Jump to content
SUSE Linux Enterprise Desktop 12 SP4

Deployment Guide

Shows how to install single or multiple systems and how to exploit the product inherent capabilities for a deployment infrastructure. Choose from various approaches, ranging from a local installation or a network installation server to a mass deployment using a remote-controlled, highly-customized, and automated installation technique.

Publication Date: May 29, 2019
About This Guide
Required Background
Available Documentation
Feedback
Documentation Conventions
1 Planning for SUSE Linux Enterprise Desktop
1.1 Hardware Requirements
1.2 Reasons to Use SUSE Linux Enterprise Desktop
I Installation Preparation
2 Installation on AMD64 and Intel 64
2.1 System Requirements for Operating Linux
2.2 Installation Considerations
2.3 Boot and Installation Media
2.4 Installation Procedure
2.5 Controlling the Installation
2.6 Dealing with Boot and Installation Problems
II The Installation Workflow
3 Installation with YaST
3.1 Choosing the Installation Method
3.2 System Start-up for Installation
3.3 Steps of the Installation
3.4 Installer Self-Update
3.5 Language, Keyboard and License Agreement
3.6 Network Settings
3.7 SUSE Customer Center Registration
3.8 Extension Selection
3.9 Suggested Partitioning
3.10 Clock and Time Zone
3.11 Create New User
3.12 Password for the System Administrator root
3.13 Installation Settings
3.14 Performing the Installation
4 Cloning Disk Images
4.1 Cleaning Up Unique System Identifiers
III Setting Up an Installation Server
5 Setting Up the Server Holding the Installation Sources
5.1 Setting Up an Installation Server Using YaST
5.2 Setting Up an NFS Repository Manually
5.3 Setting Up an FTP Repository Manually
5.4 Setting Up an HTTP Repository Manually
5.5 Managing an SMB Repository
5.6 Using ISO Images of the Installation Media on the Server
6 Preparing the Boot of the Target System
6.1 Setting Up a DHCP Server
6.2 Setting Up a TFTP Server
6.3 Installing Files on TFTP Server
6.4 PXELINUX Configuration Options
6.5 Preparing the Target System for PXE Boot
6.6 Preparing the Target System for Wake on LAN
6.7 Wake on LAN
6.8 Wake on LAN with YaST
6.9 Booting from CD or USB Drive Instead of PXE
IV Remote Installation
7 Remote Installation
7.1 Installation Scenarios for Remote Installation
7.2 Booting the Target System for Installation
7.3 Monitoring the Installation Process
V Initial System Configuration
8 Setting Up Hardware Components with YaST
8.1 Setting Up Your System Keyboard Layout
8.2 Setting Up Sound Cards
8.3 Setting Up a Printer
8.4 Setting Up a Scanner
9 Advanced Disk Setup
9.1 Using the YaST Partitioner
9.2 LVM Configuration
9.3 Soft RAID Configuration with YaST
10 Installing or Removing Software
10.1 Definition of Terms
10.2 Registering an Installed System
10.3 Using the YaST Software Manager
10.4 Managing Software Repositories and Services
10.5 Keeping the System Up-to-date
11 Installing Modules, Extensions, and Third Party Add-On Products
11.1 List of Optional Modules
11.2 Installing Modules and Extensions from Online Channels
11.3 Installing Extensions and Third Party Add-On Products from Media
11.4 SUSE Software Development Kit (SDK) 12 SP4
11.5 SUSE Package Hub
12 Installing Multiple Kernel Versions
12.1 Enabling and Configuring Multiversion Support
12.2 Installing/Removing Multiple Kernel Versions with YaST
12.3 Installing/Removing Multiple Kernel Versions with Zypper
13 Managing Users with YaST
13.1 User and Group Administration Dialog
13.2 Managing User Accounts
13.3 Additional Options for User Accounts
13.4 Changing Default Settings for Local Users
13.5 Assigning Users to Groups
13.6 Managing Groups
13.7 Changing the User Authentication Method
14 Changing Language and Country Settings with YaST
14.1 Changing the System Language
14.2 Changing the Country and Time Settings
VI Updating and Upgrading SUSE Linux Enterprise
15 Life Cycle and Support
15.1 Terminology
15.2 Product Life Cycle
15.3 Module Life Cycles
15.4 Generating Periodic Life Cycle Report
15.5 Support Levels
15.6 Repository Model
16 Upgrading SUSE Linux Enterprise
16.1 Supported Upgrade Paths to SLE 12 SP4
16.2 Online and Offline Upgrade
16.3 Preparing the System
17 Upgrading Offline
17.1 Conceptual Overview
17.2 Starting the Upgrade from an Installation Medium
17.3 Starting the Upgrade from a Network Source
17.4 Enabling Automatic Upgrade
17.5 Upgrading SUSE Linux Enterprise
17.6 Updating via SUSE Manager
17.7 Updating Registration Status after Rollback
17.8 Registering Your System
18 Upgrading Online
18.1 Conceptual Overview
18.2 Service Pack Migration Workflow
18.3 Canceling Service Pack Migration
18.4 Upgrading with the Online Migration Tool (YaST)
18.5 Upgrading with Zypper
18.6 Upgrading with Plain Zypper
18.7 Rolling Back a Service Pack
19 Backporting Source Code
19.1 Reasons for Backporting
19.2 Reasons against Backports
19.3 The Implications of Backports for Interpreting Version Numbers
19.4 How to Check Which Bugs are Fixed and Which Features are Backported and Available
A Documentation Updates
A.1 December 2018 (Initial Release of SUSE Linux Enterprise Desktop 12 SP4)
A.2 October 2018 (Documentation Maintenance Update for SUSE Linux Enterprise Desktop 12 SP3)
A.3 September 2017 (Initial Release of SUSE Linux Enterprise Desktop 12 SP3)
A.4 April 2017 (Documentation Maintenance Release)
A.5 November 2016 (Initial Release of SUSE Linux Enterprise Desktop 12 SP2)
A.6 March 2016 (Documentation Maintenance Release)
A.7 December 2015 (Initial Release of SUSE Linux Enterprise Desktop 12 SP1)
A.8 February 2015 (Documentation Maintenance Release)
A.9 October 2014 (Initial Release of SUSE Linux Enterprise Desktop 12)
B GNU Licenses
B.1 GNU Free Documentation License

Copyright © 2006– 2019 SUSE LLC and contributors. All rights reserved.

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or (at your option) version 1.3; with the Invariant Section being this copyright notice and license. A copy of the license version 1.2 is included in the section entitled GNU Free Documentation License.

For SUSE trademarks, see http://www.suse.com/company/legal/. All other third-party trademarks are the property of their respective owners. Trademark symbols (®, ™ etc.) denote trademarks of SUSE and its affiliates. Asterisks (*) denote third-party trademarks.

All information found in this book has been compiled with utmost attention to detail. However, this does not guarantee complete accuracy. Neither SUSE LLC, its affiliates, the authors nor the translators shall be held liable for possible errors or the consequences thereof.

About This Guide

Installations of SUSE Linux Enterprise Desktop are possible in different ways. It is impossible to cover all combinations of boot, or installation server, automated installations or deploying images. This manual should help with selecting the appropriate method of deployment for your installation.

Part II, “The Installation Workflow”

Most tasks that are needed during installations are described here. This includes the manual setup of your computer and installation of additional software.

Part III, “Setting Up an Installation Server”

SUSE® Linux Enterprise Desktop can be installed in different ways. Apart from the usual media installation, you can choose from various network-based approaches. This part describes setting up an installation server and how to prepare the boot of the target system for installation.

Part IV, “Remote Installation”

This part introduces the most common installation scenarios for remote installations. While some still require user interaction or some degree of physical access to the target system, others are completely automated and hands-off. Learn which approach is best for your scenario.

Part V, “Initial System Configuration”

Learn how to configure your system after installation. This part covers common tasks like setting up hardware components, installing or removing software, managing users, or changing settings with YaST.

Part VI, “Updating and Upgrading SUSE Linux Enterprise”

This part will give you some background information on terminology, SUSE product lifecycles and Service Pack releases, and recommended upgrade policies.

1 Required Background

To keep the scope of these guidelines manageable, certain technical assumptions have been made:

  • You have some computer experience and are familiar with common technical terms.

  • You are familiar with the documentation for your system and the network on which it runs.

  • You have a basic understanding of Linux systems.

2 Available Documentation

Note
Note: Online Documentation and Latest Updates

Documentation for our products is available at http://www.suse.com/documentation/, where you can also find the latest updates, and browse or download the documentation in various formats.

In addition, the product documentation is usually available in your installed system under /usr/share/doc/manual.

The following documentation is available for this product:

Article “Installation Quick Start

Lists the system requirements and guides you step-by-step through the installation of SUSE Linux Enterprise Desktop from DVD, or from an ISO image.

Deployment Guide

Shows how to install single or multiple systems and how to exploit the product inherent capabilities for a deployment infrastructure. Choose from various approaches, ranging from a local installation or a network installation server to a mass deployment using a remote-controlled, highly-customized, and automated installation technique.

Book “Administration Guide

Covers system administration tasks like maintaining, monitoring and customizing an initially installed system.

Book “Security Guide

Introduces basic concepts of system security, covering both local and network security aspects. Shows how to use the product inherent security software like AppArmor or the auditing system that reliably collects information about any security-relevant events.

Book “System Analysis and Tuning Guide

An administrator's guide for problem detection, resolution and optimization. Find how to inspect and optimize your system by means of monitoring tools and how to efficiently manage resources. Also contains an overview of common problems and solutions and of additional help and documentation resources.

Book “GNOME User Guide

Introduces the GNOME desktop of SUSE Linux Enterprise Desktop. It guides you through using and configuring the desktop and helps you perform key tasks. It is intended mainly for end users who want to make efficient use of GNOME as their default desktop.

3 Feedback

Several feedback channels are available:

Bugs and Enhancement Requests

For services and support options available for your product, refer to http://www.suse.com/support/.

Help for openSUSE is provided by the community. Refer to https://en.opensuse.org/Portal:Support for more information.

To report bugs for a product component, go to https://scc.suse.com/support/requests, log in, and click Create New.

User Comments

We want to hear your comments about and suggestions for this manual and the other documentation included with this product. Use the User Comments feature at the bottom of each page in the online documentation or go to http://www.suse.com/documentation/feedback.html and enter your comments there.

Mail

For feedback on the documentation of this product, you can also send a mail to doc-team@suse.com. Make sure to include the document title, the product version and the publication date of the documentation. To report errors or suggest enhancements, provide a concise description of the problem and refer to the respective section number and page (or URL).

4 Documentation Conventions

The following notices and typographical conventions are used in this documentation:

  • /etc/passwd: directory names and file names

  • PLACEHOLDER: replace PLACEHOLDER with the actual value

  • PATH: the environment variable PATH

  • ls, --help: commands, options, and parameters

  • user: users or groups

  • package name : name of a package

  • Alt, AltF1: a key to press or a key combination; keys are shown in uppercase as on a keyboard

  • File, File › Save As: menu items, buttons

  • Dancing Penguins (Chapter Penguins, ↑Another Manual): This is a reference to a chapter in another manual.

  • Commands that must be run with root privileges. Often you can also prefix these commands with the sudo command to run them as non-privileged user.

    root # command
    tux > sudo command
  • Commands that can be run by non-privileged users.

    tux > command
  • Notices

    Warning
    Warning: Warning Notice

    Vital information you must be aware of before proceeding. Warns you about security issues, potential loss of data, damage to hardware, or physical hazards.

    Important
    Important: Important Notice

    Important information you should be aware of before proceeding.

    Note
    Note: Note Notice

    Additional information, for example about differences in software versions.

    Tip
    Tip: Tip Notice

    Helpful information, like a guideline or a piece of practical advice.

1 Planning for SUSE Linux Enterprise Desktop

This chapter is addressed mainly to corporate system administrators who face the task of having to deploy SUSE® Linux Enterprise Desktop at their site. Rolling out SUSE Linux Enterprise Desktop to an entire site should involve careful planning and consideration of the following questions:

For which purpose will the SUSE Linux Enterprise Desktop workstations be used?

Determine the purpose for which SUSE Linux Enterprise Desktop should be used and make sure that hardware and software with the ability to match these requirements are used. Consider testing your setup on a single machine before rolling it out to the entire site.

How many workstations should be installed?

Determine the scope of your deployment of SUSE Linux Enterprise Desktop. Depending on the number of installations planned, consider different approaches to the installation or even a mass installation using SUSE Linux Enterprises unique AutoYaST or KIWI technology.

How do you get software updates for your deployment?

All patches provided by SUSE for your product are available for download to registered users at http://download.suse.com/.

Do you need help for your local deployment?

SUSE provides training, support, and consulting for all topics pertaining to SUSE Linux Enterprise Desktop. Find more information about this at http://www.suse.com/products/desktop/.

1.1 Hardware Requirements

For a standard installation of SUSE Linux Enterprise Desktop, including the desktop environment and a wealth of applications, the following configuration is recommended:

  • Intel Pentium IV, 2.4 GHz or higher or any AMD64 or Intel 64 processor

  • 1–2 physical CPUs

  • 512 MB physical RAM or higher

  • 3 GB of available disk space or more

  • 1024 x 768 display resolution (or higher)

1.2 Reasons to Use SUSE Linux Enterprise Desktop

Let the following items guide you in your selection of SUSE Linux Enterprise Desktop and determining the purpose of the installed systems:

Wealth of Applications

SUSE Linux Enterprise Desktop's broad offer of software makes it appeal to both professional users in a corporate environment and to home users or users in smaller networks.

Ease of Use

SUSE Linux Enterprise Desktop comes with the enterprise-ready desktop environment GNOME. It enables users to comfortably adjust to a Linux system while maintaining their efficiency and productivity. To explore GNOME in detail, refer to the Book “GNOME User Guide.

Support for Mobile Users

With the NetworkManager technology fully integrated into SUSE Linux Enterprise Desktop and its two desktop environments, mobile users will enjoy the freedom of easily joining and switching wired and wireless networks.

Seamless Integration into Existing Networks

SUSE Linux Enterprise Desktop was designed to be a versatile network citizen. It cooperates with various different network types:

Pure Linux Networks.  SUSE Linux Enterprise Desktop is a complete Linux client and supports all the protocols used in traditional Linux and Unix* environments. It integrates well with networks consisting of other SUSE Linux or SUSE Linux Enterprise machines. LDAP, NIS, and local authentication are supported.

Windows Networks.  SUSE Linux Enterprise Desktop supports Active Directory as an authentication source. It offers you all the advantages of a secure and stable Linux operating system plus convenient interaction with other Windows clients, as well as the means to manipulate your Windows user data from a Linux client. Explore this feature in detail in Book “Security Guide”, Chapter 7 “Active Directory Support”.

Application Security with AppArmor

SUSE Linux Enterprise Desktop enables you to secure your applications by enforcing security profiles tailor-made for your applications. To learn more about AppArmor, refer to http://www.suse.com/documentation/apparmor/.

Part I Installation Preparation

2 Installation on AMD64 and Intel 64

This chapter describes the steps necessary to prepare for the installation of SUSE Linux Enterprise Desktop on AMD64 and Intel 64 computers. It introduces the steps required to prepare for various installation methods. The list of hardware requirements provides an overview of systems supported by SUSE Linux Enterprise Server. Find information about available installation methods and several common known problems. Also learn how to control the installation, provide installation media, and boot with regular methods.

2 Installation on AMD64 and Intel 64

Abstract

This chapter describes the steps necessary to prepare for the installation of SUSE Linux Enterprise Desktop on AMD64 and Intel 64 computers. It introduces the steps required to prepare for various installation methods. The list of hardware requirements provides an overview of systems supported by SUSE Linux Enterprise Server. Find information about available installation methods and several common known problems. Also learn how to control the installation, provide installation media, and boot with regular methods.

2.1 System Requirements for Operating Linux

The SUSE® Linux Enterprise Server operating system can be deployed on a wide range of hardware. It is impossible to list all the different combinations of hardware SUSE Linux Enterprise Server supports. However, to provide you with a guide to help you during the planning phase, the minimum requirements are presented here.

If you want to be sure that a given computer configuration will work, find out which platforms have been certified by SUSE. Find a list at https://www.suse.com/yessearch/.

2.1.1 Hardware for Intel 64 and AMD64

The Intel 64 and AMD64 architectures support the simple migration of x86 software to 64 bits. Like the x86 architecture, they constitute a value-for-money alternative.

CPU

All CPUs available on the market to date are supported.

Maximum Number of CPUs

The maximum number of CPUs supported by software design is 8192 for Intel 64 and AMD64. If you plan to use such a large system, verify with our hardware system certification Web page for supported devices, see https://www.suse.com/yessearch/.

Memory Requirements

A minimum of 512 MB of memory is required for a minimal installation. However, the minimum recommended is 1024 MB or 512 MB per CPU on multiprocessor computers. Add 150 MB for a remote installation via HTTP or FTP. Note that these values are only valid for the installation of the operating system—the actual memory requirement in production depends on the system's workload.

Hard Disk Requirements

The disk requirements depend largely on the installation selected and how you use your machine. Minimum requirements for different selections are:

System

Hard Disk Requirements

Minimal System

800 MB - 1GB

Minimal X Window System

1.4 GB

GNOME Desktop

3.5 GB

All patterns

8.5 GB

Using snapshots for virtualization

min. 8 GB

Boot Methods

The computer can be booted from a CD or a network. A special boot server is required to boot over the network. This can be set up with SUSE Linux Enterprise Server.

2.2 Installation Considerations

This section encompasses many factors that need to be considered before installing SUSE Linux Enterprise Desktop on AMD64 and Intel 64 hardware.

2.2.1 Installation Type

SUSE Linux Enterprise Desktop is normally installed as an independent operating system. With the introduction of Virtualization, it is also possible to run multiple instances of SUSE Linux Enterprise Server on the same hardware. However, the installation of the VM Host Server is performed like a typical installation with some additional packages.

2.2.2 Boot Methods

Depending on the hardware used, the following boot methods are available for the first boot procedure (prior to the installation of SUSE Linux Enterprise Server).

Table 2.1: Boot Options

Boot Option

Use

CD or DVD drive

The simplest booting method. The system requires a locally-available CD-ROM or DVD-ROM drive for this.

Flash disks

Find the images required for creating boot disks on the first CD or DVD in the /boot directory. See also the README in the same directory. Booting from a USB memory stick is only possible if the BIOS of the machine supports this method.

PXE or bootp

Must be supported by the BIOS or by the firmware of the system used. This option requires a boot server in the network. This task can be handled by a separate SUSE Linux Enterprise Server.

Hard disk

SUSE Linux Enterprise Desktop can also be booted from hard disk. For this, copy the kernel (linux) and the installation system (initrd) from the /boot/loader directory of the first CD or DVD onto the hard disk and add an appropriate entry to the boot loader.

2.2.3 Installation Source

When installing SUSE Linux Enterprise Desktop, the actual installation data must be available in the network, on a hard disk partition, or on a local DVD. To install from the network, you need an installation server. To make the installation data available, set up any computer in a Unix or Linux environment as an NFS, HTTP, SMB, or FTP server. To make the installation data available from a Windows computer, release the data with SMB.

The installation source is particularly easy to select if you configure an SLP server in the local network. For more information, see Chapter 5, Setting Up the Server Holding the Installation Sources.

