发布于 2017-09-10 00:01:42 | 137 次阅读 | 评论: 0 | 来源: 网友投递
Oracle Linux 发行版
Oracle Linux,全称为Oracle Enterprise Linux,简称OEL,是Oracle公司在2006年初发布第一个版本,Linux发行版本之一,以对Oracle软件和硬件支持较好见长。OEL,一般人通常叫法为Oracle企业版Linux,由于Oracle提供的企业级支持计划UBL(Unbreakable Linux),所以很多人都称OEL为坚不可摧Linux。
Oracle Linux 7.4 发布了。改版本的更新领域主要涉及安全性的改进,以及对云和容器环境的支持的改进。
Oracle Linux 7.4 通过几项新功能不断提升安全性,包括:
UEFI Secure Boot
A system in Secure Boot mode loads only those boot loaders and kernels that have been signed by Oracle. Oracle has updated the kernel and grub2 packages to sign them with a valid Extended Validation (EV) certificate. The EV certificate has been compiled into the shim binary and has been signed by Microsoft.
openSSH 现在使用 SHA-2
By default, the algorithm for public key signatures that is used in this release is SHA-2. SHA-1 is available for backward compatibility purposes only.
Yum 添加新的 payload_gpgcheck 选项
Enhances security during installation. The new payload_gpgcheck option enables yum to perform a GNU Privacy Guard (GPG) signature check on the payload sections of packages. This capability provides enhanced security and integrity when installing packages.
新的 NBDE安全包
NBDE enables you to encrypt root volumes of hard drives on physical machines without requiring you to manually enter a password when the systems are rebooted.
新的 usbguard 包
The USBGuard software framework provides system protection against intrusive USB devices by implementing basic whitelisting and blacklisting capabilities that are based on device attributes.
Oracle Linux 7.4 不断加强客户的云和容器部署:
Btrfs
Btrfs is the ideal filesystem for supporting containers in the cloud. We continue to support and enhance Btrfs in Oracle Linux 7 with Unbreakable Enterprise Kernel Release 4 allowing you to continue to use Btrfs for your container cloud deployments.
用户命名空间
Prevents container users from being able to gain the same privileges at the global level by allowing separation of the container namespace from the underlying operating system namespace.
Spacewalk
Oracle Linux 7 Update 4 makes it even easier to install and add a system to Spacewalk by not requiring the spacewalk client to be installed before registering with the Spacewalk server.
主要性能提升:
改进了操作系统的可扩展性和性能
Replaced ticket spin locks with queued spin locks which provide better scalability under contention and higher performance overall.
新增 http-parser 性能安装包
http-parser is designed for high performance web applications by eliminating buffering, system calls and allowing interrupts.
新增 libfastjson 安装包
libfastjson is a limited feature set JSON library that provides significantly improved performance, compared to json-c.
更多内容请查阅官网更新,下载地址:https://www.oracle.com/downloads/index.html