The individual aspects changed from version to version are outlined in the following in detail. This summary indicates, for example, whether basic settings have been completely reconfigured, whether configuration files have been moved to other places, or whether common applications have been significantly changed. Significant modifications that affect the daily use of the system at either the user level or the administrator level are mentioned here.
Problems and special issues of the respective versions are published online as they are identified. See the links listed below. Important updates of individual packages can be accessed at http://www.novell.com/products/linuxprofessional/downloads/ using the YaST Online Update (YOU)—see Section 2.2.3, “YaST Online Update”.
Problems and Special Issues: http://portal.suse.com/sdb/en/2003/04/bugs82.html
3D support for
nVidia-based graphics cards (changes): The RPM NVIDIA_GLX
/NVIDIA_kernel
(including the script
switch2nvidia_glx
) is no longer included.
Download the nVidia installer for Linux
IA32
from the nVidia Web site (http://www.nvidia.com), install the
driver with this installer, and use SaX2 or
YaST to activate 3D support.
During a new installation, xinetd is
installed instead of inetd and configured with
secure values. See the directory /etc/xinetd.d
. However,
during a system update, inetd is
retained.
The PostgreSQL version is 7.3. When switching from version 7.2.x, perform a dump/restore with pg_dump. If your application queries the system catalogs, additional adaptions are necessary, because schemas were introduced in version 7.3. For more information, see http://www.ca.postgresql.org/docs/momjian/upgrade_tips_7.3.
Version 4 of stunnel no longer
supports any command-line options. However, the enclosed script
/usr/sbin/stunnel3_wrapper
can convert the
command-line options into a configuration file that is suitable for
stunnel and use it when the program is started
(replace OPTIONS
with your options):
/usr/sbin/stunnel3_wrapper stunnel OPTIONS
The generated configuration file will be printed to the default output, enabling the use of these specifications for generating a permanent configuration file.
openjade (openjade
) is the DSSSL engine currently
used instead of jade (jade_dsl
) when
db2x.sh (docbook-toys
) is run. For compatibility
reasons, the individual programs are also available without the prefix
o
.
If your own applications depend on the directory
jade_dsl
and the files previously installed there,
adapt them to the new directory
/usr/share/sgml/openjade
or create a link as
root
with:
cd /usr/share/sgml rm jade_dsl ln -s openjade jade_dsl
To avoid a conflict
with rzsz
, the command-line
tool sx continues to be called s2x,
sgml2xml, or osx.
Problems and Special Issues: http://portal.suse.com/sdb/en/2003/07/bugs90.html
Version 4 of the RPM package manager is now available. The functionality for building packages has been shifted to the separate program rpmbuild. rpm continues to be used for the installation, updates, and database queries. See Section 4.3, “RPM—the Package Manager”.
The package foomatic-filters
is now
available for printing. The content was split from cups-drivers
, because it can be used for printing
even if CUPS is not installed. In this way, YaST supports
configurations that are independent of the print system (CUPS, LPRng).
The configuration file for this package is
/etc/foomatic/filter.conf
.
The packages foomatic-filters
and cups-drivers
are now also
required for LPRng and lpdfilter.
The XML resources of the enclosed software packages can be accessed by
means of the entries in /etc/xml/suse-catalog.xml
.
This file should not be edited with xmlcatalog, because
this would result in the deletion of structural comments required for
correct updates. /etc/xml/suse-catalog.xml
is
accessed by means of a nextCatalog
statement in
/etc/xml/catalog
, enabling XML tools like
xmllint or xsltproc to find the
local resources automatically.
Refer to the article “Known Problems and Special Features in SUSE LINUX 9.1” in the SUSE Support Database at http://portal.suse.com under the keyword special features. These articles are published for every SUSE LINUX version.
SUSE LINUX is now based entirely on kernel 2.6. The predecessor version 2.4 cannot be used any longer, because the enclosed applications do not work with kernel 2.4. Note the following details:
The loading of modules is configured by means of the
file /etc/modprobe.conf
. The file
/etc/modules.conf
is obsolete.
YaST tries to convert the file (also see script
/sbin/generate-modprobe.conf
).
Modules have the suffix .ko
.
The module ide-scsi
is no longer
needed for burning CDs.
