Release Notes #

The following definitions apply:

For contracted customers and partners, SUSE Linux Enterprise Server 12 and its Modules are delivered with L3 support for all packages, except the following:

SUSE will only support the usage of original (e.g., unchanged or un-recompiled) packages.

Technology previews are packages, stacks, or features delivered by SUSE. These features are not supported. They may be functionally incomplete, unstable or in other ways not suitable for production use. They are mainly included for customer convenience and give customers a chance to test new technologies within an enterprise environment.

Whether a technical preview will be moved to a fully supported package later, depends on customer and market feedback. A technical preview does not automatically result in support at a later point in time. Technical previews could be dropped at any time and SUSE is not committed to provide a technical preview later in the product cycle.

Please, give your SUSE representative feedback, including your experience and use case.

SUSE provides a Software Development Kit (SDK) for SUSE Linux Enterprise 12. This SDK contains libraries, development environments, and tools along the following patterns:

SUSE Linux Enterprise conforms with Unicode 3.0 or higher, and thus it will be GB18030 compliant.

Unicode 3.0 has been supported by glibc since version 2.2. and currently SUSE Linux Enterprise uses a much newer version of glibc, so it is GB18030 compliant.

When adding a module repository such as Public Cloud the graphical installer (YaST Qt UI) automatically selects recommended packages. Often this is not expected by the user.

To work around this behavior, disable the installation of recommended packages in the installer (YaST Qt UI) or use the text-mode installer (YaST ncurses UI) that by default does not autoinstall recommended packages ("Install Recommended Packages for Already Installed Packages" is deactivated).

SUSE Linux Enterprise 12 generally supports the installation with a linear LVM2 without a separate /boot partition, for example to use it with Btrfs as the root file system, to achieve full system snapshot and rollback.

However, this setup is only supported under the following conditions:

For a migration from an existing SUSE Linux Enterprise 11 system with LVM2 to SUSE Linux Enterprise 12 the /boot partition must be preserved.

CJK (Chinese, Japanese, and Korean) languages do not work properly during text-mode installation if the framebuffer is not used (Text Mode selected in boot loader).

There are three alternatives to resolve this issue:

SLE 12 is supporting booting systems following UEFI specification up to version 2.3.1 errata C.

Note: Installing SLE 12 on Apple hardware is not supported.

SLES 12 and SLED 12 implement UEFI Secure Boot. Installation media supports Secure Boot. Secure Boot is only supported on new installations, if Secure Boot flag is enabled in the UEFI firmware at installation time.

For more information, see Administration Guide, section Secure Boot.

Support for Secure Boot on EFI machines is enabled by default.

When booting with Secure Boot mode enabled in the firmware, the following features apply:

Simultaneously, the following limitations apply:

When booting with Secure Boot mode disabled in the firmware, the following features apply:

Simultaneously, the following limitations apply:

Secure boot on EFI machines can be disabled during installation by deactivating the respective option on the installation settings screen under "Bootloader".

If an update fails or causes trouble, it is sometimes helpful to be able to go back to the last working state.

Requirements to Create Atomic Snapshots

That is needed since snapshots need to be atomic, and that is not possible if the data is stored on different partitions, devices, or subvolumes.

How to Do the Rollback

During boot, you can select an old snapshot. This snapshot will then be booted in something like a read-only mode. All the snapshot data is read-only, all other filesystems or btrfs subvolumes are in read-write mode and can be modified. To make this snapshot the default for the next reboot and switch it into a read-write mode, use "snapper rollback".

What Will Not Be Rolled Back

The following directories are excluded from rollback. This means that changes below this subdirectory will not be reverted when an old snapshot is booted, in order to not lose valuable data. On the other hand, this may prevent some third-party services from starting correctly when booting from an old snapshot.

/boot/grub2/i386-pc (We cannot rollback bootloader)
/boot/grub2/x86_64-efi (We cannot rollback bootloader)
/boot/grub2/power-ieee1275 (We cannot rollback bootloader)
/home (if not already on an own partition)
/opt (Prevents rollback if addons or packages are installed there)
/srv (web services may not be functional after a rollback anymore)
/tmp
/usr/local
/var/crash
/var/log (services which move files and/or permissions may not be functional anymore after a rollback)
/var/mail (if not a symlink to /var/spool/mail)
/var/opt
/var/spool (services which move/convert files and/or permissions may not be functional anymore after rollback)
/var/tmp

Known Issues or Limitations

In general, rollback can result in inconsistencies between the data on the root partition (which has been rolled back to an earlier state) and data on other subvolumes or partitions. These inconsistencies may include the use of different file paths, formats and permissions.

The ISO installation images can be directly dumped to a USB device such as a flash disk. This way you can install the system without the need of a DVD drive.

Several tools for dumping are listed at http://en.opensuse.org/SDB:Live_USB_stick (http://en.opensuse.org/SDB:Live_USB_stick).

YaST has been extended to support installation using IPv6 iSCSI target as root device.

When booting the installer from the DVD product media on a secure boot enabled system, the installation process is validated by the secure boot signature.

For more information about UEFI and secure boot, see the Administration Guide.

When performing a service pack migration, it is necessary to change the configuration on the registration server to provide access to the new repositories. If the migration process is interrupted or reverted (via restoring from a backup or snapshot), the information on the registration server is inconsistent with the status of the system. This may lead to you being prevented from accessing update repositories or to wrong repositories being used on the client.

When a rollback is done via Snapper, the system will notify the registration server to ensure access to the correct repositories is set up during the boot process. If the system was restored any other way or the communication with the registration server failed for any reason (for example, because the server was not accessible due to network issues), trigger the rollback on the client manually by calling snapper rollback.

We suggest always checking that the correct repositories are set up on the system, especially after refreshing the service using zypper ref -s.

On POWER, switching from SLES 11 to SLES 12 involves a transition in architecture from big endian (ppc64) to little endian (ppc64le). Because of this transition, a regular system update is not possible.

It is required to install the system as described in the Deployment Guide, section Installation on IBM POWER.

We suggest the following steps to perform migrations from SUSE Linux Enterprise Server 11 to 12 on VMware:

For information about VMware's support for migrations between major OS versions, see http://kb.vmware.com/kb/2018695 (http://kb.vmware.com/kb/2018695).

While updating from SLES 11 SP3 to 12, previous serial console bootloader settings will be ignored and newly proposed.

To enable a serial console click Booting on summary screen, then on the kernel options tab specify serial console related settings: Disable "Use graphical console", enable "Use serial console", and in the text field named "Console arguments" enter "serial --unit=0 --speed=115200".

By default, systemd cleans tmp directories daily, and systemd does not honor sysconfig settings in /etc/sysconfig/cron such as TMP_DIRS_TO_CLEAR. Thus it is needed to transform sysconfig settings to avoid potential data loss or unwanted misbehavior.