2.2.4 Installation Target

Most installations are to a local hard disk. Therefore, it is necessary for the hard disk controllers to be available to the installation system. If a special controller (like a RAID controller) needs an extra kernel module, provide a kernel module update disk to the installation system.

Other installation targets may be various types of block devices that provide sufficient disk space and speed to run an operating system. This includes network block devices like iSCSI or SAN. It is also possible to install on network file systems that offer the standard Unix permissions. However, it may be problematic to boot these, because they must be supported by the initramfs before the actual system can start. Such installations can be useful when you need to start the same system in different locations or you plan to use virtualization features like domain migration.

2.2.5 Different Installation Methods

SUSE Linux Enterprise Desktop offers several methods for controlling installation:

  • Installation on the console

  • Installation via serial console

  • Installation with AutoYaST

  • Installation with KIWI images

  • Installation via SSH

  • Installation with VNC

By default, the graphical console is used. If you have many similar computers to install, it is advisable to create an AutoYaST configuration file or a KIWI preload image and make this available to the installation process. See also the documentation for AutoYaST at https://www.suse.com/documentation/sles-12/book_autoyast/data/book_autoyast.html and KIWI at http://doc.opensuse.org/projects/kiwi/doc/.

2.3 Boot and Installation Media

When installing the system, the media for booting and for installing the system may be different. All combinations of supported media for booting and installing may be used.

2.3.1 Boot Media

Booting a computer depends on the capabilities of the hardware used and the availability of media for the respective boot option.

Booting from DVD

This is the most common possibility of booting a system. It is straightforward for most computer users, but requires a lot of interaction for every installation process.

Booting from a USB Hard Disk

Depending on the hardware used, it is possible to boot from a USB hard disk. The respective media must be created as described in Section 3.2.1, “PC (AMD64/Intel 64/ARM AArch64): System Start-up”.

Booting from the Network

You can only boot a computer directly from the network if this is supported by the computer's firmware or BIOS. This booting method requires a boot server that provides the needed boot images over the network. The exact protocol depends on your hardware. Commonly you need several services, such as TFTP and DHCP or PXE boot. If you need a boot server, also read Section 7.1.3, “Remote Installation via VNC—PXE Boot and Wake on LAN”.

2.3.2 Installation Media

The installation media contain all the necessary packages and meta information that is necessary to install a SUSE Linux Enterprise Desktop. These must be available to the installation system after booting for installation. Several possibilities for providing the installation media to the system are available with SUSE Linux Enterprise Desktop.

Installation from DVD

All necessary data is delivered on the boot media. Depending on the selected installation, a network connection or add-on media may be necessary.

Networked Installation

If you plan to install several systems, providing the installation media over the network makes things a lot easier. It is possible to install from many common protocols, such as NFS, HTTP, FTP, or SMB. For more information on how to run such an installation, refer to Chapter 7, Remote Installation.

2.4 Installation Procedure

This section offers an overview of the steps required for the complete installation of SUSE® Linux Enterprise Desktop in the required mode. Part II, “The Installation Workflow” contains a full description of how to install and configure the system with YaST.

2.4.1 Booting from a Local Interchangeable Drive

DVD-ROM and USB storage devices can be used for installation purposes. Adjust your computer to your needs:

  1. Make sure that the drive is entered as a bootable drive in the BIOS.

  2. Insert the boot medium in the drive and start the boot procedure.

  3. The installation boot menu of SUSE Linux Enterprise Desktop allows transferring different parameters to the installation system. See also Section 7.2.2, “Using Custom Boot Options”. If the installation should be performed over the network, specify the installation source here.

  4. If unexpected problems arise during installation, use safe settings to boot.

2.4.2 Installing over the Network

An installation server is required to perform the installation by using a network source. The procedure for installing this server is outlined in Chapter 5, Setting Up the Server Holding the Installation Sources.

If you have an SLP server, select SLP as the installation source in the first boot screen. During the boot procedure, select which of the available installation sources to use.

If the DVD is available on the network, use it as an installation source. In this case, specify the parameter install=<URL> with suitable values at the boot prompt. Find a more detailed description of this parameter in Section 7.2.2, “Using Custom Boot Options”.

2.5 Controlling the Installation

Control the installation in one of several ways. The method most frequently used is to install SUSE® Linux Enterprise Desktop from the computer console. Other options are available for different situations.

2.5.1 Installation on the Computer Console

The simplest way to install SUSE Linux Enterprise Desktop is using the computer console. With this method, a graphical installation program guides you through the installation. This installation method is discussed in detail in Chapter 3, Installation with YaST.

You can still perform the installation on the console without a working graphics mode. The text-based installation program offers the same functionality as the graphical version. Find some hints about navigation in this mode in Book “Administration Guide”, Chapter 5 “YaST in Text Mode”, Section 5.1 “Navigation in Modules”.

2.5.2 Installation Using a Serial Console

For this installation method, you need a second computer that is connected by a null modem cable to the computer on which to install SUSE Linux Enterprise Desktop. Depending on the hardware, even the firmware or BIOS of the computer may already be accessible to the serial console. If this is possible, you can carry out the entire installation using this method. To activate the serial console installation, specify the additional console=ttyS0 parameter at the boot prompt. This should be done after the boot process has completed and before the installation system starts.

On most computers, there are two serial interfaces, ttyS0 and ttyS1. For the installation, you need a terminal program like minicom or screen. To initiate the serial connection, launch the screen program in a local console by entering the following command:

screen /dev/ttyS0 9600

This means that screen listens to the first serial port with a baud rate of 9600. From this point on, the installation proceeds similarly to the text-based installation over this terminal.

2.5.3 Installation with SSH

If you do not have direct access to the machine and initiated the installation from a management console, you can control the entire installation process over the network. To do this, enter the parameters ssh=1 and ssh.password=SECRET at the boot prompt. An SSH daemon is then launched in the system and you can log in as user root with the password SECRET.

To connect, use ssh -X. X-Forwarding over SSH is supported, if you have a local X server available. Otherwise, YaST provides a text interface over ncurses. YaST then guides you through the installation. This procedure is described in detail in Section 7.1.5, “Simple Remote Installation via SSH—Dynamic Network Configuration”.

If you do not have a DHCP server available in your local network, manually assign an IP address to the installation system. Do this by entering the option HostIP=IPADDR at the boot prompt.

2.5.4 Installation over VNC

If you do not have direct access to the system, but want a graphical installation, install SUSE Linux Enterprise Desktop over VNC. This method is described in detail in Section 7.3.1, “VNC Installation”.

As suitable VNC clients are also available for other operating systems, such as Microsoft Windows and mac OS, the installation can also be controlled from computers running those operating systems.

2.5.5 Installation with AutoYaST

If you need to install SUSE Linux Enterprise Desktop on several computers with similar hardware, it is recommended you perform the installations using AutoYaST. In this case, start by installing one SUSE Linux Enterprise Desktop and use this to create the necessary AutoYaST configuration files.

AutoYaST is extensively documented at https://www.suse.com/documentation/sles-12/book_autoyast/data/book_autoyast.html .

2.6 Dealing with Boot and Installation Problems

Prior to delivery, SUSE® Linux Enterprise Desktop is subjected to an extensive test program. Despite this, problems occasionally occur during boot or installation.

2.6.1 Problems Booting

Boot problems may prevent the YaST installer from starting on your system. Another symptom is when your system does not boot after the installation has been completed.

Installed System Boots, Not Media

Change your computer's firmware or BIOS so that the boot sequence is correct. To do this, consult the manual for your hardware.

The Computer Hangs

Change the console on your computer so that the kernel outputs are visible. Be sure to check the last outputs. This is normally done by pressing CtrlAltF10. If you cannot resolve the problem, consult the SUSE Linux Enterprise Desktop support staff. To log all system messages at boot time, use a serial connection as described in Section 2.5, “Controlling the Installation”.

Boot Disk

The boot disk is a useful interim solution if you have difficulties setting the other configurations or if you want to postpone the decision regarding the final boot mechanism. For more details on creating boot disks, see Book “Administration Guide”, Chapter 13 “The Boot Loader GRUB 2” grub2-mkrescue.

Virus Warning after Installation

There are BIOS variants that check the structure of the boot sector (MBR) and erroneously display a virus warning after the installation of GRUB 2. Solve this problem by entering the BIOS and looking for corresponding adjustable settings. For example, switch off virus protection. You can switch this option back on again later. It is unnecessary, however, if Linux is the only operating system you use.

2.6.2 Problems Installing

If an unexpected problem occurs during installation, information is needed to determine the cause of the problem. Use the following directions to help with troubleshooting:

  • Check the outputs on the various consoles. You can switch consoles with the key combination CtrlAltFn. For example, obtain a shell in which to execute various commands by pressing CtrlAltF2.

  • Try launching the installation with Safe Settings (press F5 on the installation screen and choose Safe Settings). If the installation works without problems in this case, there is an incompatibility that causes either ACPI or APIC to fail. In some cases, a BIOS or firmware update fixes this problem.

  • Check the system messages on a console in the installation system by entering the command dmesg -T.

2.6.3 Redirecting the Boot Source to the Boot DVD

To simplify the installation process and avoid accidental installations, the default setting on the installation DVD for SUSE Linux Enterprise Desktop is that your system is booted from the first hard disk. At this point, an installed boot loader normally takes over control of the system. This means that the boot DVD can stay in the drive during an installation. To start the installation, choose one of the installation possibilities in the boot menu of the media.

Part II The Installation Workflow

3 Installation with YaST

Install your SUSE® Linux Enterprise Desktop system with YaST, the central tool for installation and configuration of your system. YaST guides you through the installation process of your system. If you are a first-time user of SUSE Linux Enterprise Desktop, you might want to follow the default YaST proposals in most parts, but you can also adjust the settings as described here to fine-tune your system according to your preferences. Help for each installation step is provided by clicking Help.

During the installation process, YaST analyzes both your current system settings and your hardware components. Based on this analysis your system will be set up with a basic configuration including networking (provided the system could be configured using DHCP). To fine-tune the system after the installation has finished, start YaST from the installed system.

4 Cloning Disk Images

If SUSE Linux Enterprise Desktop is installed in a virtualized environment, cloning an existing installation may be the fastest way to deploy further machines. SUSE Linux Enterprise Desktop provides a script to clean up configuration that is unique to each installation. With the introduction of syst…

3 Installation with YaST

Abstract

Install your SUSE® Linux Enterprise Desktop system with YaST, the central tool for installation and configuration of your system. YaST guides you through the installation process of your system. If you are a first-time user of SUSE Linux Enterprise Desktop, you might want to follow the default YaST proposals in most parts, but you can also adjust the settings as described here to fine-tune your system according to your preferences. Help for each installation step is provided by clicking Help.

During the installation process, YaST analyzes both your current system settings and your hardware components. Based on this analysis your system will be set up with a basic configuration including networking (provided the system could be configured using DHCP). To fine-tune the system after the installation has finished, start YaST from the installed system.

3.1 Choosing the Installation Method

After having selected the installation medium, determine the suitable installation method and boot option that best matches your needs:

Installing from the SUSE Linux Enterprise Desktop Media (DVD, USB)

Choose this option if you want to perform a stand-alone installation and do not want to rely on a network to provide the installation data or the boot infrastructure. The installation proceeds exactly as outlined in Section 3.3, “Steps of the Installation”.

Installing from the Live CD

To install from a Live CD, boot the live system from CD. In the running system, launch the installation routine by clicking the Install icon on the desktop. The installation will be executed in a window on the desktop. It is not possible to update an existing system with a Live CD, you can only perform an installation from scratch.

Installing from a Network Server

Choose this option if you have an installation server available in your network or want to use an external server as the source of your installation data. This setup can be configured to boot from physical media (flash disk, CD/DVD, or hard disk) or configured to boot via network using PXE/BOOTP. Refer to Section 3.2, “System Start-up for Installation” for details.

The installation program configures the network connection with DHCP and retrieves the location of the network installation source from the OpenSLP server. If no DHCP is available, choose F4 Source › Network Config › Manual and enter the network data. On EFI systems modify the network boot parameters as described in Section 3.2.1.2, “The Boot Screen on Machines Equipped with UEFI”.

Installing from an SLP Server.  If your network setup supports OpenSLP and your network installation source has been configured to announce itself via SLP (described in Chapter 5, Setting Up the Server Holding the Installation Sources), boot the system, press F4 in the boot screen and select SLP from the menu. On EFI systems set the install parameter to install=slp:/ as described in Section 3.2.1.2, “The Boot Screen on Machines Equipped with UEFI”.

Installing from a Network Source without SLP.  If your network setup does not support OpenSLP for the retrieval of network installation sources, boot the system and press F4 in the boot screen to select the desired network protocol (NFS, HTTP, FTP, or SMB/CIFS) and provide the server's address and the path to the installation media. On EFI systems modify the boot parameter install= as described in Section 3.2.1.2, “The Boot Screen on Machines Equipped with UEFI”.

Installing as a SUSE Linux Enterprise Server Extension

Choose this option if you want to install SUSE Linux Enterprise Desktop on top of SUSE Linux Enterprise Server. Install SUSE Linux Enterprise Server, register at the SUSE Customer Center and choose the SUSE Linux Enterprise Workstation Extension on the Extension Selection screen.

3.2 System Start-up for Installation

The way the system is started for the installation depends on the architecture—system start-up is different for PC (AMD64/Intel 64) or mainframe, for example. If you install SUSE Linux Enterprise Desktop as a VM Guest on a KVM or Xen hypervisor, follow the instructions for the AMD64/Intel 64 architecture.

3.2.1 PC (AMD64/Intel 64/ARM AArch64): System Start-up

SUSE Linux Enterprise Desktop supports several boot options from which you can choose, depending on the hardware available and on the installation scenario you prefer. Booting from the SUSE Linux Enterprise Desktop media is the most straightforward option, but special requirements might call for special setups:

Table 3.1: Boot Options

Boot Option

Description

DVD

This is the easiest boot option. This option can be used if the system has a local DVD-ROM drive that is supported by Linux.

Flash Disks (USB Mass Storage Device)

In case your machine is not equipped with an optical drive, you can boot the installation image from a flash disk. To create a bootable flash disk, you need to copy either the DVD or the Mini CD ISO image to the device using the dd command (the flash disk must not be mounted, all data on the device will be erased):

dd if=PATH_TO_ISO_IMAGE of=USB_STORAGE_DEVICE bs=4M
Important
Important: Compatibility

Note that booting from a USB Mass Storage Device is not supported on UEFI machines and on the POWER architecture.

PXE or BOOTP

Booting over the network must be supported by the system's BIOS or firmware, and a boot server must be available in the network. This task can also be handled by another SUSE Linux Enterprise Desktop system. Refer to Chapter 7, Remote Installation for more information.

Hard Disk

SUSE Linux Enterprise Desktop installation can also be booted from the hard disk. To do this, copy the kernel (linux) and the installation system (initrd) from the directory /boot/ARCHITECTURE/ on the installation media to the hard disk and add an appropriate entry to the existing boot loader of a previous SUSE Linux Enterprise Desktop installation.

Tip
Tip: Booting from DVD on UEFI Machines

DVD1 can be used as a boot medium for machines equipped with UEFI (Unified Extensible Firmware Interface). Refer to your vendor's documentation for specific information. If booting fails, try to enable CSM (Compatibility Support Module) in your firmware.

Note
Note: Add-on Product Installation Media

Media for add-on products (extensions or third-party products) cannot be used as stand-alone installation media. They can either be embedded as additional installation sources during the installation process (see Section 3.8, “Extension Selection”) or be installed from the running system using the YaST Add-on Products module (see Chapter 11, Installing Modules, Extensions, and Third Party Add-On Products for details).

3.2.1.1 The Boot Screen on Machines Equipped with Traditional BIOS

The boot screen displays several options for the installation procedure. Boot from Hard Disk boots the installed system and is selected by default, because the CD is often left in the drive. Select one of the other options with the arrow keys and press Enter to boot it. The relevant options are:

Installation

The normal installation mode. All modern hardware functions are enabled. In case the installation fails, see F5Kernel for boot options that disable potentially problematic functions.

Upgrade

Perform a system upgrade. For more information refer to Chapter 16, Upgrading SUSE Linux Enterprise.

Rescue System

Starts a minimal Linux system without a graphical user interface. For more information, see Book “Administration Guide”, Chapter 35 “Common Problems and Their Solutions”, Section 35.6.2 “Using the Rescue System”. This option is not available on LiveCDs.

Check Installation Media

This option is only available when you install from media created from downloaded ISOs. In this case it is recommended to check the integrity of the installation medium. This option starts the installation system before automatically checking the media. In case the check was successful, the normal installation routine starts. If a corrupt media is detected, the installation routine aborts.

Warning
Warning: Failure of Media Check

If the media check fails, your medium is damaged. Do not continue the installation because installation may fail or you may lose your data. Replace the broken medium and restart the installation process.

Memory Test

Tests your system RAM using repeated read and write cycles. Terminate the test by rebooting. For more information, see Book “Administration Guide”, Chapter 35 “Common Problems and Their Solutions”, Section 35.2.4 “Fails to Boot”. This option is not available on the Live CDs.

The Boot Screen on Machines with a Traditional BIOS
Figure 3.1: The Boot Screen on Machines with a Traditional BIOS

Use the function keys shown at the bottom of the screen to change the language, screen resolution, installation source or to add an additional driver from your hardware vendor:

F1Help

Get context-sensitive help for the active element of the boot screen. Use the arrow keys to navigate, Enter to follow a link, and Esc to leave the help screen.

F2Language

Select the display language and a corresponding keyboard layout for the installation. The default language is English (US).

F3Video Mode

Select various graphical display modes for the installation. By Default the video resolution is automatically determined using KMS (Kernel Mode Setting). If this setting does not work on your system, choose No KMS and, optionally, specify vga=ask on the boot command line to get prompted for the video resolution. Choose Text Mode if the graphical installation causes problems.

F4Source

Normally, the installation is performed from the inserted installation medium. Here, select other sources, like FTP or NFS servers. If the installation is deployed on a network with an SLP server, select an installation source available on the server with this option. Find information about setting up an installation server with SLP at Chapter 5, Setting Up the Server Holding the Installation Sources.

F5Kernel

If you encounter problems with the regular installation, this menu offers to disable a few potentially problematic functions. If your hardware does not support ACPI (advanced configuration and power interface) select No ACPI to install without ACPI support. No local APIC disables support for APIC (Advanced Programmable Interrupt Controllers) which may cause problems with some hardware. Safe Settings boots the system with the DMA mode (for CD/DVD-ROM drives) and power management functions disabled.

If you are not sure, try the following options first: Installation—ACPI Disabled or Installation—Safe Settings. Experts can also use the command line (Boot Options) to enter or change kernel parameters.

F6Driver

Press this key to notify the system that you have an optional driver update for SUSE Linux Enterprise Desktop. With File or URL, load drivers directly before the installation starts. If you select Yes, you are prompted to insert the update disk at the appropriate point in the installation process.

Tip
Tip: Getting Driver Update Disks

Driver updates for SUSE Linux Enterprise are provided at http://drivers.suse.com/. These drivers have been created via the SUSE SolidDriver Program.

