpc-utils
ppc64-diag
python3-subscription-manager-rhsm
python3-syspurpose
qclib
redhat-backgrounds
redhat-logos
redhat-logos-httpd
redhat-logos-ipa
redhat-support-lib-python
redhat-support-tool
s390utils
servicelog
shim-ia32
shim-x64
subscription-manager
subscription-manager-cockpit
subscription-manager-initial-setup-addon
subscription-manager-migration
subscription-manager-migration-data
subscription-manager-plugin-container
subscription-manager-plugin-ostree
subscription-manager-rhsm-certificates
The following binary packages from the AppStream upstream release have been removed:
insights-client
libreport-plugin-rhtsupport
libreport-rhel
libreport-rhel-anaconda-bugzilla
libreport-rhel-bugzilla
redhat-backgrounds
redhat-logos-httpd
redhat-logos-ipa
redhat-support-lib-python
redhat-support-tool
rhsm-gtk
SLOF
subscription-manager-initial-setup-addon
subscription-manager-migration
subscription-manager-migration-data
subscription-manager-plugin-ostree
virt-who
This section contains information about the removed, modified, and new source packages in this release. For information about the binary package changes, see Section A.1, “Changes to Binary Packages” .
The following source packages have been added to the BaseOS by Oracle:
oraclelinux-release
oraclelinux-release-el8
oracle-logos
The following source packages from the BaseOS upstream release have been modified:
autofs
binutils
boom-boot
chrony
compat-libgfortran-48
coreutils
dbus
dracut
efibootmgr
efi-rpm-macros
firewalld
fuse
fwupd
fwupdate
glibc
gpgme
grub2
grubby
initial-setup
iscsi-initiator-utils
kernel
kexec-tools
kmod
kmod-kvdo
ksc
libdnf
libkcapi
libreport
libxml2
libxslt
linux-firmware
lorax-templates-rhel
mcelog
mdadm
mksh
mozjs52
opa-ff
opa-fm
OpenIPMI
openscap
openssl
oraclelinux-release
oraclelinux-release-el8
oracle-logos
osinfo-db
os-prober
parted
policycoreutils
polkit
pykickstart
python3
python-configshell
python-rtslib
python-urllib3
redhat-indexhtml
redhat-lsb
redhat-release
redhat-rpm-config
rpmdevtools
rpm-ostree
selinux-policy
sos
stunnel
systemd
tuned
The following source packages from the AppStream upstream release have been modified:
abrt
abrt-java-connector
anaconda
anaconda-user-help
buildah
clang
cloud-init
compat-libgfortran-48
containernetworking-plugins
cups-filters
dnf-plugin-spacewalk
efi-rpm-macros
firefox
firewalld
gcc
gnome-abrt
gnome-initial-setup
gnome-settings-daemon
golang
gpgme
httpd
initial-setup
ipa
ksh
libguestfs
libreoffice
libreport
libreswan
libvirt
libxml2
libxslt
lld
llvm
lorax
lorax-templates-rhel
mcelog
mecab-ipadic
mozjs60
nginx
nvml
openscap
openssl
open-vm-tools
osinfo-db
PackageKit
perl-XML-Parser
pesign
pki-core
plymouth
podman
pykickstart
pyparted
python2
python-blivet
python-urllib3
qemu-kvm
rear
redhat-lsb
redhat-rpm-config
rhn-client-tools
rhnlib
rhnpush
rhnsd
rpmdevtools
rpm-ostree
rubygem-abrt
sanlock
scap-security-guide
scap-workbench
setroubleshoot
setroubleshoot-plugins
skopeo
spacewalk-abrt
spacewalk-usix
thunderbird
tog-pegasus
virt-manager
WALinuxAgent
wget
xsane
The following source packages from the BaseOS upstream release have been removed:
dnf-plugin-subscription-manager
kpatch
libcxl
libica
libical
libocxl
librtas
libservicelog
libvpd
libzfcphbaapi
lsvpd
opal-prd
openssl-ibmca
powerpc-utils
ppc64-diag
python3-subscription-manager-rhsm
qclib
redhat-logos
redhat-logos-httpd
s390utils
servicelog
subscription-manager
subscription-manager-cockpit
subscription-manager-plugin-container
subscription-manager-plugin-ostree
subscription-manager-rhsm-certificates
The following source packages from the AppStream upstream release have been removed:
insights-client
libical-devel
redhat-logos-ipa
redhat-support-lib-python
redhat-support-tool
SLOF
subscription-manager-initial-setup-addon
subscription-manager-migration
subscription-manager-migration-data
texlive-etoolbox
toolbox
virtio-win
virt-who
Copyright © 2019, Oracle and/or its affiliates. All rights reserved. Legal Notices