CentOS-7 (1810) Release Notes

Last updated: January 28, 2019

1. Translations

Translations of these release notes are available for the following languages:

2. Introduction

The CentOS Project does not provide any verification, certification, or software assurance with respect to security for CentOS Linux. The Security Profiles provided in the CentOS Linux installers are a conversion of the ones included in RHEL Source Code. If certified / verified software that has guaranteed assurance is what you are looking for, then you likely do not want to use CentOS Linux. See this link if you plan to use Security Profiles.

Hello and welcome to the seventh CentOS-7 release. The CentOS Linux distribution is a stable, predictable, manageable and reproducible platform derived from the sources of Red Hat Enterprise Linux (RHEL)1. You can read our official product announcement for this release here.

CentOS conforms fully with Red Hat's redistribution policy and aims to have full functional compatibility with the upstream product. CentOS mainly changes packages to remove Red Hat's branding and artwork.

We have decided not to follow Red Hat's usage of Installation Roles. In CentOS Linux all content from every distribution 'channel' is made available to the user at time of installation.

The continuous release (CR) repository makes generally available packages that will appear in the next point release of CentOS, on a testing and hotfix basis until formally released. Please read through the other sections before trying an install or reporting an issue.

3. Install Media

Various installation images are available for installing CentOS. Which image you need to download depends on your installation environment. All of these images can either be burned on a DVD or dd’ed to an USB memory stick.

If you are unsure which image to use, pick the DVD image. It allows selecting which components you want to install and contains all packages that can be selected from the GUI installer. The 'Everything' image is more than twice the size of the ordinary DVD and is not required for most common installs - it is intended for use by sysadmins who want to run their own local mirror. Using the Everything image does not give you more options for package selection within the installer.

Live media images are also available, both for Gnome and KDE desktop environments. These allow you to test out CentOS by booting from the DVD or USB stick. You can also install CentOS to your hard disk from the live media images, but please note that what gets installed on your hard disk is exactly the same as you see when using the live media. For more flexibility in selecting which packages you want to have installed, please use the DVD image.

The netinstall image can be used for doing installs over network. After booting the computer with the netinstall image, the installer will ask from where it should fetch the packages to be installed.

The everything image contains all the packages that are available for CentOS-7, including those that are not directly installable from the installer. If you want to install those other packages, you must mount the install media on your installed system after the installation, and copy or install the packages from there. For most users installing from the DVD image and then installing the other packages with ”yum install <packagename>” instead is probably easier.

Attention

At least 1280 MB RAM is required to install and use CentOS-7 (1810). When using the Live ISOs for install, 1280 MB RAM produces very slow results and even some install failures. At least 1536 MB RAM is recommended for LiveGNOME or LiveKDE installs.

4. Verifying Downloaded Installation Images

Before copying the image to your preferred installation media you should check the sha256sum of the downloaded installation images.

sha256sum x86_64: 3213b2c34cecbb3bb817030c7f025396b658634c0cf9c4435fc0b52ec9644667 CentOS-7-x86_64-LiveGNOME-1810.iso 38d5d51d9d100fd73df031ffd6bd8b1297ce24660dc8c13a3b8b4534a4bd291c CentOS-7-x86_64-Minimal-1810.iso 6d44331cc4f6c506c7bbe9feb8468fad6c51a88ca1393ca6b8b486ea04bec3c1 CentOS-7-x86_64-DVD-1810.iso 87623c8ab590ad0866c5f5d86a2d7ed631c61d69f38acc42ce2c8ddec65ecea2 CentOS-7-x86_64-LiveKDE-1810.iso 918975cdf947e858c9a0c77d6b90a9a56d9977f3a4496a56437f46f46200cf71 CentOS-7-x86_64-Everything-1810.iso 19d94274ef856c4dfcacb2e7cfe4be73e442a71dd65cc3fb6e46db826040b56e CentOS-7-x86_64-NetInstall-1810.iso

5. Major Changes

Since release 1503 (abrt>= 2.1.11-19.el7.centos.0.1) CentOS-7 can report bugs directly to bugs.centos.org. You can find information about that feature at this page.

Among others, the following packages have received rebaseing to more current upstream versions: samba, pki-core, gcc-libraries, elf-utils, GNOME shell, X11-server, ipset, firewalld, gnutls and libreswan.

SSL-cpabilites have been added to Net::SMTP.

Open-JDK-11 is now available.

pNFS SCSI is no longer a Technology Preview.

