Red Hat Enterprise Linux 9.3: Top features for developers

Red Hat Enterprise Linux (RHEL) 9.3 is now generally available (GA). This release provides a flexible, reliable, secure, and stable foundation to innovate applications and develop critical workloads faster and more efficiently with a consistent experience across physical, virtual, private, public cloud, and edge deployments. You can download RHEL 9.3 at no cost as part of the Red Hat Developer program subscription. 

In this article, you'll learn about enhancements in RHEL 9.3 that improve the developer experience.

Latest language runtimes and tools

Red Hat Enterprise Linux 9.3 has been updated with many developers' favorite programming languages. Notable changes include: 

• Apache HTTP Server 2.4.57 is the latest web server version included in Red Hat Enterprise Linux 9.3. Key enhancements in HTTPd version 2.4.57 include:
  • A new -T option to truncate all rotated logfiles except the initial logfile.
  • The LDAPConnectionPoolTTL now accepts negative values to reuse connections of any age. Previously, a negative value was handled as an error. 
  • The mod_authnz_fcgi module is included in the latest version. This enables FastCGI authorizer applications to authenticate users and authorize access to resources.
• Redis 7 is an advanced key-value store available as part of Red Hat Enterprise Linux 9.3. Prominent features include:
  • Support for server-side scripting in Redis Functions API.
  • Shared publish/subscribe support for clusters.
  • New version formation for Redis Database (RDB) files. 
  • Fine-grained access control list (ACL) support. 

The latest versions of toolsets and compilers

Red Hat Enterprise Linux 9.3 offers an updated version of GCC 13, Rust 1.71, and LLVM 16, enabling developers to accelerate innovation, streamline operations, and modernize their applications with the latest toolsets and compilers.

GCC 13

Red Hat Enterprise Linux 9.3 comes with a GCC compiler 13.1.1. This version provides many bug fixes and enhancements available in upstream GCC. Key updates in GCC toolset 13 include the following: 

• A new -w (– no-warnings) command-line option suppresses the generation of any warning message when you create a known non-working binary. 
• SystemTap is rebased to version 4.9. This update provides access to Python/Jupyter interactive notebook front-end for AI/ML application development. 
• The libpfm package has been updated to version 4.13. Notable improvements include access to the performance monitoring hardware native events for processor microarchitectures such as AMD Zen 2, AMD Zen 3, AMD Zen 4, IBM z16, and 4th Gen Intel Xeon Scalable processors. 

Find out more about GCC on RHEL.

Rust 1.71

The Rust toolset has been updated to version 1.71 in RHEL 9.3. Notable changes include the following:

• Cargo has been fixed to remedy a security vulnerability that allowed local attackers to edit the cache of the source code belonging to another local user.  
• A new Cargo sparse protocol enables more efficient use of the crates.io registry. This reduces the network activity required to resolve dependencies from the package registry. This is much faster than the Git-based protocol.
• New OnceLock and OnceCell APIs for one-time value initialization. These wrapper types manage the initialization of their inner value so that they are written only once, even among multiple attempts from a shared reference.

Find out more about Rust on RHEL. 

LLVM 16

Red Hat Enterprise Linux 9.3 comes with the  LLVM 16 toolset, with the following changes and enhancements:

• LLVM 16 is built with C++ 17 by default. This makes coding more secure.
• Support for new CPU extensions is added in LLVM 16. Some notable CPU extensions include Cortex-A715 CPU, Cortex-X3 CPU, and Neoverse V2 CPU.  
• Optimized instruction sets. Old attributes are mapped to the new attributes. The existing readnone, readonly, writeonly, argmemonly, inaccessiblememonly, and inaccessiblemem_or_argmemonly function attributes have been replaced by a single memory(...) attribute.

For more details, refer to the LLVM 16 release notes.

Go 1.20

The version of Go that will ship with Red Hat Enterprise Linux 9.3 is Go toolset 1.20, which includes the following changes:

• Addition of a new crypto/ecdh package.
• CGO is now disabled by default on systems without a C toolchain.
• Optimizations of the garbage collector to improve memory and CPU usage.
• Comparable types may satisfy comparable constraints without requiring types to be strictly comparable.
• .Preview support for profile-guided optimization.
• Added support for collecting code coverage profiles for programs.

For more details, refer to Go on RHEL.