When updating to SLE 12, the variables in /etc/sysconfig/cron will be automatically migrated into an appropriate systemd configuration (see /etc/tmpfiles.d/tmp.conf ). The following variable are affected:

MAX_DAYS_IN_TMP
MAX_DAYS_IN_LONG_TMP
TMP_DIRS_TO_CLEAR
LONG_TMP_DIRS_TO_CLEAR
CLEAR_TMP_DIRS_AT_BOOTUP
OWNER_TO_KEEP_IN_TMP

Migration is supported from SUSE Linux Enterprise 11 SP3 (or higher) using the following methods:

For more information, see the Deployment Guide coming with SUSE Linux Enterprise.

An important requirement for every Enterprise operating system is the level of support a customer receives for his environment. Kernel modules are the most relevant connector between hardware ("controllers") and the operating system.

For more information about the handling of kernel modules, see the SUSE Linux Enterprise Administration Guide.

While fixing issues in the operating system, you might need to install a Problem Temporary Fix (PTF) into a production system. Those packages provided by SUSE are signed with a special PTF key. In contrast to SUSE Linux Enterprise 11, this key is not imported by default on SLE 12 systems.

To manually import the key, use the following command:

rpm --import /usr/share/doc/packages/suse-build-key/suse_ptf_key.asc

After importing the key, you can install PTF packages on SLE 12.

libzypp-14.39.0 will per default check a downloaded rpm packages signature, if the corresponding repositories metadata are not gpg signed or the signature was not verified.

Customers using unsigned repositories may experience that zypper/yast now ask whether to accept a package whose signature can not be checked because the signing key is not known [4-Signatures public key is not available]:

(1/1) zypper-1.12.3-3.2.x86_64(myrepo) .....................<100%>[|]
zypper-1.12.3-3.2.x86_64.rpm:
    Header V3 DSA/SHA1 Signature, key ID f3ef3328: NOKEY
    V3 DSA/SHA1 Signature, key ID f3ef3328: NOKEY

zypper-1.12.3-3.2.x86_64(myrepo): Signature verification failed [4-Signatures public key is not available]
Abort, retry, ignore? [a/r/i] (a):

Ignoring the error will install the package despite the failed signature verification. It's not recommended to chose this option unless it's known, that the gpgkey (with key ID <as displayed>) which was used to sign the package is trusted (but it was not imported into the rpm database).

The message can be avoided by manually importing the missing trusted key into the rpm database (using 'rpmkeys --import' PUBKEY ).

Other signature verification errors than [4-Signatures public key is not available] should not be ignored.

Customers using only signed repositories should experience no difference.

The default of checking either the repo metadata signature or the rpm packages signatures can be tuned globally (in /etc/zypp.conf ) or per repo (editing the corresponding .repo file in /etc/zypp/repos.d ). Explicitly setting repo_gpgcheck or pkg_gpgcheck will overwrite the defaults.

[zypp.conf]
## Signature checking (repodata and rpm packages)
##
##   boolean    gpgcheck        (default: on)
##   boolean    repo_gpgcheck   (default: unset -> according to gpgcheck)
##   boolean    pkg_gpgcheck    (default: unset -> according to gpgcheck)
##
## If 'gpgcheck' is 'on' we will either check the signature of repo metadata
## (packages are secured via checksum in the metadata), or the signature of
## a rpm package to install if it's repo metadata are not signed or not
## checked.
##
## The default behavior can be altered by explicitly setting 'repo_gpgcheck' and/or
## 'pkg_gpgcheck' to perform those checks always (if 'on') or never (if 'off').
##
## Explicitly setting 'gpgcheck', 'repo_gpgcheck' 'pkg_gpgcheck' in a
## repositories .repo file will overwrite the defaults here.
##
##   DISABLING GPG CHECKS IS NOT RECOMMENDED.
##   Signing data enables the recipient to verify that no modifications
##   occurred after the data were signed. Accepting data with no, wrong
##   or unknown signature can lead to a corrupted system and in extreme
##   cases even to a system compromise.
##
# repo_gpgcheck = unset -> according to gpgcheck
# pkg_gpgcheck =  unset -> according to gpgcheck

vino (VNC server integrated in GNOME desktop environment) is using by default a encrypted connection (TLS), which might not be supported by all VNC clients on all platforms.

You can disable encryption on vino by running the following command as a regular user

gsettings set org.gnome.Vino require-encryption false

or by using the dconf-editor graphical tool, available from GNOME Control Center.

Known VNC clients with support for TLS encryption are "vinagre" (GNOME VNC client), virt-viewer (libvirt VM client, available for Windows from http://virt-manager.org/download/ (http://virt-manager.org/download/) ).

SUSE Linux Enterprise 12 supports the new on-disk format (v5) of the XFS file system. XFS file systems created by YaST will use this new format. The main advantages of this format are automatic checksumming of all XFS metadata, file type support, and support for a larger number of access control lists for a file.

Caveat: Pre SLE 12 kernels, xfsprogs before version 3.2.0, and the grub2 bootloader before the one released in SLE 12 do not understand the new file system format and thus refuse to work with it. This can be problematic if the file system should also be used from older or other distribution.

If you require interoperability of the XFS file system with older or other distributions, format the filesystem manually using the mkfs.xfs command. That will create a filesystem in the old format unless you use the "-m crc=1" option.

The WS-Management protocol is supported via Openwsman, providing client ( wsmancli package) and server ( openwsman-server package) implementations.

Openwsman, by using the WS-Management standard, can interface to:

It is possible to run SUSE Linux Enterprise 12 on a shared read-only root file system. A read-only root setup consists of the read-only root file system, a scratch and a state file system. The /etc/rwtab file defines, which files and directories on the read-only root file system are replaced with which files on the state and scratch file systems for each system instance.

The readonlyroot kernel command line option enables read-only root mode; the state= and scratch= kernel command line options determine the devices, on which the state and scratch file systems are located.

In order to set up a system with a read-only root file system, set up a scratch file system, set up a file system to use for storing persistent per-instance state, adjust /etc/rwtab as needed, add the appropriate kernel command line options to your boot loader configuration, replace /etc/mtab with a symlink to /proc/mounts as described below, and (re)boot the system.

Replace /etc/mtab with the appropriate symbolic links:

ln -sf /proc/mounts /etc/mtab

See the rwtab(5) manual page for more information and http://www.redbooks.ibm.com/abstracts/redp4322.html (http://www.redbooks.ibm.com/abstracts/redp4322.html) for limitations on System z.

SLE12 has moved to Systemd, a new way of managing services. For more information, see the SUSE Linux Enterprise Admin Guide, Section The Systemd Daemon.

Time synchronization with microsecond precision across a group of hosts in a data center is challenging to achieve without extra hardware.

Support for Precision Time Protocol version 2 leveraging the new time synchronization feature of modern network interface cards has been included in SUSE Linux Enterprise Server 12. For taking advantage of the precise time synchronization install the new linuxptp package and refer to the documentation in the /usr/share/doc/packages/linuxptp directory.

schedtool has been replaced by chrt, which is part of the standard util-linux package. chrt also handles all scheduler classes.

Note, chrt requires a priority to be provided for all normal scheduling classes as well as realtime classes. For example, to set your shell to SCHED_FIFO priority 1, enter:

chrt -p -f 1 $$

To set it back to SCHED_OTHER:

chrt -p -o 0 $$

'0' is the only valid (and required) priority for SCHED_OTHER, SCHED_BATCH, and SCHED_IDLE classes, priorities 1-99 are realtime priorities.