Thunderbolt-3 interfaces are now supported.

As always - various driver updates.

The following packages have been declared deprecated: Python 2, lvm2app, 3DES as part of Python, signtool, sendmail, dmraid, Btrfs filesystem, several rsyslog options, various drivers and others. More information can be found in the RHEL 7.6 Release Notes.

If you plan to use Security Profiles in Anaconda, please see this link.

ipset users should note that as part of the above mentioned rebase, the location of saved ipset data has changed from /etc/sysconfig/ipset to /etc/sysconfig/ipset.d/ and the new directory now contains one file per saved ipset. Users with configuration management that sets up /etc/sysconfig/ipset will need to modify their setup.

6. Deprecated Features

This release - as already mentioned - features various changes to cryptographic abilities of various packages. Some insecure cryptographic algorithms and protocols are removed from the distro. For a complete list of all removed functions and deprecated packages please take a look at this page.

In particular, the golang package is no longer included in CentOS due to an upstream decision. It is now recommended that you use Go Toolset instead. It is available from the SCL. See this how-to for the instructions. If you really want to use golang, you can try the slightly newer version from EPEL. If you don't have the EPEL repository installed yet, you can install the EPEL repository config files with yum install epel-release --enablerepo=extras.

7. Known Issues

A list of known upstream issues can be found here. Given that we build from the same sources, many if not all of those issues will likely also apply to CentOS Linux. You can also find information on notable updates here.

Some security profiles enable a global repo_gpgcheck option in /etc/yum.conf to cryptographically verify the repository metadata. While this works for CentOS repositories, some third party repositories (such as EPEL) do not support GPG signed metadata. If repo_gpgcheck is enabled yum will try to download the signed metadata file repomd.xml.asc. If the file does not exist, yum will output an error message and exit. You may need to either remove repo_gpgcheck from /etc/yum.conf or set repo_gpgcheck=0 for each individual repository that does not support GPG signed metadata.

Users of Samba with "security = domain" or "security = ads" require a running 'winbindd' now. The smbd service no longer queries user and group information from Active Directory domain controllers and NT4 primary domain controllers directly. Installations with the security parameter set to ads or domain now require that the winbindd service is running. See https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.6_release_notes/new_features_authentication_and_interoperability

If you are using Cinnamon desktop from EPEL, upgrading to CentOS 7.6.1810 will fail because it is no longer supported. See RHBZ 1647181. [Update: It is once again available, thanks to the new maintainer]

If you use VirtualBox to run CentOS 7.6.1810 as a guest with a GUI, you need version 5.2.23 to build graphics drivers. See VBox ticket 18093. Also, the mouse may not work properly as reported in this VBox forum thread. The mouse issue reported in RHBZ 1658669 and CentOS bug 15570

X fails to start on certain systems with an Nvidia card See RHBZ 1650634.

ghostscript update in CentOS 7.6.1810 removes flushpage which xdvi uses. xdvi now cannot render files with embedded postscript images. See RHBZ 1654045 for details and a workaround. [Update: the issue has been fixed in ghostscript-9.07-31.el7_6.3]

If you are upgrading from CentOS-7.0.1406 and if you have NetworkManager.i686 installed, you will have to uninstall NetworkManager.i686 before the upgrade. (Thanks to the Scientific Linux team for finding this issue)

For the ppc64le arch, if you currently have qemu-*-ev from the extras repository installed and you want to upgrade to the included qemu-*-ma which is now included in ppc64le, you must manually remove qemu-*-ev. If you would rather continue to use qemu-*-ev, you can get those RPMs from the Virt SIG here

AWS users should beware of a problem before updating. A version of awscli was added in RHEL-7.5 which is an upgrade from the version currently available in EPEL. It has pre-reqs of python-s3transfer where the EPEL copy required python2-s3transfer. If you update awscli without removing python2-s3transfer and installing python-s3transfer then awscli will die with a stacktrace. You can yum swap python2-s3transfer python-s3transfer to exchange the two packages and awscli from the base repo should then work.

Some digital cameras connected through USB do not work. This is due to a bug in libgphoto2. For more details see RHBZ#1551747.

If you're upgrading CentOS 7 on an old Apple Intel based machine (tested on 2008 iMac), exclude shim* and mokutil* from your yum transaction or machine will refuse to boot. If you have already upgraded, boot on a usb stick, mount /boot/efi/EFI and copy grubx64.efi over shimx64.efi see CBR#15522

Redhat have removed /sbin/nologin from /etc/shells in a 7.6 update and this will stop vsftpd from working in the default configuration supplied. Either remove pam_shell.so from /etc/pam.d/vsftpd or add /sbin/nologin back into /etc/shells. Other packages that depend on /sbin/nologin may also be affected by this change.

