SUSE Linux Enterprise Server 10 NEWS ==================================== Version: 2006-07-05 Authors: Ralf Flaxa, Gerald Pfeifer, Thorsten Kukuk Overview ======== 1. Important General Information 2. Features and Enhancements 2.1 Installation, Add-on Products, Registration, Maintenance and YaST2 2.2 Platforms, Hardware, and Drivers 2.3 File Systems 2.4 Availability 2.5 Serviceability 2.6 Scalability 2.7 Performance 2.8 Security 2.9 Virtualization 2.10 Base System 2.11 Server Services 2.12 Tools and Applications 2.13 Desktop 2.14 Toolchain 2.15 Standards 3. Deprecated and Dropped Features 4. Known Issues 5. Further Information and Feedback 1. Important General Information ================================ These notes cover SUSE Linux Enterprise Server 10 and products based on this code base. Some parts may not apply to a particular architecture or product. In cases where this is not obvious, the respective architectures are listed explicitly. SUSE Linux Enterprise Server 10 is a major update. It delivers many new features, enhancements to existing functionality, performance improvements, and more. We recommend checking the certification status of third party applications with the respective ISVs before updating to this product. 2. Features and Enhancements ============================ 2.1 YaST2, Installation, Add-on Products, Registration and Maintenance ---------------------------------------------------------------------- YaST2 and the installation have seen a multitude of enhancements and improvements. We only list the most important ones here. ISO image loopback mount ------------------------ When using methods other than a CD-ROM or DVD-based installation (such as NFS, disk, or http), the location of ISO images can be passed to YaST2. YaST2 loop mounts each of the ISOs for installation, rather than expecting a fully-extracted installation directory. During installation, use the name of the ISO image of the first CD or DVD instead of the name of the unpacked directory. The YaST2 installation source module offers a check box for indicating that the value entered as a source is an ISO image. Add-on Product Support ---------------------- During installation it is now possible to register add-on products like the Software Development Kit (SDK) or even 3rd party add-on products on the fly in order to provide a fully integrated installation and user experience. Special add-on products like Service Pack CDs will even allow to automatically register themselves as a product, overlay software selections, change default settings, product theming or online documentation and translations. The new dependency resolver (ZYPP) will provide a single view of all registered products and their packages and will automatically find and dependency resolve the right package combination from any of these products, including their online update channels. Integrated Registration and Maintenance --------------------------------------- Registration of machines with the Novell Customer Center can now be done during installation or in the installed system using YaST. The URL of the Novell Customer Center is http://www.novell.com/center. The new registration procedure helps customers to manage their systems with Novell's infrastructure. Once registered, packages and patch sources suitable for the current system are automatically detected and made available to the package management system. Once you have registered the machine, you can automatically get updates using the zen-updater tray icon or the Online Update module in YaST. Alternatively, you can manually refer to http://www.novell.com/linux/suse/portal. 2.2 Kernel, Hardware Support, and Drivers ----------------------------------------- This product is based on version 2.6.16 of the Linux kernel. Among others, it provides the following drivers. Network Drivers --------------- o bcm driver that supports NC320I, NC325I, BCM5704, BCM5714, BCM5752, BCM5752M, BCM5780, BCM5780S, and other chipsets. o bnx2 driver version 1.4.31 that supports BCM5706/5708 based 10 GBit network cards. o tg3 driver version 3.49 that supports BCM5704, BCM5752M, BCM5780, BCM5780S, and other chipsets. o e100 driver version 3.5.10-k2-NAPI. o e1000 driver version 7.0.28-NAPI. o forcedeth driver. o ixgb driver version 1.0.100-k2-NAPI. o s2io driver version 2.0.9.4 that supports Neterion chipsets. Storage Drivers --------------- o LSI Logic MegaRAID SAS Driver in version 00.00.02.04. o LSI Logic MegaRAID Mailbox Driver in version 2.20.4.7. o aacraid driver version 1.1-4 for Dell PERC2, 2/Si, 3/Si, 3/Di, Adaptec Advanced Raid Products, and HP NetRAID-4M SCSI driver. o Emulex emulex-lpfc version 8.1.6. o IBM ips ServeRAID driver version 7.12.02. o Intel AHCI driver version 1.2. o HP cciss driver version 2.6.10. o LSI mptsas driver version 3.03.06. o LSI mptspi driver version 3.03.06. o LSI mptfs driver version 3.03.06. o ipr driver version 2.1.2. o QLogic qla2xxx driver version 8.01.04-k. o QLogic qla4xxx driver version 5.00.03b15-k. Miscellaneous Drivers --------------------- o TPM Driver version 2.0. o Infineon TPM SLD 9630 TT 1.1 / SLB 9635 TT 1.2 version 1.6. o dell_rbu driver version 3.2 that supports flashing of Dell system BIOSs. o dcdbas driver version 5.6.0-1 that supports monitoring of Dell servers. o pciehp, a PCI Express Hot Plug Controller Driver. 