Eventually, we should probably start recommending Red Hat Enterprise Linux 7. Before that, we need to make sure it works ok. The release date is unknown, but a public beta has just arrived.
Some personal notes from a first installation: * The installer is confusing, worse than before I think. * The default installation gives you a system without any GUI at all. * The network does not work by default in VMware. "ifconfig" command is gone. system-config-network is gone. After fiddling around for a while, I managed to get the network up with "ifup ens33". * rhn_register et al are gone. They were quie user friendly. Now they are referring to the command line tool "subscription-manager", which is not very obvious. "subscription-manager register" worked but was not enough. You cannot install subscription-manager-gui, because you are not registered. Doing "subscription-manager attach --auto" worked though. * SSH is installed and active by default, which is nice. * TL package installation works. * Automatic installation of LSB packages via tl-setup did not work: 2013-12-12 12:54:04,351: Downloading Packages 2013-12-12 12:54:05,338: Public key for at-3.1.13-12.el7.x86_64.rpm is not installed 2013-12-12 12:54:36,310: Check Package Signatures 2013-12-12 12:54:36,311: Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta 2013-12-12 12:54:36,330: Importing GPG key 0xF21541EB: Userid : "Red Hat, Inc. (beta key 2) <security@redhat.com>" Fingerprint: b08b 659e e86a f623 bc90 e8db 938a 80ca f215 41eb Package : redhat-release-everything-7.0-0.6.el7.x86_64 (@anaconda/7.0) From : /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta 2013-12-12 12:54:36,330: Importing GPG key 0x897DA07A: Userid : "Red Hat, Inc. (Beta Test Software) <rawhide@redhat.com>" Fingerprint: 17e8 543d 1d4a a5fa a96a 7e9f fd37 2689 897d a07a Package : redhat-release-everything-7.0-0.6.el7.x86_64 (@anaconda/7.0) From : /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta 2013-12-12 12:54:36,330: Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release 2013-12-12 12:54:36,336: Importing GPG key 0xFD431D51: Userid : "Red Hat, Inc. (release key 2) <security@redhat.com>" Fingerprint: 567e 347a d004 4ade 55ba 8a5f 199e 2f91 fd43 1d51 Package : redhat-release-everything-7.0-0.6.el7.x86_64 (@anaconda/7.0) From : /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release 2013-12-12 12:54:36,336: Importing GPG key 0x2FA658E0: Userid : "Red Hat, Inc. (auxiliary key) <security@redhat.com>" Fingerprint: 43a6 e49c 4a38 f4be 9abf 2a53 4568 9c88 2fa6 58e0 Package : redhat-release-everything-7.0-0.6.el7.x86_64 (@anaconda/7.0) From : /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release 2013-12-12 12:54:36,336: failed to install packages with reason: Didn't install any keys I guess this is because tl-setup cannot confirm the GPG keys. Installing with: yum install redhat-lsb-core redhat-lsb-desktop ...works, but you have to confirm a lot of keys: Downloading packages: varning: /var/cache/yum/x86_64/7Everything/rhel-7-public-beta-rpms/packages/libX11-common-1.6.0-1.el7.noarch.rpm: Huvud V3 RSA/SHA256 Signature, nyckel-ID f21541eb: NOKEY Hämtar nyckel från file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta Importerar GPG-nyckel 0xF21541EB: Användarid : ”Red Hat, Inc. (beta key 2) <security@redhat.com>” Fingeravtryck: b08b 659e e86a f623 bc90 e8db 938a 80ca f215 41eb Paket : redhat-release-everything-7.0-0.6.el7.x86_64 (@anaconda/7.0) Från : /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta Är detta ok [j/N]: j Importerar GPG-nyckel 0x897DA07A: Användarid : ”Red Hat, Inc. (Beta Test Software) <rawhide@redhat.com>” Fingeravtryck: 17e8 543d 1d4a a5fa a96a 7e9f fd37 2689 897d a07a Paket : redhat-release-everything-7.0-0.6.el7.x86_64 (@anaconda/7.0) Från : /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta Är detta ok [j/N]: j Hämtar nyckel från file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release Importerar GPG-nyckel 0xFD431D51: Användarid : ”Red Hat, Inc. (release key 2) <security@redhat.com>” Fingeravtryck: 567e 347a d004 4ade 55ba 8a5f 199e 2f91 fd43 1d51 Paket : redhat-release-everything-7.0-0.6.el7.x86_64 (@anaconda/7.0) Från : /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release Är detta ok [j/N]: j Importerar GPG-nyckel 0x2FA658E0: Användarid : ”Red Hat, Inc. (auxiliary key) <security@redhat.com>” Fingeravtryck: 43a6 e49c 4a38 f4be 9abf 2a53 4568 9c88 2fa6 58e0 Paket : redhat-release-everything-7.0-0.6.el7.x86_64 (@anaconda/7.0) Från : /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release Är detta ok [j/N]: j * Installation of the rest of packages worked fine. * SELinux installation failed: 2013-12-12 13:17:09,529: Configuring SELinux... 2013-12-12 13:17:09,560: Output (stderr): 2013-12-12 13:17:09,560: Could not find the development files for your SELinux policy. 2013-12-12 13:17:09,560: SELinux configuration failed with error code 1 * The rest of tl-setup was ok.