On SUSE Linux Enterprise 11, the bind mount in /etc/exports was mandatory. It is still supported, but now deprecated.

Configuring directories for export with NFSv4 is now the same as with NFSv3.

Intel AMT (Active Management Technology) is hardware-based technology for remotely managing and securing PCs out-of-band.

Intel MEI (Management Engine Interface) is a driver in Linux kernel, it allows applications to access the Intel ME (Management Engine) FW via the host interface; and the MEI driver is used by the AMT Local Manageability Service (LMS).

Systemd can restart services if they crash. Where appropriate, Restart=on-abort is set in the services files.

For configuring macvlan interface, see the ifcfg-macvlan(5) man page.

To change the usage of delta RPMs during the update it was needed to edit /etc/zypp/zypp.conf and set download.use_deltarpm to 'false'.

In the YaST Online Update Configuration dialog you can now activate delta RPMs usage by checking Use delta rpms. This setting will change the configuration file in the background.

It is no longer possible to set file permissions with SuSEconfig --module permissions .

If you want to set the file permissions as defined in /etc/permissions.*, run

chkstat --system

For advanced storage configurations like 4-way multipath to an array, we will end up with an environment where the host OS is scheduling I/O and the storage array is scheduling I/O. It is a common occurrence that those schedulers end up competing with each other and ultimately degrade performance. Because the storage array has the best view of what the storage is doing at any given time, enabling the noop scheduler on the host is telling the OS to just get out of the way and let the array handle all of the scheduling.

Following the same rationale, also for block devices within virtualization guests the noop I/O scheduler should be used.

To change the I/O scheduler for a specific block device, use:

echo [scheduler name] > /sys/block/[device]/queue/scheduler

For more information, see the SUSE Linux Enterprise System Analysis and Tuning Guide.

Pixz (pronounced 'pixie') is a parallel, indexing version of XZ. It takes advantage of running LZMA compression of multiple parts of an input file on multiple cores simultaneously. The resulting file contains an index of the data blocks, which enables random access to the data

Linux Cloud Video Transcode is an Intel GEN based hardware solution to support high quality and performance video transcoding on a server. With enabling VEBOX on Haswell for some video pre and post process features like DN/ADI SUSE Linux Enterprise features improved transcode quality.

On systems with a high NFS load, connections may block.

To work around such performance regressions with NFSv4, you could open more than one TCP connection to the same physical host. This could be accomplished with the following mount options:

To request that the transport is not shared use

mount -o sharetransport=N server:/path /mountpoint

Where N is unique. If N is different for two mounts, they will not share the transport. If N is the same, they might (if they are for the same server, etc).

Currently, reading /proc/vmcore is done by read_oldmem that uses ioremap/iounmap per a single page. For example, if memory is 1GB, ioremap/iounmap is called 1GB / 4KB times, that is 262144 times. This causes big performance degradation due to repeated page table changes, TLB flush, and build-up of VM related objects.

To address the issue, SLES does the following:

The current main user of this mmap call is makedumpfile, which not only reads memory from /proc/vmcore but also does processing like filtering, compression, and I/O work.

Because virtio numbers are not stable, by-path links for virtio disks are no longer available. These names are not persistent.

Btrfs is a copy-on-write (CoW) general purpose file system. Based on the CoW functionality, Btrfs provides snapshotting. Beyond that data and metadata checksums improve the reliability of the file system. Btrfs is highly scalable, but also supports online shrinking to adopt to real-life environments. On appropriate storage devices Btrfs also supports the TRIM command.

Support

With SUSE Linux Enterprise 12, Btrfs is the default file system for the operating system, xfs is the default for all other use cases. We also continue to support the Ext-family of file systems, Reiserfs and ocfs2. Each file system offers distinct advantages. Customers are advised to use the YaST partitioner (or AutoYaST) to build their systems: YaST will prepare the Btrfs file system for use with subvolumes and snapshots. Snapshots will be automatically enabled for the root file system using SUSE's snapper infrastructure. For more information about snapper, its integration into ZYpp and YaST, and the YaST snapper module, see the SUSE Linux Enterprise documentation.

Migration from "Ext" and Reiserfs File Systems to Btrfs

Migration from existing "Ext" file systems (Ext2, Ext3, ext4) and Reiserfs is supported "offline" and "in place", if the original filesystem has been created with a 4k block size (this is the case for most file systems on the x86-64 and System z architectures). Calling "btrfs-convert <device>" will convert the file system. This is an offline process, which needs at least 15% free space on the device, but is applied in place. Roll back: calling "btrfs-convert -r <device>" will roll back. Caveat: when rolling back, all data will be lost that has been added after the conversion into Btrfs; in other words: the roll back is complete, not partial.

RAID

Btrfs is supported on top of MD (multiple devices) and DM (device mapper) configurations. Use the YaST partitioner to achieve a proper setup. Multivolume Btrfs is supported in RAID0, RAID1, and RAID10 profiles in SUSE Linux Enterprise 12, higher RAID levels are not yet supported, but might be enabled with a future service pack.

SWAP files

Using swap files on top of Btrfs is not supported. In general, we are advising to use partitions for swapping, and not swap files on top of any file system for performance reasons.

Future Plans

Filesystem Maintenance, Online Check, and Repair Functionality

Check and repair functionality ("scrub") is available as part of the Btrfs command line tools. "Scrub" is aimed to verify data and metadata assuming the tree structures are fine. "Scrub" can (and should) be run periodically on a mounted file system: it runs as a background process during normal operation.

We recommend to apply regular "maintenance" to the Btrfs file system to optimize performance and disk usage. Specifically we recommend to "balance" and "defrag" the file system on a regular basis. Check the "btrfs-maintenance" package and see the SUSE Linux Enterprise documentation for more information.

Capacity Planning

If you are planning to use Btrfs with its snapshot capability, it is advisable to reserve twice as much disk space than the standard storage proposal. This is automatically done by the YaST2 partitioner for the root file system.

Backward compatibility - Hard Link Limitation

Previous products had a limitation on low hard link count per file in a directory. This has been fixed and is 65535 now. It requires a file system created with "-O extref", which is done by default. Caveat: Such a file system might not be mountable on older products.

Backward compatibility - Enhanced metadata

The file systems are by default created with a more space efficient format of metadata, the feature is called "skinny-metadata" for mkfs. Caveat: Such a file system will not be mountable on previous products.

Backward compatibility - metadata block size is 16k

The default metadata block size has changed to 16 kilobytes, reducing metadata fragmentation. Caveat: Such a file system will not be mountable on older products.

Other Limitations

At the moment, Btrfs is not supported as a seed device.

For More Information

For more information about Btrfs, see the SUSE Linux Enterprise documentation.

The Btrfs file system has a group of features that we are classifying as "supported" and another group classified as "unsupported". By default, these unsupported features will not be available unless a customer uses the Btrfs module parameter allow_unsupported=1.

Supported:

Not Supported (not yet mature):

This list will change over time, as feature are maturing.