The prefix snd_
has been
removed from the ALSA sound module options.
sysfs
now complements the
/proc
file system.
Power management (especially ACPI) has been improved and can be configured by means of a YaST module.
When mounting VFAT partitions, the parameter
code
must be changed to codepage
.
If you have difficulties mounting a VFAT partition, check if the file
/etc/fstab
contains the old parameter name.
The kernel 2.6 supports standby and suspend with ACPI. This
function is still in an experimental stage and may not be supported
by some hardware components. To use this function, you need the
powersave
package. Information about
this package is available in /usr/share/doc/packages/powersave
.
A graphical front-end is available in the kpowersave
package.
Regarding the changes in connection with the input devices, refer to the above-mentioned Portal article “Known Problems and Special Features in SUSE LINUX 9.1” in the Support Database at http://portal.suse.com under the keyword special features.
Applications linked against NGPT (Next Generation POSIX Threading) do not work with glibc 2.3.x. All affected applications that are not shipped with SUSE LINUX must be compiled with linuxthreads or with NPTL (Native POSIX Thread Library). NPTL is preferred, because this is the standard for the future.
If NPTL causes difficulties, the older linuxthreads implementation can be
used by setting the following environment variable (replace
kernel-version
with the version number of the
respective kernel):
LD_ASSUME_KERNEL=kernel-version
The following version numbers are possible:
linuxthreads without floating stacks
linuxthread with floating stacks
Notes regarding the kernel and linuxthreads
with floating stacks:
Applications using errno
, h_errno
,
and _res
must include the header files
(errno.h
, netdb.h
, and
resolv.h
) with #include
. For C++
programs with multithread support that use thread
cancellation, the environment variable
LD_ASSUME_KERNEL=2.4.1
must be used to prompt the use
of the linuxthreads library.
NPTL is included in
SUSE LINUX 9.1 as the thread package.
NPTL is
binary-compatible with the older linuxthreads
library. However, areas in which linuxthreads
violates the POSIX standard require NPTL adaptions. This includes the
following: signal handling, getpid
returning the same
value in all threads, and thread handlers registered with pthread_atfork
not working if vfork
is used.
The configuration of the network interface has changed. Formerly, the hardware was initialized following the configuration of a nonexistent interface. Now, the system searches for new hardware and initializes it immediately, enabling the configuration of the new network interface.
New names have been introduced for the configuration
files. Because the name of a network interface is generated dynamically
and the use of hotplug devices is increasing steadily, a name like
eth0
or eth1
is no
longer suitable for configuration purposes. For this reason,
unique designations, like the MAC address or the PCI slot, are
used for naming interface configurations.
You can use interface names as soon as they appear.
Commands like ifup eth0 or ifdown
eth0 are still possible.
The device configurations are located in
/etc/sysconfig/hardware
. The
interfaces provided by these devices are usually located
in /etc/sysconfig/network
(with
different names).
See the detailed description in
/usr/share/doc/packages/sysconfig/README
.
Following an update, the sound cards must be reconfigured.
This can be done with the YaST sound module. As root
,
enter yast2 sound.
The resolver library treats the top-level domain
.local
as “link-local”
domain and sends multicast DNS queries to the multicast address
224.0.0.251
, port 5353
,
instead of normal DNS queries. This is an incompatible change.
If the domain .local
is already used
in the name server configuration, use a different domain name.
For more information about multicast DNS, see
http://www.multicastdns.org.
The default encoding for the system is
UTF-8
. Thus, when performing a standard
installation, a locale is set with UTF-8
encoding, such as en_US.UTF-8
. For more
information, see http://www.suse.de/~mfabian/suse-cjk/locales.html.
Files in previously created file systems do not use UTF-8 encoding for the filenames (unless specified otherwise). If these files names contain non-ASCII characters, they will be garbled. To correct this, use the convmv script, which converts the encoding of filenames to UTF-8.
In the default setting, shell tools from the
coreutils
package (tail,
chown, head,
sort, etc.) no longer comply with the POSIX standard
of 1992 but with the POSIX standard of 2001 (Single UNIX
Specification, version 3 == IEEE Std 1003.1-2001 == ISO/IEC
9945:2002). The old behavior can be forced with an
environment variable:
_POSIX2_VERSION=199209
The new value is 200112 and is used as the default for
_POSIX2_VERSION
. The SUS standard can be reviewed
(free of charge, but registration is required) at
http://www.unix.org.
