| RHE Linux 6.3 Technical Notesanaconda component Setting the qla4xxx parameter ql4xdisablesysfsboot to 1 may cause boot from SAN failures. anaconda component Installing Red Hat Enterprise Linux 6.3 using the text user interface on a system which already has a Red Hat Enterprise Linux system installed on the disk, and going back to the initial Anaconda installation page (using the Back button) may cause a traceback error. dracut component Installations to a network root device, such as an iSCSI device, do not function properly when using DHCP, preventing the installed system from rebooting. To work around this issue, when installing to an iSCSI root device, you must select the Anaconda installer option Bind targets to network interfaces; do not leave it unselected, as is the default. Additionally, you must use static IP addresses if using a network root device. To work around this issue when installing via kickstart, add the --iface= option to the iSCSI command, for example: iscsi --ipaddr 10.34.39.46 --port 3260 --target iqn.2009-02.com.kvm:iscsibind --iface=eth0 anaconda component Red Hat Enterprise Linux 6.3 fails to boot when installed without LVM and booted from a Storage Area Network (SAN). To work around this issue, ensure that the /boot partition is using the first partition of multipath, or use LVM (which is the default behavior). anaconda component To automatically create an appropriate partition table on disks that are uninitialized or contain unrecognized formatting, use the zerombr kickstart command. The --initlabel option of the clearpart command is not intended to serve this purpose. anaconda component, BZ#676025Users performing an upgrade using the Anaconda's text mode interface who do not have a boot loader already installed on the system, or who have a non-GRUB boot loader, need to select Skip Boot Loader Configuration during the installation process. Boot loader configuration will need to be completed manually after installation. This problem does not affect users running Anaconda in the graphical mode (graphical mode also includes VNC connectivity mode). anaconda component In Red Hat Enterprise Linux 6.3, Anaconda allows installation to disks of size 2.2 TB and larger, but the installed system may not boot properly. Disks of size 2.2 TB and larger may be used during the installation process, but only as data disks (that is, should not be used as bootable disks). anaconda component On s390x systems, you cannot use automatic partitioning and encryption. If you want to use storage encryption, you must perform custom partitioning. Do not place the /boot volume on an encrypted volume. anaconda component The order of device names assigned to USB attached storage devices is not guaranteed. Certain USB attached storage devices may take longer to initialize than others, which can result in the device receiving a different name than you expect (for example, sdc instead of sda). During installation, verify the storage device size, name, and type when configuring partitions and file systems. -
kernel component Recent Red Hat Enterprise Linux 6 releases use a new naming scheme for network interfaces on some machines. As a result, the installer may use different names during an upgrade in certain scenarios (typically em1 is used instead of eth0 on new Dell machines). However, the previously used network interface names are preserved on the system and the upgraded system will still use the previously used interfaces. This is not the case for Yum upgrades. -
anaconda component The kdump default on feature currently depends on Anaconda to insert the crashkernel= parameter to the kernel parameter list in the boot loader's configuration file. firstaidkit component The firstaidkit-plugin-grub package has been removed from Red Hat Enterprise Linux 6.2. As a consequence, in rare cases, the system upgrade operation may fail with unresolved dependencies if the plug-in has been installed in a previous version of Red Hat Enterprise Linux. To avoid this problem, the firstaidkit-plugin-grub package should be removed before upgrading the system. However, in most cases, the system upgrade completes as expected. anaconda component, BZ#623261 In some circumstances, disks that contain a whole disk format (for example, an LVM Physical Volume populating a whole disk) are not cleared correctly using the clearpart --initlabel kickstart command. Adding the --all switch-as in clearpart --initlabel --all-ensures disks are cleared correctly. squashfs-tools component During the installation on POWER systems, error messages similar to the following may be returned to sys.log: attempt to access beyond end of deviceloop0: rw=0, want=248626, limit=248624 These errors do not prevent installation and only occur during the initial setup. The file system created by the installer will function correctly. anaconda component When installing on the IBM System z architecture, if the installation is being performed over SSH, avoid resizing the terminal window containing the SSH session. If the terminal window is resized during the installation, the installer will exit and the installation will terminate. yaboot component, BZ#613929 The kernel image provided on the CD/DVD is too large for Open Firmware. Consequently, on the POWER architecture, directly booting the kernel image over a network from the CD/DVD is not possible. Instead, use yaboot to boot from a network. anaconda component The Anaconda partition editing interface includes a button labeled Resize. This feature is intended for users wishing to shrink an existing file system and an underlying volume to make room for an installation of a new system. Users performing manual partitioning cannot use the Resize button to change sizes of partitions as they create them. If you determine a partition needs to be larger than you initially created it, you must delete the first one in the partitioning editor and create a new one with the larger size. system-config-kickstart component Channel IDs (read, write, data) for network devices are required for defining and configuring network devices on IBM S/390 systems. However, system-config-kickstart-the graphical user interface for generating a kickstart configuration-cannot define channel IDs for a network device. To work around this issue, manually edit the kickstart configuration that system-config-kickstart generates to include the desired network devices.
subscription manager component When registering a system with firstboot, the RHN Classic option is checked by default in the Subscription part. subscription manager component, BZ#811771Subscription Manager now disables gpgcheck for any repositories it manages which have an empty gpgkey. To re-enable the repository, upload the GPG keys, and ensure that the correct URL is added to your custom content definition.
cpuspeed component, BZ#626893 Some HP Proliant servers may report incorrect CPU frequency values in /proc/cpuinfo or /sys/device/system/cpu/*/cpufreq. This is due to the firmware manipulating the CPU frequency without providing any notification to the operating system. To avoid this ensure that the HP Power Regulator option in the BIOS is set to OS Control. An alternative available on more recent systems is to set Collaborative Power Control to Enabled. releng component, BZ#644778 Some packages in the Optional repositories on RHN have multilib file conflicts. Consequently, these packages cannot have both the primary architecture (for example, x86_64) and secondary architecture (for example, i686) copies of the package installed on the same machine simultaneously. To work around this issue, install only one copy of the conflicting package. grub component, BZ#695951On certain UEFI-based systems, you may need to type BOOTX64 rather than bootx64 to boot the installer due to case sensitivity issues. grub component, BZ#698708 When rebuilding the grub package on the x86_64 architecture, the glibc-static.i686 package must be used. Using the glibc-static.x86_64 package will not meet the build requirements.