With SUSE Linux Enterprise 12, the default file system in new installations was changed from Ext3 to Btrfs for the root system partition. XFS is the default file system for the /home partition and other data partitions.

In the expert partitioner, the default file system is Btrfs. The user can change it if another file system is more suitable to accomplish the intended workload.

POWER Architecture

On POWER, the pagesize is 64K. Due to the assumption made by Btrfs regarding data blocksize (i.e. data blocksize being equal to the page size), a Btrfs installation on POWER will use a blocksize of 64K. This means that a Btrfs created on x86 will not be mountable and readable via Btrfs on POWER, and vice versa.

If data sharing in mixed architecture environments is a major concern, make sure to use XFS on POWER for data partitions.

Identical data should not be stored more then once to save storage space.

SUSE Linux Enterprise supports the data deduplication feature of the Btrfs file system. To achieve the deduplication it replaces identical contents (blocks) with logical links to a single copy of the block in a common storage location.

The deduplication is performed out-of-band (also called post-process or offline) using a specialized tool.

This is the command to display the PEs in use by LVs:

pvs -o vg_name,lv_name,pv_name,seg_pe_ranges

VG     LV   PV         PE Ranges
            /dev/sdb5
            /dev/sdb6
            /dev/sdb7
            /dev/sdb8
system root /dev/xvda2 /dev/xvda2:0-1782
system swap /dev/xvda2 /dev/xvda2:1783-200

GRUB2 offers support for PReP partitions on GUID Partition Table (GPT) disks.

Names for "md" RAID devices, particularly as they appear in /proc/mdstat, traditionally have numeric names like "md4". Working with these names can be clumsy.

In SLE-12 the option is available to use textual names. Adding the line CREATE names=yes to /etc/mdadm.conf will cause names like md_home to be used in place of e.g. md127 if a name was given when creating the array. This will likely be enabled by default in future releases of SLE.

With SUSE Linux Enterprise 12, it is now possible to mount NFS volumes locally on the exporting server.

Btrfs has a number of features that for reasons of instability or immaturity SUSE chooses not to support in the enterprise releases. In order to avoid undesired failures, we can disable those features in the code.

The module parameter to enable unsupported features is called allow_unsupported.

To test out those unsupported features, you can enable them optionally with a module flag ( allow_unsupported=1 ) that also taints the module as unsupported. Alternatively, the same can be achieved by writing 1 to the module parameter exported in /sys/module/btrfs/parameters.

Denied mount:

Runtime operations that will be denied:

An attempt to mount or use a disallowed ioctl fails with an 'operation not supported' error code and prints a message into the syslog regarding the supportability and that allow_unsupported=1 would allow that.

Most LVM commands require an accurate view of the LVM metadata stored on the disk devices in the system. With the current LVM design, if this information is not available, LVM must scan all the physical disk devices in the system. This requires a significant amount of I/O operations in systems with a large number of disks.

The purpose of the lvmetad daemon is to eliminate the need for this scanning by dynamically aggregating metadata information each time the status of a device changes. These events are signaled to lvmetad by udev rules. If lvmetad is not running, LVM performs a normal scan.

This feature is disabled by default in SLES 12. To enable it, refer to the use_lvmetad parameter in the /etc/lvm/lvm.conf file.

The reiserfs file system was fully supported for the lifetime of SLES 11 specifically for migration purposes.

With SLES 12, reiserfs is still fully supported for use but support for creating new reiserfs file systems has been removed from YaST.

SUSE Linux Enterprise Virtual Machine Driver Pack is a set of paravirtualized device drivers for Microsoft Windows operating systems. These drivers improve the performance of unmodified Windows guest operating systems that are run in virtual environments created using Xen or KVM hypervisors with SUSE Linux Enterprise Server 10 SP4, SUSE Linux Enterprise Server 11 SP3 and SUSE Linux Enterprise Server 12. Paravirtualized device drivers are installed in virtual machine instances of operating systems and represent hardware and functionality similar to the underlying physical hardware used by the system virtualization software layer.

SUSE Linux Enterprise Virtual Machine Driver Pack 2.2 new features include:

For more information on VMDP2.2 refer to the official documentation.

Some partners need to still run 32-bit applications in a 32-bit runtime environment on SUSE Linux Enterprise 12.

SUSE does not support 32-bit development on SLE 12. 32-bit runtime environments are available with SLE 12. If there is a need to develop 32-bit applications to run in the SLE 12 32-bit runtime environment then use the SLE 11 32-bit development tools to create these applications.

Due to limitations in the legacy x86_64 BIOS implementations, booting from devices larger than 2 TiB is technically not possible using legacy partition tables (DOS MBR).

Since SUSE Linux Enterprise Server 11 SP1 we support installation and boot using uEFI on the x86_64 architecture and certified hardware.

For the last 20 years, hard disk with 512 byte sectors have been in use. Since some years there are drives providing a 4KiB sector size internally, but showing 512 byte sectors externally as a backward compatibility layer (512 byte emulation / 512e). These devices are fully supported in SUSE Linux Enterprise.

The installation on native 4KiB sector drives (4kn) in x86_64 systems with UEFI is supported, as is the use of 4 KiB sector drives as non-boot disks. Legacy (non UEFI) installations on x86_64 systems are not supported on 4KiB drives for technical reasons.

The Performance Scaled Messaging (PSM) API is Intel's low-level user-level communications interface for the Intel(R) True Scale Fabric family of products.

The PSM libraries are included in the libpsm_infinipath1-3.2-4.30.x86_64 source RPM and get built and installed as part of a default OS install process.

The primary way to use PSM is by compiling applications with an MPI that has been built to use the PSM layer as its interface to Intel HCAs. PSM is the high-performance interface to the Intel(R) True Scale HCAs.

To implement the Intel True Scale solution here are the steps that need to be followed if a user wants to install SUSE Linux Enterprise Server OFED support and MPIs:

SUSE Linux Enterprise Server 12 add support for the latest Intel processors, Including

virt-top is a top-like utility for showing stats of virtualized domains. Many keys and command line options are the same as for ordinary top.

Memory that exists since boot is always managed by the NUMA zone ZONE_NORMAL. This memory has kernel memory, thus cannot be offlined, and subsequently cannot be hot-removed. One solution for this issue is to gather kernel memory on a special system board, and movable memory to other system boards.

To achieve this behaviour, use the kernel commandline option movable_node. If this boot option is set, Linux checks the hot-pluggable bit of Memory Structure Affinity in the ACPI SRAT Table; if this bit is enabled, the memory is managed by ZONE_MOVABLE, and thus the other system boards can be hot-removed.

CAVEAT: this boot option may have significant performance impact. Workloads that are very metadata intensive may not be able to use all memory because the bulk of memory is ZONE_MOVABLE. They will either suffer severely degraded performance or at the worst case, the OOM killer will fire. Similarly, workloads that require large amounts of address space may fail because they cannot allocate page tables. On NUMA machines, such workloads may still suffer degraded performance because all their page table pages are allocated remote to the workload.