2.3 File Systems ---------------- o Ext2/Ext3. o ReiserFS3. o JFS is deprecated. This is the last major release providing support for JFS and it does so only for the purpose of migrating existing setups. YaST and AutoYaST no longer support configuration of JFS partitions. o XFS and DMAPI. o NFS, including support for NFSv4 and RPCSEC_GSS with krb5 and krb5i. o Oracle Cluster File System (OCFS2) is supported on all architectures. OCFS2 in SLES10 introduces a robust cluster parallel file system for Linux. Recently accepted into the mainline Linux Kernel, OCFS2 allows multiple nodes in a clustered SAN to simultaneously access data. This enables a number of features on SLES10: - Oracle RAC (Real Application Clusters) scalable database support. OCFS2 v1.2.1 has been certified by Oracle for use with the Oracle RAC database. This enables you to build a scalable database where multiple server nodes contribute to the performance and throughput of database transactions. Large systems can be scaled as well as become highly available as a result. Now you can move to lower cost Linux on commodity PC Server hardware while maintaining the uptime and scalability of traditional Unix and proprietary systems. - SAP Applications support. SAP enterprise applications have been certified by SAP to run and scale on OCFS2 v1.2.1. This includes the broad suite of SAP applications for all your business needs. - Web Services Application stack scalability and high availability. With OCFS2, Web Services applications such as LAMP (Linux, Apache, MySQL, PHP/Perl) stacks can be scaled and made highly available. While MySQL cannot be scaled out on OCFS2 (it is not built for parallel cluster scale out yet), the Apache and PHP/Perl stacks can be scaled over an OCFS2 cluster yielding scalable Web services. - Virtual Machine Image repository. OCFS2 coupled with XEN hypervisor virtualization allows virtual machine images to be accessed by all nodes in a SAN cluster. This enables virtual machine deployment and real-time live migration between physical server nodes in the cluster, featuring zero interruption to service when moving applications for maintenance or other needs in the clustered SAN. 2.4 Availability ---------------- o device-mapper version 1.02.03. o drbd version 0.7.18. o heartbeat version 2.0.5. o multipath-tools version 0.4.6 with improved support for EMC storage arrays. 2.5 Serviceability ------------------ o KDB is provided with all ia64 kernels and the x86 debug kernel. o kexec/kdump is a new and preferred way to perform kernel crash dumps, supported on x86, x86-64, ppc/ppc64. In addition to kernel support, we also provide the kexec-tools userland package. o On ia64, we still provide LKCD. We provide the lkcdutils userland package, which also supports the analysis of SLES9 dumps, on all architectures. o iprutils version 2.1.4. o ltrace version 0.3.36. o net-snmp version 5.3.0.1. o SPident. 2.6 Scalability --------------- o Support for up to 1024 CPUs on ia64 (with the default kernel). o Support for several TB of main memory (significantly enhanced over SLES9 due to four-level page tables on x86-64 and ia64). 2.7 Performance --------------- o Support for oprofile is included in most kernels. The oprofile userland package is part of the SUSE Linux Enterprise 10 SDK. 2.8 Security ------------ o Novell AppArmor is an integral part of this product. Once installed, you can enable or disable the AppArmor service and configure your security profiles from within YaST by selecting the Novell AppArmor icon. o AIDE version 0.11 (intrusion detection system). o ClamAV version 0.88.2 protects mail systems, Samba file shares, and proxy servers. o Snort version 2.4.4 (package sniffer and logger and network intrusion detection). o "Fortify source" buffer overflow checking. This product leverages the "fortify source" extensions to GCC and glibc to check for overflows of buffers (both stack and heap) with known size. This checking covers primitives like strcpy, memcpy, memset, and sprintf. It is active for all applications programmed in the C language. o Stack overflow detection heuristics. This product uses the GCC option -fstack-protector to heuristically detect stack overflows in applications at runtime. Only a set of applications has been facilitated, consisting of known problematic programs, applications, and libraries that handle network data and security critical applications. 2.9 Virtualization ------------------ o Xen 3.0 is supported on x86 and x86-64 for certified systems. Validated configurations are listed at http://www.novell.com/yes/. o Information about future development can be found at http://forge.novell.com/modules/xfmod/project/?xenpreview. 2.10 Base System ---------------- o Bash 3.1. o iftop 0.16 (replaces ntop). o ksh 93r (replaces pdksh). o NetworkManager 0.6.2 is included, but disabled by default. o RPM 4.4.2. 