virt-p2v component, BZ#816930Converting a physical server running either Red Hat Enterprise Linux 4 or Red Hat Enterprise Linux 5 which has its file system root on an MD device is not supported. Converting such a guest results in a guest which fails to boot. Note that conversion of a Red Hat Enterprise Linux 6 server which has its root on an MD device is supported. virt-p2v component, BZ#808820When converting a physical host with a multipath storage, Virt-P2V presents all available paths for conversion. Only a single path must be selected. This must be a currently active path. vdsm component, BZ#826921The following parameter has been deprecated in the /etc/vdsm/vdsm.conf file: [irs]nfs_mount_options = soft,nosharecache,vers=3 This parameter will continue to be supported in versions 3.x, but will be removed in version 4.0 of NFS. Customers using this parameter should upgrade their domains to V2 and greater and set the parameters from the GUI. vdsm component, BZ#749479When adding a bond to an existing network, its world-visible MAC address may change. If the DHCP server is not aware that the new MAC address belongs to the same host as the old one, it may assign the host a different IP address, that is unknown to the DNS server nor to Red Hat Enterprise Virtualization Manager. As a result, Red Hat Enterprise Virtualization Manager VDSM connectivity is broken. To work around this issue, configure your DHCP server to assign the same IP for all the MAC addresses of slave NICs. Alternatively, when editing a management network, do not check connectivity, and make sure that Red Hat Enterprise Virtualization Manager / DNS use the newly-assigned IP address for the node. vdsm component Vdsm uses cgroups if they are available on the host. If the cgconfig service is turned off, turn it on with the chkconfig cgconfig on command and reboot. If you prefer not to reboot your system, restarting the libvirt service and vdsm should be sufficient. ovirt-node component, BZ#747102 Upgrades from Beta to the GA version will result in an incorrect partitioning of the host. The GA version must be installed clean. UEFI machines must be set to legacy boot options for RHEV-H to boot successfully after installation. kernel component When a system boots from SAN, it starts the libvirtd service, which enables IP forwarding. The service causes a driver reset on both Ethernet ports which causes a loss of all paths to an OS disk. Under this condition, the system cannot load firmware files from the OS disk to initialize Ethernet ports, eventually never recovers paths to the OS disk, and fails to boot from SAN. To work around this issue add the bnx2x.disable_tpa=1 option to the kernel command line of the GRUB menu, or do not install virtualization related software and manually enable IP forwarding when needed. vdsm componentIf the /root/.ssh/ directory is missing from a host when it is added to a Red Hat Enterprise Virtualization Manager data center, the directory is created with a wrong SELinux context, and SSH'ing into the host is denied. To work around this issue, manually create the /root/.ssh directory with the correct SELinux context: ~]# mkdir /root/.ssh~]# chmod 0700 /root/.ssh~]# restorecon /root/.ssh vdsm component VDSM now configures libvirt so that connection to its local read-write UNIX domain socket is password-protected by SASL. The intention is to protect virtual machines from human errors of local host administrators. All operations that may change the state of virtual machines on a Red Hat Enterprise Virtualization-controlled host must be performed from Red Hat Enterprise Virtualization Manager. libvirt component In earlier versions of Red Hat Enterprise Linux, libvirt permitted PCI devices to be insecurely assigned to guests. In Red Hat Enterprise Linux 6, assignment of insecure devices is disabled by default by libvirt. However, this may cause assignment of previously working devices to start failing. To enable the old, insecure setting, edit the /etc/libvirt/qemu.conf file, set the relaxed_acs_check = 1 parameter, and restart libvirtd (service libvirtd restart). Note that this action will re-open possible security issues. virtio-win component, BZ#615928 The balloon service on Windows 7 guests can only be started by the Administrator user. libvirt component, BZ#622649 libvirt uses transient iptables rules for managing NAT or bridging to virtual machine guests. Any external command that reloads the iptables state (such as running system-config-firewall) will overwrite the entries needed by libvirt. Consequently, after running any command or tool that changes the state of iptables, guests may lose access to the network. To work around this issue, use the service libvirt reload command to restore libvirt's additional iptables rules. virtio-win component, BZ#612801 A Windows virtual machine must be restarted after the installation of the kernel Windows driver framework. If the virtual machine is not restarted, it may crash when a memory balloon operation is performed. qemu-kvm component, BZ#720597Installation of Windows 7 Ultimate x86 (32-bit) Service Pack 1 on a guest with more than 4GB of RAM and more than one CPU from a DVD medium often crashes during the final steps of the installation process due to a system hang. To work around this issue, use the Windows Update utility to install the Service Pack. qemu-kvm component, BZ#612788 A dual function Intel 82576 Gigabit Ethernet Controller interface (codename: Kawela, PCI Vendor/Device ID: 8086:10c9) cannot have both physical functions (PF's) device-assigned to a Windows 2008 guest. Either physical function can be device assigned to a Windows 2008 guest (PCI function 0 or function 1), but not both. virt-v2v component, BZ#618091 The virt-v2v utility is able to convert guests running on an ESX server. However, if an ESX guest has a disk with a snapshot, the snapshot must be on the same datastore as the underlying disk storage. If the snapshot and the underlying storage are on different datastores, virt-v2v will report a 404 error while trying to retrieve the storage. virt-v2v component, BZ#678232 The VMware Tools application on Microsoft Windows is unable to disable itself when it detects that it is no longer running on a VMware platform. Consequently, converting a Microsoft Windows guest from VMware ESX, which has VMware Tools installed, will result in errors. These errors usually manifest as error messages on start-up, and a "Stop Error" (also known as a BSOD) when shutting down the guest. To work around this issue, uninstall VMware Tools on Microsoft Windows guests prior to conversion.
3.5. Storage and File Systemslvm2 component, BZ#832392When issue_discards=1 is configured in the /etc/lvm/lvm.conf file, moving physical volumes via the pvmove command results in data loss. To work around this issue, ensure that issue_discards=0 is set in your lvm.conf file before moving any physical volumes. lvm2 component, BZ#832033When using the lvmetad daemon (currently a Technology Preview), avoid passing the --test argument to commands. The use of the --test argument may lead to inconsistencies in the cache that lvmetad maintains. This issue will be fixed in a future release. If the --test argument has been used, fix any problems by restarting the lvmetad daemon. lvm2 component, BZ#820229It is not possible to rename thin logical volumes using tools provided in the current LVM2 release. The rename operation returns the following error: lvrename Cannot rename <volume_name>: name format not recognized for internal LV <pool_name> This issue will be fixed in the next LVM2 release. device-mapper-multipath component Multipath's queue_without_daemon yes default option queues I/O even though all iSCSI links have been disconnected when the system is shut down, which causes LVM to become unresponsive when scanning all block devices. As a result, the system cannot be shut down. To work around this issue, add the following line into the defaults section of /etc/multipath.conf: queue_without_daemon no initscripts component Running the file system check (using fsck) on a NFS mounted file system fails, and causes the system to fail to boot and drop into a shell. To work around this issue, disable fsck on any /boot partitions by setting the sixth value of a /boot entry in /etc/fstab to 0. kernel component, BZ#606260 The NFSv4 server in Red Hat Enterprise Linux 6 currently allows clients to mount using UDP and advertises NFSv4 over UDP with rpcbind. However, this configuration is not supported by Red Hat and violates the RFC 3530 standard. lvm2 component The dracut utility currently only supports one FiberChannel over Ethernet (FCoE) connection to be used to boot from the root device. Consequently, booting from a root device that spans multiple FCoE devices (for example, using RAID, LVM or similar techniques) is not possible. -
lvm2 component The pvmove command cannot currently be used to move mirror devices. However, it is possible to move mirror devices by issuing a sequence of two commands. For mirror images, add a new image on the destination PV and then remove the mirror image on the source PV: ~]$ lvconvert -m +1 <vg/lv> <new PV>~]$ lvconvert -m -1 <vg/lv> <old PV> Mirror logs can be handled in a similar fashion: ~]$ lvconvert --mirrorlog core <vg/lv>~]$ lvconvert --mirrorlog disk <vg/lv> <new PV> or ~]$ lvconvert --mirrorlog mirrored <vg/lv> <new PV>~]$ lvconvert --mirrorlog disk <vg/lv> <old PV>
kernel component Some e1000e NICs may not get an IPv4 address assigned after the system is rebooted. To work around this issue, add the following line to the /etc/sysconfig/network-scripts/ifcfg-eth<X> file: LINKDELAY=10 NetworkManager component, BZ#758076If a Certificate Authority (CA) certificate is not selected when configuring an 802.1x or WPA-Enterprise connection, a dialog appears indicating that a missing CA certificate is a security risk. This dialog presents two options: ignore the missing CA certificate and proceed with the insecure connection, or choose a CA certificate. If the user elects to choose a CA certificate, this dialog disappears and the user may select the CA certificate in the original configuration dialog. samba component Current Samba versions shipped with Red Hat Enterprise Linux 6.3 are not able to fully control the user and group database when using the ldapsam_compat back end. This back end was never designed to run a production LDAP and Samba environment for a long period of time. The ldapsam_compat back end was created as a tool to ease migration from historical Samba releases (version 2.2.x) to Samba version 3 and greater using the new ldapsam back end and the new LDAP schema. The ldapsam_compat back end lack various important LDAP attributes and object classes in order to fully provide full user and group management. In particular, it cannot allocate user and group IDs. In the Red Hat Enterprise Linux Reference Guide, it is pointed out that this back end is likely to be deprecated in future releases. Refer to Samba's documentation for instructions on how to migrate existing setups to the new LDAP schema. When you are not able to upgrade to the new LDAP schema (though upgrading is strongly recommended and is the preferred solution), you may work around this issue by keeping a dedicated machine running an older version of Samba (v2.2.x) for the purpose of user account management. Alternatively, you can create user accounts with standard LDIF files. The important part is the assignment of user and group IDs. In that case, the old Samba 2.2 algorithmic mapping from Windows RIDs to Unix IDs is the following: user RID = UID * 2 + 1000, while for groups it is: group RID = GID * 2 + 1001. With these workarounds, users can continue using the ldapsam_compat back end with their existing LDAP setup even when all the above restrictions apply. kernel component, BZ#816888Running the QFQ queuing discipline in a virtual guest eventually results in kernel panic. kernel component Because RHEL6.3 defaults to using Strict Reverse Path filtering, packets are dropped by default when the route for outbound traffic differs from the route of incoming traffic. This is in line with current recommended practice in RFC3704. For more information about this issue please refer to /usr/share/doc/kernel-doc-<version>/Documentation/networking/ip-sysctl.txt and https://access.redhat.com/knowledge/solutions/53031. perftest component The rdma_bw and rdma_lat utilities (provided by the perftest package) are now deprecated and will be removed from the perftest package in a future update. Users should use the following utilities instead: ib_write_bw, ib_write_lat, ib_read_bw, and ib_read_lat.