3.2.1.2 The Boot Screen on Machines Equipped with UEFI

UEFI (Unified Extensible Firmware Interface) is a new industry standard which replaces and extends the traditional BIOS. The latest UEFI implementations contain the Secure Boot extension, which prevents booting malicious code by only allowing signed boot loaders to be executed. See Book “Administration Guide”, Chapter 12 “UEFI (Unified Extensible Firmware Interface)” for more information.

The boot manager GRUB 2, used to boot machines with a traditional BIOS, does not support UEFI, therefore GRUB 2 is replaced with GRUB 2 for EFI. If Secure Boot is enabled, YaST will automatically select GRUB 2 for EFI for installation. From an administrative and user perspective, both boot manager implementations behave the same and are called GRUB 2 in the following.

Tip
Tip: UEFI and Secure Boot are Supported by Default

The installation routine of SUSE Linux Enterprise Desktop automatically detects if the machine is equipped with UEFI. All installation sources also support Secure Boot. If an EFI system partition already exists on dual boot machines (from a Microsoft Windows 8 installation, for example), it will automatically be detected and used. Partition tables will be written as GPT on UEFI systems.

Warning
Warning: Using Non-Inbox Drivers with Secure Boot

There is no support for adding non-inbox drivers (that is, drivers that do not come with SLE) during installation with Secure Boot enabled. The signing key used for SolidDriver/PLDP is not trusted by default.

To solve this problem, it is necessary to either add the needed keys to the firmware database via firmware/system management tools before the installation or to use a bootable ISO that will enroll the needed keys in the MOK list at first boot. For more information, see Book “Administration Guide”, Chapter 12 “UEFI (Unified Extensible Firmware Interface)”, Section 12.1 “Secure Boot”.

The boot screen displays several options for the installation procedure. Change the selected option with the arrow keys and press Enter to boot it. The relevant options are:

Installation

The normal installation mode.

Upgrade

Perform a system upgrade. For more information refer to Chapter 16, Upgrading SUSE Linux Enterprise.

Rescue System

Starts a minimal Linux system without a graphical user interface. For more information, see Book “Administration Guide”, Chapter 35 “Common Problems and Their Solutions”, Section 35.6.2 “Using the Rescue System”. This option is not available on Live CDs.

Check Installation Media

This option is only available when you install from media created from downloaded ISOs. In this case it is recommended to check the integrity of the installation medium. This option starts the installation system before automatically checking the media. In case the check was successful, the normal installation routine starts. If a corrupt media is detected, the installation routine aborts.

The Boot Screen on Machines with UEFI
Figure 3.2: The Boot Screen on Machines with UEFI

GRUB 2 for EFI on SUSE Linux Enterprise Desktop does not support a boot prompt or function keys for adding boot parameters. By default, the installation will be started with American English and the boot media as the installation source. A DHCP lookup will be performed to configure the network. To change these defaults or to add additional boot parameters you need to edit the respective boot entry. Highlight it using the arrow keys and press E. See the on-screen help for editing hints (note that only an English keyboard is available now). The Installation entry will look similar to the following:

setparams 'Installation'

    set gfxpayload=keep
    echo 'Loading kernel ...'
    linuxefi /boot/x86_64/loader/linux splash=silent
    echo 'Loading initial ramdisk ...'
    initrdefi /boot/x86_64/loader/initrd

Add space-separated parameters to the end of the line starting with linuxefi. To boot the edited entry, press F10. If you access the machine via serial console, press Esc0. A complete list of parameters is available at http://en.opensuse.org/Linuxrc. The most important ones are:

Table 3.2: Installation Sources

CD/DVD (default)

install=cd:/

Hard disk

install=hd:/?device=sda/PATH_TO_ISO

SLP

install=slp:/

FTP

install=ftp://ftp.example.com/PATH_TO_ISO

HTTP

install=http://www.example.com/PATH_TO_ISO

NFS

install=nfs:/PATH_TO_ISO

SMB / CIFS

install=smb://PATH_TO_ISO

Table 3.3: Network Configuration

DHCP (default)

netsetup=dhcp

Prompt for Parameters

netsetup=hostip,netmask,gateway,nameserver

Host IP address

hostip=192.168.2.100

hostip=192.168.2.100/24

Netmask

netmask=255.255.255.0

Gateway

gateway=192.168.5.1

Name Server

nameserver=192.168.1.116

nameserver=192.168.1.116,192.168.1.118

Domain Search Path

domain=example.com

Table 3.4: Miscellaneous

Driver Updates: Prompt

dud=1

Driver Updates: URL

dud=ftp://ftp.example.com/PATH_TO_DRIVER

dud=http://www.example.com/PATH_TO_DRIVER

Installation Language

Language=LANGUAGE

Supported values for LANGUAGE are, among others, cs_CZ, de_DE, es_ES, fr_FR, ja_JP, pt_BR, pt_PT, ru_RU, zh_CN, and zh_TW.

Kernel: No ACPI

acpi=off

Kernel: No Local APIC

noapic

Video: Disable KMS

nomodeset

Video: Start Installer in Text Mode

Textmode=1

3.2.2 Boot Parameters for Advanced Setups

To configure access to a local SMT or supportconfig server for the installation, you can specify boot parameters to set up these services during installation. The same applies if you need IPv6 support during the installation.

3.2.2.1 Providing Data to Access an SMT Server

By default, updates for SUSE Linux Enterprise Desktop are delivered by the SUSE Customer Center. If your network provides a so called SMT server to provide a local update source, you need to equip the client with the server's URL. Client and server communicate solely via HTTPS protocol, therefore you also need to enter a path to the server's certificate if the certificate was not issued by a certificate authority.

Note
Note: Non-Interactive Installation Only

Providing parameters for accessing an SMT server is only needed for non-interactive installations. During an interactive installation the data can be provided during the installation (see Section 3.7, “SUSE Customer Center Registration” for details).

regurl

URL of the SMT server. This URL has a fixed format https://FQN/center/regsvc/. FQN needs to be a fully qualified host name of the SMT server. Example:

regurl=https://smt.example.com/center/regsvc/
regcert

Location of the SMT server's certificate. Specify one of the following locations:

URL

Remote location (HTTP, HTTPS or FTP) from which the certificate can be downloaded. Example:

regcert=http://smt.example.com/smt-ca.crt
local path

Absolute path to the certificate on the local machine. Example:

regcert=/data/inst/smt/smt-ca.cert
Interactive

Use ask to open a pop-up menu during the installation where you can specify the path to the certificate. Do not use this option with AutoYaST. Example

regcert=ask
Deactivate certificate installation

Use done if the certificate will be installed by an add-on product, or if you are using a certificate issued by an official certificate authority. For example:

regcert=done
Warning
Warning: Beware of Typing Errors

Make sure the values you enter are correct. If regurl has not been specified correctly, the registration of the update source will fail. If a wrong value for regcert has been entered, you will be prompted for a local path to the certificate.

In case regcert is not specified, it will default to http://FQN/smt.crt with FQN being the name of the SMT server.

3.2.2.2 Configuring an Alternative Data Server for supportconfig

The data that supportconfig (see Book “Administration Guide”, Chapter 34 “Gathering System Information for Support” for more information) gathers is sent to the SUSE Customer Center by default. It is also possible to set up a local server to collect this data. If such a server is available on your network, you need to set the server's URL on the client. This information needs to be entered at the boot prompt.

supporturl URL of the server. The URL has the format http://FQN/Path/, where FQN is the fully qualified host name of the server and Path is the location on the server. For example:

supporturl=http://support.example.com/supportconfig/data/

3.2.2.3 Using IPv6 During the Installation

By default you can only assign IPv4 network addresses to your machine. To enable IPv6 during installation, enter one of the following parameters at the boot prompt:

Accept IPv4 and IPv6
ipv6=1
Accept IPv6 only
ipv6only=1

3.2.2.4 Using a Proxy During the Installation

In networks enforcing the usage of a proxy server for accessing remote Web sites, registration during installation is only possible when configuring a proxy server.

To use a proxy during the installation, press F4 on the boot screen and set the required parameters in the HTTP Proxy dialog. Alternatively provide the kernel parameter proxy at the boot prompt:

l>proxy=http://USER:PASSWORD@proxy.example.com:PORT

Specifying USER and PASSWORD is optional—if the server allows anonymous access, the following data is sufficient: http://proxy.example.com:PORT.

3.2.2.5 Enabling SELinux Support

Enabling SELinux upon installation start-up enables you to configure it after the installation has been finished without having to reboot. Use the following parameters:

security=selinux selinux=1

3.2.2.6 Enabling the Installer Self-Update

During installation and upgrade, YaST can update itself as described in Section 3.4, “Installer Self-Update” to solve potential bugs discovered after release. The self_update parameter can be used to modify the behavior of this feature.

To enable the installer self-update, set the parameter to 1:

self_update=1

To use a user-defined repository, specify a URL:

self_update=https://updates.example.com/

3.3 Steps of the Installation

The interactive installation of SUSE Linux Enterprise Desktop split into several steps is listed below.

After starting the installation, SUSE Linux Enterprise Desktop loads and configures a minimal Linux system to run the installation procedure. To view the boot messages and copyright notices during this process, press Esc. On completion of this process, the YaST installation program starts and displays the graphical installer.

Tip
Tip: Installation Without a Mouse

If the installer does not detect your mouse correctly, use →| for navigation, arrow keys to scroll, and Enter to confirm a selection. Various buttons or selection fields contain a letter with an underscore. Use AltLetter to select a button or a selection directly instead of navigating there with →|.

3.4 Installer Self-Update

During the installation and upgrade process, YaST is able to update itself to solve bugs in the installer that were discovered after the release. This functionality is enabled by default; to disable it, set the boot parameter self_update to 0. For more information, see Section 3.2.2.6, “Enabling the Installer Self-Update”.

Although this feature was designed to run without user intervention, it is worth knowing how it works. If you are not interested, you can jump directly to Section 3.5, “Language, Keyboard and License Agreement” and skip the rest of this section.

Tip
Tip: Language Selection

The installer self-update is executed before the language selection step. This means that progress and errors which happen during this process are displayed in English by default.

To use another language for this part of the installer, press F2 in the DVD boot menu and select the language from the list. Alternatively, use the language boot parameter (for example, language=de_DE).

3.4.1 Self-Update Process

The process can be broken down into two different parts:

  1. Determine the update repository location.

  2. Download and apply the updates to the installation system.

3.4.1.1 Determining the Update Repository Location

Installer Self-Updates are distributed as regular RPM packages via a dedicated repository, so the first step is to find out the repository URL.

Important
Important: Installer Self-Update Repository Only

No matter which of the following options you use, only the installer self-update repository URL is expected, for example:

self_update=https://www.example.com/my_installer_updates/

Do not supply any other repository URL—for example the URL of the software update repository.

YaST will try the following sources of information:

  1. The self_update boot parameter. (For more details, see Section 3.2.2.6, “Enabling the Installer Self-Update”.) If you specify a URL, it will take precedence over any other method.

  2. The /general/self_update_url profile element in case you are using AutoYaST.

  3. A registration server. YaST will query the registration server for the URL. The server to be used is determined in the following order:

    1. By evaluating the regurl boot parameter (Section 3.2.2.1, “Providing Data to Access an SMT Server”).

    2. By evaluating the /suse_register/reg_server profile element if you are using AutoYaST.

    3. By performing an SLP lookup. If an SLP server is found, YaST will ask you whether it should be used because there is no authentication involved and everybody on the local network could announce a registration server.

    4. By querying the SUSE Customer Center.

  4. If none of the previous attempts worked, the fallback URL (defined in the installation media) will be used.

3.4.1.2 Downloading and Applying the Updates

When the updates repository is determined, YaST will check whether an update is available. If so, all the updates will be downloaded and applied to the installation system.

Finally, YaST will be restarted to load the new version and the welcome screen will be shown. If no updates were available, the installation will continue without restarting YaST.

Note
Note: Update Integrity

Update signatures will be checked to ensure integrity and authorship. If a signature is missing or invalid, you will be asked whether you want to apply the update.

3.4.2 Networking during Self-Update

To download installer updates, YaST needs network access. By default, it tries to use DHCP on all network interfaces. If there is a DHCP server in the network, it will work automatically.

If you need a static IP setup, you can use the ifcfg boot argument. For more details, see the linuxrc documentation at https://en.opensuse.org/Linuxrc.

3.4.3 Custom Self-Update Repositories

YaST can use a user-defined repository instead of the official one by specifying a URL through the self_update boot option. However, the following points should be considered:

  • Only HTTP/HTTPS and FTP repositories are supported.

  • Only RPM-MD repositories are supported (required by SMT).

  • Packages are not installed in the usual way: They are uncompressed only and no scripts are executed.

  • No dependency checks are performed. Packages are installed in alphabetical order.

  • Files from the packages override the files from the original installation media. This means that the update packages might not need to contain all files, only files that have changed. Unchanged files are omitted to save memory and download bandwidth.

Note
Note: Only One Repository

Currently, it is not possible to use more than one repository as source for installer self-updates.

3.5 Language, Keyboard and License Agreement

Start the installation of SUSE Linux Enterprise Desktop by choosing your language. Changing the language will automatically preselect a corresponding keyboard layout. Override this proposal by selecting a different keyboard layout from the drop-down box. The language selected here is also used to assume a time zone for the system clock. This setting can be modified later in the installed system as described in Chapter 14, Changing Language and Country Settings with YaST.

Read the license agreement that is displayed beneath the language and keyboard selection thoroughly. Use License Translations to access translations. If you agree to the terms, check I Agree to the License Terms and click Next to proceed with the installation. If you do not agree to the license agreement, you cannot install SUSE Linux Enterprise Desktop; click Abort to terminate the installation.

Language, Keyboard and License Agreement
Figure 3.3: Language, Keyboard and License Agreement

3.6 Network Settings

After booting into the installation, the installation routine is set up. During this setup, an attempt to configure at least one network interface with DHCP is made. In case this attempt fails, the Network Settings dialog launches. Choose a network interface from the list and click Edit to change its settings. Use the tabs to configure DNS and routing. See Book “Administration Guide”, Chapter 17 “Basic Networking”, Section 17.4 “Configuring a Network Connection with YaST” for more details.

In case DHCP was successfully configured during installation setup, you can also access this dialog by clicking Network Configuration at the SUSE Customer Center Registration step. It lets you change the automatically provided settings.

Note
Note: Network Interface Configured via linuxrc

If at least one network interface is configured via linuxrc, automatic DHCP configuration is disabled and configuration from linuxrc is imported and used.

Network Settings
Figure 3.4: Network Settings
Tip
Tip: Accessing Network Storage or Local RAID

To access a SAN or a local RAID during the installation, you can use the libstorage command line client for this purpose:

  1. Switch to a console with CtrlAltF2.

  2. Install the libstoragemgmt extension by running extend libstoragemgmt.

  3. Now you have access to the lsmcli command. For more information, run lsmcli --help.

  4. To return to the installer, press AltF7

Supported are Netapp Ontap, all SMI-S compatible SAN providers, and LSI MegaRAID.

3.7 SUSE Customer Center Registration

To get technical support and product updates, you need to register and activate your product with the SUSE Customer Center. Registering SUSE Linux Enterprise Desktop now grants you immediate access to the update repository. This enables you to install the system with the latest updates and patches available. If you are offline or want to skip this step, select Skip Registration. You can register your system at any time later from the installed system.

Note
Note: Network Configuration

After booting into the installation, the installation routine is set up. During this setup, an attempt to configure all network interfaces with DHCP is made. If DHCP is not available or you want to modify the network configuration, click Network Configuration in the upper right corner of the SUSE Customer Center Registration screen. The YaST module Network Settings opens. See Book “Administration Guide”, Chapter 17 “Basic Networking”, Section 17.4 “Configuring a Network Connection with YaST” for details.

SUSE Customer Center Registration
Figure 3.5: SUSE Customer Center Registration

To register your system, provide the E-mail address associated with the SUSE account you or your organization uses to manage subscriptions. In case you do not have a SUSE account yet, go to the SUSE Customer Center home page (https://scc.suse.com/) to create one.

Enter the Registration Code you received with your copy of SUSE Linux Enterprise Desktop. YaST can also read registration codes from a USB storage device such as a flash disk. For details, see Section 3.7.1, “Loading Registration Codes from USB Storage”.

Proceed with Next to start the registration process. If one or more local registration servers are available on your network, you can choose one of them from a list. By default, SUSE Linux Enterprise Desktop is registered at the SUSE Customer Center. If your local registration server was not discovered automatically, choose Cancel, select Register System via local SMT Server and enter the URL of the server. Restart the registration by choosing Next again.

During the registration, the online update repositories will be added to your installation setup. When finished, you can choose whether to install the latest available package versions from the update repositories. This ensures that SUSE Linux Enterprise Desktop is installed with the latest security updates available. If you choose No, all packages will be installed from the installation media. Proceed with Next.

If the system was successfully registered during installation, YaST will disable repositories from local installation media such as CD/DVD or flash disks when the installation has been completed. This prevents problems if the installation source is no longer available and ensures that you always get the latest updates from the online repositories.

Tip
Tip: Release Notes

From this point on, the Release Notes can be viewed from any screen during the installation process by selecting Release Notes.

3.7.1 Loading Registration Codes from USB Storage

To make the registration more convenient, you can also store your registration codes on a USB storage device such as a flash disk. YaST will automatically pre-fill the corresponding text box. This is particularly useful when testing the installation or if you need to register many systems or extensions.

Note
Note: Limitations

Currently flash disks are only scanned during installation or upgrade, but not when registering a running system.

Create a file named regcodes.txt or regcodes.xml on the USB disk. If both are present, the XML takes precedence.

In that file, identify the product with the name returned by zypper search --type product and assign it a registration code as follows:

Example 3.1: regcodes.txt
SLES    cc36aae1
SLED    309105d4

sle-we  5eedd26a
sle-live-patching 8c541494
Example 3.2: regcodes.xml
<?xml version="1.0"?>
<profile xmlns="http://www.suse.com/1.0/yast2ns"
 xmlns:config="http://www.suse.com/1.0/configns">
  <suse_register>
    <addons config:type="list">
      <addon>
<name>SLES</name>
<reg_code>cc36aae1</reg_code>
      </addon>
      <addon>
<name>SLED</name>
<reg_code>309105d4</reg_code>
      </addon>
      <addon>
<name>sle-we</name>
<reg_code>5eedd26a</reg_code>
      </addon>
      <addon>
<name>sle-live-patching</name>
<reg_code>8c541494</reg_code>
      </addon>
    </addons>
  </suse_register>
</profile>

Note that SLES and SLED are not extensions, but listing them as add-ons allows for combining several base product registration codes in a single file.

3.8 Extension Selection

If you have successfully registered your system in the previous step, a list of available modules and extensions based on SUSE Linux Enterprise Desktop is shown. Otherwise this configuration step is skipped. It is also possible to add modules and extensions from the installed system, see Chapter 11, Installing Modules, Extensions, and Third Party Add-On Products for details.

The list contains free modules for SUSE Linux Enterprise Desktop, such as the SUSE Linux Enterprise SDK and extensions requiring a registration key that is liable for costs. Click an entry to see its description. Select a module or extension for installation by activating its check mark. This will add its repository from the SUSE Customer Center server to your installation—no additional installation sources are required. Furthermore the installation pattern for the module or extension is added to the default installation to ensure it gets installed automatically.