2.11 Server Services -------------------- o Apache version 2.2. o Cyrus imapd version 2.2. o MySQL 5.0. o PHP 5.1. o PostgreSQL 8.1. o Samba version 3.0.22. For a more detailed list of changes, refer to the samba-doc package, specifically /usr/share/doc/packages/samba/WHATSNEW.txt. 2.12 Tools and Applications --------------------------- o ipmitool version 1.8.6. o microcode_ctl version 1.13. o OpenHPI version 2.4.1. o OpenIPMI version 1.4.26. o OpenWBEM version 3.2.0. o orarun, an environment for running Oracle products. o sapinit, a package to initialize a SAP runtime environment. 2.13 Desktop ------------ o GNOME 2.12. o KDE 3.5.1. o evince and kpdf (package kdegraphics3-pdf) replace Acrobat Reader for viewing PDF documents. 2.14 Toolchain -------------- o binutils 2.16.91. o GCC 4.1.0. o glibc 2.4. o GDB 6.4. 2.15 Standards -------------- o We do support LSB 2.0, LSB 2.1, and LSB 3.0 and include the needed patches and packages for all of these. 3. Deprecated and Dropped Features ================================== o Acrobat Reader (evince and kpdf being our solutions going forward). o Binary-only kernel drivers and non-free kernel modules are no longer provided through Novell. Please contact the OEM of your system or the respective vendor for information about driver availability. This includes the megaide and OCO drivers and the Atheros drivers (ath_*), the Softlink Smartmodem drivers (slamr, slusb), and many CAPI (Common ISDN API) drivers like fc*, fx*, e2220pc, e5520pc. o glibc LinuxThreads support. o JFS is only provided to migrate existing setups (see above). o ntop (iftop being our solution going forward). o pdksh (the original ksh being our solution going forward). o User Mode Linux (UML). o SELinux (AppArmor being our solution going forward). o subfs/submount were removed in favor of a HAL/udev based solution. o libcap.so symlink in main package. SLES10 has the libcap.so symlink in the main package and not in the devel package. Applications misusing this should be fixed before SLES10 SP1 is released. This deprecated workaround will be removed with SLES10 SP1. o marsnwe, a Novell Server Emulation. o kinternet is deprecated. We still provide it because NetworkManager does not yet provide all functionality, but it will be removed in the future. 4. Known Issues =============== o MD devices (like Software RAID) are not supported on top of iSCSI. iSCSI devices cannot be used for Linux Software RAID. Using MD devices on top of iSCSI triggers a cyclic dependency that leads to a crash. o The boot or root partition as Software RAID1 on x86/x86-64 is only supported with ReiserFS as the file system. o XEN 3.0 feature support. Under rare conditions, Save/Restore and Migration of virtual machines may not complete successfully. We do not recommend using these features in production unless stated otherwise in a maintenance update description. o OCFS2console needs a lot of time to list all files in a directory if there are many. You should not use the File Listing tab in these cases. o i586 and i686 machines with more than 16GB of memory. Depending on the workload, i586 and i686 machines with 16GB-48GB of memory can run into instabilities. Machines with more than 48GB of memory are not supported at all. To run on such a machine, lower the memory with the mem= kernel boot option. Consider using a 64-bit variant instead, which does not have this limitation. o Memory restriction during Virtual Machine (guest OS) installation. No memory beyond the 32GB address boundary is usable when fully virtualized domains (or paravirtualized ones in shadow mode) are created on x86-64 XEN. This usually means that, depending on how the chipset and BIOS lay out the available memory, only up to 30GB or 31GB of the installed memory is usable. Memory must be restricted on the XEN command line using the mem= option in this case. This must be done manually so that in an environment where only paravirtualized domains without use of shadow mode are created, which is considered the default case, the full amount of memory is usable. Note that i686 XEN is not affected by this as the maximum amount of memory supported there is only 16GB. Additional and latest information about known issues can be found in the release notes, which are located in the "docu" directory on CD1/DVD1. These release notes are also shown during installation and even refreshed automatically if you have internet connectivity during installation. 5. Further Information and Feedback =================================== Also consult the READMEs on the CDs or DVDs. You can get the very detailed changelog information about a particular package from the RPMs themselves by doing rpm --changelog -qp .rpm where .rpm is the name of the RPM file. The file "ChangeLog" in the top level of CD1 and DVD1 contains a chronological log of all the changes that were made for these updated packages. Also find further useful information in the directory "docu" of CD1 and DVD1, including PDF versions of the installation and administration manual. Please visit http://www.novell.com/linux/ for the latest Linux product news from Novell.