corosync component, BZ#722469A double ring failure results in the spinning of the corosync process. Also, because DLM relies on SCTP, which is non-functional, many features of the cluster software that rely on DLM do not work properly. luci component, BZ#615898 luci will not function with Red Hat Enterprise Linux 5 clusters unless each cluster node has ricci version 0.12.2-14.
- Identity Management component
When using the Identity Management WebUI in the Internet Explorer browser, you may encounter the following issues: While the browser window is not maximized or many users are logged into the WebUI, scrolling down a page to select a user may not work properly. As soon as the user's checkbox is selected, the scroll bar jumps back up without selecting the user. This error also occurs when a permission is added to a privilege. (BZ# 831299) When attempting to edit a service, the edit page for that service may occasionally be blank, or show only labels for Principal or Service without showing their values. When adding a service, under certain conditions, the drop-down menu lists the available services and hosts but users are unable to select any of the entries. (BZ# 831227) When adding a permission of type subtree, the text area to specify the subtree is too small and non-resizable making it difficult to enter long subtree entries. (BZ# 830817 ) When adding a delegation, its attributes are separated by disproportionately large vertical spaces. (BZ# 829899) When adding a member, the edge of the displayed window suggests it can be resized. However, resizing of the window does not work. When adding a Sudo Command to a Sudo Command group, the first group overlays with the column title. (BZ# 829746) Adding a new DNS zone causes the window to be incorrectly rendered as text on the existing page. (BZ# 827583)
- Identity Management component, BZ#826973
When Identity Management is installed with its CA certificate signed by an external CA, the installation is processed in 2 stages. In the first stage, a CSR is generated to be signed by an external CA. The second stage of the installation then accepts a file with the new signed certificate for the Identity Management CA and a certificate of the external CA. During the second stage of the installation, a signed Identity Management CA certificate subject is validated. However, there is a bug in the certificate subject validation procedure and its default value (O=$REALM, where $REALM is the realm of the new Identity Management installation) is never pulled. Consequently, the second stage of the installation process always fails unless the --subject option is specified. To work around this issue, add the following option for the second stage of the installation: --subject "O=$REALM" where $REALM is the realm of the new Identity Management installation. If a custom subject was used for the first stage of the installation, use its value instead. Using this work around, the certificate subject validation procedure succeeds and the installation continues as expected. - Identity Management component, BZ#822350
When a user is migrated from a remote LDAP, the user's entry in the Directory Server does not contain Kerberos credentials needed for a Kerberos login. When the user visits the password migration page, Kerberos credentials are generated for the user and logging in via Kerberos authentication works as expected. However, Identity Management does not generate the credentials correctly when the migrated password does not follow the password policy set on the Identity Management server. Consequently, when the password migration is done and a user tries to log in via Kerberos authentication, the user is prompted to change the password as it does not follow the password policy, but the password change is never successful and the user is not able to use Kerberos authentication. To work around this issue, an administrator can reset the password of a migrated user with the ipa passwd command. When reset, user's Kerberos credentials in the Directory Server are properly generated and the user is able to log in using Kerberos authentication. - Identity Management component
In the Identity Management webUI, deleting a DNS record may, under come circumstances, leave it visible on the page showing DNS records. This is only a display issue and does not affect functionality of DNS records in any way. - Identity Management component, BZ#783502
The Identity Management permission plug-in does not verify that the set of attributes specified for a new permission is relevant to the target object type that the permission allows access to. This means a user is able to create a permission which allows access to attributes that will never be present in the target object type because such attributes are not allowed in its object classes. You must ensure that the chosen set of attributes for which a new permission grants access to is relevant to the chosen target object type. - Identity Management component, BZ#790513
The ipa-client package does not install the policycoreutils package as its dependency, which may cause install/uninstall issues when using the ipa-client-install setup script. To work around this issue, install the policycoreutils package manually: ~]# yum install policycoreutils - Identity Management component, BZ#813376
Updating the Identity Management LDAP configuration via the ipa-ldap-updater fails with a traceback error when executed by a non-root user due to the SASL EXTERNAL bind requiring root privileges. To work around this issue, run the aforementioned command as the root user. - Identity Management component, BZ#794882
With netgroups, when adding a host as a member that Identity Management does not have stored as a host already, that host is considered to be an external host. This host can be controlled with netgroups, but Identity Management has no knowledge of it. Currently, there is no way to use the netgroup-find option to search for external hosts. Also, note that when a host is added to a netgroup as an external host, rather than being added in Identity Management as an external host, that host is not automatically converted within the netgroup rule. - Identity Management component, BZ#786629
Because a permission does not provide write access to an entry, delegation does not work as expected. The 389 Directory Server (389-ds) distinguishes access between entries and attributes. For example, an entry can be granted add or delete access, whereas an attribute can be granted read, search, and write access. To grant write access to an entry, the list of writable attributes needs to be provided. The filter, subtree, and other options are used to target those entries which are writable. Attributes define which part(s) of those entries are writable. As a result, the list of attributes will be writable to members of the permission. sssd component, BZ#808063The manpage entry for the ldap_disable_paging option in the sssd-ldap man page does not indicate that it accepts the boolean values True or False, and defaulting to False if it is not explicitly specified. - Identity Management component, BZ#812127
Identity Management relies on the LDAP schema to know what type of data to expect in a given attribute. If, in certain situations (such as replication), data that does not meet those expectations is inserted into an attribute, Identity Management will not be able to handle the entry, and LDAP tools have do be used to manually clean up that entry. - Identity Management component, BZ#812122
Identity Management sudo commands are not case sensitive. For example, executing the following commands will result in the latter one failing due to the case insensitivity: ~]$ ipa sudocmd-add /usr/bin/Xâ‹®~]$ ipa sudocmd-add /usr/bin/xipa: ERROR: sudo command with name "/usr/bin/x" already exists - Identity Management component
Identity Management and the mod_ssl module should not be installed on the same system, otherwise Identity Management is unable to issue certificates because mod_ssl holds the mod_proxy hooks. To work around this issue, uninstall mod_ssl. - Identity Management component
When an Identity Management server is installed with a custom hostname that is not resolvable, the ipa-server-install command should add a record to the static hostname lookup table in /etc/hosts and enable further configuration of Identity Management integrated services. However, a record is not added to /etc/hosts when an IP address is passed as an CLI option and not interactively. Consequently, Identity Management installation fails because integrated services that are being configured expect the Identity Management server hostname to be resolvable. To work around this issue, complete one of the following: Run the ipa-server-install without the --ip-address option and pass the IP address interactively. Add a record to /etc/hosts before the installation is started. The record should contain the Identity Management server IP address and its full hostname (the hosts(5) man page specifies the record format).