The amount of available extensions and modules depends on the registration server. A local registration server may only offer update repositories and no additional extensions.

Tip
Tip: Modules

Modules are fully supported parts of SUSE Linux Enterprise Desktop with a different life cycle. They have a clearly defined scope and are delivered via online channel only. Registering at the SUSE Customer Center is a prerequisite for being able to subscribe to these channels.

Tip
Tip: SUSE Linux Enterprise Desktop

As of SUSE Linux Enterprise 12, SUSE Linux Enterprise Desktop is not only available as a separate product, but also as a workstation extension for SUSE Linux Enterprise Server. If you register at the SUSE Customer Center, the SUSE Linux Enterprise Workstation Extension can be selected for installation. Note that installing it requires a valid registration key.

Extension Selection
Figure 3.6: Extension Selection

Proceed with Next to the Add-on Product dialog, where you can specify sources for additional add-on products not available on the registration server.

If you do not want to install add-ons, proceed with Next. Otherwise activate I would like to install an additional Add-on Product. Specify the Media Type by choosing from CD, DVD, Hard Disk, USB Mass Storage, a Local Directory or a Local ISO Image. If network access has been configured you can choose from additional remote sources such as HTTP, SLP, FTP, etc. Alternatively you may directly specify a URL. Check Download Repository Description Files to download the files describing the repository now. If deactivated, they will be downloaded after the installation starts. Proceed with Next and insert a CD or DVD if required.

Depending on the add-on's content, it may be necessary to accept additional license agreements. If you have chosen an add-on product requiring a registration key, you will be asked to enter it at the Extension and Module Registration Codes page. Proceed with Next.

Add-on Product
Figure 3.7: Add-on Product
Tip
Tip: No Registration Key Error

If you have chosen a product in the Extension Selection dialog for which you do not have a valid registration key, choose Back until you see the Extension Selection dialog. Deselect the module or extension and proceed with Next. Modules or extensions can also be installed at any time later from the running system as described in Chapter 11, Installing Modules, Extensions, and Third Party Add-On Products.

3.9 Suggested Partitioning

Define a partition setup for SUSE Linux Enterprise Desktop in this step. The installer creates a proposal for one of the available disks containing a root partition formatted with Btrfs, a swap partition, and a home partition formatted with XFS. On hard disks smaller than 20 GB the proposal does not include a separate home partition. If one or more swap partitions have been detected on the available hard disks, these partitions will be used. You have several options to proceed:

Next

To accept the proposal without any changes, click Next to proceed with the installation workflow.

Edit Proposal Settings

To adjust the proposal choose Edit Proposal Settings. The pop-up dialog lets you switch to an LVM-based Proposal or an Encrypted LVM-based Proposal. You may also adjust file systems for the proposed partitions, create a separate home partition, and enlarge the swap partition (to enable suspend to disk, for example).

If the root file system format is Btrfs, you can also enable Btrfs snapshots here.

Create Partition Setup

Use this option to move the proposal described above to a different disk. Select a specific disk from the list. If the chosen hard disk does not contain any partitions yet, the whole hard disk will be used for the proposal. Otherwise, you can choose which existing partition(s) to use. Edit Proposal Settings lets you fine-tune the proposal.

Expert Partitioner

To create a custom partition setup choose Expert Partitioner. The Expert Partitioner opens, displaying the current partition setup for all hard disks, including the proposal suggested by the installer. You can Add, Edit, Resize, or Delete partitions.

You can also set up Logical Volumes (LVM), configure software RAID and device mapping (DM), encrypt Partitions, mount NFS shares and manage tmpfs volumes with the Expert Partitioner. To fine-tune settings such as the subvolume and snapshot handling for each Btrfs partition, choose Btrfs. For more information about custom partitioning and configuring advanced features, refer to Section 9.1, “Using the YaST Partitioner”.

Warning
Warning: Custom Partitioning on UEFI Machines

A UEFI machine requires an EFI system partition that must be mounted to /boot/efi. This partition must be formatted with the FAT file system.

If an EFI system partition is already present on your system (for example from a previous Windows installation) use it by mounting it to /boot/efi without formatting it.

Warning
Warning: Custom Partitioning and Snapper

SUSE Linux Enterprise Desktop can be configured to support snapshots which provide the ability to do rollbacks of system changes. SUSE Linux Enterprise Desktop uses Snapper in conjunction with Btrfs for this feature. Btrfs needs to be set up with snapshots enabled for the root partition. Refer to Book “Administration Guide”, Chapter 7 “System Recovery and Snapshot Management with Snapper” for details on Snapper.

Being able to create system snapshots that enable rollbacks requires most of the system directories to be mounted on a single partition. Refer to Book “Administration Guide”, Chapter 7 “System Recovery and Snapshot Management with Snapper”, Section 7.1 “Default Setup” for more information. This also includes /usr and /var. Only directories that are excluded from snapshots (see Book “Administration Guide”, Chapter 7 “System Recovery and Snapshot Management with Snapper”, Section 7.1.2 “Directories That Are Excluded from Snapshots” for a list) may reside on separate partitions. Among others, this list includes /usr/local, /var/log, and /tmp.

If you do not plan to use Snapper for system rollbacks, the partitioning restrictions mentioned above do not apply.

Important
Important: Btrfs on an Encrypted Root Partition

The default partitioning setup suggests the root partition as Btrfs with /boot being a directory. To encrypt the root partition, make sure to use the GPT partition table type instead of the default MSDOS type. Otherwise the GRUB2 boot loader may not have enough space for the second stage loader.

Note
Note: Supported Software RAID Volumes

Installing to and booting from existing software RAID volumes is supported for Disk Data Format (DDF) volumes and Intel Matrix Storage Manager (IMSM) volumes. IMSM is also known by the following names:

  • Intel Rapid Storage Technology

  • Intel Matrix Storage Technology

  • Intel Application Accelerator / Intel Application Accelerator RAID Edition

Note
Note: Mount Points for FCoE and iSCSI Devices

FCoE and iSCSI devices will appear asynchronously during the boot process. While the initrd guarantees that those devices are set up correctly for the root file system, there are no such guarantees for any other file systems or mount points like /usr. Hence any system mount points like /usr or /var are not supported. To use those devices, ensure correct synchronization of the respective services and devices.

Important
Important: Handling of Windows Partitions in Proposals

In case the disk selected for the suggested partitioning proposal contains a large Windows FAT or NTFS partition, it will automatically be resized to make room for the SUSE Linux Enterprise Desktop installation. To avoid data loss it is strongly recommended to

  • make sure the partition is not fragmented (run a defragmentation program from Windows prior to the SUSE Linux Enterprise Desktop installation)

  • double-check the suggested size for the Windows partition is big enough

  • back up your data prior to the SUSE Linux Enterprise Desktop installation

To adjust the proposed size of the Windows partition, use the Expert Partitioner.

Partitioning
Figure 3.8: Partitioning

3.10 Clock and Time Zone

In this dialog, select your region and time zone. Both are preselected according to the installation language. To change the preselected values, either use the map or the drop-down boxes for Region and Time Zone. When using the map, point the cursor at the rough direction of your region and left-click to zoom. Now choose your country or region by left-clicking. Right-click to return to the world map.

To set up the clock, choose whether the Hardware Clock is Set to UTC. If you run another operating system on your machine, such as Microsoft Windows, it is likely your system uses local time instead. If you run Linux on your machine, set the hardware clock to UTC and have the switch from standard time to daylight saving time performed automatically.

Important
Important: Set the Hardware Clock to UTC

The switch from standard time to daylight saving time (and vice versa) can only be performed automatically when the hardware clock (CMOS clock) is set to UTC. This also applies if you use automatic time synchronization with NTP, because automatic synchronization will only be performed if the time difference between the hardware and system clock is less than 15 minutes.

Since a wrong system time can cause serious problems (missed backups, dropped mail messages, mount failures on remote file systems, etc.), it is strongly recommended to always set the hardware clock to UTC.

Clock and Time Zone
Figure 3.9: Clock and Time Zone

If a network is already configured, you can configure time synchronization with an NTP server. Click Other Settings to either alter the NTP settings or to Manually set the time. See Book “Administration Guide”, Chapter 26 “Time Synchronization with NTP” for more information on configuring the NTP service. When finished, click Accept to continue the installation.

If running without NTP configured, consider setting SYSTOHC=no (sysconfig variable) to avoid saving unsynchronized time into the hardware clock.

3.11 Create New User

Create a local user in this step. After entering the first name and last name, either accept the proposal or specify a new User name that will be used to log in. Only use lowercase letters (a-z), digits (0-9) and the characters . (dot), - (hyphen) and _ (underscore). Special characters, umlauts and accented characters are not allowed.

Finally, enter a password for the user. Re-enter it for confirmation (to ensure that you did not type something else by mistake). To provide effective security, a password should be at least six characters long and consist of uppercase and lowercase letters, number and special characters (7-bit ASCII). Umlauts or accented characters are not allowed. Passwords you enter are checked for weakness. When entering a password that is easy to guess (such as a dictionary word or a name) you will see a warning. It is a good security practice to use strong passwords.

Important
Important: User Name and Password

Remember both your user name and the password because they are needed each time you log in to the system.

If you install SUSE Linux Enterprise Desktop on a machine with one or more existing Linux installations, YaST allows you to import user data such as user names and passwords. Select Import User Data from a Previous Installation and then Choose Users for import.

If you do not want to configure any local users (for example when setting up a client on a network with centralized user authentication), skip this step by choosing Next and confirming the warning. Network user authentication can be configured at any time later in the installed system; refer to Chapter 13, Managing Users with YaST for instructions.

Create New User
Figure 3.10: Create New User

Two additional options are available:

Use this Password for System Administrator

If checked, the same password you have entered for the user will be used for the system administrator root. This option is suitable for stand-alone workstations or machines in a home network that are administrated by a single user. When not checked, you are prompted for a system administrator password in the next step of the installation workflow (see Section 3.12, “Password for the System Administrator root).

Automatic Login

This option automatically logs the current user in to the system when it starts. This is mainly useful if the computer is operated by only one user.

Warning
Warning: Automatic Login

With the automatic login enabled, the system boots straight into your desktop with no authentication. If you store sensitive data on your system, you should not enable this option if the computer can also be accessed by others.

3.11.1 Expert Settings

Click Change in the Create User dialog to import users from a previous installation (if present). Also change the password encryption type in this dialog.

The default authentication method is Local (/etc/passwd). If a former version of SUSE Linux Enterprise Desktop or another system using /etc/passwd is detected, you may import local users. To do so, check Read User Data from a Previous Installation and click Choose. In the next dialog, select the users to import and finish with OK.

By default the passwords are encrypted with the SHA-512 hash function. Changing this method is not recommended unless needed for compatibility reasons.

3.12 Password for the System Administrator root

If you have not chosen Use this Password for System Administrator in the previous step, you will be prompted to enter a password for the System Administrator root. Otherwise this configuration step is skipped.

root is the name of the superuser, or the administrator of the system. Unlike regular users, root has unlimited rights to change the system configuration, install programs, and set up new hardware. If users forget their passwords or have other problems with the system, root can help. The root account should only be used for system administration, maintenance, and repair. Logging in as root for daily work is rather risky: a single mistake could lead to irretrievable loss of system files.

For verification purposes, the password for root must be entered twice. Do not forget the root password. After having been entered, this password cannot be retrieved.

Password for the System Administrator root
Figure 3.11: Password for the System Administrator root
Tip
Tip: Passwords and Keyboard Layout

It is recommended to only use characters that are available on an English keyboard. In case of a system error or when you need to start your system in rescue mode a localized keyboard might not be available.

The root password can be changed any time later in the installed system. To do so run YaST and start Security and Users › User and Group Management.

Important
Important: The root User

The user root has all the permissions needed to make changes to the system. To carry out such tasks, the root password is required. You cannot carry out any administrative tasks without this password.

3.13 Installation Settings

On the last step before the real installation takes place, you can alter installation settings suggested by the installer. To modify the suggestions, click the respective headline. After having made changes to a particular setting, you are always returned to the Installation Settings window, which is updated accordingly.

Installation Settings
Figure 3.12: Installation Settings

3.13.1 Software

SUSE Linux Enterprise Desktop contains several software patterns for various application purposes. Click Software to open the Software Selection and System Tasks screen where you can modify the pattern selection according to your needs. Select a pattern from the list and see a description in the right-hand part of the window. Each pattern contains several software packages needed for specific functions (for example Multimedia or Office software). For a more detailed selection based on software packages to install, select Details to switch to the YaST Software Manager.

You can also install additional software packages or remove software packages from your system at any later time with the YaST Software Manager. For more information, refer to Chapter 10, Installing or Removing Software.

Software Selection and System Tasks
Figure 3.13: Software Selection and System Tasks
Tip
Tip: Adding Secondary Languages

The language you selected with the first step of the installation will be used as the primary (default) language for the system. You can add secondary languages from within the Software dialog by choosing Details › View › Languages.

3.13.2 Booting

The installer proposes a boot configuration for your system. Other operating systems found on your computer, such as Microsoft Windows or other Linux installations, will automatically be detected and added to the boot loader. However, SUSE Linux Enterprise Desktop will be booted by default. Normally, you can leave these settings unchanged. If you need a custom setup, modify the proposal according to your needs. For information, see Book “Administration Guide”, Chapter 13 “The Boot Loader GRUB 2”, Section 13.3 “Configuring the Boot Loader with YaST”.

Important
Important: Software RAID 1

Booting a configuration where /boot resides on a software RAID 1 device is supported, but it requires to install the boot loader into the MBR (Boot Loader Location › Boot from Master Boot Record). Having /boot on software RAID devices with a level other than RAID 1 is not supported.

3.13.3 Firewall and SSH

By default SuSEFirewall2 is enabled on all configured network interfaces. To globally disable the firewall for this computer, click Disable (not recommended).

Note
Note: Firewall Settings

If the firewall is activated, all interfaces are configured to be in the External Zone, where all ports are closed by default, ensuring maximum security. The only port you can open during the installation is port 22 (SSH), to allow remote access. All other services requiring network access (such as FTP, Samba, Web server, etc.) will only work after having adjusted the firewall settings. Refer to Book “Security Guide”, Chapter 15 “Masquerading and Firewalls” for more information.

To enable remote access via the secure shell (SSH), make sure the SSH service is enabled and the SSH port is open.

Tip
Tip: Existing SSH Host Keys

If you install SUSE Linux Enterprise Desktop on a machine with one or more existing Linux installations, the installation routine imports the SSH host key with the most recent access time from an existing installation by default. See also Section 3.13.5, “Import SSH Host Keys and Configuration.

If you are performing a remote administration over VNC, you can also specify whether the machine should be accessible via VNC after the installation. Note that enabling VNC also requires you to set the Default systemd Target to graphical.

3.13.4 Default systemd Target

SUSE Linux Enterprise Desktop can boot into two different targets (formerly known as runlevels). The graphical target starts a display manager, whereas the multi-user target starts the command line interface.

The default target is graphical. In case you have not installed the X Window System patterns, you need to change it to multi-user. If the system should be accessible via VNC, you need to choose graphical.

3.13.5 Import SSH Host Keys and Configuration

If an existing Linux installation on your computer was detected, YaST will import the most recent SSH host key found in /etc/ssh by default, optionally including other files in the directory as well. This makes it possible to reuse the SSH identity of the existing installation, avoiding the REMOTE HOST IDENTIFICATION HAS CHANGED warning on the first connection. Note that this item is not shown in the installation summary if YaST has not discovered any other installations.

Import SSH Host Keys and Configuration
Figure 3.14: Import SSH Host Keys and Configuration
I would like to import SSH keys from a previous install:

Select this option if you want to import the SSH host key and optionally the configuration of an installed system. You can select the installation to import from in the option list below.

Import SSH Configuration

Enable this to copy other files in /etc/ssh to the installed system in addition to the host keys.

3.13.6 System Information

This screen lists all the hardware information the installer could obtain about your computer. When opened for the first time, the hardware detection is started. Depending on your system, this may take some time. Select any item in the list and click Details to see detailed information about the selected item. Use Save to File to save a detailed list to either the local file system or a removable device.

Advanced users can also change the PCI ID Setup and kernel settings by choosing Kernel Settings. A screen with two tabs opens:

PCI ID Setup

Each kernel driver contains a list of device IDs of all devices it supports. If a new device is not in any driver's database, the device is treated as unsupported, even if it can be used with an existing driver. You can add PCI IDs to a device driver here. Only advanced users should attempt to do so.

To add an ID, click Add and select whether to Manually enter the data, or whether to choose from a list. Enter the required data. The SysFS Dir is the directory name from /sys/bus/pci/drivers—if empty, the driver name is used as the directory name. Existing entries can be managed with Edit and Delete.

Kernel Settings

Change the Global I/O Scheduler here. If Not Configured is chosen, the default setting for the respective architecture will be used. This setting can also be changed at any time later from the installed system. Refer to Book “System Analysis and Tuning Guide”, Chapter 12 “Tuning I/O Performance” for details on I/O tuning.

Also activate the Enable SysRq Keys here. These keys will let you issue basic commands (such as rebooting the system or writing kernel dumps) in case the system crashes. Enabling these keys is recommended when doing kernel development. Refer to https://www.kernel.org/doc/html/latest/admin-guide/sysrq.html for details.

3.14 Performing the Installation

After configuring all installation settings, click Install in the Installation Settings window to start the installation. Some software may require a license confirmation. If your software selection includes such software, license confirmation dialogs are displayed. Click Accept to install the software package. When not agreeing to the license, click I Disagree and the software package will not be installed. In the dialog that follows, confirm with Install again.

The installation usually takes between 15 and 30 minutes, depending on the system performance and the selected software scope. After having prepared the hard disk and having saved and restored the user settings, the software installation starts. During this procedure a slide show introduces the features of SUSE Linux Enterprise Desktop. Choose Details to switch to the installation log or Release Notes to read important up-to-date information that was not available when the manuals were printed.

After the software installation has completed, the system reboots into the new installation where you can log in. To customize the system configuration or to install additional software packages, start YaST.

Note
Note: One-Stage Installation

Starting with SUSE Linux Enterprise Desktop 12 the system installation and basic configuration including the network setup is done in a single stage. After having rebooted into the installed system, you can log in and start using the system. To fine-tune the setup, to configure services or to install additional software, start YaST.

4 Cloning Disk Images

If SUSE Linux Enterprise Desktop is installed in a virtualized environment, cloning an existing installation may be the fastest way to deploy further machines. SUSE Linux Enterprise Desktop provides a script to clean up configuration that is unique to each installation. With the introduction of systemd, unique system identifiers are used and set in different locations and files. Therefore, cloning is no longer the recommended way to build system images. Images can be created with KIWI, see https://doc.opensuse.org/projects/kiwi/doc/.

To clone disks of machines, refer to the documentation of your virtualization environment.

4.1 Cleaning Up Unique System Identifiers

Warning
Warning: Important Configuration Loss

Executing the following procedure permanently deletes important system configuration data. If the source system for the clone is used in production, run the clean up script on the cloned image.

To clean all unique system identifiers, execute the following procedure before or after cloning a disk image. If run on the clone, this procedure needs to be run on each clone. Therefore, we recommend to create a golden image that is not used in production and only serves as a source for new clones. The golden image is already cleaned up and clones can be used immediately.