Users of (at least some) ATI cards may suffer from video corruption or freezes after the 7.6 update. It is reported that this can be fixed by adding a config file to change some options. You can find details of the added file in https://www.centos.org/forums/viewtopic.php?f=49&t=69014&p=289882#p289784

If you have previously installed yum4/dnf from the CentOS Config Management SIG, you will need to remove it prior to updating to 7.6.1810 because the old yum4/dnf will cause package conflicts during update. yum remove centos-release-yum4 yum4 python2-hawkey libdnf dnf-conf python2-librepo should remove the offending packages, including dnf as one of the dependencies. A new dnf is installable from the extras repository.

8. Fixed Issues

For all the fixed issues it is best to look at the errata release page here and look for fixes dated starting October 30th 2018.

9. Packages and Applications

9.1. Packages modified by CentOS

abrt

anaconda

apache-commons-net

basesystem

cloud-init

cockpit

compat-glibc

dhcp

firefox

fwupdate

grub2

httpd

initial-setup

ipa

kabi-yum-plugins

kernel

kde-settings

libreport

ntp

openssl098e

oscap-anaconda-addon

PackageKit

pcs

plymouth

redhat-lsb

redhat-rpm-config

scap-security-guide

shim

shim-signed

sos

subscription-manager

system-config-date

system-config-kdump

thunderbird

xulrunner

yum

9.2. Packages removed from CentOS that are included upstream

insights-client

Red_Hat_Enterprise_Linux-Release_Notes-7-*

redhat-access-gui

redhat-bookmarks

redhat-indexhtml

redhat-logos

redhat-release-*

subscription-manager-migration

subscription-manager-migration-data

9.3. Packages added by CentOS that are not included upstream

centos-bookmarks

centos-indexhtml

centos-logos

centos-release

firefox

gcc-libraries

java-1.8.0-openjdk

spamassassin

tomcat

tzdata

10. Sources

All CentOS-7 sources are hosted at git.centos.org. All code released into the distribution originated from git.centos.org.

Source RPMs will also be published once the release is done, in the usual location at http://vault.centos.org/centos/7/

From a CentOS machine you can easily retrieve sources using the yumdownloader --source <packagename> command.

11. How to help and get help

As a CentOS user there are various ways you can help out with the CentOS community. Take a look at our Contribute page for further information on how to get involved.

11.1. Special Interest Groups

CentOS consists of different Special Interest Groups (SIGs) that bring together people with similar interests. The following SIGs already exist (among others):

Artwork - create and improve artwork for CentOS releases and promotion

Promotion - help promoting CentOS online or at events

Virtualization - unite people around virtualization in CentOS

And we encourage people to join any of these SIGs or start up a new SIG, e.g.

ARM, PPC and i386 port - help with porting CentOS to other architectures

Hardware compatibility - provide feedback about specific hardware

RPM Packaging - contribute new useful RPM packages

Translation - help translating the documentation, website and Wiki content

11.2. Mailing Lists and Forums

Another way you can help others in the community is by actively helping and resolving problems that users come up against in the mailing lists and the forums.

11.3. Wiki and Website

Even as an inexperienced CentOS user we can use your help. Because we like to know what problems you encountered, if you had problems finding specific information, how you would improve documentation so it becomes more accessible. This kind of feedback is as valuable to others as it would have been to you so your involvement is required to make CentOS better.

So if you want to help out and improve our documentation and Wiki, register on the Wiki or subscribe to the centos-docs mailing list.

11.4. IRC Presence

The CentOS project maintains a presence on the freenode IRC network as an additional venue for community support and interaction. Please see our IRC wiki article for more information.

12. Further Reading

The following websites contain large amounts of information to help people with their CentOS systems:

13. Thanks

We thank everyone involved for helping us produce this product and would like to specifically acknowledge the extra effort made by the QA Team. Without them working lots and lots of hours in evenings, nights, weekends and holidays, we couldn't have released this Release in the time we did. A special thanks also goes to the CentOS-community. A more complete list of the contributors to this release can be found at /usr/share/doc/centos-release/Contributors of your new CentOS-7 installation.

Copyright (C) 2018 The CentOS Project