Security and compliance 

The RHEL 9.3 GA makes it easier to manage the security of your RHEL systems. Notable updates in 9.3 are listed below:

• OpenSSH enforces the SHA-2 algorithm by default. For SSH private conversations, OpenSSH uses SHA-2 for key testing, and SHA-1 is unavailable on the client side. Therefore, SHA-2 is used. This makes sure the weaknesses of the SHA-1 algorithm are remedied by SHA-2 enforcement.
• Users can configure OpenSSL cryptographic libraries to allow TLS 1.2 connections without the EMS (Extended Master Secret) extension for all TLS 1.2 connections in FIPS mode. 
• Keylime is updated to version 7.3.0. The Keylime continuously monitors remote systems and verifies the state of systems at boot. Using Keylime, you can send encrypted files to the monitored systems and specify automated actions to be triggered whenever a monitored system fails the integrity test.

Read more about Red Hat Enterprise Linux Security.

Red Hat Enterprise Linux kernel

Red Hat Enterprise Linux 9.3 is distributed with kernel version 5.14.0-362.8.1. Notable features in the RHEL 9.3 kernel include:

• The perf performance analysis tool is rebased to version 6.2. The perf list command now displays Performance Monitor Unit (PMU) events that contain human-friendly names and descriptions.  This update also supports Intel Raptor Lake-S, Intel Meteor Lake, and Intel Emerald Rapids.
• The crash utility is updated to version 8.0.3. The most notable enhancement in the crash utility is the added IPv6 support. For network interfaces that support IPv6, the crash utility prints IPv6 addresses and details about socket information with net -s command.
• The kdump mechanism now supports thin provisioned logical volumes as the vmcore target. With this enhancement, thekdump mechanism extends the capability to save the vmcore dump files on thin provisioned storage volumes. 

Red Hat Enterprise Linux for containers

Red Hat Enterprise Linux 9.3 introduces significant updates in container management and security. Notable changes include: 

• Podman enhancements: Podman now supports zstd compressed images for efficient storage and transfer. With Podman 4.6, developers can enjoy simplified systemd integration using Quadlet, extended Kubernetes compatibility with improved podman kube play command options, and a new podman secret command for managing secrets. For more information about changes, see the upstream release notes.
• Podmansh login shell: A revolutionary approach to managing user access, the podmansh login shell confines user sessions to a container, offering enhanced control and security.
• Clients for sigstore signatures: Full support for sigstore signatures with Fulcio and Rekor is now available, easing signature creation with short-term certificates authenticated via OpenID Connect (OIDC), thereby simplifying the management of private keys.

Red Hat Enterprise Linux in cloud environments and for the edge

Red Hat Enterprise Linux 9.3 has new features to help you develop and deploy applications on RHEL in cloud environments and edge deployments. Notable changes include:

• The cloud-init supports NetworkManager (NM) keyfiles to configure the network of the created cloud instance.
• The cloud-init now uses VMware data source by default on ESXi. This enhancement improves the performance and stability of the ESXi instance of RHEL that is running on the VMware vSphere cloud platform.
• Red Hat Enterprise Linux 9.3 supports building RHEL for Edge .ami images by using an on-prem RHEL image builder. The created .ami images can be uploaded to AWS and boot an EC2 instance in AWS.
• Red Hat Enterprise Linux 9.3 supports building a .vmdk image for RHEL for Edge by using an on-premise RHEL image builder. These images can be uploaded to vSphere and boot the image in VMware vSphere.

Create your Red Hat Enterprise Linux cloud images.

Red Hat Enterprise Linux system roles 

Red Hat Enterprise Linux 9.3 brings new features for system roles as described below: 

• The rhel-system-role package now contains the systemd RHEL system role. This role is suitable in deploying unit files and managing systemd units on multiple systems.  Even systemd functionality can be automated.
• A new option to set ssh_backup to false disables automated backup of old configuration files before being overwritten with a new configuration.
• With the new keylime_server RHEL system role, users can use Ansible playbooks to configure verifier and registrar Keylime components on RHEL 9 systems. 
• Support for new ha_cluster system roles enables: 
  • Configuration of resource and resource operation defaults.
  • Loading and blocking of SBD watchdog kernel modules. This makes installed hardware watchdogs available to the cluster.
  • Assignment of distinct passwords to the cluster hosts and quorum device. 
• Enhancement to network RHEL system role to support audo-dns option to control automatic DNS record updates and support theno-aaaa DNS option.
• New postgresql system role installs, configures, manages, and starts the PostgreSQL server. This role also optimizes the database server settings to improve performance. 

Read more about Red Hat Enterprise Linux system roles.

Next steps

• Learn administration and configuration tasks using RHEL system roles.
• Read the Red Hat Enterprise Linux 9.3 release notes.
• Download RHEL 9.3 at no cost.
• Read the press release announcing RHEL 9.3.