Enabling the feature will also limit the availability of system memory for certain features, eg. tmpfs may only be using memory from ZONE_NORMAL and memory in ZONE_MOVABLE will be unavailable.

Summarizing, by enabling movable_node there is a trade-off between being able to hot-remove a full memory node versus workload performance, amount of memory that can be used and ability to even run a specific task. If you encounters one of the trade-offs, the only sensible option is to disable node memory hot-remove.

SUSE's Kernel team is working with the Linux community to find mitigations for those limitations as a long term goal.

In theory, platform firmware has better knowledge of the appropriate thresholds to use based on OEM knowledge of the failure rates of components in the platform.

SLES 12 kernel supports firmware first mode for corrected errors allowing firmware to take first control over memory error handling. Firmware then notifies Linux through APEI once memory errors exceed a platform defined threshold. On receipt of APEI notification, Linux immediately offlines pages in-kernel isolating problematic memory resulting in improved system reliability and uptime.

Often it is difficult to correlate the commonly used name of the processor with the IBM model number for that processor.

The cputype command is now included in the s390-tools package. The cputype command prints both the IBM model number as well as the more commonly used processor name.

The Physical Channel ID (PCHID) enables hardware detection with a machine-wide unique identifier.

With this feature for the common I/O layer, channel paths with missing interrupts during internal I/O do not make devices with remaining functioning channel paths unusable to device drivers.

Live guest relocation (LGR) with z/VM 6.2 requires z/VM service applied, especially with Collaborative Memory Management (CMMA) active (cmma=on).

Apply z/VM APAR VM65134.

Large Page support allows processes to allocate process memory in chunks of 1 MiB instead of 4 KiB. This works through the hugetlbfs.

Linux guests using dedicated devices may experience a loop, if an available path to the device goes offline prior to the IPL of Linux.

Apply recommended z/VM service APARs VM65017 and VM64847.

Unlike in SLES 11, LUN scanning is enabled by default in SLES 12. Instead of having a user-maintained whitelist of FibreChannel/SCSI disks that are brought online to the guest, the system now polls all targets on a fabric. This is especially helpful on systems with hundreds of zFCP disks and exclusive zoning.

However, on systems with few disks and an open fabric, it can lead to long boot times or access to inappropriate disks. It can also lead to difficulties offlining and removing disks.

To disable LUN scanning, set the boot parameter zfcp.allow_lun_scan=0.

For LUN Scanning to work properly, the minimum storage firmware levels are:

In SLES 11 SP2 new partition types were added to the fdasd command in the s390-tools package. Anyone using YaST in SLES 12 to create partitions will not see this happening.

If fdasd is used from the command line, it will work as documented and desired.

To gain the performance improvements for certain workloads the data router support is enabled by default. This is tolerated in environments without data router support on LPAR and under z/VM.

This feature introduces a new interface that enables Linux applications like Data Stage to access and process (read only) data in z/OS owned physical sequential data sets without interfering with z/OS. By avoiding FTP or NFS transfer of data from z/OS the turnaround time for batch processing is significantly reduced.

With increasing sizes of ECKD DASDs, the speed of formatting becomes an issue.

The performance can now be increased by using Parallel Access Volume (PAV) when formatting DASDs. In addition, with a new parameter, -r or --requestsize, you can specify the number of cylinders to be formatted in one step.

Introduces the default MTU size of 1500 for OSA layer 2 and all traffic that uses DIX frames to remove System z specifics.

Adds support for IPv6 addresses to the src_vipa tool, that only supports IPv4 up to now.

Token Ring is no longer supported.

It is no longer offered to select Token Ring.

Only the Ethernet remains as the interface. Therefore the parameter "OsaMedium" is also obsolete. This parameter is no longer recognized in parmfiles and on the command line. If the parameter is specified, it will appear in /etc/zipl.conf as an unnecessary kernel parameter.

The existing data execution protection for Linux on System z relies on the System z hardware to distinguish instructions and data through the secondary memory space mode. As of System z10, new load-relative-long instructions do not make this distinction. As a consequence, applications that have been compiled for System z10 or later fail when running with the existing data execution protection.

Therefore, data execution protection for Linux on System z has been removed.

It is possible to install the complete crypto stack by selecting System z HW crypto support at install time. It is available as an install pattern in the Software Selection dialog.

New libica APIs show crypto exploiters what cryptographic functions are available and if hardware or software will be used to process cryptographic requests. In the past, this information could only be obtained through stand-alone tools primarily intended for administrators.

Exploitation of Enterprise wide PKCS#11 (EP11) in CryptoExpress4 device driver and opencryptoki token for access to the Enterprise PKCS#11 (EP11) features of the CEX4S crypto adapter that implements certified PKCS#11 mechanism.

The libica and opencryptoki libraries now support algorithms for Message Security Assist Extension 4 (MSA4) instructions in CPACF (Central Processor Assist for Cryptographic Function) and provides significant acceleration of complex cryptographic algorithms.

SLES 12 includes opencryptoki 3.1 which comes with an ICA token that exploits the SHA-256 hash algorithm provided by System z crypto-hardware.

To ease installation with huge amounts of devices SLES 12 enables the user to switch cio_ignore on and off at install time to decide if all devices should be displayed or be limited to a specified amount of devices. When selecting cio_ignore on the list of devices to be displayed can be manually defined by selecting dedicated devices or by defining device ranges.

The SCSI dump tool now writes dumps directly to a SCSI partition, without using a file system. The option zipl -d is used for both, DASD and SCSI stand-alone dumps. The option zipl -D has become obsolete and is no longer supported.

The SCSI dump tool can now also be installed on multipath devices.

Enable the use of keywords, ipldev for the IPL device and condev for the console device to ease installation when a system uses cio_ignore to blacklist all devices at install time and does not have a default CCW console device number, has no devices other than the IPL device as a base to clone Linux guests, or with ramdisk based installations with no devices other than the CCW console.

zPXE provide a similar function to the PXE boot on x86/x86-64: have a parameter driven executable, retrieving installation source and instance specific parameters from specified network location, download automatically the respective kernel, initrd, and parameter files for that instance and start an automated (or manual) installation.

Compression is used in various of places of the system such as decompression of Java class files, PDF generation, compressed backup and for installation (binaries compressed in RPMs). Although beneficial in multiple aspects (data on disk, data transferred to memory), it requires significant processor resources.

Using an optimized version of zlib significantly improves performance and lowers processor resource consumption for applications using the respective library.

With SUSE Linux Enterprise Server 12, Mesa supports 3D acceleration via llvmpipe on IBM System z hardware.

With SLES 12, the System z unique detection of dirty bits is converted to the handling of dirty bits in the page table entry. This change makes the dirty bit handling consistent with other architectures.

Provides performance improvement for applications that access large amounts of anonymous memory, such as heap space for Java programs or caching areas for databases.

The toolchain supports the IBM System z Enterprise EC12 (zEC12) instruction set to optimize performance with SLES 12 on zEC12.

Support of the GNU specific symbol STT_GNU_IFUNC that allows for multiple versions of the same function in a library. The support enables optimized execution of performance critical functions, for example by providing variants exploiting the instruction sets of different CPU levels.