Running TL: * After a standard installation, vsmagent cannot create any sessions: 2013-12-12 13:18:53 WARNING tl-session: pam_open_session failed: 14 (Cannot make/remove an entry for the specified session) Apparently, the solution on bug 4634 did not work. Commenting out pam_loginuid fixes this problem. * By default, no executable profiles cannot be found. 929 packages with X11 stuff can be installed with: yum groupinstall "Server with GUI". After doing this, the profile "gnome-3" is activated. However, it doesn't work. First, the screen is blank for several minutes, Then a gray/disabled dialog about languages is presented. After about 10 minutes, another screen is presented with "Oh no! Something has gone wrong". The only option is Log Out. Lots of errors in /var/log/messages: ... Dec 12 13:41:02 dhcp-254-197 systemd: Started Modem Manager. Dec 12 13:41:02 dhcp-254-197 dbus-daemon: dbus[665]: [system] Rejected send message, 1 matched rules; type="method_call", sender=":1.10" (uid=0 pid=886 comm="/usr/sbin/NetworkManager --no-daemon ") interface="org.freedesktop.DBus.ObjectManager" member="GetManagedObjects" error name="(unset)" requested_reply="0" destination=":1.129" (uid=0 pid=16857 comm="/usr/sbin/ModemManager ") Dec 12 13:41:02 dhcp-254-197 NetworkManager: (NetworkManager:886): GLib-GIO-WARNING **: Error calling GetManagedObjects() when name owner :1.129 for name org.freedesktop.ModemManager1 came back: GDBus.Error:org.freedesktop.DBus.Error.AccessDenied: Rejected send message, 1 matched rules; type="method_call", sender=":1.10" (uid=0 pid=886 comm="/usr/sbin/NetworkManager --no-daemon ") interface="org.freedesktop.DBus.ObjectManager" member="GetManagedObjects" error name="(unset)" requested_reply="0" destination=":1.129" (uid=0 pid=16857 comm="/usr/sbin/ModemManager ") Dec 12 13:41:02 dhcp-254-197 ModemManager[16857]: <warn> Could not acquire the 'org.freedesktop.ModemManager1' service name Dec 12 13:41:02 dhcp-254-197 ModemManager[16857]: <info> ModemManager is shut down Dec 12 13:41:02 dhcp-254-197 gnome-session[14809]: dconf-CRITICAL: unable to create directory '/run/user/0/dconf': Åtkomst nekas. dconf will not work properly. Dec 12 13:41:27 dhcp-254-197 gnome-session[14809]: message repeated 106 times: [dconf-CRITICAL: unable to create directory '/run/user/0/dconf': Åtkomst nekas. dconf will not work properly.] Dec 12 13:41:27 dhcp-254-197 dbus-daemon: dbus[665]: [system] Failed to activate service 'org.freedesktop.ModemManager1': timed out Dec 12 13:41:27 dhcp-254-197 dbus[665]: [system] Failed to activate service 'org.freedesktop.ModemManager1': timed out Dec 12 13:41:30 dhcp-254-197 gnome-session[14809]: dconf-CRITICAL: unable to create directory '/run/user/0/dconf': Åtkomst nekas. dconf will not work properly. ... * 218 packages of KDE stuff can be installed with: yum groupinstall "KDE Plasma Workspaces" This enables the KDE profile, which actually works, although the initial session size was very strange.
RHEL 7 was released on June 10, 2014.
The SELinux policy build environment are missing from a minimal install, making the SELinux installer fail. Bug 4313 is about handling this case by for example offering to install the missing package.
(In reply to comment #1) > * By default, no executable profiles cannot be found. 929 packages with X11 > stuff can be installed with: yum groupinstall "Server with GUI". After doing > this, the profile "gnome-3" is activated. However, it doesn't work. First, the > screen is blank for several minutes, Then a gray/disabled dialog about > languages is presented. After about 10 minutes, another screen is presented > with "Oh no! Something has gone wrong". The only option is Log Out. > Lots of errors in /var/log/messages: Can't reproduce this. I installed the graphical-server-environment group and both the Gnome and Gnome Classic profiles became available, and works out of the box.
(In reply to comment #2) > * After a standard installation, vsmagent cannot create any sessions: > > 2013-12-12 13:18:53 WARNING tl-session: pam_open_session failed: 14 (Cannot > make/remove an entry for the specified session) > > Apparently, the solution on bug 4634 did not work. Commenting out pam_loginuid > fixes this problem. Can't reproduce any longer, so I suppose the solution for 4634 actually worked after all.
Problems with detecting installed KDE found and reported as bug 5239.
