[CentOS] RHEL 7.3 released

Fri Nov 4 09:38:56 UTC 2016
James Hogarth <james.hogarth at gmail.com>

As a heads up RHEL 7.3 is released:


Pay careful attention when the CR repo starts churning out RPMs (if
you have CR enabled) as there have been a few rebases in this -
notably firewalld, NetworkManager, freeIPA, libreoffice, samba,
amongst others

If you have an ipv6 environment ping is now ipv6 aware and ping6 is
removed (with a symlink to ping for compatibility).

On the SSL side of things pycurl now handles TLS 1.1 and 1.2 and
openJDK8 can handle ECC.

With the NetworkManager rebase more complicated arbitrary layering of
interfaces is possible (eg physical -> team -> vlan -> bridge), which
I'll be revisiting my old NM article to investigate soon, and Wi-Fi
scanning will use a randomised MAC ... this may affect some people.
For a known BSSID the connect won't be a randomised MAC though just
when scanning.

The firewalld zones become a bit more usable with ipsets being usable
to define the zone making management of which networks go in which
zones a bit nicer - I'll be revisiting my old firewalld article to
investigate this too.

The deprecation of the old net-tools suite continues with bridge-utils
no longer required in many circumstances as iproute2 gets improved
bridge capabilties... this brings EL7 inline with the Fedora


On the network side of things be aware of a potentially breaking
change to systems in how device names are created, this will only
affect systems that have exceptionally long device names:

For fresh installs using automatic partitioning the default /boot size
has been bumped to 1G ... for kickstarts and other automated installs
you may want to tweak your setups to match.

The NSS bug that caused problems with reusing SSL sessions and was
breaking owncloud setups has been resolved - I have not tested this
yet and will be doing so this weekend. The impending owncloud 9.1.1
EL7 release in EPEL7 will be removing my workaround and require this
for full correct functionality.

In the tech preview world nftables joins the testing group (I'll have
articles up exploring this new firewalling method in the coming weeks)
for networking. Whilst with storage overlayfs and btrfs remain in tech
preview status - with cephfs joining them... as notable pieces.
There's also new pNFS stuff.

This is only a small snippet of things that jumped out relevant to me
personally. As always make sure you read through the release notes in
full. to be ready once CentOS starts producing the RPMs, and keep in
mind this early in the lifecycle there are a fair few rebases and new
features implemented that should be tested... unlike later on in the
lifecycles (eg EL6) where no/minimal rebasing happens and changes at a
feature level don't happen.