As a result, the Identity Management server can be installed with a custom hostname that is not resolvable. sssd component, BZ#750922Upgrading SSSD from the version provided in Red Hat Enterprise Linux 6.1 to the version shipped with Red Hat Enterprise Linux 6.2 may fail due to a bug in the dependent library libldb. This failure occurs when the SSSD cache contains internal entries whose distinguished name contains the \, character sequence. The most likely example of this is for an invalid memberUID entry to appear in an LDAP group of the form: memberUID: user1,user2 memberUID is a multi-valued attribute and should not have multiple users in the same attribute.
If the upgrade issue occurs, identifiable by the following debug log message: (Wed Nov 2 15:18:21 2011) [sssd] [ldb] (0): A transaction is still active inldb context [0xaa0460] on /var/lib/sss/db/cache_<DOMAIN>.ldb remove the /var/lib/sss/db/cache_<DOMAIN>.ldb file and restart SSSD. Removing the /var/lib/sss/db/cache_<DOMAIN>.ldb file purges the cache of all entries (including cached credentials). sssd component, BZ#751314When a group contains certain incorrect multi-valued memberUID values, SSSD fails to sanitize the values properly. The memberUID value should only contain one username. As a result, SSSD creates incorrect users, using the broken memberUID values as their usernames. This, for example, causes problems during cache indexing. - Identity Management component, BZ#750596
Two Identity Management servers, both with a CA (Certificate Authority) installed, use two replication replication agreements. One is for user, group, host, and other related data. Another replication agreement is established between the CA instances installed on the servers. If the CA replication agreement is broken, the Identity Management data is still shared between the two servers, however, because there is no replication agreement between the two CAs, issuing a certificate on one server will cause the other server to not recognize that certificate, and vice versa. - Identity Management component
The Identity Management (ipa) package cannot be build with a 6ComputeNode subscription. - Identity Management component
On the configuration page of the Identity Management WebUI, if the User search field is left blank, and the search button is clicked, an internal error is returned. sssd component, BZ#741264 Active Directory performs certain LDAP referral-chasing that is incompatible with the referral mechanism included in the openldap libraries. Notably, Active Directory sometimes attempts to return a referral on an LDAP bind attempt, which used to cause a hang, and is now denied by the openldap libraries. As a result, SSSD may suffer from performance issues and occasional failures resulting in missing information. To work around this issue, disable referral-chasing by setting the following parameter in the [domain/DOMAINNAME] section of the /etc/sssd/sssd.conf file: ldap_referrals = false
ipmitool component Not specifying the -N option when setting retransmission intervals of IPMI messages over the LAN or LANplus interface may cause various error messages to be returned. For example: ~]# ipmitool -I lanplus -H $HOST -U root -P $PASS sensor listUnable to renew SDR reservationClose Session command failed: Reservation cancelled or invalid~]# ipmitool -I lanplus -H $HOST -U root -P $PASS delloem powermonitorError getting power management information, return code c1Close Session command failed: Invalid command ipmitool component The ipmitool may crash in certain cases. For example, when an incorrect password is used, a segmentation fault occurs: ~]# ipmitool -I lanplus -H $HOST -U root -P wrongpass delloem powermonitorError: Unable to establish IPMI v2 / RMCP+ sessionSegmentation fault (core dumped) kernel component, Unloading the be2net driver with a Virtual Function (VF) attached to a virtual guest results in kernel panic. kernel component The Brocade BFA Fibre Channel and FCoE driver does not currently support dynamic recognition of Logical Unit addition or removal using the sg3_utils utilities (for example, the sg_scan command) or similar functionality. Please consult Brocade directly for a Brocade equivalent of this functionality. kernel componentiSCSI and FCoE boot support on Broadcom devices is not included in Red Hat Enterprise Linux 6.3. These two features, which are provided by the bnx2i and bnx2fc Broadcom drivers, remain a Technology Preview until further notice. kexec-tools component Starting with Red Hat Enterprise Linux 6.0 and later, kexec kdump supports dumping core to the Brtfs file system. However, note that because the findfs utility in busybox does not support Btrfs yet, UUID/LABEL resolving is not functional. Avoid using the UUID/LABEL syntax when dumping core to Btrfs file systems. busybox component When running kdump in a busybox environment and dumping to a Btrfs file system, you may receive the following error message: /etc/kdump.conf: Unsupported type btrfs However, Btrfs is supported as a kdump target. To work around this issue, install the btrfs-progs package, verify that the /sbin/btrfsck file exists, and retry. trace-cmd component The trace-cmd service does start on 64-bit PowerPC and IBM System z systems because the sys_enter and sys_exit events do not get enabled on the aforementioned systems. trace-cmd component trace-cmd's subcommand, report, does not work on IBM System z systems. This is due to the fact that the CONFIG_FTRACE_SYSCALLS parameter is not set on IBM System z systems. tuned component Red Hat Enterprise Linux 6.1 and later enter processor power-saving states more aggressively. This may result in a small performance penalty on certain workloads. This functionality may be disabled at boot time by passing the intel_idle.max_cstate=0 parameter, or at run time by using the cpu_dma_latency pm_qos interface. libfprint component Red Hat Enterprise Linux 6 only has support for the first revision of the UPEK Touchstrip fingerprint reader (USB ID 147e:2016). Attempting to use a second revision device may cause the fingerprint reader daemon to crash. The following command returns the version of the device being used in an individual machine: ~]$ lsusb -v -d 147e:2016 | grep bcdDevice kernel component The Emulex Fibre Channel/Fibre Channel-over-Ethernet (FCoE) driver in Red Hat Enterprise Linux 6 does not support DH-CHAP authentication. DH-CHAP authentication provides secure access between hosts and mass storage in Fibre-Channel and FCoE SANs in compliance with the FC-SP specification. Note, however that the Emulex driver (lpfc) does support DH-CHAP authentication on Red Hat Enterprise Linux 5, from version 5.4. Future Red Hat Enterprise Linux 6 releases may include DH-CHAP authentication. kernel component The recommended minimum HBA firmware revision for use with the mpt2sas driver is "Phase 5 firmware" (that is, with version number in the form 05.xx.xx.xx). Note that following this recommendation is especially important on complex SAS configurations involving multiple SAS expanders.