The clone-master-clean-up command for example removes:

  • Swap files

  • Zypper repositories

  • SSH host and client keys

  • Temporary directories, like /tmp/*

  • Postfix data

  • HANA firewall script

  • systemd journal

  1. Use zypper to install clone-master-clean-up:

    root # zypper install clone-master-clean-up
  2. Configure the behavior of clone-master-clean-up by editing /etc/sysconfig/clone-master-clean-up. This configuration file defines whether users with a UID larger than 1000, the /etc/sudoers file, Zypper repositories and Btrfs snapshots should be removed.

  3. Remove existing configuration and unique identifiers by running the script:

    root # clone-master-clean-up

Part III Setting Up an Installation Server

5 Setting Up the Server Holding the Installation Sources

SUSE® Linux Enterprise Desktop can be installed in different ways. Apart from the usual media installation covered in Chapter 3, Installation with YaST, you can choose from various network-based approaches or even opt for an unattended installation of SUSE Linux Enterprise Desktop.

6 Preparing the Boot of the Target System

SUSE® Linux Enterprise Desktop can be installed in different ways. Apart from the usual media installation covered in Chapter 3, Installation with YaST, you can choose from various network-based approaches or even take a completely hands-off approach to the installation of SUSE Linux Enterprise Desk…

5 Setting Up the Server Holding the Installation Sources

SUSE® Linux Enterprise Desktop can be installed in different ways. Apart from the usual media installation covered in Chapter 3, Installation with YaST, you can choose from various network-based approaches or even opt for an unattended installation of SUSE Linux Enterprise Desktop.

Each method is introduced by means of two short checklists: one listing the prerequisites for this method and the other illustrating the basic procedure. More detail is then provided for all the techniques used in these installation scenarios.

Note
Note: Terminology

In the following sections, the system to hold your new SUSE Linux Enterprise Desktop installation is called target system or installation target. The term repository (previously called installation source) is used for all sources of installation data. This includes physical media, such as CD and DVD, and network servers distributing the installation data in your network.

Depending on the operating system of the machine used as the network installation source for SUSE Linux Enterprise Desktop, there are several options for the server configuration. The easiest way to set up an installation server is to use YaST on SUSE Linux Enterprise Server or openSUSE.

Tip
Tip: Installation Server Operating System

You can even use a Microsoft Windows machine as the installation server for your Linux deployment. See Section 5.5, “Managing an SMB Repository” for details.

5.1 Setting Up an Installation Server Using YaST

YaST offers a graphical tool for creating network repositories. It supports HTTP, FTP, and NFS network installation servers.

  1. Log in as root to the machine that should act as installation server.

  2. Start YaST › Miscellaneous › Installation Server.

  3. Select the repository type (HTTP, FTP, or NFS). The selected service is started automatically every time the system starts. If a service of the selected type is already running on your system and you want to configure it manually for the server, deactivate the automatic configuration of the server service with Do Not Configure Any Network Services. In both cases, define the directory in which the installation data should be made available on the server.

  4. Configure the required repository type. This step relates to the automatic configuration of server services. It is skipped when automatic configuration is deactivated.

    Define an alias for the root directory of the FTP or HTTP server on which the installation data should be found. The repository will later be located under ftp://Server-IP/Alias/Name (FTP) or under http://Server-IP/Alias/Name (HTTP). Name stands for the name of the repository, which is defined in the following step. If you selected NFS in the previous step, define wild cards and export options. The NFS server will be accessible under nfs://Server-IP/Name. Details of NFS and exports can be found in Book “Administration Guide”, Chapter 27 “Sharing File Systems with NFS”.

    Tip
    Tip: Firewall Settings

    Make sure that the firewall settings of your server system allow traffic on the ports for HTTP, NFS, and FTP. If they currently do not, enable Open Port in Firewall or check Firewall Details first.

  5. Configure the repository. Before the installation media are copied to their destination, define the name of the repository (ideally, an easily remembered abbreviation of the product and version). YaST allows providing ISO images of the media instead of copies of the installation DVDs. If you want this, activate the relevant check box and specify the directory path under which the ISO files can be found locally. Depending on the product to distribute using this installation server, it might be necessary to add additional media, such as service pack DVDs as extra repositories. To announce your installation server in the network via OpenSLP, activate the appropriate option.

    Tip
    Tip: Announcing the Repository

    Consider announcing your repository via OpenSLP if your network setup supports this option. This saves you from entering the network installation path on every target machine. The target systems are booted using the SLP boot option and find the network repository without any further configuration. For details on this option, refer to Section 7.2, “Booting the Target System for Installation”.

  6. Configuring extra repositories. YaST follows a specific naming convention to configure add-on CDs or service pack CDs repositories. Configuration is accepted only if the repository name of the add-on CDs starts with the repository name of the installation media. In other words, if you choose SLES12SP1 as the repository name for DVD1, then you should chose SLES12SP1addon as the repository name for DVD2. The same applies to SDK CDs.

  7. Upload the installation data. The most lengthy step in configuring an installation server is copying the actual installation media. Insert the media in the sequence requested by YaST and wait for the copying procedure to end. When the sources have been fully copied, return to the overview of existing repositories and close the configuration by selecting Finish.

    Your installation server is now fully configured and ready for service. It is automatically started every time the system is started. No further intervention is required. You only need to configure and start this service correctly by hand if you have deactivated the automatic configuration of the selected network service with YaST as an initial step.

To deactivate a repository, select the repository to remove then select Delete. The installation data are removed from the system. To deactivate the network service, use the respective YaST module.

If your installation server needs to provide the installation data for more than one product of the product version, start the YaST installation server module and select Add in the overview of existing repositories to configure the new repository.

5.2 Setting Up an NFS Repository Manually

Important
Important

This assumes that you are using some kind of SUSE Linux-based operating system on the machine that will serve as installation server. If this is not the case, turn to the other vendor's documentation on NFS instead of following these instructions.

Setting up an NFS source for installation is done in two main steps. In the first step, create the directory structure holding the installation data and copy the installation media over to this structure. Second, export the directory holding the installation data to the network.

To create a directory to hold the installation data, proceed as follows:

  1. Log in as root.

  2. Create a directory that will later hold all installation data and change into this directory. For example:

    root # mkdir /srv/install/PRODUCT/PRODUCTVERSION
    root # cd /srv/install/PRODUCT/PRODUCTVERSION

    Replace PRODUCT with an abbreviation of the product name and PRODUCTVERSION with a string that contains the product name and version.

  3. For each DVD contained in the media kit execute the following commands:

    1. Copy the entire content of the installation DVD into the installation server directory:

      root # cp -a /media/PATH_TO_YOUR_DVD_DRIVE .

      Replace PATH_TO_YOUR_DVD_DRIVE with the actual path under which your DVD drive is addressed. Depending on the type of drive used in your system, this can be cdrom, cdrecorder, dvd, or dvdrecorder.

    2. Rename the directory to the DVD number:

      root # mv PATH_TO_YOUR_DVD_DRIVE DVDX

      Replace X with the actual number of your DVD.

On SUSE Linux Enterprise Desktop, you can export the repository with NFS using YaST. Proceed as follows:

  1. Log in as root.

  2. Start YaST › Network Services › NFS Server.

  3. Select Start and Open Port in Firewall and click Next.

  4. Select Add Directory and browse for the directory containing the installation sources, in this case, PRODUCTVERSION.

  5. Select Add Host and enter the host names of the machines to which to export the installation data. Instead of specifying host names here, you could also use wild cards, ranges of network addresses, or the domain name of your network. Enter the appropriate export options or leave the default, which works fine in most setups. For more information about the syntax used in exporting NFS shares, read the exports man page.

  6. Click Finish. The NFS server holding the SUSE Linux Enterprise Desktop repository is automatically started and integrated into the boot process.

If you prefer manually exporting the repository via NFS instead of using the YaST NFS Server module, proceed as follows:

  1. Log in as root.

  2. Open the file /etc/exports and enter the following line:

    /PRODUCTVERSION *(ro,root_squash,sync)

    This exports the directory /PRODUCTVERSION to any host that is part of this network or to any host that can connect to this server. To limit the access to this server, use netmasks or domain names instead of the general wild card *. Refer to the export man page for details. Save and exit this configuration file.

  3. To add the NFS service to the list of servers started during system boot, execute the following commands:

    root # systemctl enable nfsserver
  4. Start the NFS server with systemctl start nfsserver. If you need to change the configuration of your NFS server later, modify the configuration file and restart the NFS daemon with systemctl restart nfsserver.

Announcing the NFS server via OpenSLP makes its address known to all clients in your network.

  1. Log in as root.

  2. Create the /etc/slp.reg.d/install.suse.nfs.reg configuration file with the following lines:

    # Register the NFS Installation Server
    service:install.suse:nfs://$HOSTNAME/PATH_TO_REPOSITORY/DVD1,en,65535
    description=NFS Repository

    Replace PATH_TO_REPOSITORY with the actual path to the installation source on your server.

  3. Start the OpenSLP daemon with systemctl start slpd.

5.3 Setting Up an FTP Repository Manually

Creating an FTP repository is very similar to creating an NFS repository. An FTP repository can be announced over the network using OpenSLP as well.

  1. Create a directory holding the installation sources as described in Section 5.2, “Setting Up an NFS Repository Manually”.

  2. Configure the FTP server to distribute the contents of your installation directory:

    1. Log in as root and install the package vsftpd using the YaST software management.

    2. Enter the FTP server root directory:

      root # cd /srv/ftp
    3. Create a subdirectory holding the installation sources in the FTP root directory:

      root # mkdir REPOSITORY

      Replace REPOSITORY with the product name.

    4. Mount the contents of the installation repository into the change root environment of the FTP server:

      root # mount --bind PATH_TO_REPOSITORY /srv/ftp/REPOSITORY

      Replace PATH_TO_REPOSITORY and REPOSITORY with values matching your setup. If you need to make this permanent, add it to /etc/fstab.

    5. Start vsftpd with vsftpd.

  3. Announce the repository via OpenSLP, if this is supported by your network setup:

    1. Create the /etc/slp.reg.d/install.suse.ftp.reg configuration file with the following lines:

      # Register the FTP Installation Server
      service:install.suse:ftp://$HOSTNAME/REPOSITORY/DVD1,en,65535
      description=FTP Repository

      Replace REPOSITORY with the actual name to the repository directory on your server. The service: line should be entered as one continuous line.

    2. Start the OpenSLP daemon with systemctl start slpd.

5.4 Setting Up an HTTP Repository Manually

Creating an HTTP repository is very similar to creating an NFS repository. An HTTP repository can be announced over the network using OpenSLP as well.

  1. Create a directory holding the installation sources as described in Section 5.2, “Setting Up an NFS Repository Manually”.

  2. Configure the HTTP server to distribute the contents of your installation directory:

    1. Install the Web server Apache.

    2. Enter the root directory of the HTTP server (/srv/www/htdocs) and create the subdirectory that will hold the installation sources:

      root # mkdir REPOSITORY

      Replace REPOSITORY with the product name.

    3. Create a symbolic link from the location of the installation sources to the root directory of the Web server (/srv/www/htdocs):

      root # ln -s /PATH_TO_REPOSITORY/srv/www/htdocs/REPOSITORY
    4. Modify the configuration file of the HTTP server (/etc/apache2/default-server.conf) to make it follow symbolic links. Replace the following line:

      Options None

      with

      Options Indexes FollowSymLinks
    5. Reload the HTTP server configuration using systemctl reload apache2.

  3. Announce the repository via OpenSLP, if this is supported by your network setup:

    1. Create the /etc/slp.reg.d/install.suse.http.reg configuration file with the following lines:

      # Register the HTTP Installation Server
      service:install.suse:http://$HOSTNAME/REPOSITORY/DVD1/,en,65535
      description=HTTP Repository

      Replace REPOSITORY with the actual path to the repository on your server. The service: line should be entered as one continuous line.

    2. Start the OpenSLP daemon using systemctl start slpd.

5.5 Managing an SMB Repository

Using SMB, you can import the installation sources from a Microsoft Windows server and start your Linux deployment even with no Linux machine around.

To set up an exported Windows Share holding your SUSE Linux Enterprise Desktop repository, proceed as follows:

  1. Log in to your Windows machine.

  2. Create a new directory that will hold the entire installation tree and name it INSTALL, for example.

  3. Export this share according the procedure outlined in your Windows documentation.

  4. Enter this share and create a subdirectory, called PRODUCT. Replace PRODUCT with the actual product name.

  5. Enter the INSTALL/PRODUCT directory and copy each DVD to a separate directory, such as DVD1 and DVD2.

To use an SMB mounted share as a repository, proceed as follows:

  1. Boot the installation target.

  2. Select Installation.

  3. Press F4 for a selection of the repository.

  4. Choose SMB and enter the Windows machine's name or IP address, the share name (INSTALL/PRODUCT/DVD1, in this example), user name, and password. The syntax looks like this:

    smb://workdomain;user:password@server/INSTALL/DVD1

    After you press Enter, YaST starts and you can perform the installation.

5.6 Using ISO Images of the Installation Media on the Server

Instead of copying physical media into your server directory manually, you can also mount the ISO images of the installation media into your installation server and use them as a repository. To set up an HTTP, NFS or FTP server that uses ISO images instead of media copies, proceed as follows:

  1. Download the ISO images and save them to the machine to use as the installation server.

  2. Log in as root.

  3. Choose and create an appropriate location for the installation data, as described in Section 5.2, “Setting Up an NFS Repository Manually”, Section 5.3, “Setting Up an FTP Repository Manually”, or Section 5.4, “Setting Up an HTTP Repository Manually”.

  4. Create subdirectories for each DVD.

  5. To mount and unpack each ISO image to the final location, issue the following command:

    root # mount -o loop PATH_TO_ISO PATH_TO_REPOSITORY/PRODUCT/MEDIUMX

    Replace PATH_TO_ISO with the path to your local copy of the ISO image, PATH_TO_REPOSITORY with the source directory of your server, PRODUCT with the product name, and MEDIUMX with the type (CD or DVD) and number of media you are using.

  6. Repeat the previous step to mount all ISO images needed for your product.

  7. Start your installation server as usual, as described in Section 5.2, “Setting Up an NFS Repository Manually”, Section 5.3, “Setting Up an FTP Repository Manually”, or Section 5.4, “Setting Up an HTTP Repository Manually”.

To automatically mount the ISO images at boot time, add the respective mount entries to /etc/fstab. An entry according to the previous example would look like the following:

PATH_TO_ISO PATH_TO_REPOSITORY/PRODUCTMEDIUM auto loop

6 Preparing the Boot of the Target System

SUSE® Linux Enterprise Desktop can be installed in different ways. Apart from the usual media installation covered in Chapter 3, Installation with YaST, you can choose from various network-based approaches or even take a completely hands-off approach to the installation of SUSE Linux Enterprise Desktop.

The examples use NFS for serving the installation data. If you want to use FTP, SMB or HTTP, see Chapter 5, Setting Up the Server Holding the Installation Sources.

Note
Note: Terminology

In the following sections, the system to hold your new SUSE Linux Enterprise Desktop installation is called target system or installation target. The term repository (previously called installation source) is used for all sources of installation data. This includes physical media, such as CD and DVD, and network servers distributing the installation data in your network.

This section covers the configuration tasks needed in complex boot scenarios. It contains ready-to-apply configuration examples for DHCP, PXE boot, TFTP, and Wake on LAN.

The examples assume that the DHCP, TFTP and NFS server reside on the same machine with the IP 192.168.1.1. All services can reside on different machines without any problems. Make sure to change the IP addresses as required.

6.1 Setting Up a DHCP Server

In addition to providing automatic address allocation to your network clients, the DHCP server announces the IP address of the TFTP server and the file that needs to be pulled in by the installation routines on the target machine. The file that has to be loaded depends on the architecture of the target machine and whether legacy BIOS or UEFI boot is used.

  1. Log in as root to the machine hosting the DHCP server.

  2. Enable the DHCP server by executing systemctl enable dhcpd.

  3. Append the following lines to a subnet configuration of your DHCP server's configuration file located under /etc/dhcpd.conf:

    # The following lines are optional
    option domain-name "my.lab";
    option domain-name-servers 192.168.1.1;
    option routers 192.168.1.1;
    option ntp-servers 192.168.1.1;
    ddns-update-style none;
    default-lease-time 3600;
    
    # The following lines are required
    option arch code 93 = unsigned integer 16; # RFC4578
    subnet 192.168.1.0 netmask 255.255.255.0 {
     next-server 192.168.1.1;
     range 192.168.1.100 192.168.1.199;
     default-lease-time 3600;
     max-lease-time 3600;
     if option arch = 00:07 or option arch = 00:09 {
       filename "/EFI/x86/grub.efi";
     }
     else if option arch = 00:0b {
       filename "/EFI/aarch64/bootaa64.efi";
     }
     else  {
       filename "/BIOS/x86/pxelinux.0";
     }
    }

    This configuration example uses the subnet 192.168.1.0/24 with the DHCP, DNS and gateway on the server with the IP 192.168.1.1. Make sure that all used IP addresses are changed according to your network layout. For more information about the options available in dhcpd.conf, refer to the dhcpd.conf manual page.

  4. Restart the DHCP server by executing systemctl restart dhcpd.

If you plan to use SSH for the remote control of a PXE and Wake on LAN installation, specify the IP address DHCP should provide to the installation target. To achieve this, modify the above mentioned DHCP configuration according to the following example:

group {
 host test {
   hardware ethernet MAC_ADDRESS;
   fixed-address IP_ADDRESS;
   }
}

The host statement introduces the host name of the installation target. To bind the host name and IP address to a specific host, you must know and specify the system's hardware (MAC) address. Replace all the variables used in this example with the actual values that match your environment.

After restarting the DHCP server, it provides a static IP to the host specified, enabling you to connect to the system via SSH.

6.2 Setting Up a TFTP Server

If using a SUSE based installation, you may use YaST to set up a TFTP Server. Alternatively, set it up manually. The TFTP server delivers the boot image to the target system after it boots and sends a request for it.

6.2.1 Setting Up a TFTP Server Using YaST

  1. Log in as root.

  2. Start YaST › Network Services › TFTP Server and install the requested package.

  3. Click Enable to make sure that the server is started and included in the boot routines. No further action from your side is required to secure this. xinetd starts tftpd at boot time.

  4. Click Open Port in Firewall to open the appropriate port in the firewall running on your machine. If there is no firewall running on your server, this option is not available.

  5. Click Browse to browse for the boot image directory. The default directory /srv/tftpboot is created and selected automatically.

  6. Click Finish to apply your settings and start the server.

6.2.2 Setting Up a TFTP Server Manually

  1. Log in as root and install the packages tftp and xinetd.

  2. Modify the configuration of xinetd located under /etc/xinetd.d to make sure that the TFTP server is started on boot:

    1. If it does not exist, create a file called tftp under this directory with touch tftp. Then run chmod 755 tftp.

    2. Open the file tftp and add the following lines:

      service tftp
      {
              socket_type            = dgram
              protocol               = udp
              wait                   = yes
              user                   = root
              server                 = /usr/sbin/in.tftpd
              server_args            = -s /srv/tftpboot
              disable                = no
      }
    3. Save the file and restart xinetd with systemctl restart xinetd.

