Oracle Linux 8.3 Is Out and It Brings a Much Improved Installer, SELinux Updates

Oracle Linux 8.3

Oracle announced today the release and general availability of Oracle Linux 8.3 as the third maintenance update to the Oracle Linux 8 operating system series based on Red Hat Enterprise Linux 8.

Derived from the source code of Red Hat Enterprise Linux 8.3, Oracle Linux 8 Update 3 is here six months after Oracle Linux 8.2 and it’s powered by the latest Unbreakable Enterprise Kernel Release 6 (UEK R6) based on the upstream long-term supported Linux 5.4 kernel, along with the Red Hat Compatible Kernel (RHCK).

Highlights of this release include a much-improved graphical installer that features better support for NVDIMM devices and IPv6 static configurations, the LUKS2 (Linux Unified Key Setup) disk encryption management for encrypted containers by default, as well as the addition of “root password” and “user creation settings” in the Installation Summary screen.

The Red Hat Compatible Kernel (RHCK) included in Oracle Linux 8.3 also has some nice changes, including support for the Mellanox ConnectX-6 Dx network adapter, support for the libbpf library for loading eBPF programs, the lshw tool for extracting detailed hardware information, and eBPF support for KVM (Kernel-based virtual machines).

Also, /dev/random and /dev/urandom are now conditionally powered by the Kernel Crypto API DRBG (Deterministic Random Bit Generator) in the Red Hat Compatible Kernel (RHCK), which disables TSX by default on Intel CPUs that allow it to be disabled.

Among other interesting changes, there’s full support for NVMe/TCP on the Unbreakable Enterprise Kernel Release 6 (UEK R6) and as a Technology Preview on the Red Hat Compatible Kernel (RHCK), the SCAP Workbench tool for generating results-based remediation from tailored profiles.

A couple of SELinux improvements are included as well, such as support for individual CephFS files and directories to include SELinux labels, as well as the inclusion of version 1.0 of the fapolicyd file access policy daemon. Some virtualization improvements focused on the KVM hypervisor are also present.

Under the hood, numerous core components received newer version. Among these, there’s GCC (GNU Compiler Collection) 10, Pacemaker 2.0.4, OpenSCAP 1.3.3, scap-security-guide 0.1.50, Ruby 2.7.1, Node.Js 14, Python 3.8, PHP 7.4, nginx 1.18, Perl 5.30, Squid 4.11, Apache 2.4, Git 2.27, Bind 9.11, Powertop 2.12, Tuned 2.14.0, tcpdump 4.9.3, GnuTLS 3.6.14, libreswan 3.32, libseccomp 2.43, libkcapi 1.2.0, libssh 0.9.4, setools 4.3.0, and stunnel 5.56.

Image credits: Oracle

Last updated 3 years ago

Buy Me a Coffee at