[WIP] 9.1 Release Notes

docs/release_notes/9_1.md

@@ -0,0 +1,180 @@
+---
+title: Current Release 9.1
+tags:
+  - 9.1
+  - 9.1 release
+  - Rocky 9.1
+---
+
+# Release Notes For Rocky Linux 9.1
+
+## Upgrading
+
+You can upgrade from Rocky Linux 9.0 to Rocky Linux 9.1 by simply running `sudo dnf -y upgrade`
+
+!!! note
+
+    Rocky Linux does not offer an upgrade path from any version of Rocky Linux 8. We recommend doing a fresh OS install to move to Rocky Linux 9.x.
+
+## Image changes
+
+As well as the normal install images, there are several images available for new and existing cloud and container platforms.
+
+In between Rocky Linux 9.0 and 9.1, images for Oracle Cloud Platform (OCP) were developed and released. The Oracle images join our existing set of images including GenericCloud, Amazon AWS (EC2), Container RootFS/OCI, Google Cloud Platform, Microsoft Azure, and other CSP-maintained images.
+
+Additionally, the GenericCloud, EC2, and Azure images now have a variant which uses an LVM partition for the root filesystem, allowing systems administrators additional flexibility and options for configuring their systems. And the GenericCloud image is also available for ppc64le and s390x now!
+
+Also the build pipeline for the container (Base, Minimal, and UBI) and Vagrant (Libvirt, VirtualBox, and VMWare) images got overhauled. Vagrant images are now available for x86_64 and aarch64, and container images for all 4 arches.
+
+More information on the artifacts produced by the Cloud Special Interest Group, as well as information on how to get involved can be found on the [SIG/Cloud Wiki](https://sig-cloud.rocky.page/) page.
+
+## Installing
+
+To install Rocky Linux 9.1, head to the [download page](https://rockylinux.org/download/) and download the version you need for your architecture. 
+
+## Known Issues
+
+## Major Changes
+
+For a complete list of major changes, please see the upstream listing [here](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/overview#overview-major-changes).
+
+Some highlights from this release are detailed next.
+
+## Software Management
+
+* The `modulesync` command is now available to replace certain workflows in `dnf` and `createrepo_c`.
+
+## Security
+
+### Changes to OpenSSH
+
+* New option supports setting the minimum RSA key length
+* `crypto-policies` enforce 2048-bit RSA key length minimum by default
+* `crypto-policies` now support `sntrup761x25519-sha512@openssh.com`
+
+### Changes to SELinux
+
+* SELinux policy confines additional services
+* SELinux supports the self keyword in type transitions
+* SELinux user-space packages updated
+* SELinux automatic relabeling is now parallel by default
+
+### Other Changes
+
+* New option in OpenSSL supports SHA-1 for signatures
+* Network Security Services (NSS) no longer support RSA keys shorter than 1023 bits
+* SCAP Security Guide rebased to 0.1.63
+* New packages: `keylime` a tool for attestation of remote systems, which uses the trusted platform module (TPM) technology. With Keylime, you can verify and continuously monitor the integrity of remote systems.
+* Added a maximum size option for Rsyslog error files
+* `clevis-luks-askpass` is now enabled by default
+* `fapolicyd` rebased to 1.1.3
+
+## Shells And command-line Tools
+
+* `Cronie` adds support for a randomized time within a selected range
+* ReaR adds new variables for executing commands before and after recovery
+* New package: `xmlstarlet` - A set of command-line utilities for parsing, transforming, querying, validating, and editing XML files
+* `pencryptoki` rebased to version 3.18.0
+* `powerpc-utils` rebased to version 1.3.10
+* `libvpd` rebased to version 2.2.9
+* `lsvpd` rebased to version 1.7.14
+* `ppc64-diag` rebased to version 2.7.8
+* `sysctl` introduces identical syntax for arguments as `systemd-sysctl`
+
+## Infrastructure Services
+
+### Changes to `chrony`
+
+* now uses DHCPv6 NTP servers as well as DHCPv4
+* rebased to version 4.2
+
+### Other Changes
+
+* `unbound` rebased to version 1.16.2
+* The password encryption function is now available in `whois`
+* `frr` rebased to version 8.2.2
+
+## Networking
+
+* The `act_ctinfo` kernel module has been added
+* The PTP driver now supports virtual clocks and time stamping
+* `firewalld` was rebased to version 1.1.1
+* NetworkManager now supports `advmss`, `rto_min`, and `quickack` route attributes
+* Support for the 802.ad `vlan-protocol` option in `nmstate`
+* More DHCP and IPv6 auto-configuration attributes have been added to the nmstate API
+* NetworkManager now clearly indicates that WEP support is not available
+
+## High Availability and Cluster
+
+* `pcs` supports updating multipath SCSI devices without requiring a system restart
+* Support for cluster UUID
+* New `pcs resource config` command option to display the `pcs` commands that re-create configured resources
+* New `pcs stonith config` command option to display the `pcs` commands that re-create configured fence devices
+* Pacemaker rebased to version 2.1.4
+* Samba no longer automatically installed with cluster packages
+
+## Dynamic Programming Languages, Web and Database Servers
+
+### Module Streams
+
+* A new module stream: `php:8.1`
+* A new module stream: `ruby:3.1`
+
+### Other Changes
+
+* httpd rebased to version 2.4.53
+* A new default for the `LimitRequestBody` directive in `httpd` configuration
+* New package: httpd-core
+* `pcre2` rebased to version 10.40
+
+## Compilers and Development Tools
+
+### Module Streams
+
+* A new module stream: `maven:3.8`
+
+### New GCC Toolset 12
+
+* GCC Toolset 12: Annobin rebased to version 10.79
+* GCC Toolset 12: `binutils` rebased to version 2.38
+* GCC 12 and later supports `_FORTIFY_SOURCE` level 3
+* GCC Toolset 12: GDB rebased to version 11.2
+
+### Other Changes
+
+* GCC compiler 11.2.1 has been updated with numerous bug fixes and enhancements
+* DNS stub resolver option now supports `no-aaaa` option
+* GDB supports Power 10 PLT instructions
+* Rust Toolset rebased to version 1.62.1
+* LLVM Toolset rebased to version 14.0.0
+
+## Identity Management
+
+### SSSD Changes
+
+* SSSD now supports memory caching for SID requests
+* SSSD support for anonymous PKINIT for FAST
+* SSSD now supports direct integration with Windows Server 2022
+
+### IdM Changes
+
+* IdM now supports Random Serial Numbers
+* IdM now supports a limit on the number of LDAP binds allowed after a user password has expired
+* IdM now supports configuring an AD Trust with Windows Server 2022
+
+### Other Changes
+
+* New `ipasmartcard_server` and `ipasmartcard_client` roles
+* The `ipa-dnskeysyncd` and `ipa-ods-exporter` debug messages are no longer logged to `/var/log/messages` by default
+* `samba` rebased to version 4.16.1
+* Directory Server now supports recursive delete operations when using `ldapdelete`
+
+## Virtualization
+
+* Improved KVM architectural compliance
+* `open-vm-tools` rebased to 12.0.5
+
+## Reporting Bugs
+
+Please report any bugs you encounter to the [Rocky Linux Bug Tracker](https://bugs.rockylinux.org/). We also welcome you to join our community in any way you wish be it on our [Forums](https://forums.rockylinux.org), [Mattermost](https://chat.rockylinux.org), [IRC on Libera.Chat](irc://irc.liberachat/rockylinux), [Reddit](https://reddit.com/r/rockylinux), [Mailing Lists](https://lists.resf.org), or any other way you wish to participate!
+