6.3 Installing Files on TFTP Server

The following procedures describe how to prepare the server for target machines with UEFI and BIOS on x86 architectures with 32 and 64 bits. The prepared structure also already provides for AArch64 systems.

6.3.1 Preparing the Structure

In this procedure, replace OS_VERSION and SP_VERSION with the used operating system and service pack version. For example, use sles12 and sp4.

  1. Create a structure in /srv/tftpboot to support the various options.

    root # mkdir -p /srv/tftpboot/BIOS/x86
    root # mkdir -p /srv/tftpboot/EFI/x86/boot
    root # mkdir -p /srv/tftpboot/EFI/aarch64/boot
    root # mkdir -p /srv/install/x86/OS_VERSION/SP_VERSION/cd1
    root # mkdir -p /srv/install/aarch64/OS_VERSION/SP_VERSION/cd1
  2. Download the DVD ISO images of SUSE Linux Enterprise Desktop 12 SP4 from the SUSE Web site for all architectures you need.

  3. Mount the ISO files as described in Section 5.6, “Using ISO Images of the Installation Media on the Server”. To have the files available after a reboot, create an entry in /etc/fstab. For a standard installation, only DVD 1 is required.

    root # mount -o loop PATH_TO_ISO /srv/install/ARCH/OS_VERSION/SP_VERSION/cd1/

    Repeat this step for all required architectures and replace ARCH with x86 or aarch64 and PATH_TO_ISO with the path to the corresponding ISO file.

  4. Copy the kernel, initrd and message files required for x86 BIOS and UEFI boot to the appropriate location.

    root # cd /srv/install/x86/OS_version/SP_version/cd1/boot/x86_64/loader/
    root # cp -a linux initrd message /srv/tftpboot/BIOS/x86/
  5. Ensure that the path /srv/install is available via NFS. For details, see Section 5.2, “Setting Up an NFS Repository Manually”.

6.3.2 BIOS Files for x86

  1. Copy pxelinux.0 into the TFTP folder and prepare a subfolder for the configuration file.

    root # cp /usr/share/syslinux/pxelinux.0 /srv/tftpboot/BIOS/x86/
    root # mkdir /srv/tftpboot/BIOS/x86/pxelinux.cfg
  2. Create /srv/tftpboot/BIOS/x86/pxelinux.cfg/default and add the following lines:

    default install
    
    # hard disk
    label harddisk
     localboot -2
    # install
    label install
     kernel linux
     append initrd=initrd install=nfs://192.168.1.1:/srv/install/x86/OS_version/SP_version/cd1
    
    display message
    implicit 0
    prompt 1
    timeout 5
  3. Edit the file /srv/tftpboot/BIOS/x86/message to reflect the default file you just edited.

    Welcome to the Installer Environment!
    
    To start the installation enter 'install' and press <return>.
    
    Available boot options:
     harddisk   - Boot from Hard Disk (this is default)
     install    - Installation

6.3.3 UEFI Files for x86

In this procedure replace OS_version and SP_version with the used operating system and service pack version. For example use sles12 and sp4.

  1. Copy all required grub2 files for UEFI booting.

    root # cd /srv/install/x86/OS_version/SP_version/cd1/EFI/BOOT
    root # cp -a bootx64.efi grub.efi MokManager.efi /srv/tftpboot/EFI/x86/
  2. Copy the kernel and initrd files to the directory structure.

    root # cd /srv/install/x86/OS_version/SP_version/cd1/boot/x86_64/loader/
    root # cp -a linux initrd /srv/tftpboot/EFI/x86/boot
  3. Create the file /srv/tftpboot/EFI/x86/grub.cfg with at least the following content:

    set timeout=5
    menuentry 'Install OS_version SP_version for x86_64' {
      linuxefi /EFI/x86/boot/linux \
       install=nfs://192.168.1.1/srv/install/x86/OS_version/SP_version/cd1
      initrdefi /EFI/x86/boot/initrd
    }

6.3.4 UEFI Files for AArch64

In this procedure replace OS_version and SP_version with the used operating system and service pack version. For example use sles12 and sp4.

  1. This is done in a way very similar to the x86_64 EFI environment. Start by copying the files required for UEFI booting of a grub2-efi environment.

    root # cd /srv/install/aarch64/OS_version/SP_version/cd1/EFI/BOOT
    root # cp -a bootaa64.efi /srv/tftpboot/EFI/aarch64/
  2. Copy the kernel and initrd to the directory structure.

    root # cd /srv/install/aarch64/OS_version/SP_version/cd1/boot/aarch64
    root # cp -a linux initrd /srv/tftpboot/EFI/aarch64/boot
  3. Now create the file /srv/tftpboot/EFI/grub.cfg and add the following content:

    menuentry 'Install OS_version SP_version' {
      linux /EFI/aarch64/boot/linux network=1 usessh=1 sshpassword="suse" \
       install=nfs://192.168.1.1:/srv/install/aarch64/OS_version/SP_version/cd1 \
       console=ttyAMA0,115200n8
      initrd /EFI/aarch64/boot/initrd
    }

    This addition to the configuration file has a few other options to enable the serial console and allow installation via SSH, which is helpful for systems that do not have a standard KVM console interface. You will notice that this is set up for a specific ARM platform.

6.4 PXELINUX Configuration Options

The options listed here are a subset of all the options available for the PXELINUX configuration file.

APPEND OPTIONS

Add one or more options to the kernel command line. These are added for both automatic and manual boots. The options are added at the very beginning of the kernel command line, usually permitting explicitly entered kernel options to override them.

APPEND -

Append nothing. APPEND with a single hyphen as argument in a LABEL section can be used to override a global APPEND.

DEFAULT KERNEL_OPTIONS...

Sets the default kernel command line. If PXELINUX boots automatically, it acts as if the entries after DEFAULT had been typed in at the boot prompt, except the auto option is automatically added, indicating an automatic boot.

If no configuration file exists or no DEFAULT entry is defined in the configuration file, the default is the kernel name linux with no options.

IFAPPEND FLAG

Adds a specific option to the kernel command line depending on the FLAG value. The IFAPPEND option is available only on PXELINUX. FLAG expects a value, described in Table 6.1, “Generated and Added Kernel Command Line Options from IFAPPEND:

Table 6.1: Generated and Added Kernel Command Line Options from IFAPPEND

Argument

Generated Kernel Command Line / Description

1

ip=CLIENT_IP:BOOT_SERVER_IP:GW_IP:NETMASK

The placeholders are replaced based on the input from the DHCP/BOOTP or PXE boot server.

Note, this option is not a substitute for running a DHCP client in the booted system. Without regular renewals, the lease acquired by the PXE BIOS will expire, making the IP address available for reuse by the DHCP server.

2

BOOTIF=MAC_ADDRESS_OF_BOOT_INTERFACE

This option is useful if you want to avoid timeouts when the installation server probes one LAN interface after the other until it gets a reply from a DHCP server. This option allows an initrd program to determine from which interface the system has been booted. linuxrc reads this option and uses this network interface.

4

SYSUUID=SYSTEM_UUID

Adds UUIDs in lowercase hexadecimals, see /usr/share/doc/packages/syslinux/pxelinux.txt

LABEL LABEL KERNEL IMAGE APPEND OPTIONS...

Indicates that if LABEL is entered as the kernel to boot, PXELINUX should instead boot IMAGE and the specified APPEND options should be used instead of the ones specified in the global section of the file (before the first LABEL command). The default for IMAGE is the same as LABEL and, if no APPEND is given, the default is to use the global entry (if any). Up to 128 LABEL entries are permitted.

PXELINUX uses the following syntax:

label MYLABEL
  kernel MYKERNEL
  append MYOPTIONS

Labels are mangled as if they were file names and they must be unique after mangling. For example, the two labels v2.6.30 and v2.6.31 would not be distinguishable under PXELINUX because both mangle to the same DOS file name.

The kernel does not need to be a Linux kernel. It can also be a boot sector or a COMBOOT file.

LOCALBOOT TYPE

On PXELINUX, specifying LOCALBOOT 0 instead of a KERNEL option means invoking this particular label and causes a local disk boot instead of a kernel boot.

Argument

Description

0

Perform a normal boot

4

Perform a local boot with the Universal Network Driver Interface (UNDI) driver still resident in memory

5

Perform a local boot with the entire PXE stack, including the UNDI driver, still resident in memory

All other values are undefined. If you do not know what the UNDI or PXE stacks are, specify 0.

TIMEOUT TIME-OUT

Indicates how long to wait at the boot prompt until booting automatically, in units of 1/10 second. The time-out is canceled when the user types anything on the keyboard, assuming the user will complete the command begun. A time-out of zero disables the time-out completely (this is also the default). The maximum possible time-out value is 35996 (just less than one hour).

PROMPT flag_val

If flag_val is 0, displays the boot prompt only if Shift or Alt is pressed or Caps Lock or Scroll Lock is set (this is the default). If flag_val is 1, always displays the boot prompt.

F2  FILENAME
F1  FILENAME
..etc...
F9  FILENAME
F10 FILENAME

Displays the indicated file on the screen when a function key is pressed at the boot prompt. This can be used to implement preboot online help (presumably for the kernel command line options). For backward compatibility with earlier releases, F10 can be also entered as F0. Note that there is currently no way to bind file names to F11 and F12.

6.5 Preparing the Target System for PXE Boot

Prepare the system's BIOS for PXE boot by including the PXE option in the BIOS boot order.

Warning
Warning: BIOS Boot Order

Do not place the PXE option ahead of the hard disk boot option in the BIOS. Otherwise this system would try to re-install itself every time you boot it.

6.6 Preparing the Target System for Wake on LAN

Wake on LAN (WOL) requires the appropriate BIOS option to be enabled prior to the installation. Also, note down the MAC address of the target system. This data is needed to initiate Wake on LAN.

6.7 Wake on LAN

Wake on LAN allows a machine to be turned on by a special network packet containing the machine's MAC address. Because every machine in the world has a unique MAC identifier, you do not need to worry about accidentally turning on the wrong machine.

Important
Important: Wake on LAN across Different Network Segments

If the controlling machine is not located on the same network segment as the installation target that should be awakened, either configure the WOL requests to be sent as multicasts or remotely control a machine on that network segment to act as the sender of these requests.

Users of SUSE Linux Enterprise Server can use a YaST module called WOL to easily configure Wake on LAN. Users of other versions of SUSE Linux-based operating systems can use a command line tool.

6.8 Wake on LAN with YaST

  1. Log in as root.

  2. Start YaST › Network Services › WOL.

  3. Click Add and enter the host name and MAC address of the target system.

  4. To turn on this machine, select the appropriate entry and click Wake up.

6.9 Booting from CD or USB Drive Instead of PXE

You can also use a CD, DVD or USB drive with a small system image instead of booting via PXE. The necessary files will be loaded via NFS when the kernel and initrd are loaded. A bootable image can be created with mksusecd. This can be useful if the target machine does not support PXE boot.

Install it with sudo zypper in mksusecd. Use the following command to create a bootable ISO image:

tux > mksusecd --create image.iso \
--net=nfs://192.168.1.1:/srv/install/ARCH/OS_VERSION/SP_VERSION/cd1  \
/srv/tftpboot/EFI/ARCH/boot

Replace ARCH with the folder corresponding to the target system architecture. Also replace OS_version and SP_version according to your paths in Section 6.3, “Installing Files on TFTP Server”.

Instead of using an NFS server for the --net option, it is also possible to use an HTTP repository, for example the openSUSE repository:

tux > mksusecd --create image.iso \
--net=http://download.opensuse.org/tumbleweed/repo/oss/suse \
/srv/tftpboot/EFI/ARCH/boot

The image.iso can be written to a DVD or CD, or using dd to a USB stick:

root # dd if=image.iso of=/dev/USB_DEVICE

Replace USB_DEVICE with the device name of your USB stick. Check the device name thoroughly to ensure that you are not accidentally destroying data on another drive.

Part IV Remote Installation

7 Remote Installation

SUSE® Linux Enterprise Desktop can be installed in different ways. In addition to the usual media installation covered in Chapter 3, Installation with YaST, you can choose from various network-based approaches or even opt for an unattended installation of SUSE Linux Enterprise Desktop.

7 Remote Installation

SUSE® Linux Enterprise Desktop can be installed in different ways. In addition to the usual media installation covered in Chapter 3, Installation with YaST, you can choose from various network-based approaches or even opt for an unattended installation of SUSE Linux Enterprise Desktop.

Each method is introduced by means of two short checklists: one listing the prerequisites for that method and the other illustrating the basic procedure. More detail is then provided for all the techniques used in these installation scenarios.

Note
Note: Terminology

In the following sections, the system to hold your new SUSE Linux Enterprise Desktop installation is called target system or installation target. The term repository (previously called installation source) is used for all sources of installation data. This includes physical media, such as CD and DVD, and network servers distributing the installation data in your network.

7.1 Installation Scenarios for Remote Installation

This section introduces the most common installation scenarios for remote installations. For each scenario, carefully check the list of prerequisites and follow the procedure outlined for that scenario. If in need of detailed instructions for a particular step, follow the links provided for each one of them.

7.1.1 Simple Remote Installation via VNC—Static Network Configuration

This type of installation still requires some degree of physical access to the target system to boot for installation. The installation is controlled by a remote workstation using VNC to connect to the installation program. User interaction is required as with the manual installation in Chapter 3, Installation with YaST.

For this type of installation, make sure that the following requirements are met:

  • A repository, either remote or local:

    • Remote repository: NFS, HTTP, FTP, TFTP, or SMB with working network connection.

    • Local repository, for example a DVD.

  • Target system with working network connection.

  • Controlling system with working network connection and VNC viewer software.

  • Physical boot medium (CD, DVD, or flash disk) for booting the target system.

  • Valid static IP addresses already assigned to the repository and the controlling system.

  • Valid static IP address to assign to the target system.

To perform this kind of installation, proceed as follows:

  1. Set up the repository as described in Chapter 5, Setting Up the Server Holding the Installation Sources. Choose an NFS, HTTP, FTP, or TFTP network server. For an SMB repository, refer to Section 5.5, “Managing an SMB Repository”.

  2. Boot the target system using DVD1 of the SUSE Linux Enterprise Desktop media kit.

  3. When the boot screen of the target system appears, use the boot options prompt to set the appropriate VNC options and the address of the repository. This is described in detail in Section 7.2, “Booting the Target System for Installation”.

    The target system boots to a text-based environment, giving the network address and display number under which the graphical installation environment can be addressed by any VNC viewer application or browser. VNC installations announce themselves over OpenSLP and if the firewall settings permit. They can be found using slptool as described in Procedure 7.1, “Locating VNC installations via OpenSLP”.

  4. On the controlling workstation, open a VNC viewing application or Web browser and connect to the target system as described in Section 7.3.1, “VNC Installation”.

  5. Perform the installation as described in Chapter 3, Installation with YaST. Reconnect to the target system after it reboots for the final part of the installation.

  6. Finish the installation.

7.1.2 Simple Remote Installation via VNC—Dynamic Network Configuration

This type of installation still requires some degree of physical access to the target system to boot for installation. The network configuration is done via DHCP. The installation is controlled from a remote workstation using VNC, but configuration does require user interaction.

For this type of installation, make sure that the following requirements are met:

  • Remote repository: NFS, HTTP, FTP, or SMB with working network connection.

  • Target system with working network connection.

  • Controlling system with working network connection and VNC viewer software.

  • Boot the target system using DVD1 of the SUSE Linux Enterprise Desktop media kit.

  • Running DHCP server providing IP addresses.

To perform this kind of installation, proceed as follows:

  1. Set up the repository as described in Chapter 5, Setting Up the Server Holding the Installation Sources. Choose an NFS, HTTP, or FTP network server. For an SMB repository, refer to Section 5.5, “Managing an SMB Repository”.

  2. Boot the target system using DVD1 of the SUSE Linux Enterprise Desktop media kit.

  3. When the boot screen of the target system appears, use the boot options prompt to set the appropriate VNC options and the address of the repository. This is described in detail in Section 7.2, “Booting the Target System for Installation”.

    The target system boots to a text-based environment, giving the network address and display number under which the graphical installation environment can be addressed by any VNC viewer application or browser. VNC installations announce themselves over OpenSLP and if the firewall settings permit. They can be found using slptool as described in Procedure 7.1, “Locating VNC installations via OpenSLP”.

  4. On the controlling workstation, open a VNC viewing application or Web browser and connect to the target system as described in Section 7.3.1, “VNC Installation”.

  5. Perform the installation as described in Chapter 3, Installation with YaST. Reconnect to the target system after it reboots for the final part of the installation.

  6. Finish the installation.

7.1.3 Remote Installation via VNC—PXE Boot and Wake on LAN

This type of installation is completely hands-off. The target machine is started and booted remotely. User interaction is only needed for the actual installation. This approach is suitable for cross-site deployments.

To perform this type of installation, make sure that the following requirements are met:

  • Remote repository: NFS, HTTP, FTP, or SMB with working network connection.

  • TFTP server.

  • Running DHCP server for your network.

  • Target system capable of PXE boot, networking, and Wake on LAN, plugged in and connected to the network.

  • Controlling system with working network connection and VNC viewer software.

To perform this type of installation, proceed as follows:

  1. Set up the repository as described in Chapter 5, Setting Up the Server Holding the Installation Sources. Choose an NFS, HTTP, or FTP network server or configure an SMB repository as described in Section 5.5, “Managing an SMB Repository”.

  2. Set up a TFTP server to hold a boot image that can be pulled by the target system. This is described in Section 6.2, “Setting Up a TFTP Server”.

  3. Set up a DHCP server to provide IP addresses to all machines and reveal the location of the TFTP server to the target system. This is described in Section 6.1, “Setting Up a DHCP Server”.

  4. Prepare the target system for PXE boot. This is described in further detail in Section 6.5, “Preparing the Target System for PXE Boot”.

  5. Initiate the boot process of the target system using Wake on LAN. This is described in Section 6.7, “Wake on LAN”.

  6. On the controlling workstation, open a VNC viewing application or Web browser and connect to the target system as described in Section 7.3.1, “VNC Installation”.

  7. Perform the installation as described in Chapter 3, Installation with YaST. Reconnect to the target system after it reboots for the final part of the installation.

  8. Finish the installation.

7.1.4 Simple Remote Installation via SSH—Static Network Configuration

This type of installation still requires some degree of physical access to the target system to boot for installation and to determine the IP address of the installation target. The installation itself is entirely controlled from a remote workstation using SSH to connect to the installer. User interaction is required as with the regular installation described in Chapter 3, Installation with YaST.

For this type of installation, make sure that the following requirements are met:

  • Remote repository: NFS, HTTP, FTP, or SMB with working network connection.

  • Target system with working network connection.

  • Controlling system with working network connection and working SSH client software.

  • Boot the target system using DVD1 of the SUSE Linux Enterprise Desktop media kit.

  • Valid static IP addresses already assigned to the repository and the controlling system.

  • Valid static IP address to assign to the target system.

To perform this kind of installation, proceed as follows:

  1. Set up the repository as described in Chapter 5, Setting Up the Server Holding the Installation Sources. Choose an NFS, HTTP, or FTP network server. For an SMB repository, refer to Section 5.5, “Managing an SMB Repository”.

