Oracle Linux 7.4 release, add new features

Oracle Linux 7.4 was released. Updated versions of the main areas of change involves safety improvements, and support for improvements to the cloud and the container environment.

Safety

Oracle Linux 7.4 through several new features and improve security, including:

  • UEFI Secure Boot

A system in Secure Boot mode loads only those boot loaders and kernels that have been signed by Oracle. Oracle has updated the kernel and grub2 packages to sign them with a valid Extended Validation (EV) certificate. The EV certificate has been compiled into the shim binary and has been signed by Microsoft.

  • Now using the SHA-2 openSSH

By default, the algorithm for public key signatures that is used in this release is SHA-2. SHA-1 is available for backward compatibility purposes only.

  • Yum add new payload_gpgcheck options

Enhances security during installation. The new payload_gpgcheck option enables yum to perform a GNU Privacy Guard (GPG) signature check on the payload sections of packages. This capability provides enhanced security and integrity when installing packages.

  • The new security package NBDE

NBDE enables you to encrypt root volumes of hard drives on physical machines without requiring you to manually enter a password when the systems are rebooted.

  • The new package usbguard

The USBGuard software framework provides system protection against intrusive USB devices by implementing basic whitelisting and blacklisting capabilities that are based on device attributes.

Strengthen the deployment of cloud and containers

Oracle Linux 7.4 and containers continue to strengthen cloud deployment customers:

  • Btrfs

Btrfs is the ideal filesystem for supporting containers in the cloud. We continue to support and enhance Btrfs in Oracle Linux 7 with Unbreakable Enterprise Kernel Release 4 allowing you to continue to use Btrfs for your container cloud deployments.

  • User namespace

Prevents container users from being able to gain the same privileges at the global level by allowing separation of the container namespace from the underlying operating system namespace.

  • Spacewalk

Oracle Linux 7 Update 4 makes it even easier to install and add a system to Spacewalk by not requiring the spacewalk client to be installed before registering with the Spacewalk server.

Performance improvements

The main performance:

  •  Improved scalability and performance of the operating system

Replaced ticket spin locks with queued spin locks which provide better scalability under contention and higher performance overall.

  • New http-parser performance installation package

http-parser is designed for high performance web applications by eliminating buffering, system calls and allowing interrupts.

  • New libfastjson installation package

libfastjson is a limited feature set JSON library that provides significantly improved performance, compared to json-c.

More details please refer to the official website update, download: https://www.oracle.com/downloads/index.html

Leave a Reply

Your email address will not be published. Required fields are marked *