Table 4.1. Comparison POSIX 1992 vs. POSIX 2001
POSIX 1992 | POSIX 2001 |
---|---|
chown tux.users | chown tux:users |
tail +3 | tail -n 3 |
head -1 | head -n 1 |
sort +3 | sort -k 4 |
nice -10 | nice -n 10 |
split -10 | split -l 10 |
![]() | Tip |
---|---|
Third-party software may not yet comply with the new standard. In this case, set the environment variable as described above. |
/etc/gshadow
has been abandoned
and removed, because this file is superfluous for the following
reasons:
It is not supported by glibc.
There is no official interface for this file. Even the shadow suite does not contain such an interface.
Most tools that check the group password do not support the file and ignore it for the said reasons.
Because the database format has changed, the databases must be regenerated. During the update, the system attempts to perform this conversion automatically. However, there will certainly be cases in which the conversion fails.
The schema check has undergone substantial improvement. Therefore, a number of standard-noncompliant operations that were possible with the former LDAP server are no longer possible.
The syntax of the configuration file has partly changed
with a view to ACLs.
Following the installation, information regarding
the update is available in the file
/usr/share/doc/packages/openldap2/README.update
.
The Apache Web server (version 1.3)
has been replaced with Apache 2. Detailed documentation
for version 2.0 is available at the Web page http://httpd.apache.org/docs-2.0/en/.
On a system with an HTTP server installation, an update removes
the Apache package and installs Apache 2. Subsequently, the
system must be adapted with YaST or manually. The configuration
files in /etc/httpd
are now located
in /etc/apache2
.
Either threads or processes can be selected for
handling multiple concurrent queries. The process
management has been moved to an independent module,
the multiprocessing module (MPM). Accordingly, Apache 2
needs either the apache2-prefork
package (recommended for stability) or the apache2-worker
package. Depending on the MPM, Apache 2 reacts differently
to queries. This affects the performance as well as the use
of modules. These characteristics are discussed in detail
in Section 30.4, “Threads”.
Apache 2 now supports the next-generation Internet protocol IPv6.
A mechanism has been implemented that enables module programmers to specify the desired loading sequence of the modules, relieving users of this task. The sequence in which modules are executed is often important and used to be determined by means of the loading sequence. For instance, a module that only gives authenticated users access to certain resources must be loaded first to prevent users without access permissions from seeing the pages.
Queries to and responses from Apache can be processed with filters.
Following the update from Samba 2.x to Samba 3.x,
winbind
authentication is no longer available.
The other authentication methods can still be used.
For this reason, the following programs have been removed:
/usr/sbin/wb_auth /usr/sbin/wb_ntlmauth /usr/sbin/wb_info_group.pl
See also http://www.squid-cache.org/Doc/FAQ/FAQ-23.html#ss23.5.
gssapi
support has been replaced with
gssapi-with-mic
to prevent
potential MITM attacks. These two versions are not compatible.
This means that you cannot authenticate with Kerberos tickets
from older distributions, because other authentication methods
are used.
When establishing a connection from a remote host (especially via SSH, telnet, and RSH) between version 9 (standard configuration with activated UTF-8) and older systems (SUSE LINUX 9.0 and earlier versions in which UTF-8 is not activated by default or not supported), terminal applications may display faulty characters.
This is because OpenSSH does not forward local settings. Therefore,
the default system settings that may not match the remote terminal
settings are used. This affects YaST in text mode and
applications executed from a remote host as a normal user
(not root
). The
applications started by root
are only affected if the user changes the standard locales for
root
(only
LC_CTYPE
is set by default).
Users of FreeRADIUS must now link against unixODBC, because libiodbc has been discarded.
FHS (see Section A.4, “Standards and Specifications”)
now requires XML resources (DTDs, stylesheets, etc.) to be
installed in /usr/share/xml
.
Therefore, some directories are no longer available in
/usr/share/sgml
. If you encounter
problems, modify your scripts and makefiles or use the
official catalogs (especially /etc/xml/catalog
or /etc/sgml/catalog
).