kernel component The Red Hat Enterprise Linux 6.3 kernels upgraded the mlx4 modules to a later version. If the modules are used together with, for example, the HP InfiniBand Enablement Kit, the behavior is different. Consequently, certain Mellanox cards do not come up with network interfaces on Red Hat Enterprise Linux 6.3. To work around this problem, the mlx7_core module has to be loaded with the port_type_array option and a 2 parameter for each used InfiniBand card. Follow this example to manually load the driver for two cards in the system: ~]# rmmod mlx4_en~]# rmmod mlx4_core~]# modprobe mlx4_core port_type_array=2,2~]# modprobe mlx4_en~]# ip a The last of the above commands will show the new interfaces. To configure these parameters to be applied by the system when the modules are loaded, run: ~]# echo 'options mlx4_core port_type_array=2,2' >/etc/modprobe.d/mlx4_core.conf kernel component When using Chelsio's iSCSI HBAs for an iSCSI root partition, the first boot after install fails. This occurs because Chelsio's iSCSI HBA is not properly detected. To work around this issue, users must add the iscsi_firmware parameter to grub's kernel command line. This will signal to dracut to boot from the iSCSI HBA. kernel component In Red Hat Enterprise Linux 6.3, three module parameters (num_lro, rss_mask, and rss_xor) that were supported by older versions of the mlx4_en driver have become obsolete and are no longer used. If you supply these parameters, the Red Hat Enterprise Linux 6.3 driver will ignore them and log a warning. kernel component Due to a race condition, in certain cases, writes to RAID4/5/6 while the array is reconstructing could hang the system. kernel component The installation of Red Hat Enterprise Linux 6.3 i386 may occasionally fail. To work around this issue, add the following parameter to the kernel command line: vmalloc=256MB kernel component If a device reports an error, while it is opened (via the open(2) system call), then the device is closed (via the close(2) system call), and the /dev/disk/by-id link for the device may be removed. When the problem on the device that caused the error is resolved, the by-id link is not re-created. To work around this issue, run the following command: ~]# echo 'change' > /sys/class/block/sdX/uevent kernel component Platforms with BIOS/UEFI that that are unaware of PCI-e SR-IOV capabilities may fail to enable virtual functions kernel component When an HBA that uses the mpt2sas driver is connected to a storage using an SAS switch LSI SAS 6160, the driver may become unresponsive during Controller Fail Drive Fail (CFDF) testing. This is due to faulty firmware that is present on the switch. To fix this issue, use a newer version (14.00.00.00 or later) of firmware for the LSI SAS 6160 switch. kernel component, BZ#690523If appropriate SCSI device handlers (scsi_dh modules) are not available when the storage driver (for example, lpfc) is first loaded, I/O operations may be issued to SCSI multipath devices that are not ready for those I/O operations. This can result in significant delays during system boot and excessive I/O error messages in the kernel log. Provided the storage driver is loaded before multipathd is started (which is the default behavior), users can work around this issue by making sure the appropriate SCSI device handlers (scsi_dh modules) are available by specifying one of the following kernel command line parameters which dracut consumes: rdloaddriver=scsi_dh_rdac,scsi_dh_hp_sw rdloaddriver=scsi_dh_emc,scsi_dh_rdac,scsi_dh_alua Note that the order of the listed scsi_dh modules does not matter. Specifying one of the above parameters causes the scsi_dh module(s) to load before the storage driver is loaded or multipath is started. kernel component, BZ#745713In some cases, Red Hat Enterprise Linux 6 guests running fully-virtualized under Red Hat Enterprise Linux 5 experience a time drift or fail to boot. In other cases, drifting may start after migration of the virtual machine to a host with different speed. This is due to limitations in the Red Hat Enterprise Linux 5 Xen hypervisor. To work around this, add the nohpet parameter or, alternatively, the clocksource=jiffies parameter to the kernel command line of the guest. Or, if running under Red Hat Enterprise Linux 5.7 or newer, locate the guest configuration file for the guest and add the hpet=0 parameter in it. kernel component On some systems, Xen full-virt guests may print the following message when booting: WARNING: BIOS bug: CPU MTRRs don't cover all of memory, losing <number>MB of RAM It is possible to avoid the memory trimming by using the disable_mtrr_trim kernel command line option. kernel component The perf record command becomes unresponsive when specifying a tracepoint event and a hardware event at the same time. kernel component On 64-bit PowerPC, the following command may cause kernel panic: ~]# ./perf record -agT -e sched:sched_switch -F 100 -- sleep 3 kernel component Applications are increasingly using more than 1024 file descriptors. It is not recommended to increase the default soft limit of file descriptors because it may break applications that use the select() call. However, it is safe to increase the default hard limit; that way, applications requiring a large amount of file descriptors can increase their soft limit without needing root privileges and without any user intervention. kernel component, BZ#770545In Red Hat Enterprise Linux 6.2 and Red Hat Enterprise Linux 6.3, the default value for sysctl vm.zone_reclaim_mode is now 0, whereas in Red Hat Enterprise Linux 6.1 it was 1. kernel component Using Alsa with an HDA Intel sound card and the Conexant CX20585 codec causes sound and recording failures. To work around this issue, add the following line to the /etc/modprobe.d/dist-alsa.conf file: options snd-hda-intel model=thinkpad kernel component In network only use of Brocade Converged Network Adapters (CNAs), switches that are not properly configured to work with Brocade FCoE functionality can cause a continuous linkup/linkdown condition. This causes continuous messages on the host console: bfa xxxx:xx:xx.x: Base port (WWN = xx:xx:xx:xx:xx:xx:xx:xx) lost fabric connectivity To work around this issue, unload the Brocade bfa driver. kernel component The lpfc driver is deprecating the sysfs mbox interface as it is no longer used by the Emulex tools. Reads and writes are now stubbed out and only return the -EPERM (Operation not permitted) symbol. kernel component In Red Hat Enterprise Linux 6, a legacy bug in the PowerEdge Expandable RAID Controller 5 (PERC5) which causes the kdump kernel to fail to scan for scsi devices. It is usually triggered when a large amounts of I/O operations are pending on the controller in the first kernel before performing a kdump. kernel component, BZ#679262In Red Hat Enterprise Linux 6.2 and later, due to security concerns, addresses in /proc/kallsyms and /proc/modules show all zeros when accessed by a non-root user. kernel component Superfluous information is displayed on the console due to a correctable machine check error occurring. This information can be safely ignored by the user. Machine check error reporting can be disabled by using the nomce kernel boot option, which disables machine check error reporting, or the mce=ignore_ce kernel boot option, which disables correctable machine check error reporting. -
kernel component The order in which PCI devices are scanned may change from one major Red Hat Enterprise Linux release to another. This may result in device names changing, for example, when upgrading from Red Hat Enterprise Linux 5 to 6. You must confirm that a device you refer to during installation, is the intended device. One way to assure the correctness of device names is to, in some configurations, determine the mapping from the controller name to the controller's PCI address in the older release, and then compare this to the mapping in the newer release, to ensure that the device name is as expected. The following is an example from /var/log/messages: kernel: cciss0: <0x3230> at PCI 0000:1f:00.0 IRQ 71 using DAC…kernel: cciss1: <0x3230> at PCI 0000:02:00.0 IRQ 75 using DAC If the device name is incorrect, add the pci=bfsort parameter to the kernel command line, and check again. kernel component Enabling CHAP (Challenge-Handshake Authentication Protocol) on an iSCSI target for the be2iscsi driver results in kernel panic. To work around this issue, disable CHAP on the iSCSI target. kernel component Newer VPD (Vital Product Data) blocks can exceed the size the tg3 driver normally handles. As a result, some of the routines that operate on the VPD blocks may fail. For example, the nvram test fails when running the ethtool -t command on BCM5719 and BCM5720 Ethernet Controllers. kernel component Running the ethtool -t command on BCM5720 Ethernet controllers causes a loopback test failure because the tg3 driver does not wait long enough for a link. kernel component The tg3 driver in Red Hat Enterprise Linux 6.2 does not include support for Jumbo frames and TSO (TCP Segmentation Offloading) on BCM5719 Ethernet controllers. As a result, the following error message is returned when attempting to configure, for example, Jumbo frames: SIOCSIFMTU: Invalid argument kernel component The default interrupt configuration for the Emulex LPFC FC/FCoE driver has changed from INT-X to MSI-X. This is reflected by the lpfc_use_msi module parameter (in /sys/class/scsi_host/host#/lpfc_use_msi) being set to 2 by default, instead of the previous 0. Two issues provide motivation for this change: SR-IOV capability only works with the MSI-X interrupt mode, and certain recent platforms only support MSI or MSI-X. However, the change to the LPFC default interrupt mode can bring out host problems where MSI/MSI-X support is not fully functional. Other host problems can exist when running in the INT-X mode. If any of the following symptoms occur after upgrading to, or installing Red Hat Enterprise Linux 6.2 with an Emulex LPFC adapter in the system, change the value of the lpfc module parameter, lpfc_use_msi, to 0: The initialization or attachment of the lpfc adapter may fail with mailbox errors. As a result, the lpfc adapter is not configured on the system. The following message appear in /var/log/messages: lpfc 0000:04:08.0: 0:0:0443 Adapter failed to set maximum DMA length mbxStatus x0lpfc 0000:04:08.0: 0:0446 Adapter failed to init (255), mbxCmd x9 CFG_RING, mbxStatus x0, ring 0lpfc 0000:04:08.0: 0:1477 Failed to set up hbaACPI: PCI interrupt for device 0000:04:08.0 disabled While the lpfc adapter is operating, it may fail with mailbox errors, resulting in the inability to access certain devices. The following message appear in /var/log/messages: lpfc 0000:0d:00.0: 0:0310 Mailbox command x5 timeout Data: x0 x700 xffff81039ddd0a00lpfc 0000:0d:00.0: 0:0345 Resetting board due to mailbox timeoutlpfc 0000:0d:00.0: 0:(0):2530 Mailbox command x23 cannot issue Data: xd00 x2 Performing a warm reboot causes any subsequent boots to halt or stop because the BIOS is detecting the lpfc adapter. The system BIOS logs the following messages: Installing Emulex BIOS ......Bringing the Link up, Please wait...Bringing the Link up, Please wait...
