Graphical Installation requires 800x600 resolution or higher
extlinux
keyword on the Anaconda command line, or use the "--extlinux" flag for the bootloader command in kickstart. This feature is not made visible in the installer's graphical or text-mode user interfaces.
Syslinux is not preferable to grub for most end users!
fcoe
, iscsi
, and multipath
. The text mode of the installer has also been improved.
# example kickstart lines to join realm: network --hostname=machine.ad.example.com realm join --one-time-password=MyPassword ad.example.com
Rescue and Rebuild for major changes
dracut --regenerate-all --force
to rebuild and replace the old initramfs.
Rescue
boot entry and execute dracut --regenerate-all
. If you want your initramfs to be hardware independent, install the dracut-nohostonly rpm package. If you don't want rescue images at all (like in virtual machines), install the dracut-norescue rpm package.
/tmp
. The common method of exploitation of this flaw is to cross privilege boundaries when following a given link, such as when a root process follows a link belonging to another user. In Fedora 19, we permit links to only be followed when outside a sticky world-writable directory, or when the uid of the link and follower match, or when the directory owner matches the link's owner. In previous releases, this was enforced by SELinux
policy and in this release, the restrictions are enabled by sysctl
settings in /usr/lib/sysctl.d/00-system.conf
as an additional layer of protection:
fs.protected_hardlinks = 1 fs.protected_symlinks = 1
kickstart
or command line:
realm join myipadomain.com
Global Catalog
service to allow Active Directory domain administrators to FreeIPA users.
GSSAPI
usage from both the kernel for authenticating remote file system access as well as user-space applications. It does provide fine-grained access control on Kerberos keytab access and it overcomes various limitations the kernel had when dealing with Kerberos tickets.
pacemaker_remote
service. This feature allows pacemaker to manage both virtual guests and the resources that live within the guests all from the host cluster node without requiring the guest nodes to run the cluster stack.
Virtio
Random Number Generator
qcow2
files, refer to https://blueprints.launchpad.net/nova/+spec/snapshots-for-everyone
compute cells
was merged to support greater scalability, refer to https://blueprints.launchpad.net/nova/+spec/nova-compute-cells
SPICE
as well as VNC
, refer to https://blueprints.launchpad.net/nova/+spec/libvirt-spice
V3
API has been implemented, details at https://blueprints.launchpad.net/keystone/+spec/implement-v3-core-api
LDAP
backend has been introduced, learn more at https://blueprints.launchpad.net/keystone/+spec/ad-ldap-identity-backend
/etc/systemd/system/foo.service.d/bar.conf
, making site-specific changes easier to organize and deploy.
systemd-analyze
can now use the GraphViz dot
tool to generate graphs of the boot process. GraphViz can be installed with yum install graphviz
and will create a representation of the full boot process with systemd-analyze dot | dot -Tsvg > systemd.svg
More refined plots can be generated with the optional arguments --order
, --require
, --from-pattern=
, and --to-pattern=
man 1 systemd-analyze
.
systemd
now provides some tools for working with socket units:
systemctl list-sockets to show the sockets systemd is listening on, the socket units they belong to, and the units they activate. |
systemd-activate to test socket activation. |
journalctl
usage include:
journalctl -r to see newest entries first. |
journalctl -e to skip to the end of the list. |
journalctl --user-unit="foo" to filter by user units |
A new module in the systemd python API for reading the journal |
journalctl
now persistently stores journal log data in /var/log/journal
. In previous releases, journal data was stored in /var/run/journal
, which is volatile and cleared on reboot. Starting with Fedora 19, journal data persists between reboots.
deltarpm=0
in /etc/yum.conf
. Refer to man yum.conf
for more details.
/etc/yum/pluginconf.d/fs-snapshot.conf
:
Set enabled=1 in the [lvm] section to enable. |
set create_snapshots_in_post=1 in the [main] section to create a snapshot after the yum transaction. |