  2. Boot the target system using DVD1 of the SUSE Linux Enterprise Desktop media kit.

  3. When the boot screen of the target system appears, use the boot options prompt to set the appropriate parameters for network connection, address of the repository, and SSH enablement. This is described in detail in Section 7.2.2, “Using Custom Boot Options”.

    The target system boots to a text-based environment, giving the network address under which the graphical installation environment can be addressed by any SSH client.

  4. On the controlling workstation, open a terminal window and connect to the target system as described in Section 7.3.2.2, “Connecting to the Installation Program”.

  5. Perform the installation as described in Chapter 3, Installation with YaST. Reconnect to the target system after it reboots for the final part of the installation.

  6. Finish the installation.

7.1.5 Simple Remote Installation via SSH—Dynamic Network Configuration

This type of installation still requires some degree of physical access to the target system to boot for installation and determine the IP address of the installation target. The installation is controlled from a remote workstation using SSH , but configuration does require user interaction.

Note
Note: Avoid Lost Connections After the Second Step (Installation)

In the network settings dialog, check the Traditional Method with ifup and avoid NetworkManager. If not, your SSH connection will be lost during installation. Reset the settings to User Controlled with NetworkManager after your installation has finished.

For this type of installation, make sure that the following requirements are met:

  • A repository, either remote or local:

    • Remote repository: NFS, HTTP, FTP, TFTP, or SMB with working network connection.

    • Local repository, for example a DVD.

  • Target system with working network connection.

  • Controlling system with working network connection and working SSH client software.

  • Physical boot medium (CD, DVD, or flash disk) for booting the target system.

  • Running DHCP server providing IP addresses.

To perform this kind of installation, proceed as follows:

  1. Set up the repository source as described in Chapter 5, Setting Up the Server Holding the Installation Sources. Choose an NFS, HTTP, or FTP network server. For an SMB repository, refer to Section 5.5, “Managing an SMB Repository”.

  2. Boot the target system using DVD1 of the SUSE Linux Enterprise Desktop media kit.

  3. When the boot screen of the target system appears, use the boot options prompt to pass the appropriate parameters for network connection, location of the installation source, and SSH enablement. See Section 7.2.2, “Using Custom Boot Options” for detailed instructions on the use of these parameters.

    The target system boots to a text-based environment, giving you the network address under which the graphical installation environment can be addressed by any SSH client.

  4. On the controlling workstation, open a terminal window and connect to the target system as described in Section 7.3.2.2, “Connecting to the Installation Program”.

  5. Perform the installation as described in Chapter 3, Installation with YaST. Reconnect to the target system after it reboots for the final part of the installation.

  6. Finish the installation.

7.1.6 Remote Installation via SSH—PXE Boot and Wake on LAN

This type of installation is completely hands-off. The target machine is started and booted remotely.

To perform this type of installation, make sure that the following requirements are met:

  • Remote repository: NFS, HTTP, FTP, or SMB with working network connection.

  • TFTP server.

  • Running DHCP server for your network, providing a static IP to the host to install.

  • Target system capable of PXE boot, networking, and Wake on LAN, plugged in and connected to the network.

  • Controlling system with working network connection and SSH client software.

To perform this type of installation, proceed as follows:

  1. Set up the repository as described in Chapter 5, Setting Up the Server Holding the Installation Sources. Choose an NFS, HTTP, or FTP network server. For the configuration of an SMB repository, refer to Section 5.5, “Managing an SMB Repository”.

  2. Set up a TFTP server to hold a boot image that can be pulled by the target system. This is described in Section 6.2, “Setting Up a TFTP Server”.

  3. Set up a DHCP server to provide IP addresses to all machines and reveal the location of the TFTP server to the target system. This is described in Section 6.1, “Setting Up a DHCP Server”.

  4. Prepare the target system for PXE boot. This is described in further detail in Section 6.5, “Preparing the Target System for PXE Boot”.

  5. Initiate the boot process of the target system using Wake on LAN. This is described in Section 6.7, “Wake on LAN”.

  6. On the controlling workstation, start an SSH client and connect to the target system as described in Section 7.3.2, “SSH Installation”.

  7. Perform the installation as described in Chapter 3, Installation with YaST. Reconnect to the target system after it reboots for the final part of the installation.

  8. Finish the installation.

7.2 Booting the Target System for Installation

There are two different ways to customize the boot process for installation apart from those mentioned under Section 6.7, “Wake on LAN” and Section 6.3.1, “Preparing the Structure”. One way is to use the default boot options and function keys. Alternatively, you can use the boot options prompt in the installation boot screen to specify the desired boot options that the installation kernel may require for the specific hardware.

7.2.1 Using the Default Boot Options

The boot options are described in detail in Chapter 3, Installation with YaST. Generally, selecting Installation starts the installation boot process.

If problems occur, use Installation—ACPI Disabled or Installation—Safe Settings. For more information about troubleshooting the installation process, refer to Book “Administration Guide”, Chapter 35 “Common Problems and Their Solutions”, Section 35.2 “Installation Problems”.

The menu bar at the bottom of the screen offers some advanced functionality needed in some setups. Using the function keys (F1 ... F12), you can specify additional options to pass to the installation routines without having to know the detailed syntax of these parameters (see Section 7.2.2, “Using Custom Boot Options”). A detailed description of the available function keys is available in Section 3.2.1.1, “The Boot Screen on Machines Equipped with Traditional BIOS”.

7.2.2 Using Custom Boot Options

Using the appropriate set of boot options helps simplify your installation procedure. Many parameters can also be configured later using the linuxrc routines, but using the boot options is easier. In some automated setups, the boot options can be provided with initrd or an info file.

The following table lists all installation scenarios mentioned in this chapter with the required parameters for booting and the corresponding boot options. Append all of them in the order they appear in this table to get one boot option string that is handed to the installation routines. For example (all in one line):

install=XXX netdevice=XXX hostip=XXX netmask=XXX vnc=XXX VNCPassword=XXX

Replace all the values XXX in this command with the values appropriate for your setup.

Chapter 3, Installation with YaST

Parameters Needed for Booting.  None

Boot Options.  None needed

Section 7.1.1, “Simple Remote Installation via VNC—Static Network Configuration”
Parameters Needed for Booting
  • Location of the installation server

  • Network device

  • IP address

  • Netmask

  • Gateway

  • VNC enablement

  • VNC password

Boot Options
  • install=(nfs,http,​ftp,smb)://PATH_TO_INSTMEDIA

  • netdevice=NETDEVICE (only needed if several network devices are available)

  • hostip=IP_ADDRESS

  • netmask=NETMASK

  • gateway=IP_GATEWAY

  • vnc=1

  • VNCPassword=PASSWORD

Section 7.1.2, “Simple Remote Installation via VNC—Dynamic Network Configuration”
Parameters Needed for Booting
  • Location of the installation server

  • VNC enablement

  • VNC password

Boot Options
  • install=(nfs,http,​ftp,smb)://PATH_TO_INSTMEDIA

  • vnc=1

  • VNCPassword=PASSWORD

Section 7.1.3, “Remote Installation via VNC—PXE Boot and Wake on LAN”
Parameters Needed for Booting
  • Location of the installation server

  • Location of the TFTP server

  • VNC enablement

  • VNC password

Boot Options.  Not applicable; process managed through PXE and DHCP

Section 7.1.4, “Simple Remote Installation via SSH—Static Network Configuration”
Parameters Needed for Booting
  • Location of the installation server

  • Network device

  • IP address

  • Netmask

  • Gateway

  • SSH enablement

  • SSH password

Boot Options
  • install=(nfs,http,​ftp,smb)://PATH_TO_INSTMEDIA

  • netdevice=NETDEVICE (only needed if several network devices are available)

  • hostip=IP_ADDRESS

  • netmask=NETMASK

  • gateway=IP_GATEWAY

  • ssh=1

  • ssh.password=PASSWORD

Section 7.1.5, “Simple Remote Installation via SSH—Dynamic Network Configuration”
Parameters Needed for Booting
  • Location of the installation server

  • SSH enablement

  • SSH password

Boot Options
  • install=(nfs,http,​ftp,smb)://PATH_TO_INSTMEDIA

  • ssh=1

  • ssh.password=PASSWORD

Section 7.1.6, “Remote Installation via SSH—PXE Boot and Wake on LAN”
  • Location of the installation server

  • Location of the TFTP server

  • SSH enablement

  • SSH password

Boot Options.  Not applicable; process managed through PXE and DHCP

Tip
Tip: More Information about linuxrc Boot Options

Find more information about the linuxrc boot options used for booting a Linux system at http://en.opensuse.org/SDB:Linuxrc.

7.2.2.1 Installing Add-On Products and Driver Updates

SUSE Linux Enterprise Desktop supports installation of add-on products, such as extensions (for example the SUSE Linux Enterprise High Availability Extension), third-party products, as well as drivers or additional software. To automatically install an add-on product when deploying SUSE Linux Enterprise Desktop remotely, specify the addon=REPOSITORY parameter.

REPOSITORY needs to be a hosted repository that can be read by YaST (YaST2 or YUM (rpm-md)). ISO images are currently not supported.

Tip
Tip: Driver Updates

Driver Updates can be found at http://drivers.suse.com/. Not all driver updates are provided as repositories—some are only available as ISO images and therefore cannot be installed with the addon parameter. Instructions on how to install driver updates via ISO image are available at http://drivers.suse.com/doc/SolidDriver/Driver_Kits.html.

7.3 Monitoring the Installation Process

There are several options for remotely monitoring the installation process. If the appropriate boot options have been specified while booting for installation, either VNC or SSH can be used to control the installation and system configuration from a remote workstation.

7.3.1 VNC Installation

Using any VNC viewer software, you can remotely control the installation of SUSE Linux Enterprise Desktop from virtually any operating system. This section introduces the setup using a VNC viewer application or a Web browser.

7.3.1.1 Preparing for VNC Installation

To enable VNC on the installation target, specify the appropriate boot options at the initial boot for installation (see Section 7.2.2, “Using Custom Boot Options”). The target system boots into a text-based environment and waits for a VNC client to connect to the installation program.

The installation program announces the IP address and display number needed to connect for installation. If you have physical access to the target system, this information is provided right after the system booted for installation. Enter this data when your VNC client software prompts for it and provide your VNC password.

Because the installation target announces itself via OpenSLP, you can retrieve the address information of the installation target via an SLP browser without the need for any physical contact to the installation itself, provided your network setup and all machines support OpenSLP:

Procedure 7.1: Locating VNC installations via OpenSLP
  1. Run slptool findsrvtypes | grep vnc to get a list of all services offering VNC. The VNC installation targets should be available under a service named YaST.installation.suse.

  2. Run slptool findsrvs YaST.installation.suse to get a list of installations available. Use the IP address and the port (usually 5901) provided with your VNC viewer.

7.3.1.2 Connecting to the Installation Program

To connect to a VNC server (the installation target in this case), start an independent VNC viewer application on any operating system.

Using VNC, you can control the installation of a Linux system from any other operating system, including other Linux flavors, Windows, or macOS.

On a Linux machine, make sure that the package tightvnc is installed. On a Windows machine, install the Windows port of this application, which can be obtained at the TightVNC home page (http://www.tightvnc.com/download.html).

To connect to the installation program running on the target machine, proceed as follows:

  1. Start the VNC viewer.

  2. Enter the IP address and display number of the installation target as provided by the SLP browser or the installation program itself:

    IP_ADDRESS:DISPLAY_NUMBER

    A window opens on your desktop displaying the YaST screens as in a normal local installation.

7.3.2 SSH Installation

Using SSH, you can remotely control the installation of your Linux machine using any SSH client software.

7.3.2.1 Preparing for SSH Installation

In addition to installing the required software package (OpenSSH for Linux and PuTTY for Windows), you need to specify the appropriate boot options to enable SSH for installation. See Section 7.2.2, “Using Custom Boot Options” for details. OpenSSH is installed by default on any SUSE Linux–based operating system.

7.3.2.2 Connecting to the Installation Program

  1. Retrieve the installation target's IP address. If you have physical access to the target machine, take the IP address the installation routine provides in the console after the initial boot. Otherwise take the IP address that has been assigned to this particular host in the DHCP server configuration.

  2. In a command line, enter the following command:

    ssh -X root@
    ip_address_of_target

    Replace IP_ADDRESS_OF_TARGET with the actual IP address of the installation target.

  3. When prompted for a user name, enter root.

  4. When prompted for the password, enter the password that has been set with the SSH boot option. After you have successfully authenticated, a command line prompt for the installation target appears.

  5. Enter yast to launch the installation program. A window opens showing the normal YaST screens as described in Chapter 3, Installation with YaST.

Part V Initial System Configuration

8 Setting Up Hardware Components with YaST

YaST allows you to configure hardware items such as audio hardware, your system keyboard layout or printers.

9 Advanced Disk Setup

Sophisticated system configurations require specific disk setups. All common partitioning tasks can be done with YaST. To get persistent device naming with block devices, use the block devices below /dev/disk/by-id or /dev/disk/by-uuid. Logical Volume Management (LVM) is a disk partitioning scheme t…

10 Installing or Removing Software

Use YaST's software management module to search for software components you want to add or remove. YaST resolves all dependencies for you. To install packages not shipped with the installation media, add additional software repositories to your setup and let YaST manage them. Keep your system up-to-date by managing software updates with the update applet.

11 Installing Modules, Extensions, and Third Party Add-On Products

Modules and extensions add parts or functionality to the system. Modules are fully supported parts of SUSE Linux Enterprise Desktop with a different life cycle and update timeline. They are a set of packages, have a clearly defined scope and are delivered via online channel only.

Extensions, such as the Workstation Extension or the High Availability Extension, add extra functionality to the system and require an own registration key that is liable for costs. Extensions are delivered via online channel or physical media. Registering at the SUSE Customer Center or a local registration server is a prerequisite for subscribing to the online channels. The Package Hub (Section 11.5, “SUSE Package Hub”) and SUSE Software Development Kit (Section 11.4, “SUSE Software Development Kit (SDK) 12 SP4) extensions are exceptions which do not require a registration key and are not covered by SUSE support agreements.

A list of modules and extensions for your product is available after having registered your system at SUSE Customer Center or a local registration server. If you skipped the registration step during the installation, you can register your system at any time using the SUSE Customer Center Configuration module in YaST. For details, refer to Section 17.8, “Registering Your System”.

Some add-on products are also provided by third parties, for example, binary-only drivers that are needed by certain hardware to function properly. If you have such hardware, refer to the release notes for more information about availability of binary drivers for your system. The release notes are available from http://www.suse.com/releasenotes/, from YaST or from /usr/share/doc/release-notes/ in your installed system.

12 Installing Multiple Kernel Versions

SUSE Linux Enterprise Desktop supports the parallel installation of multiple kernel versions. When installing a second kernel, a boot entry and an initrd are automatically created, so no further manual configuration is needed. When rebooting the machine, the newly added kernel is available as an additional boot option.

Using this functionality, you can safely test kernel updates while being able to always fall back to the proven former kernel. To do this, do not use the update tools (such as the YaST Online Update or the updater applet), but instead follow the process described in this chapter.

13 Managing Users with YaST

During installation, you could have created a local user for your system. With the YaST module User and Group Management you can add more users or edit existing ones. It also lets you configure your system to authenticate users with a network server.

14 Changing Language and Country Settings with YaST

Working in different countries or having to work in a multilingual environment requires your computer to be set up to support this. SUSE® Linux Enterprise Desktop can handle different locales in parallel. A locale is a set of parameters that defines the language and country settings reflected in the…

8 Setting Up Hardware Components with YaST

Abstract

YaST allows you to configure hardware items such as audio hardware, your system keyboard layout or printers.

Note
Note: Graphics Card, Monitor, Mouse and Keyboard Settings

Graphics card, monitor, mouse and keyboard can be configured with GNOME tools. See Book “GNOME User Guide”, Chapter 3 “Customizing Your Settings”, Section 3.3 “Hardware” for details.

8.1 Setting Up Your System Keyboard Layout

The YaST System Keyboard Layout module lets you define the default keyboard layout for the system (also used for the console). Users can modify the keyboard layout in their individual X sessions, using the desktop's tools.

  1. Start the YaST System Keyboard Configuration dialog by clicking Hardware › System Keyboard Layout in YaST. Alternatively, start the module from the command line with sudo yast2 keyboard.

  2. Select the desired Keyboard Layout from the list.

  3. Optionally, you can also define the keyboard repeat rate or keyboard delay rate in the Expert Settings.

  4. Try the selected settings in the Test text box.

  5. If the result is as expected, confirm your changes and close the dialog. The settings are written to /etc/sysconfig/keyboard.

8.2 Setting Up Sound Cards

YaST detects most sound cards automatically and configures them with the appropriate values. To change the default settings, or to set up a sound card that could not be configured automatically, use the YaST sound module. There, you can also set up additional sound cards or switch their order.

To start the sound module, start YaST and click Hardware › Sound. Alternatively, start the Sound Configuration dialog directly by running yast2 sound & as user root from a command line.

The dialog shows all sound cards that were detected.

Procedure 8.1: Configuring Sound Cards

If you have added a new sound card or YaST could not automatically configure an existing sound card, follow the steps below. For configuring a new sound card, you need to know your sound card vendor and model. If in doubt, refer to your sound card documentation for the required information. For a reference list of sound cards supported by ALSA with their corresponding sound modules, see http://www.alsa-project.org/main/index.php/Matrix:Main.

During configuration, you can choose between the following setup options:

Quick Automatic Setup

You are not required to go through any of the further configuration steps—the sound card is configured automatically. You can set the volume or any options you want to change later.

Normal Setup

Allows you to adjust the output volume and play a test sound during the configuration.

Advanced setup with possibility to change options

For experts only. Allows you to customize all parameters of the sound card.

Important
Important: Advanced Configuration

Only use this option if you know exactly what you are doing. Otherwise leave the parameters untouched and use the normal or the automatic setup options.

  1. Start the YaST sound module.

  2. To configure a detected, but Not Configured sound card, select the respective entry from the list and click Edit.

    To configure a new sound card, click Add. Select your sound card vendor and model and click Next.

  3. Choose one of the setup options and click Next.

  4. If you have chosen Normal Setup, you can now Test your sound configuration and make adjustments to the volume. You should start at about ten percent volume to avoid damage to your hearing or the speakers.

  5. If all options are set according to your wishes, click Next.

    The Sound Configuration dialog shows the newly configured or modified sound card.

  6. To remove a sound card configuration that you no longer need, select the respective entry and click Delete.

  7. Click OK to save the changes and leave the YaST sound module.

Procedure 8.2: Modifying Sound Card Configurations
  1. To change the configuration of an individual sound card (for experts only!), select the sound card entry in the Sound Configuration dialog and click Edit.

    This takes you to the Sound Card Advanced Options where you can fine-tune several parameters. For more information, click Help.

  2. To adjust the volume of an already configured sound card or to test the sound card, select the sound card entry in the Sound Configuration dialog and click Other. Select the respective menu item.

    Note
    Note: YaST Mixer

    The YaST mixer settings provide only basic options. They are intended for troubleshooting (for example, if the test sound is not audible). Access the YaST mixer settings from Other › Volume. For everyday use and fine-tuning of sound options, use the mixer applet provided by your desktop or the alsasound command line tool.