The STT_GNU_IFUNC symbol is supported in the gcc, binutils, and glibc packages. Optimized versions of the memcpy, memset, and memcmp functions are provided in the glibc package.

With SLES 12, gcc supports applications utilizing transactional-execution (TX) for simplified concurrency control via shared memory sections removing the limits for lock controlled execution.

SUSE Linux Enterprise 12 (x86_64) is using the Myri10GE driver from mainline Linux kernel. The driver requires a firmware file to be present, which is not being delivered with SUSE Linux Enterprise 12.

Download the required firmware at http://www.myricom.com (http://www.myricom.com).

For QLogic 82XX based CNA, update the firmware to the latest from the QLogic Web site or whatever is recommended by the OEM in case you are running 4.7.x FW version.

To solve this, upgrade the switch firmware to v6.4.3 or above.

Older HP Smart Array controllers (before ProLiant G6) are no longer supported in SLES 12. The device driver for these controllers, cciss, has been removed from the distribution media and support for G6 controllers has been added to the newer HP Smart Array driver, hpsa. All Smart Array controllers will now use the hpsa driver, with the exception of the Dynamic Smart Array controllers, which require a special driver available from http://hp.com (http://hp.com).

HP Smart Array controller models no longer supported in SLES 12 include:

HP Smart Array controller models that will be supported with the hpsa driver instead of the cciss driver include:

Important: Customers with controller models identified above as transitioning from the cciss driver to the hpsa driver should be aware that there are differences in device presentation between cciss and hpsa. The older cciss driver is a block layer driver, presenting devices as /dev/cciss/c*d*, while the newer hpsa driver is a SCSI layer driver, and follows standard SCSI practice of presenting devices as /dev/sd*. Configuration files that use device-specific naming may need to be edited to reflect the new device naming. For more information about hpsa and a comparison of the two drivers, see the following white paper:

http://h10032.www1.hp.com/ctg/Manual/c02677069.pdf (http://h10032.www1.hp.com/ctg/Manual/c02677069.pdf).

For IMSM and DDF RAIDs the mdadm driver is used unconditionally.

iscsitarget and related packages are replaced with lio.

On SLES 12, suseRegister was replaced by the SUSEConnect command line tool. For usage information, see the following TID: https://www.suse.com/support/kb/doc.php?id=7016626 (https://www.suse.com/support/kb/doc.php?id=7016626)

LTTng provides a set of tools allowing for efficient and combined tracing of userspace and kernel code referencing a common time source. This allows users to identify performance issues and debug problems in complicated code involving multiple concurrent processes and threads. In addition to the tracers, viewing and analysis tools are provided supporting both text and graphical formats. The kernel tracing functionality is implemented via a suite of loadable kernel modules. The loading of these modules and control of the tracing system is controlled by a single lttng utility.

The dropwatch feature will allow the customer to easily observe and diagnose network performance problems caused by dropped packets.

Thus the 'dropwatch' package was added and NET_DROP_MONITOR enabled.

The default FTP client is lftp, which offers outstanding scriptability. Other clients such as ncftp and lukemftp are no longer available.

For specific configurations, such as low memory, where the GNOME desktop environment does not suit, a lightweight desktop is needed.

icewm has been chosen as a lightweight desktop to fill this need on SUSE Linux Enterprise Server.

The tar version in SLES and SLED 12 (SP0) was not handling extended attributes properly.

A maintenance update for tar fixes this issue. This update introduces new package dependencies:

Both of these packages are already required by other core packages in a SLE installation.

To upgrade a PostgreSQL server installation from version 9.1 to 9.4, the database files need to be converted to the new version.

Newer versions of PostgreSQL come with the pg_upgrade tool that simplifies and speeds up the migration of a PostgreSQL installation to a new version. Formerly, it was necessary to dump and restore the database files which was much slower.

To work, pg_upgrade needs to have the server binaries of both versions available. To allow this, we had to change the way PostgreSQL is packaged as well as the naming of the packages, so that two or more versions of PostgreSQL can be installed in parallel.

Starting with version 9.1, PostgreSQL package names on SUSE Linux Enterprise products contain numbers indicating the major version. In PostgreSQL terms, the major version consists of the first two components of the version number, for example, 9.1, 9.3, and 9.4. So, the packages for PostgreSQL 9.3 are named postgresql93, postgresql93-server, etc. Inside the packages, the files were moved from their standard location to a versioned location such as /usr/lib/postgresql93/bin or /usr/lib/postgresql94/bin. This avoids file conflicts if multiple packages are installed in parallel. The update-alternatives mechanism creates and maintains symbolic links that cause one version (by default the highest installed version) to re-appear in the standard locations. By default, database data is stored under /var/lib/pgsql/data on SUSE Linux Enterprise.

The following preconditions have to be fulfilled before data migration can be started:

Upstream documentation about pg_upgrade including step-by-step instructions for performing a database migration can be found under file:///usr/share/doc/packages/postgresql94/html/pgupgrade.html (if the postgresql94-docs package is installed), or online under http://www.postgresql.org/docs/9.4/static/pgupgrade.html (http://www.postgresql.org/docs/9.4/static/pgupgrade.html). NOTE: The online documentation explains how you can install PostgreSQL from the upstream sources (which is not necessary on SLE) and also uses other directory names ( /usr/local instead of the update-alternatives based path as described above).

For background information about the inner workings of pg_admin and a performance comparison with the old dump and restore method, see http://momjian.us/main/writings/pgsql/pg_upgrade.pdf (http://momjian.us/main/writings/pgsql/pg_upgrade.pdf).

Mounting cifs shares at systems start via /etc/samba/smbfstab has been discontinued and obsoleted. Now the generic /etc/fstab handles it.

The migration process requires two steps:

With Apache 2.4, some changes have been introduced that affect Apache's access control scheme. Previously, the directives "Allow", "Deny", and "Order" have determined if access to a resource has been granted with Apache 2.2. With 2.4, these directives have been replaced by the "Require" directive. For backwards compatibility of 2.2 configurations, the SUSE Linux Enterprise Server 12 apache2 package understands both schemes, Deny/Allow (apache 2.2) and Require (apache 2.4).

For more information on how to easily switch between the two schemes, see the file /usr/share/doc/packages/apache2/README-access_compat.txt.

Forthcoming Samba 4.2.0 provided by http://www.samba.org (http://www.samba.org) will come with "winbind expand groups" set to "0" by default.

Samba post 4.1.10 provided by SUSE anticipates the new default.

The new default makes winbindd more reliable because it does not require SAMR access to domain controllers of trusted domains.

Note: Some legacy applications calculate the group memberships of users by traversing groups; such applications will require winbind expand groups = 1.

We ship GNOME 3.10 with SUSE Linux Enterprise 12.

GNOME on SUSE Linux Enterprise is available in three different setups, which are modifying desktop user experience:

The setup can be changed at login time, in GDM, using the gear icon in the password prompt screen. It can also be modified using YaST, systemwide.

Caveats:

With SLE 11 after joining a Microsoft domain, GDM displayed the available domain names as a drop-down box below the user name and password fields. This behavior has changed.

