Red Hat this week rolled out the latest version of its operating system, Red Hat Enterprise Linux (RHEL) 8.1, bringing a number of enhancements such as live kernel patching plus updates to application streams that provide developers with up-to-date versions of compiler tools.

RHEL 8.1 is the first release version of RHEL 8 that will receive live kernel patches for critical vulnerabilities, Red Hat said. Such updates will be delivered via the regular content stream and can be consumed via Yum updates. The goal is to minimise the need to reboot systems in order to get the latest critical security updates. No premium subscription is required for this service.

For developers, RHEL 8.1 includes updates to the llvm-toolset, go-toolset, and rust-toolset application streams to provide developers with up-to-date versions of these compilers and their various associated tools in the toolchain.

Red Hat said that the upstream projects for these streams move very quickly with new feature releases every six months for LLVM and Go, and every six weeks for Rust, but that it will continue to support these application streams for the entire lifecycle of RHEL 8. It will provide new features and bug fixes within the stream by updating to newer upstream releases on a regular basis.

This means that users can expect stream updates every six months for llvm-toolset and go-toolset, Red Hat said, while for rust-toolset there will be updates every three months.

RHEL 8.1 also now includes the Udica tool for generating SELinux policies for containers, to help with situations when the default SELinux policy for containers is too strict or otherwise needs modification.

Udica detects which Linux capabilities are required by the container and works to create a SELinux rule allowing all these capabilities. It supports generating policies for containers using Podman and Docker, and support for CRI-O is expected in the near future, Red Hat said.