kernel component The minimum firmware version for NIC adapters managed by netxen_nic is 4.0.550. This includes the boot firmware which is flashed in option ROM on the adapter itself. kernel component, BZ#683012 High stress on 64-bit IBM POWER series machines prevents kdump from successfully capturing the vmcore. As a result, the second kernel is not loaded, and the system becomes unresponsive. kernel component Triggering kdump to capture a vmcore through the network using the Intel 82575EB ethernet device in a 32 bit environment causes the networking driver to not function properly in the kdump kernel, and prevent the vmcore from being captured. -
kernel component Memory Type Range Register (MTRR) setup on some hyperthreaded machines may be incorrect following a suspend/resume cycle. This can cause graphics performance (specifically, scrolling) to slow considerably after a suspend/resume cycle. To work around this issue, disable and then re-enable the hyperthreaded sibling CPUs around suspend/resume, for example: case $1 in hibernate|suspend) echo 0 > /sys/devices/system/cpu/cpu1/online echo 0 > /sys/devices/system/cpu/cpu3/online ; thaw|resume) echo 1 > /sys/devices/system/cpu/cpu1/online echo 1 > /sys/devices/system/cpu/cpu3/online ;esac kernel component In Red Hat Enterprise Linux 6.2, nmi_watchdog registers with the perf subsystem. Consequently, during boot, the perf subsystem grabs control of the performance counter registers, blocking OProfile from working. To resolve this, either boot with the nmi_watchdog=0 kernel parameter set, or run the following command to disable it at run time: echo 0 > /proc/sys/kernel/nmi_watchdog
To re-enable nmi-watchdog, use the following command echo 1 > /proc/sys/kernel/nmi_watchdog
kernel component, BZ#603911 Due to the way ftrace works when modifying the code during start-up, the NMI watchdog causes too much noise and ftrace can not find a quiet period to instrument the code. Consequently, machines with more than 512 CPUs will encounter issues with the NMI watchdog. Such issues will return error messages similar to BUG: NMI Watchdog detected LOCKUP and have either ftrace_modify_code or ipi_handler in the backtrace. To work around this issue, disable NMI watchdog by setting the nmi_watchdog=0 kernel parameter, or using the following command at run time: echo 0 > /proc/sys/kernel/nmi_watchdog
kernel component On 64-bit POWER systems the EHEA NIC driver will fail when attempting to dump a vmcore via NFS. To work around this issue, utilize other kdump facilities, for example dumping to the local file system, or dumping over SSH. kernel component, BZ#587909 A BIOS emulated floppy disk might cause the installation or kernel boot process to hang. To avoid this, disable emulated floppy disk support in the BIOS. kernel component The preferred method to enable nmi_watchdog on 32-bit x86 systems is to use either nmi_watchdog=2 or nmi_watchdog=lapic parameters. The parameter nmi_watchdog=1 is not supported. -
kernel component The kernel parameter, pci=noioapicquirk, is required when installing the 32-bit variant of Red Hat Enterprise Linux 6 on HP xw9300 workstations. Note that the parameter change is not required when installing the 64-bit variant.
libwacom component The Lenovo X220 Tablet Touchscreen is not supported in the kernel shipped with Red Hat Enterprise Linux 6.3. wacomcpl package, BZ#769466The wacomcpl package has been deprecated and has been removed from the package set. The wacomcpl package provided graphical configuration of Wacom tablet settings. This functionality is now integrated into the GNOME Control Center. gnome-settings-daemon component, BZ#826128 On some tablets, using the NVIDIA Graphics drivers to configure Twinview causes the tablet motions to be incorrectly mapped to the laptop screen instead of the tablet itself. Using the stylus on the tablet moves the cursor on the laptop screen. acroread component Running a AMD64 system without the sssd-client.i686 package installed, which uses SSSD for getting information about users, causes acroread to fail to start. To work around this issue, manually install the sssd-client.i686 package. kernel component, BZ#681257 With newer kernels, such as the kernel shipped in Red Hat Enterprise Linux 6.1, Nouveau has corrected the Transition Minimized Differential Signaling (TMDS) bandwidth limits for pre-G80 NVIDIA chipsets. Consequently, the resolution auto-detected by X for some monitors may differ from that used in Red Hat Enterprise Linux 6.0. fprintd component When enabled, fingerprint authentication is the default authentication method to unlock a workstation, even if the fingerprint reader device is not accessible. However, after a 30 second wait, password authentication will become available. evolution component Evolution's IMAP backend only refreshes folder contents under the following circumstances: when the user switches into or out of a folder, when the auto-refresh period expires, or when the user manually refreshes a folder (that is, using the menu item ⤍ ). Consequently, when replying to a message in the Sent folder, the new message does not immediately appear in the Sent folder. To see the message, force a refresh using one of the methods describe above. anaconda component The clock applet in the GNOME panel has a default location of Boston, USA. Additional locations are added via the applet's preferences dialog. Additionally, to change the default location, left-click the applet, hover over the desired location in the Locations section, and click the Set... button that appears. xorg-x11-server component, BZ#623169 In some multi-monitor configurations (for example, dual monitors with both rotated), the cursor confinement code produces incorrect results. For example, the cursor may be permitted to disappear off the screen when it should not, or be prevented from entering some areas where it should be allowed to go. Currently, the only workaround for this issue is to disable monitor rotation.
matahari component The Matahari agent framework (matahari-*) packages are deprecated starting with the Red Hat Enterprise Linux 6.3 release. Focus for remote systems management has shifted towards the use of the CIM infrastructure. This infrastructure relies on an already existing standard which provides a greater degree of interoperability for all users. It is strongly recommended that users discontinue the use of the matahari packages and other packages which depend on the Matahari infrastructure (specifically, libvirt-qmf and fence-virtd-libvirt-qpid). It is recommended that users uninstall Matahari from their systems to remove any possibility of security issues being exposed. Users who choose to continue to use the Matahari agents should note the following: The matahari packages are not installed by default starting with Red Hat Enterprise Linux 6.3 and are not enabled by default to start on boot when they are installed. Manual action is needed to both install and enable the matahari services. The default configuration for qpid (the transport agent used by Matahari) does not enable access control lists (ACLs) or SSL. Without ACLs/SSL, the Matahari infrastructure is not secure. Configuring Matahari without ACLs/SSL is not recommended and may reduce your system's security. The matahari-services agent is specifically designed to allow remote manipulation of services (start, stop). Granting a user access to Matahari services is equivalent to providing a remote user with root access. Using Matahari agents should be treated as equivalent to providing remote root SSH access to a host. By default in Red Hat Enterprise Linux, the Matahari broker (qpidd running on port 49000) does not require authentication. However, the Matahari broker is not remotely accessible unless the firewall is disabled, or a rule is added to make it accessible. Given the capabilities exposed by Matahari agents, if Matahari is enabled, system administrators should be extremely cautious with the options that affect remote access to Matahari.