Refer to the article “Known Problems and Special Features in SUSE LINUX 9.2” in the SUSE Support Database at http://portal.suse.com under the keyword special features.
To increase the security, the enclosed firewall solution SuSEFirewall2 is activated at the end of the installation in the proposal dialog. This means that all ports are closed initially and can be opened in the proposal dialog if necessary. By default, you cannot log in from remote systems. It also interferes with network browsing and multicast applications, such as SLP, Samba ("Network Neighborhood"), and some games. You can fine-tune the firewall settings using YaST.
If network access is required during the installation or configuration of a service, the respective YaST module opens the needed TCP and UDP ports of all internal and external interfaces. If this is not desired, the user can close the ports in the YaST module or specify other detailed firewall settings.
Table 4.2. Ports Used by Important Services
Service | Ports |
---|---|
HTTP server | Firewall is set up according to the “list” statements (TCP only) |
Mail (postfix) | smtp 25/TCP |
Samba server | netbios-ns 137/TCP; netbios-dgm 138/TCP; netbios-ssn 139/TCP; microsoft-ds 445/TCP |
DHCP server | bootpc 68/TCP |
DNS server | domain 53/TCP; domain 53/UDP |
DNS server | Plus special support for port mapper in SuSEFirewall2 |
Port mapper | sunrpc 111/TCP; sunrpc 111/UDP |
NFS server | nfs 2049/TCP |
NFS server | Plus port mapper |
NIS server | Activates portmap |
TFTP | tftp 69/TCP |
CUPS (IPP) | ipp 631/TCP; ipp 631/UDP |
By default, IPv6 support is not enabled for KDE. You can enable it
using the /etc/sysconfig
editor of YaST. The reason for
disabling this feature is that IPv6 addresses are not properly supported by all
Internet service providers and, as a consequence, this would lead to error
messages while browsing the Web and delays while displaying Web pages.
The YaST Online Update now supports a special kind of RPM package
that only stores the binary difference from a given base package. This
technique significantly reduces the package size and download time at the
expense of higher CPU load for reassembling the final package. In
/etc/sysconfig/onlineupdate
, configure
whether YOU should
use these "delta packages." See
/usr/share/doc/packages/deltarpm/README
for
technical details.
At the end of the installation (proposal dialog), the ports needed for the print system must be open in the firewall configuration. Port 631/TCP and port 631/UDP are needed for CUPS and should not be closed for normal operation. Port 515/TCP (for the old LPD protocol) and the ports used by Samba must also be open for printing via LPD or SMB.
The change from XFree86 to X.Org is facilitated by compatibility links that enable access to important files and commands with the old names.
In the course of the change to X.Org, the packages were renamed
from XFree86*
to xorg-x11*
.
We have removed a number of terminal emulators because they are either no longer maintained or do not work in the default environment, especially by not supporting UTF-8. SUSE LINUX offers standard terminals, such as xterm, the KDE and GNOME terminals, and mlterm (Multilingual Terminal Emulator for X), which might be a replacement for aterm and eterm.
The configuration files in /etc/sysconfig/powersave
have changed:
Table 4.5. Split Configuration Files in /etc/sysconfig/powersave
Old | Now split into |
---|---|
|
|
| |
| |
| |
| |
|
/etc/powersave.conf
has become obsolete.
Existing variables have been moved to the files listed in
Table 4.5, “Split Configuration Files in /etc/sysconfig/powersave”.
If you changed the “event” variables in
/etc/powersave.conf
, these must now be adapted in
/etc/sysconfig/powersave/events
.
The names of sleep states have changed from:
suspend (ACPI S4, APM suspend)
standby (ACPI S3, APM standby)
To:
suspend to disk (ACPI S4, APM suspend)
suspend to ram (ACPI S3, APM suspend)
standby (ACPI S1, APM standby)
OOo is now installed in /usr/lib/ooo-1.1
instead of /opt/OpenOffice.org
.
The default directory for user settings is now
~/.ooo-1.1
instead of ~/OpenOffice.org1.1
.
There are some new wrappers for starting the OOo components. The new names are shown Table 4.6, “Wrapper”.