With SLE 12, you must prefix the domain and the winbind separator manually to login. As soon as you click the 'Not listed?' text, GDM will display a hint such as '(e.g., domain\user)'.

IBM Java 7 Release 1 provides performance improvements through IBM POWER8 and IBM zEnterprise EC12 exploitation.

Parted was upgraded version 3.1.

This version can no longer resize file systems contained within a partition. Parted can resize partitions, but to resize the contained file system, an external tool such as mkfs.ext4 has to be used.

With the upgrade to Qt5 the QML technology now also available.

On platforms supporting dmidecode, the supportconfig tool now contains the dmidecode output.

Previously, this was done only when explicitly activated with a parameter, but the default changed to provide always now. This is done to deliver better support result.

BlueZ 4 is no longer maintained upstream. Thus upgrading to BlueZ 5 ensures that you will get all the latest upstream bug fixes and enhancements.

BlueZ 5 comes with numerous new features, API simplification and other improvements such as Low Energy support. It is new major version of the Bluetooth handling daemon and utilities.

Note: The new major version indicates that the API is not backwards compatible with BlueZ 4, which means that all applications, agents, etc. must be updated.

A Machine Owner Key (MOK) is a type of key that a user generates and uses to sign an EFI binary. This is a way for the machine owner to have ownership over the platform’s boot process.

Suitable tools are coming with the mokutil package.

MariaDB is a backward compatible replacement for mySQL.

If you update from SLE 11 to SLE 12, it is advisable to do a manual backup before the system update. This could help if a start of the database has issues with the storage engine's on-disk layout.

After the update to SLE 12, a manual step is required to actually get the database running (this way you quickly see if something goes wrong):

touch /var/lib/mysql/.force_upgrade
rcmysql start
# => redirecting to systemctl start mysql.service
rcmysql status
# => Checking for service MySQL:
# => ...

The old PCMCIA based on ISA and 16-bit only will no more be supported under SLE12. Latest modern laptop uses CardBus (based on PCI), which continues to be supported.

The Legacy Module helps you migrating applications from SUSE Linux Enterprise 10 and 11 and other systems to SUSE Linux Enterprise 12, by providing packages which are discontinued on SUSE Linux Enterprise Server, such as: sendmail, syslog-ng, IBM Java6, and a number of libraries (for example openssl-0.9.8 ).

Access to the Legacy Module is included in your SUSE Linux Enterprise Server subscription. The module has a different lifecycle than SUSE Linux Enterprise Server itself. Packages in this module are usually supported for at most three years. Support for Sendmail and IBM Java 6 will end in September 2017 at the latest.

YaST as a command line tool for managing packages is deprecated. Instead of yast with the command line switches -i, --install, --update, or --remove for installing, updating, or removing packages, use zypper.

For more information, see the zypper man page.

libsysfs has been deprecated and has been replaced by libudev. If you have self-compiled applications using libsysfs previously, you have to recompile using libudev.

dhcpcd package was replaced by wicked and dhcp-client packages.

Emulex will be deprecating hardware in the future that will impact SLES 12 SP1.

The following hardware associated with the Emulex lpfc driver will be deprecated for SLES 12 SP1:

Device IDs and Device Name

VID:10DF, DID:1AE5 LP6000
VID:10DF, DID:E100 LPev12000
VID:10DF, DID:E131 LPev12002
VID:10DF, DID:E180 LPev12000
VID:10DF, DID:F095 LP952
VID:10DF, DID:F098 LP982
VID:10DF, DID:F0A1 LP101
VID:10DF, DID:F0A5 LP1050
VID:10DF, DID:F0D1 LP111
VID:10DF, DID:F0F5 LPe1000 & LPe1000‐SP
VID:10DF, DID:F0F7 LPe1002‐SP
VID:10DF, DID:F700 LP7000
VID:10DF, DID:F0800 LP8000
VID:10DF, DID:F900 LP9002
VID:10DF, DID:F980 LP9802
VID:10DF, DID:FA00 LP10000
VID:10DF, DID:FB00 LPx1000
VID:10DF, DID:FC00 LP10000S
VID:10DF, DID:FC10 LP11000S
VID:10DF, DID:FD00 LP11000
VID:10DF, DID:FD11 LP11000‐S
VID:10DF, DID:FE05 LP21000

Raw devices are deprecated.

The following packages were removed with the major release of SUSE Linux Enterprise Server 12:

The following packages to be removed with the release of SUSE Linux Enterprise Server 12 SP1:

The following wireless drivers have been moved to kernel-default-extra package:

module-init-tools is replaced by kmod.

Caveat: With the replacement, the modprobe list command ( -l ) is no longer available. As a workaround you can make use of find or grep; for example, if you are looking for modules starting with xt:

grep '/xt[^/]*\.ko:' /lib/modules/$(uname -r)/modules.dep

AppArmor now offers normalized command names:

Kmod package is a replacement of the former module-init-tools. In addition to the well known tools like lsmod, modprobe, and modinfo, the package offers a shared library for use by system management services which need to query and manipulate Linux kernel modules.

NetworkManager, primarily used on Desktops and Notebooks where one user is working with one specific machine, is now part of the Workstation Extension. For all the other use cases, and especially all server workloads, the default provided by SLES is Wicked.

SLES 12 does not offer the cyrus-imapd package and hence Cyrus IMAP and POP Mail Server is not available on SLES 12.

Users should consider a migration to Dovecot. SLES 12 does not provide utilities for the migration however there are some community tools: http://wiki2.dovecot.org/Migration/Cyrus

Configuration:

There is no yast support for dovecot configuration. If you want to deliver local mails to dovecot follow this steps:

Autoyast:

The postfix_mda tag of the mail section may only contains following values: local, procmail.

On new installations, rsyslog will get installed instead of the former syslog-ng and syslog.

CUPS Version Upgrade to 1.7

CUPS >= 1.6 has major incompatible changes compared to CUPS up to version 1.5.4 in particular when printing via network:

The IPP protocol default version increased from 1.1 to 2.0. Older IPP servers like CUPS 1.3.x (for example in SLE 11) reject IPP 2.0 requests with "Bad Request" (see http://www.cups.org/str.php?L4231 (http://www.cups.org/str.php?L4231) ). By adding '/version=1.1' to ServerName in client.conf (e.g., ServerName older.server.example.com/version=1.1) or to the CUPS_SERVER environment variable value or by adding it to the server name value of the '-h' option (e.g., lpstat -h older.server.example.com/version=1.1 -p) the older IPP protocol version for older servers must be specified explicitly.

CUPS Browsing is dropped in CUPS but the new package cups-filters provides the cups-browsed that provides basic CUPS Browsing and Polling functionality. The native protocol in CUPS for automatic client discovery of printers is now DNS-SD. Start cups-browsed on the local host to receive traditional CUPS Browsing information from traditional remote CUPS servers. To broadcast traditional CUPS Browsing information into the network so that traditional remote CUPS clients can receive it, set "BrowseLocalProtocols CUPS" in /etc/cups/cups-browsed.conf and start cups-browsed.

