To use the new API in Python, install the python3-nftables package. This library provides a high-level interface to manage nftables rule sets from third-party applications. You can enable it with the runas_allow_unknown_id setting (CVE-2019-19232).Ī JSON API has been added to the libnftables library. The use of unknown user and group IDs for permissive sudoers entries, for example using the ALL keyword, is now disabled. Previously, you could only do so if the group matched the target user’s primary group.įixed a bug that prevented sudo from matching the host name to the value of ipa_hostname from nf, if specified.Ī vulnerability that allowed a sudo user to run a command as root when the Runas specification disallowed root access with the ALL keyword is now fixed (CVE-2019-14287). You can now use sudo with the -g option to specify a group that matches any of the target user’s groups even if no groups are present in the runas_spec specification. With the new log_allowed and log_denied settings for sudoers, you can disable logging and auditing of allowed and denied commands. The cvtsudoers command now rejects non-LDAP Data Interchange Format (LDIF) input when converting from LDIF to sudoers and JSON formats. The notBefore and notAfter options from LDAP and SSSD now work and display correctly with the sudo -l command. This prevents possible confusion of PAM output and command output sent to files and pipes. sudo now writes Pluggable Authentication Module (PAM) messages to the user’s terminal, if available, instead of the standard output or standard error output.Notable changes to internationalization in RHEL 8 Red Hat Enterprise Linux 8 international languagesĦ.2. Dynamic programming languages, web and database serversĬollapse section "6. Deprecated functionality"Ĭollapse section "5.6. Red Hat Enterprise Linux System RolesĮxpand section "5.6. Technology Previews"Ĭollapse section "5.5. Dynamic programming languages, web and database serversĮxpand section "5.5. Updated /proc/sys/kernel parametersĥ.4.9. Important changes to external kernel parameters"ĥ.2.4. Important changes to external kernel parameters"Ĭollapse section "5.2. Important changes to external kernel parametersĮxpand section "5.2. Dynamic programming languages, web and database serversĥ.2. Distribution of content in RHEL 8"ĥ.1.10. Distribution of content in RHEL 8"Ĭollapse section "3. Providing feedback on Red Hat documentationĮxpand section "3.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |