Weekly Changes – 17/01/2022
A range of changes this week but nothing with a particularly big impact. The most noteworthy changes are the end of support for SL7.8 and, for DICE servers, the new DHCP domain-name support. Here are the full details…
SL7.8 updates
As noted last week we are no longer issuing updates for SL7.8. If you wish to continue with the SL7 platform you need to upgrade to SL7.9 to receive important security updates.
DHCP
The dhclient and dhcpd components have gained support for explicitly specifying a value for the domain-name
parameter for a host (and the BMC). This is done by using new domainname
and bmcdomainname
resources. For backwards compatibility, it is still possible to specify the FQDN using the hostname
resource but the new approach of separately specifying the domain name is now recommended. This resolves an issue we have recently been experiencing with the iDRAC software on various Dell PowerEdge server models not permitting access to the web interface unless the domain-name parameter is provided in the DHCP response.
SL7 Kernel
There is a new INF_TEST
kernel for SL7 – 3.10.0-1160.53.1.el7 – this version resolves a client caching problem. See this thread and this thread on the openafs-info mailing list for full details.
OpenAFS
Support for 1.8.7 has been dropped.
Hardware Monitoring
The hwmon hardware monitoring utility now reports on cooling fans which are running below the expected minimum speed (or not at all).
nsu on DICE
We are aiming to withdraw general support for the nsu utility on DICE SL7 systems in the near future. All system managers need to identify where it is still definitely required and either define the DICE_OPTIONS_NSU_ENABLE
macro at the top of the LCFG profile or include the dice/options/nsu.h
header. Note that nsu has never been supported on Ubuntu.
Gigabyte G482-Z54
There are new hardware headers for the Gigabyte G482-Z54 model – lcfg/hw/gigabyte_g482_z54.h
and dice/hw/gigabyte_g482_z54.h
.
DICE inventory checks
The DICE checks now report on the existence of orphaned crontabs (e.g. owned by non-existent or expired accounts) and also any LCFG-managed crontabs which have been manually editted.
log4j vulnerability scanning
The packaged version of the local-log4j-vuln-scanner was updated. Notably this now requires a -scan-network
command-line option to be specified if you wish to scan network filesystems (e.g AFS or NFS).
Recent comments