Table 4.6. Wrapper
Old | New |
---|---|
|
|
|
|
|
|
|
|
|
|
| – |
|
|
|
|
|
|
|
|
|
|
The wrapper now supports the option --icons-set
for
switching between KDE and GNOME icons. The following options are no
longer supported:
--default-configuration
,
--gui
,
--java-path
,
--skip-check
,
--lang
(the language is now determined by means of locales),
--messages-in-window
, and
--quiet
.
KDE and GNOME extensions are available in the
OpenOffice_org-kde
and
OpenOffice_org-gnome
packages.
The sound mixer kmix is preset as the default. For high-end hardware, there are other mixers, like QAMix. KAMix, envy24control (only ICE1712), or hdspmixer (only RME Hammerfall).
In the past, a patch was applied to the cdrecord
binary from the cdrecord
package to support burning
DVDs. Instead, a new binary cdrecord-dvd
is installed
that has this patch.
The growisofs
program from the
dvd+rw-tools
package can now burn all DVD media
(DVD+R, DVD-R, DVD+RW, DVD-RW, DVD+RL). Try using that one instead of
the patched cdrecord-dvd
.
It is possible to install multiple kernels side by side. This feature
is meant to allow administrators to upgrade from one kernel to another by
installing the new kernel, verifying that the new kernel works as
expected, then uninstalling the old kernel. While YaST does not yet
support this feature, kernels can easily be installed and uninstalled from the shell using
rpm -i package
.rpm. For
information about managing packages
from the command line, refer to Section 4.3, “RPM—the Package Manager”.
The default boot loader menus contain one kernel entry. Before
installing multiple kernels, it is useful to add an entry for the extra
kernels, so that they can easily be selected. The kernel that was active
before installing a new kernel can be accessed as
vmlinuz.previous
and
initrd.previous
. By creating a boot loader entry similar
to the default entry and having this entry refer to
vmlinuz.previous
and initrd.previous
instead of vmlinuz
and
initrd
, the previously active kernel can be
accessed. Alternatively, GRUB and LILO support wild card boot loader
entries. Refer to the GRUB info pages (info grub) and to the
lilo.conf
(5) manual page for details.
Refer to the article “Known Problems and Special Features in SUSE LINUX 9.3” in the SUSE Support Database at http://portal.suse.com under the keyword special features.
The manual=1
at the boot prompt. Normally this is not necessary
because you can set installation options at the kernel prompt
directly, such as
textmode=1
or a URL as the installation source.
Kerberos
is the default for network authentication
instead of heimdal
. Converting an existing heimdal
configuration automatically is not possible. During a system update, backup
copies of configuration files are created as shown in Table 4.7, “Backup Files”.
Table 4.7. Backup Files
Old File | Backup File |
---|---|
|
|
|
|
The client configuration (/etc/krb5.conf
) is
very similar to the one of heimdal. If nothing special was
configured, it is enough to replace the parameter
kpasswd_server
with
admin_server
.
It is not possible to take over the server (kdc/kadmind) related
data. After the system update the old heimdal database is still available
under /var/heimdal
; MIT kerberos maintains the
database under /var/lib/kerberos/krb5kdc
.
The configuration tool SaX2 writes the X.Org configuration settings into
/etc/X11/xorg.conf
. During an installation from scratch,
no compatibility link from XF86Config
to
xorg.conf
is created.
New configuration files (containing comments for more information):
common-auth
default PAM configuration for auth section
common-account
default PAM configuration for account section
common-password
default PAM configuration for password changing
common-session
default PAM configuration for session management
You should include these default configuration files from within your application-specific configuration file, because it is easier to modify and maintain one file instead of the approximately forty files that used to exist on the system. If you install an application later, it inherits the already applied changes and the administrator is not required to remember to adjust the configuration.
The changes are simple. If you have the following configuration file (which should be the default for most applications):
#%PAM-1.0 auth required pam_unix2.so account required pam_unix2.so password required pam_pwcheck.so password required pam_unix2.so use_first_pass use_authtok #password required pam_make.so /var/yp session required pam_unix2.so
you can change it to:
#%PAM-1.0 auth include common-auth account include common-account password include common-password session include common-session