Note that Matahari will not be shipped in future releases of Red Hat Enterprise Linux (including Red Hat Enterprise Linux 7), and may be considered for formal removal in a future release of Red Hat Enterprise Linux 6. libreport component An error in the default libreport configuration causes the following warning message to appear during problem reporting: /bin/sh: line 4: reporter-bugzilla: command not found This warning message has no effect on the functionality of libreport. To prevent the warning message from being displayed, replace the following lines in the /etc/libreport/events.d/ccpp_event.conf file: abrt-action-analyze-backtrace &&( bug_id=$(reporter-bugzilla -h `cat duphash`) && if test -n "$bug_id"; then abrt-bodhi -r -b $bug_id fi) with: abrt-action-analyze-backtrace irqbalance component, BZ#813078The irqbalance(1) man page does not contain documentation for the IRQBALANCE_BANNED_CPUS and IRQBALANCE_BANNED_INTERRUPTS environment variables. The following documentation will be added to this man page in a future release: IRQBALANCE_BANNED_CPUSProvides a mask of cpus which irqbalance should ignore and never assign interrupts to. This is a hex mask without the leading '0x', on systems with large numbers of processors each group of eight hex digits is sepearated ba a comma ','. i.e. `export IRQBALANCE_BANNED_CPUS=fc0` would prevent irqbalance from assigning irqs to the 7th-12th cpus (cpu6-cpu11) or `export IRQBALANCE_BANNED_CPUS=ff000000,00000001` would prevent irqbalance from assigning irqs to the 1st (cpu0) and 57th-64th cpus (cpu56-cpu63). IRQBALANCE_BANNED_INTERRUPTSSpace seperated list of integer irq's which irqbalance should ignore and never change the affinity of. i.e.export IRQBALANCE_BANNED_INTERRUPTS="205 217 225"
rsyslog component rsyslog does not reload its configuration after a SIGHUP signal is issued. To reload the configuration, the rsyslog daemon needs to be restarted: ~]# service rsyslog restart parted component The parted utility in Red Hat Enterprise Linux 6 cannot handle Extended Address Volumes (EAV) Direct Access Storage Devices (DASD) that have more than 65535 cylinders. Consequently, EAV DASD drives cannot be partitioned using parted, and installation on EAV DASD drives will fail. To work around this issue, complete the installation on a non EAV DASD drive, then add the EAV device after the installation using the tools provided in the s390-utils package.
A new byzanz package is now available for Red Hat Enterprise Linux 6. The byzanz package contains an easy-to-use desktop recorder that can record to GIF images, Ogg Theora video (optionally with sound), and other formats. A GNOME panel applet and a command-line recording tool are also included in the package. This enhancement update adds the byzanz package to Red Hat Enterprise Linux 6. (BZ# 623262) All users who require byzanz are advised to install this new package. New crash-gcore-command packages are now available for Red Hat Enterprise Linux 6. The crash-gcore-command extension module is used to dynamically add a gcore command to a running crash utility session on a kernel dumpfile. The command will create a core dump file for a specified user task program that was running when a kernel crashed. The resultant core dump file may then be used with gdb. This enhancement update adds the crash-gcore-command packages to Red Hat Enterprise Linux 6. (BZ# 692799) All users who require the crash-gcore-command should install these new packages. A new device-mapper-persistent-data package is now available for Red Hat Enterprise Linux 6. The device-mapper-persistent-data package provides device-mapper thin provisioning (thinp) tools. This enhancement update adds the device-mapper-persistent-data package to Red Hat Enterprise Linux 6 as a Technology Preview. (BZ# 760614) More information about Red Hat Technology Previews is available here: All users who require device-mapper-persistent-data should install this new package, which adds this enhancement. A new i2c-tools package is now available for Red Hat Enterprise Linux 6. The i2c-tools package contains a set of I2C tools for Linux: a bus probing tool, a chip dumper, register-level SMBus access helpers, EEPROM (Electrically Erasable Programmable Read-Only Memory) decoding scripts, EEPROM programming tools, and a python module for SMBus access. EEPROM decoding scripts can render your system unusable. Make sure to use these tools wisely. This enhancement update adds the i2c-tools package to Red Hat Enterprise Linux 6. (BZ# 773267) All users who require i2c-tools should install this new package. New ipset and libmnl packages are now available for Red Hat Enterprise Linux 6. The ipset packages provide IP sets, a framework inside the Linux 2.4.x and 2.6.x kernel, which can be administered by the ipset utility. Depending on the type, an IP set can currently store IP addresses, TCP/UDP port numbers or IP addresses with MAC addresses in a way that ensures high speed when matching an entry against a set. The libmnl packages required by the ipset packages provide a minimalistic user-space library oriented to Netlink developers. The library provides functions to make socket handling, message building, validating, parsing, and sequence tracking easier. This enhancement update adds the ipset and libmnl packages to Red Hat Enterprise Linux 6. (BZ# 477115, BZ# 789346) All users who require ipset and libmnl are advised to install these new packages. New java-1.7.0-ibm packages are now available for Red Hat Enterprise Linux 6. The java-1.7.0-ibm packages provide the IBM Java 7 Runtime Environment and the IBM Java 7 Software Development Kit. This update adds the java-1.7.0-ibm packages to Red Hat Enterprise Linux 6. (BZ# 693783) Note: Before applying this update, make sure that any previous IBM Java packages have been removed. All users who require java-1.7.0-ibm should install these new packages. New java-1.7.0-openjdk packages that provide OpenJDK 7 are now available as a Technology Preview for Red Hat Enterprise Linux 6. - [Updated 9 June 2012]
This advisory has been updated to reflect the fact that java-1.7.0-openjdk is fully supported and no longer claims that java-1.7.0-openjdk is a Technology Preview feature. The packages included in this revised update have not been changed in any way from the packages included in the previous version of this advisory.