Some printing filters and back-ends are dropped in CUPS but the new package cups-filters provides them. So cups-filters is usually needed (recommended by RPM) but cups-filters is not strictly required.

The cupsd configuration directives are split into two files: cupsd.conf (can also be modified via HTTP PUT e.g. via cupsctl) and cups-files.conf (can only be modified manually by root) to have better default protection against misuse of privileges by normal users who have been specifically allowed by root to do cupsd configuration changes (see http://www.cups.org/str.php?L4223 (http://www.cups.org/str.php?L4223), CVE-2012-5519, and bnc#789566).

CUPS banners and the CUPS test page are no longer supported since CUPS >= 1.6. The banners and the test page from cups-filters must be used. The CUPS banner files in /usr/share/cups/banners/ and the CUPS testpage /usr/share/cups/data/testprint (which is also a CUPS banner file type) are no longer provided in the cups RPM because they do no longer work since CUPS >= 1.6 (see http://www.cups.org/str.php?L4120 (http://www.cups.org/str.php?L4120) ) because there is no longer a filter that can convert the CUPS banner files. Since CUPS >= 1.6 only the banner files and testpage in the cups-filters package work via the cups-filters PDF workflow and the cups-filters package also provides the matching bannertopdf filter.

For details, see https://bugzilla.suse.com/show_bug.cgi?id=735404 (https://bugzilla.suse.com/show_bug.cgi?id=735404).

Traditional CUPS version 1.5.4 Provided in the Legacy Module

We provide the last traditional CUPS version 1.5.4 as "cups154" RPMs in the "legacy" module. If CUPS version 1.7 does not support particular needs, you can still use CUPS 1.5.4 (under the conditions of the "legacy" module). This could be important, if you need a traditional CUPS server with original CUPS Browsing features.

For those users any (semi)-automated CUPS version upgrade must be prohibited because CUPS > 1.5.4 has major incompatible changes compared to CUPS <= 1.5.4. Therefore the CUPS 1.5.4 RPM package name contains the version and it conflicts with higher versions. This way we avoid that an installed CUPS 1.5.4 gets accidentally replaced with a higher version. It is not possible to have different CUPS libraries versions installed at the same time.

The API in CUPS 1.7 is compatible with the CUPS 1.5.4 API (existing functions are not changed) but newer CUPS libraries provide some new functions. There could be applications that might use newer CUPS library functions so that such applications would require the current CUPS 1.7 libraries. It is not possible to use CUPS 1.5.4 together with applications that require the current CUPS 1.7 libraries.

PDF Now Common Printing Data Format

There is a general move away from PostScript to PDF as the standard print job format. This change is advocated by the OpenPrinting workgroup of the Linux Foundation and the CUPS author.

This means that application programs usually no longer produce PostScript output by default when printing but instead PDF.

As a consequence the default processing how application programs printing output is converted into the "language" that the particular printer accepts (the so called "CUPS filter chain") has fundamentally changed from a PostScript-centric workflow to a PDF-centric workflow.

Accordingly the upstream standard for CUPS under Linux (using CUPS plus the cups-filters package) is now PDF-based job processing, letting every non-PDF input be converted to PDF first, page management options being applied by a pdftopdf filter and Ghostscript being called with PDF as input.

With PDF as the standard print job format traditional PostScript printers can no longer print application's printing output directly so that a conversion step in the printing workflow is required that converts PDF into PostScript. But there are also PostScript+PDF printers that can print both PostScript and PDF directly.

For details, see the section "Common printing data formats" in the SUSE wiki article "Concepts printing" at http://en.opensuse.org/Concepts_printing (http://en.opensuse.org/Concepts_printing).

/etc/papersize no longer inherits settings from /etc/sysconfig/language when running SuSEconfig .

Set /etc/papersize directly, e.g.:

echo "letter" > /etc/papersize

For details, see man 5 groff_font ('papersize string').

This Module gives you a sneak-peak into our upcoming systems management toolbox which allows you to inspect systems remotely, store their system description and create new systems to deploy them in datacenters and clouds. The toolbox is still in active development and will get regular updates. We welcome feedback!

Access to this module is included in your SUSE Linux Enterprise Server subscription. The module has a different lifecycle than SUSE Linux Enterprise Server itself: as stability of APIs and ABIs is not yet guaranteed, we support this technology only on systems which apply all our updates to this channel in a timely manner.

The package is called machinery, for more information see Machinery Project Website (http://machinery-project.org/).

The Public Cloud Module is a collection of tools that enables you to create and manage cloud images from the commandline on SUSE Linux Enterprise Server. When building your own images with KIWI or SUSE Studio, initialization code specific to the target cloud is included in that image.

Access to the Public Cloud Module is included in your SUSE Linux Enterprise Server subscription. The module has a different lifecycle than SUSE Linux Enterprise Server itself. Packages usually follow the upstream development closely to enable you to take advantage of the most recent development in the public cloud space.

Via this Module you will have access to a more recent GCC and toolchain in addition to the default compiler of SUSE Linux Enterprise.

Access to the Toolchain Module is included in your SUSE Linux Enterprise Server subscription. The module has a different lifecycle than SUSE Linux Enterprise Server itself: once a year, packages in this module will be updated and older versions discontinued accordingly.

The SUSE Linux Enterprise Web and Scripting Module delivers a comprehensive suite of scripting languages, frameworks, and related tools helping developers and systems administrators accelerate the creation of stable, modern web applications, using dynamic languages, such as PHP, Ruby on Rails, and Python.

Access to the Web and Scripting Module is included in your SUSE Linux Enterprise Server subscription. The module has a different lifecycle than SUSE Linux Enterprise Server itself: Package versions in the this module are usually supported for at most three years. We are planning to release more recent versions in between these three years. The exact dates may differ per package.

The following KVM host operating system combinations will be fully supported (L3) for live migrating guests from one host to another:

The following KVM host operating system combinations will be fully supported (L3) for live migrating guests from one host to another, later when released:

All guests as outlined in the Virtualization Guide, chapter Supported VM Guests, are supported.

Backward migration is not supported:

KVM guests are able to see the new size of their disk after a resize on the host using the virsh blockresize command.

SLE 10 and SLE 11 use xend to manage guests. SLE 12 uses libxl to manage guests. Live migration from xend to libxl is not implemented, nothing in a libxl based tool stack is able to receive guests from xend. Furthermore, the data format which describes guest configuration differs slightly between xend and libxl.

The same applies to VMs managed by libvirtd because it uses either xend or libxl to manage a VM.

At this point live migration from xend based hosts (SLE 10/SLE 11) to libxl based hosts (SLE12) is not possible. Shutdown the guest on the SLE 11 host and start it again on the SLE 12 host. For more information about this xend/xm to xl/libxl, refer to the Official Virtualization Documentation.

For general information about the file system layout, see the Administration Guide, Chapter Snapper.

Additional Information

/run/media/<user_name> is now used as top directory for removable media mount points. It replaces /media which is no longer available.

The directory /run, also sym-linked as /var/run, is mounted as tmpfs and thus not persistent across reboots. Anything stored in this directory will be removed when the machine is shut down.