orcharhino 7.2

orcharhino 7.2 is here!

Tech Update Video

A short overview of the new features introduced in orcharhino 7.2

---

---

Highlights

Support for Puppet Core and OpenVox

orcharhino now supports both Puppet Core (Perforce’s latest product) and OpenVox (the community-driven fork of Puppet) as external configuration management servers. In both cases, orcharhino can be used as an external Node Classifier (ENC), receive reports to display system facts and Puppet run data, and manage the certificate and key signing process for their respective Certificate Authorities (CAs).

 

Compliance Remediation Wizard

To simplify the remediation of failed OpenSCAP rules, it is now possible to use the Remediation Wizard. The Wizard will use remediation snippets referenced in the rules. You can also choose additional hosts to apply the remediation to. For more information: Remediating compliance failures.

 

Compliance Remediation Wizard

 

Simplified subscription-manager installation on Debian and Ubuntu

On hosts running Debian or Ubuntu, you no longer need the default OS repositories to install subscription-manager, making it easier to register existing hosts to orcharhino.

 

sos report: Collect and provide debug information to ATIX Support

With sos report, you can automatically collect configuration details, system usage data, logs, and debugging information. You also have the option to encrypt the report and upload it directly to ATIX Support.

 

orcharhino Clients for CentOS Stream 10

orcharhino 7.2 now supports provisioning and registering hosts running CentOS Stream 10.

 

orcharhino Installer GUI option to install Hammer CLI for all selected plugins

We now provide a unified way for installing Hammer CLI plugins. When “Install CLI on orcharhino” is selected in the orcharhino Installer GUI, orcharhino automatically installs the Hammer CLI plugins for all selected plugins. For more information: Using Hammer CLI.

 

New option “Install CLI on orcharhino” in orcharhino Installer GUI

 

Pushing of container images to orcharhino

You can now push container images to orcharhino Server via podman push. This enables you to upload self built container images directly to orcharhino without utilizing third-party registries. For more information: Using Container Registries.

 

---

---

Tech Preview

With orcharhino 7.2, we introduce significant improvements to the new „All Hosts“ index page like Host bulk actions, Single-host actions, and column selectors.

 

„All Hosts“ index page

 

 

Deprecations

• Compute Resources (KubeVirt): Removed support and documentation for compute resource KubeVirt.
• Host Registration: ‚bootstrap.py‘ is deprecated and will be removed in orcharhino 7.4. Please use the global Host Registration template: https://docs.orcharhino.com/or/docs/sources/guides/debian/managing_hosts/registering_hosts.html#Registering_Hosts_by_Using_Global_Registration_managing-hosts
• orcharhino Clients (Oracle Linux): With orcharhino 7.2, we stop maintaining orcharhino Clients for Oracle Linux 8.0 to 8.8 due to EoL by the operating system vendor. You can still use the orcharhino Clients gen2 for Oracle Linux 8.0 to 8.8.

Changelog Features

• Core Components: orcharhino 7.2 is based on Foreman 3.12, Katello 4.14, and Pulp 3.49.
• Host Provisioning: Added UEFI firmware option for libvirt compute resource.
• Host Provisioning: Network-based host provisioning and global Host Registration now support initial client installation via HTTPS.
• Host Provisioning: You can now install the Hammer CLI plugin for the bootdisk plugin via orcharhino-installer.
• orcharhino Installer GUI: Fixed warnings due to duplicate keys.
• Security: Added a check to the orcharhino installer for SSL certificates with SHA-1 as signature algorithm. orcharhino on EL9 only supports SHA-256 or stronger.

Changelog CVE

• CVE-2025-27610: rubygem-rack – Local File Inclusion in Rack::Static.
• CVE-2025-27407: rubygem-graphql – Remote code execution when loading a crafted GraphQL schema.

Changelog Bugfixes

• Content Management: Changes to repositories within Rolling Content Views did not trigger an orcharhino Proxy sync.
• Content Management: On the ‚Content Hosts‘ page, Debian repositories have not been displayed on the ‚Repository Set Management‘ action page.
• Content Management: On the ‚Content‘-Tab of orcharhino Proxies, the sync status of Rolling Content Views has not been displayed correctly.
• Content Management: Packages in Python repositories may not have been synchronized to orcharhino Proxies due to timeouts.
• Content Management: When creating a host, duplicate entries appeared in the ‚Lifecycle Environment‘ and ‚Content View‘ dropdown menus.
• Hammer CLI: Importing Red Hat content view version exports failed with an exception.
• Host Provisioning: Bootdisk deployment on VMware 8.x failed due to wrong retry value.
• Host Provisioning: Deploying Ubuntu 22 and Ubuntu 24 with multiple network interfaces lead to misconfigured network settings.
• Host Provisioning: On the ‚Operating Systems‘ page, wrong host counts were displayed for users belonging to multiple organizations.
• OpenSCAP Integration: Puppet module for OpenSCAP client referenced incorrect dependencies.
• orcharhino Clients (Debian/Ubuntu): subscription-manager created unnecessary directory structure.
• orcharhino Maintenance (Offline Upgrade): The Ansible playbook failed in rare cases.