The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. This enhancement update adds new java-1.7.0-openjdk package to Red Hat Enterprise Linux 6. (BZ# 803726) These packages do not replace the previous version of the OpenJDK (java-1.6.0-openjdk) if present. Users can safely install OpenJDK 7 in addition to OpenJDK 6. The system default version of Java can be configured using the 'alternatives' tool. All users who want to use java-1.7.0-openjdk should install these newly released packages, which add this enhancement. New java-1.7.0-oracle package is now available for Red Hat Enterprise Linux 6. The java-1.7.0-oracle package provides the Oracle Java 7 Runtime Environment and the Oracle Java 7 Software Development Kit. This update adds the java-1.7.0-oracle packages to Red Hat Enterprise Linux 6. (BZ# 720928) Before applying this update, make sure that any previous Oracle Java packages have been removed. All users who require java-1.7.0-oracle should install these new packages. New kmod-bnx2x, kmod-bnx2, kmod-bnx2i, kmod-bnx2fc packages are now available for Red Hat Enterprise Linux 6. The kmod-bnx2x packages provide temporary drivers for the following hardware beyond what was delivered in Red Hat Enterprise Linux 6.2: Broadcom NetXtreme II BCM57xx Gigabit Ethernet The kmod-bnxx packages provide temporary drivers for the following hardware beyond what was delivered in Red Hat Enterprise Linux 6.2: Broadcom NetXtreme II BCM5771x/578xx 10/20-Gigabit Ethernet The kmod-bnx2i packages provide temporary drivers for the following hardware beyond what was delivered in Red Hat Enterprise Linux 6.2: Broadcom NetXtreme II BCM570x/5771x/578xx iSCSI The kmod-bnx2fc packages provide temporary drivers for the following hardware beyond what was delivered in Red Hat Enterprise Linux 6.2: Broadcom NetXtreme II BCM5771x/578xx FCoE This enhancement update adds the kmod-bnx2x, kmod-bnx2, kmod-bnx2i and kmod-bnx2fc packages to Red Hat Enterprise Linux 6 as part of the Red Hat Enterprise Linux Driver Update Program (DUP). The packages introduced by the RHEA-2012:0503 advisory did not contain proper firmware for kmod-bnx2. In addition, the driver included in the kmod-bnx2x packages could, under certain circumstances, work incorrectly with Fibre Channel over Ethernet (FCoE). This update addresses these problems. (BZ# 818940, BZ# 819566, BZ# 819569, BZ# 819567) Users encountering the aforementioned problems and users requiring temporary driver support for the specific hardware noted above should install these packages. Unless a system includes the exact hardware supported by kmod-bnx2x, kmod-bnx2, kmod-bnx2i, or kmod-bnx2fc, these packages must not be installed. New kmod-pch_gbe packages are now available for Red Hat Enterprise Linux 6. The kmod-pch_gbe packages provide kernel modules for controlling Ethernet adapter in Intel EG20T Platform Controller Hub and OKI Semiconductor ML7223 Input/Output Hub. The kmod-pch_gbe packages provide temporary drivers for the following hardware beyond what was delivered in Red Hat Enterprise Linux 6.3: * Intel EG20T PCH / OKI Semiconductor ML7223 IOH Gigabit Ethernet This enhancement update adds the kmod-pch_gbe packages to Red Hat Enterprise Linux 6 as part of the Red Hat Enterprise Linux Driver Update Program (DUP). (BZ# 878375) Only users requiring temporary driver support for the specific hardware noted above should install these packages. Unless a system includes the exact hardware explicitly supported by kmod-pch_gbe packages, these packages must not be installed. A new ledmon package is now available for Red Hat Enterprise Linux 6. The ledmon and ledctl utilities are user space applications designed to control LEDs associated with each slot in an enclosure or a drive bay. There are two types of systems: 2-LED system (Activity LED, Status LED) and 3-LED system (Activity LED, Locate LED, Fail LED). Users must have root privileges to use this application. This enhancement update adds the ledmon package to Red Hat Enterprise Linux 6. (BZ# 750379) All users who require ledmon are advised to install this new package. A new libqb package is now available for Red Hat Enterprise Linux 6. The libqb package provides a library with the primary purpose of providing high performance client server reusable features, such as high performance logging, tracing, inter-process communication, and polling. This enhancement update adds the libqb package to Red Hat Enterprise Linux 6. This package is introduced as a dependency of the pacemaker package, and is considered a Technology Preview in Red Hat Enterprise Linux 6.3. (BZ# 782240) All users who require libqb are advised to install this new package. New libreoffice packages are now available for Red Hat Enterprise Linux 6. LibreOffice is an Open Source, community-developed, office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program. LibreOffice replaces OpenOffice.org and provides a similar but enhanced and extended Office Suite. This enhancement update adds the libreoffice packages to Red Hat Enterprise Linux 6. (BZ# 747431) All users who require libreoffice are advised to install these new packages. New libwacom packages are now available for Red Hat Enterprise Linux 6. The libwacom packages contain a library that provides access to a tablet model database. The libwacom packages expose the contents of this database to applications, allowing for tablet-specific user interfaces. The libwacom packages allow the GNOME tools to automatically configure screen mappings, calibrations, and provide device-specific configurations. This enhancement update adds the libwacom packages to Red Hat Enterprise Linux 6. (BZ# 786100) All users who require libwacom should install these new packages. A new numad package is now available as a Technology Preview for Red Hat Enterprise Linux 6. The numad package provides a daemon for NUMA (Non-Uniform Memory Architecture) systems, that monitors NUMA characteristics. As an alternative to manual static CPU pining and memory assignment, numad provides dynamic adjustment to minimize memory latency on an ongoing basis. The package also provides an interface that can be used to query the numad daemon for the best manual placement of an application. This enhancement update adds the numad package to Red Hat Enterprise Linux 6 as a Technology preview. (BZ# 758416, BZ# 824067) More information about Red Hat Technology Previews is available here: All users who want to use the numad Technology Preview should install this newly-released package, which adds this enhancement. A new ppc64-diag package is now available for Red Hat Enterprise Linux 6. The ppc64-diag package provides platform diagnostics for Linux for 64-bit PowerPC architectures. This enhancement update adds the ppc64-diag package to Red Hat Enterprise Linux 6. (BZ# 632735) All users who require ppc64-diag are advised to install this newly released package. New scl-utils packages are now available for Red Hat Enterprise Linux 6. The scl-utils packages provide a runtime utility and RPM packaging macros for packaging Software Collections. Software Collections allow users to concurrently install multiple versions of the same RPM packages on the system. Using the scl utility, users may enable specific versions of RPMs, which are installed into the /opt directory. This enhancement update adds the scl-utils packages to Red Hat Enterprise Linux 6. (BZ# 713147) All users who require scl-utils should install these new packages. A new subscription-manager-migration-data package is now available for Red Hat Enterprise Linux 6. The new Subscription Management tooling allows users to understand the specific products, which have been installed on their machines, and the specific subscriptions, which their machines consume. This enhancement update adds the subscription-manager-migration-data package to Red Hat Enterprise Linux 6. The package allows for migrations from Red Hat Network Classic Hosted to hosted certificate-based subscription management. (BZ# 773030) All users who require subscription-manager-migration-data are advised to install this new package. New usbredir packages are now available for Red Hat Enterprise Linux 6. The usbredir packages provide a protocol for redirection of USB traffic from a single USB device to a different virtual machine then the one to which the USB device is attached. The usbredir package contains a number of libraries to help implement support for usbredir. This enhancement update adds the usbredir package to Red Hat Enterprise Linux 6. (BZ# 758098) Users who wish to use the new USB redirection for Spice are advised to install these new packages. A new virt-p2v package is now available for Red Hat Enterprise Linux 6. Virt-P2V is a tool for conversion of a physical server to a virtual guest. This enhancement update adds the virt-p2v package to Red Hat Enterprise Linux 6, which contains a bootable ISO image for Virt-P2V conversion. The ISO image is also available on Red Hat Network in the Downloads section of the following channels: RHEL AUS Server (v. 6.2 for 64-bit x86_64) RHEL EUS Server (v. 6.2.z for 64-bit x86_64) Red Hat Enterprise Linux Client (v. 6 for 64-bit x86_64) Red Hat Enterprise Linux Compute Node (v. 6 for x86_64) Red Hat Enterprise Linux Server (v. 6 for 64-bit x86_64) Red Hat Enterprise Linux Workstation (v. 6 for x86_64)
The bootable image is needed to use the tool as the disks must be unmounted and not in use at the time of conversion. It allows you to convert servers running Microsoft Windows or Red Hat Enterprise Linux into virtual guests on Red Hat Enterprise Virtualization or libvirt hosts. For further information, refer to the V2V Guide. (BZ# 807445) All users who require virt-p2v should install this new package. |
| |