After quite a bit of testing, I'm confident that there are no major issues left. Some notes: There are no desktop environments installed after the default minimal install. Gnome, Gnome Classic and KDE are available after installing extra packages. - Gnome :: yum groupinstall graphical-server-environment - KDE :: yum groupinstall kde-desktop Additionally, EPEL provides these desktop environments: - XFCE :: yum groupinstall xfce-desktop - Mate :: yum groupinstall mate-desktop-environment - Cinnamon :: yum install cinnamon When printing to nearest, a warning shows up in the desktop environment and this following SELinux AVC shows up in the log: > type=AVC msg=audit(1409906549.883:6665): avc: denied { write } for pid=54979 comm="python-thinlinc" name="webaccess.hconf" dev="dm-0" ino=102197015 scontext=system_u:system_r:cupsd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:usr_t:s0 tclass=file > type=SYSCALL msg=audit(1409906549.883:6665): arch=c000003e syscall=21 success=no exit=-13 a0=1fa2b60 a1=2 a2=7f61620dff88 a3=642e666e6f632f63 items=0 ppid=18452 pid=54979 auid=4294967295 uid=0 gid=7 euid=0 suid=0 fsuid=0 egid=7 sgid=7 fsgid=7 tty=(none) ses=4294967295 comm="python-thinlinc" exe="/usr/bin/python2.7" subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 key=(null) This has been reported as bug 5243. After installing the SELinux policy development files (bug 4313), the SELinux install script worked just fine, and I was still able to create sessions for all of Gnome, KDE, XFCE, Mate and Cinnamon. A few AVC:s showed up in the log however: > type=AVC msg=audit(1409813420.522:6429): avc: denied { search } for pid=39328 comm="tl-session" name=".X11-unix" dev="dm-0" ino=67598451 scontext=system_u:system_r:thinlinc_session_t:s0 tcontext=system_u:object_r:xdm_tmp_t:s0 tclass=dir > type=SYSCALL msg=audit(1409813420.522:6429): arch=x86_64 syscall=connect success=no exit=EACCES a0=4 a1=7fffec9115b0 a2=13 a3=656572662e67726f items=0 ppid=1629 pid=39328 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=799 comm=tl-session exe=/opt/thinlinc/libexec/tl-session subj=system_u:system_r:thinlinc_session_t:s0 key=(null) These has been reported as bug 5249 internally as well as to upstream - see the bug report for details.
*** Bug 5264 has been marked as a duplicate of this bug. ***
Works as expected, a lot of testing has been performed while testing dependent bugs for this one.
HA functionality becomes disabled upon restart of RHEL7 server, see bug #5311 for the orginal problem. We need to find a workaround which means that when vsmserver is started, network needs to be configured and up. - One workaround is to disable the service NetworkManager
(In reply to comment #11) > HA functionality becomes disabled upon restart of RHEL7 server, see bug #5311 > for the orginal problem. > > We need to find a workaround which means that when vsmserver is started, > network needs to be configured and up. > > - One workaround is to disable the service NetworkManager - Create the directory /etc/systemd/system/vsmserver.service.wants containing a symlink to /usr/lib/systemd/system/network-online.target. Works with NetworkManager enabled / disabled.
(In reply to comment #12) > (In reply to comment #11) > > HA functionality becomes disabled upon restart of RHEL7 server, see bug #5311 > > for the orginal problem. > > > > We need to find a workaround which means that when vsmserver is started, > > network needs to be configured and up. > > > > - One workaround is to disable the service NetworkManager > > - Create the directory /etc/systemd/system/vsmserver.service.wants containing > a symlink to /usr/lib/systemd/system/network-online.target. > > Works with NetworkManager enabled / disabled. Platform specific notes updated with documented workaround in commit 29510.
(In reply to comment #13) > (In reply to comment #12) > > (In reply to comment #11) > > > HA functionality becomes disabled upon restart of RHEL7 server, see bug #5311 > > > for the orginal problem. > > > > > > We need to find a workaround which means that when vsmserver is started, > > > network needs to be configured and up. > > > > > > - One workaround is to disable the service NetworkManager > > > > - Create the directory /etc/systemd/system/vsmserver.service.wants containing > > a symlink to /usr/lib/systemd/system/network-online.target. > > > > Works with NetworkManager enabled / disabled. > > Platform specific notes updated with documented workaround in commit 29510. Updated www.cendio.se and verified that all is ok.
padsp script from pulseaudio-utils is broken which makes sound redirection fail when connecting to WTS backend. Upstream bug created: https://bugzilla.redhat.com/show_bug.cgi?id=1154072 We should probably update our platform specific notes with workaround.
(In reply to comment #15) > padsp script from pulseaudio-utils is broken which makes sound redirection fail > when connecting to WTS backend. > > Upstream bug created: > > https://bugzilla.redhat.com/show_bug.cgi?id=1154072 > > We should probably update our platform specific notes with workaround. Platform specific note sent to sales@... so they can update the web pages.
(In reply to comment #16) > (In reply to comment #15) > > padsp script from pulseaudio-utils is broken which makes sound redirection fail > > when connecting to WTS backend. > > > > Upstream bug created: > > > > https://bugzilla.redhat.com/show_bug.cgi?id=1154072 > > > > We should probably update our platform specific notes with workaround. > > Platform specific note sent to sales@... so they can update the web pages. Verified update page on www.cendio.com, looks great.