  3. For playback of MIDI files, select Other › Start Sequencer.

  4. When a supported sound card is detected, you can install SoundFonts for playback of MIDI files:

    1. Insert the original driver CD-ROM into your CD or DVD drive.

    2. Select Other › Install SoundFonts to copy SF2 SoundFonts™ to your hard disk. The SoundFonts are saved in the directory /usr/share/sfbank/creative/.

  5. If you have configured more than one sound card in your system you can adjust the order of your sound cards. To set a sound card as primary device, select the sound card in the Sound Configuration and click Other › Set as the Primary Card. The sound device with index 0 is the default device and thus used by the system and the applications.

  6. By default, SUSE Linux Enterprise Desktop uses the PulseAudio sound system. It is an abstraction layer that helps to mix multiple audio streams, bypassing any restrictions the hardware may have. To enable or disable the PulseAudio sound system, click Other › PulseAudio Configuration. If enabled, PulseAudio daemon is used to play sounds. Disable PulseAudio Support to use something else system-wide.

The volume and configuration of all sound cards are saved when you click OK and leave the YaST sound module. The mixer settings are saved to the file /etc/asound.state. The ALSA configuration data is appended to the end of the file /etc/modprobe.d/sound and written to /etc/sysconfig/sound.

8.3 Setting Up a Printer

YaST can be used to configure a local printer connected to your machine via USB and to set up printing with network printers. It is also possible to share printers over the network. Further information about printing (general information, technical details, and troubleshooting) is available in Book “Administration Guide”, Chapter 18 “Printer Operation”.

In YaST, click Hardware › Printer to start the printer module. By default it opens in the Printer Configurations view, displaying a list of all printers that are available and configured. This is especially useful when having access to a lot of printers via the network. From here you can also Print a Test Page and configure printers.

Note
Note: Starting CUPS

To be able to print from your system, CUPS must run. In case it is not running, you are asked to start it. Answer with Yes, or you cannot configure printing. In case CUPS is not started at boot time, you will also be asked to enable this feature. It is recommended to say Yes, otherwise CUPS would need to be started manually after each reboot.

8.3.1 Configuring Printers

Usually a USB printer is automatically detected. There are two possible reasons it is not automatically detected:

  • The USB printer is switched off.

  • The communication between printer and computer is not possible. Check the cable and the plugs to make sure that the printer is properly connected. If this is the case, the problem may not be printer-related, but rather a USB-related problem.

Configuring a printer is a three-step process: specify the connection type, choose a driver, and name the print queue for this setup.

For many printer models, several drivers are available. When configuring the printer, YaST defaults to those marked recommended as a general rule. Normally it is not necessary to change the driver. However, if you want a color printer to print only in black and white, you can use a driver that does not support color printing. If you experience performance problems with a PostScript printer when printing graphics, try to switch from a PostScript driver to a PCL driver (provided your printer understands PCL).

If no driver for your printer is listed, try to select a generic driver with an appropriate standard language from the list. Refer to your printer's documentation to find out which language (the set of commands controlling the printer) your printer understands. If this does not work, refer to Section 8.3.1.1, “Adding Drivers with YaST” for another possible solution.

A printer is never used directly, but always through a print queue. This ensures that simultaneous jobs can be queued and processed one after the other. Each print queue is assigned to a specific driver, and a printer can have multiple queues. This makes it possible to set up a second queue on a color printer that prints black and white only, for example. Refer to Book “Administration Guide”, Chapter 18 “Printer Operation”, Section 18.1 “The CUPS Workflow” for more information about print queues.

Procedure 8.3: Adding a New Printer
  1. Start the YaST printer module with Hardware › Printer.

  2. In the Printer Configurations screen click Add.

  3. If your printer is already listed under Specify the Connection, proceed with the next step. Otherwise, try to Detect More or start the Connection Wizard.

  4. In the text box under Find and Assign a Driver enter the vendor name and the model name and click Search for.

  5. Choose a driver that matches your printer. It is recommended to choose the driver listed first. If no suitable driver is displayed:

    1. Check your search term

    2. Broaden your search by clicking Find More

    3. Add a driver as described in Section 8.3.1.1, “Adding Drivers with YaST”

  6. Specify the Default paper size.

  7. In the Set Arbitrary Name field, enter a unique name for the print queue.

  8. The printer is now configured with the default settings and ready to use. Click OK to return to the Printer Configurations view. The newly configured printer is now visible in the list of printers.

8.3.1.1 Adding Drivers with YaST

Not all printer drivers available for SUSE Linux Enterprise Desktop are installed by default. If no suitable driver is available in the Find and Assign a Driver dialog when adding a new printer install a driver package containing drivers for your printers:

Procedure 8.4: Installing Additional Driver Packages
  1. Start the YaST printer module with Hardware › Printer.

  2. In the Printer Configurations screen, click Add.

  3. In the Find and Assign a Driver section, click Driver Packages.

  4. Choose one or more suitable driver packages from the list. Do not specify the path to a printer description file.

  5. Choose OK and confirm the package installation.

  6. To directly use these drivers, proceed as described in Procedure 8.3, “Adding a New Printer”.

PostScript printers do not need printer driver software. PostScript printers need only a PostScript Printer Description (PPD) file which matches the particular model. PPD files are provided by the printer manufacturer.

If no suitable PPD file is available in the Find and Assign a Driver dialog when adding a PostScript printer install a PPD file for your printer:

Several sources for PPD files are available. It is recommended to first try additional driver packages that are shipped with SUSE Linux Enterprise Desktop but not installed by default (see below for installation instructions). If these packages do not contain suitable drivers for your printer, get PPD files directly from your printer vendor or from the driver CD of a PostScript printer. For details, see Book “Administration Guide”, Chapter 18 “Printer Operation”, Section 18.8.2 “No Suitable PPD File Available for a PostScript Printer”. Alternatively, find PPD files at http://www.linuxfoundation.org/collaborate/workgroups/openprinting/database/databaseintro, the OpenPrinting.org printer database. When downloading PPD files from OpenPrinting, keep in mind that it always shows the latest Linux support status, which is not necessarily met by SUSE Linux Enterprise Desktop.

Procedure 8.5: Adding a PPD file for PostScript Printers
  1. Start the YaST printer module with Hardware › Printer.

  2. In the Printer Configurations screen, click Add.

  3. In the Find and Assign a Driver section, click Driver Packages.

  4. Enter the full path to the PPD file into the text box under Make a Printer Description File Available.

  5. Click OK to return to the Add New Printer Configuration screen.

  6. To directly use this PPD file, proceed as described in Procedure 8.3, “Adding a New Printer”.

8.3.1.2 Editing a Local Printer Configuration

By editing an existing configuration for a printer you can change basic settings such as connection type and driver. It is also possible to adjust the default settings for paper size, resolution, media source, etc. You can change identifiers of the printer by altering the printer description or location.

  1. Start the YaST printer module with Hardware › Printer.

  2. In the Printer Configurations screen, choose a local printer configuration from the list and click Edit.

  3. Change the connection type or the driver as described in Procedure 8.3, “Adding a New Printer”. This should only be necessary in case you have problems with the current configuration.

  4. Optionally, make this printer the default by checking Default Printer.

  5. Adjust the default settings by clicking All Options for the Current Driver. To change a setting, expand the list of options by clicking the relative + sign. Change the default by clicking an option. Apply your changes with OK.

8.3.2 Configuring Printing via the Network with YaST

Network printers are not detected automatically. They must be configured manually using the YaST printer module. Depending on your network setup, you can print to a print server (CUPS, LPD, SMB, or IPX) or directly to a network printer (preferably via TCP). Access the configuration view for network printing by choosing Printing via Network from the left pane in the YaST printer module.

8.3.2.1 Using CUPS

In a Linux environment CUPS is usually used to print via the network. The simplest setup is to only print via a single CUPS server which can directly be accessed by all clients. Printing via more than one CUPS server requires a running local CUPS daemon that communicates with the remote CUPS servers.

Important
Important: Browsing Network Print Queues

CUPS servers announce their print queues over the network either via the traditional CUPS browsing protocol or via Bonjour/DND-SD. Clients need to be able to browse these lists, so users can select specific printers to send their print jobs to. To be able to browse network print queues, the service cups-browsed provided by the package cups-filters-cups-browsed must run on all clients that print via CUPS servers. cups-browsed is started automatically when configuring network printing with YaST.

In case browsing does not work after having started cups-browsed, the CUPS server(s) probably announce the network print queues via Bonjour/DND-SD. In this case you need to additionally install the package avahi and start the associated service with sudo systemctl start avahi-daemon on all clients.

Procedure 8.6: Printing via a Single CUPS Server
  1. Start the YaST printer module with Hardware › Printer.

  2. From the left pane, launch the Print via Network screen.

  3. Check Do All Your Printing Directly via One Single CUPS Server and specify the name or IP address of the server.

  4. Click Test Server to make sure you have chosen the correct name or IP address.

  5. Click OK to return to the Printer Configurations screen. All printers available via the CUPS server are now listed.

Procedure 8.7: Printing via Multiple CUPS Servers
  1. Start the YaST printer module with Hardware › Printer.

  2. From the left pane, launch the Print via Network screen.

  3. Check Accept Printer Announcements from CUPS Servers.

  4. Under General Settings specify which servers to use. You may accept connections from all networks available or from specific hosts. If you choose the latter option, you need to specify the host names or IP addresses.

  5. Confirm by clicking OK and then Yes when asked to start a local CUPS server. After the server has started YaST will return to the Printer Configurations screen. Click Refresh list to see the printers detected by now. Click this button again, in case more printer are to be available.

8.3.2.2 Using Print Servers other than CUPS

If your network offers print services via print servers other than CUPS, start the YaST printer module with Hardware › Printer and launch the Print via Network screen from the left pane. Start the Connection Wizard and choose the appropriate Connection Type. Ask your network administrator for details on configuring a network printer in your environment.

8.3.3 Sharing Printers Over the Network

Printers managed by a local CUPS daemon can be shared over the network and so turn your machine into a CUPS server. Usually you share a printer by enabling CUPS' so-called browsing mode. If browsing is enabled, the local print queues are made available on the network for listening to remote CUPS daemons. It is also possible to set up a dedicated CUPS server that manages all print queues and can directly be accessed by remote clients. In this case it is not necessary to enable browsing.

Procedure 8.8: Sharing Printers
  1. Start the YaST printer module with Hardware › Printer.

  2. Launch the Share Printers screen from the left pane.

  3. Select Allow Remote Access. Also check For computers within the local network and enable browsing mode by also checking Publish printers by default within the local network.

  4. Click OK to restart the CUPS server and to return to the Printer Configurations screen.

  5. Regarding CUPS and firewall settings, see http://en.opensuse.org/SDB:CUPS_and_SANE_Firewall_settings.

8.4 Setting Up a Scanner

You can configure a USB or SCSI scanner with YaST. The sane-backends package contains hardware drivers and other essentials needed to use a scanner. If you own an HP All-In-One device, see Section 8.4.1, “Configuring an HP All-In-One Device”, instructions on how to configure a network scanner are available at Section 8.4.3, “Scanning over the Network”.

Procedure 8.9: Configuring a USB or SCSI Scanner
  1. Connect your USB or SCSI scanner to your computer and turn it on.

  2. Start YaST and select Hardware › Scanner. YaST builds the scanner database and tries to detect your scanner model automatically.

    If a USB or SCSI scanner is not properly detected, try Other › Restart Detection.

  3. To activate the scanner select it from the list of detected scanners and click Edit.

  4. Choose your model form the list and click Next and Finish.

  5. Use Other › Test to make sure you have chosen the correct driver.

  6. Leave the configuration screen with OK.

8.4.1 Configuring an HP All-In-One Device

An HP All-In-One device can be configured with YaST even if it is made available via the network. If you own a USB HP All-In-One device, start configuring as described in Procedure 8.9, “Configuring a USB or SCSI Scanner”. If it is detected properly and the Test succeeds, it is ready to use.

If your USB device is not properly detected, or your HP All-In-One device is connected to the network, run the HP Device Manager:

  1. Start YaST and select Hardware › Scanner. YaST loads the scanner database.

  2. Start the HP Device Manager with Other › Run hp-setup and follow the on-screen instructions. After having finished the HP Device Manager, the YaST scanner module automatically restarts the auto detection.

  3. Test it by choosing Other › Test.

  4. Leave the configuration screen with OK.

8.4.2 Sharing a Scanner over the Network

SUSE Linux Enterprise Desktop allows the sharing of a scanner over the network. To do so, configure your scanner as follows:

  1. Configure the scanner as described in Section 8.4, “Setting Up a Scanner”.

  2. Choose Other › Scanning via Network.

  3. Enter the host names of the clients (separated by a comma) that should be allowed to use the scanner under Server Settings › Permitted Clients for saned and leave the configuration dialog with OK.

8.4.3 Scanning over the Network

To use a scanner that is shared over the network, proceed as follows:

  1. Start YaST and select Hardware › Scanner.

  2. Open the network scanner configuration menu by Other › Scanning via Network.

  3. Enter the host name of the machine the scanner is connected to under Client Settings › Servers Used for the net Metadriver

  4. Leave with OK. The network scanner is now listed in the Scanner Configuration window and is ready to use.

9 Advanced Disk Setup

Sophisticated system configurations require specific disk setups. All common partitioning tasks can be done with YaST. To get persistent device naming with block devices, use the block devices below /dev/disk/by-id or /dev/disk/by-uuid. Logical Volume Management (LVM) is a disk partitioning scheme that is designed to be much more flexible than the physical partitioning used in standard setups. Its snapshot functionality enables easy creation of data backups. Redundant Array of Independent Disks (RAID) offers increased data integrity, performance, and fault tolerance. SUSE Linux Enterprise Desktop also supports multipath I/O . There is also the option to use iSCSI as a networked disk.

9.1 Using the YaST Partitioner

With the expert partitioner, shown in Figure 9.1, “The YaST Partitioner”, manually modify the partitioning of one or several hard disks. You can add, delete, resize, and edit partitions, or access the soft RAID, and LVM configuration.

Warning
Warning: Repartitioning the Running System

Although it is possible to repartition your system while it is running, the risk of making a mistake that causes data loss is very high. Try to avoid repartitioning your installed system and always do a complete backup of your data before attempting to do so.

The YaST Partitioner
Figure 9.1: The YaST Partitioner

All existing or suggested partitions on all connected hard disks are displayed in the list of Available Storage in the YaST Expert Partitioner dialog. Entire hard disks are listed as devices without numbers, such as /dev/sda. Partitions are listed as parts of these devices, such as /dev/sda1. The size, type, encryption status, file system, and mount point of the hard disks and their partitions are also displayed. The mount point describes where the partition appears in the Linux file system tree.

Several functional views are available on the left hand System View. These views can be used to collect information about existing storage configurations, configure functions (like RAID, Volume Management, Crypt Files), and view file systems with additional features, such as Btrfs, NFS, or TMPFS.

If you run the expert dialog during installation, any free hard disk space is also listed and automatically selected. To provide more disk space to SUSE® Linux Enterprise Desktop, free the needed space starting from the bottom toward the top of the list (starting from the last partition of a hard disk toward the first).

9.1.1 Partition Types

Every hard disk has a partition table with space for four entries. Every entry in the partition table corresponds to a primary partition or an extended partition. Only one extended partition entry is allowed, however.

A primary partition simply consists of a continuous range of cylinders (physical disk areas) assigned to a particular operating system. With primary partitions you would be limited to four partitions per hard disk, because more do not fit in the partition table. This is why extended partitions are used. Extended partitions are also continuous ranges of disk cylinders, but an extended partition may be divided into logical partitions itself. Logical partitions do not require entries in the partition table. In other words, an extended partition is a container for logical partitions.

If you need more than four partitions, create an extended partition as the fourth partition (or earlier). This extended partition should occupy the entire remaining free cylinder range. Then create multiple logical partitions within the extended partition. The maximum number of logical partitions is 63, independent of the disk type. It does not matter which types of partitions are used for Linux. Primary and logical partitions both function normally.

9.1.2 Creating a Partition

To create a partition from scratch select Hard Disks and then a hard disk with free space. The actual modification can be done in the Partitions tab:

  1. Select Add and specify the partition type (primary or extended). Create up to four primary partitions or up to three primary partitions and one extended partition. Within the extended partition, create several logical partitions (see Section 9.1.1, “Partition Types”).

  2. Specify the size of the new partition. You can either choose to occupy all the free unpartitioned space, or enter a custom size.

  3. Select the file system to use and a mount point. YaST suggests a mount point for each partition created. To use a different mount method, like mount by label, select Fstab Options. For more information on supported file systems, see root.

  4. Specify additional file system options if your setup requires them. This is necessary, for example, if you need persistent device names. For details on the available options, refer to Section 9.1.3, “Editing a Partition”.

  5. Click Finish to apply your partitioning setup and leave the partitioning module.

    If you created the partition during installation, you are returned to the installation overview screen.

9.1.2.1 Btrfs Partitioning

The default file system for the root partition is Btrfs (see Book “Administration Guide”, Chapter 7 “System Recovery and Snapshot Management with Snapper” for more information on Btrfs). The root file system is the default subvolume and it is not listed in the list of created subvolumes. As a default Btrfs subvolume, it can be mounted as a normal file system.

Important
Important: Btrfs on an Encrypted Root Partition

The default partitioning setup suggests the root partition as Btrfs with /boot being a directory. To encrypt the root partition, make sure to use the GPT partition table type instead of the default MSDOS type. Otherwise the GRUB2 boot loader may not have enough space for the second stage loader.

It is possible to create snapshots of Btrfs subvolumes—either manually, or automatically based on system events. For example when making changes to the file system, zypper invokes the snapper command to create snapshots before and after the change. This is useful if you are not satisfied with the change zypper made and want to restore the previous state. As snapper invoked by zypper creates snapshots of the root file system by default, it makes sense to exclude specific directories from snapshots. This is the reason why YaST suggests creating the following separate subvolumes:

/boot/grub2/i386-pc, /boot/grub2/x86_64-efi, /boot/grub2/powerpc-ieee1275, /boot/grub2/s390x-emu

A rollback of the boot loader configuration is not supported. The directories listed above are architecture-specific. The first two directories are present on AMD64/Intel 64 machines, the latter two on IBM POWER and on IBM z Systems, respectively.

/home

If /home does not reside on a separate partition, it is excluded to avoid data loss on rollbacks.

/opt, /var/opt

Third-party products usually get installed to /opt. It is excluded to avoid uninstalling these applications on rollbacks.

/srv

Contains data for Web and FTP servers. It is excluded to avoid data loss on rollbacks.

/tmp, /var/tmp, /var/cache, /var/crash

All directories containing temporary files and caches are excluded from snapshots.

/usr/local

This directory is used when manually installing software. It is excluded to avoid uninstalling these installations on rollbacks.

/var/lib/libvirt/images

The default location for virtual machine images managed with libvirt. Excluded to ensure virtual machine images are not replaced with older versions during a rollback. By default, this subvolume is created with the option no copy on write.

/var/lib/mailman, /var/spool

Directories containing mails or mail queues are excluded to avoid a loss of mails after a rollback.

/var/lib/named

Contains zone data for the DNS server. Excluded from snapshots to ensure a name server can operate after a rollback.

/var/lib/mariadb, /var/lib/mysql, /var/lib/pgqsl

These directories contain database data. By default, these subvolumes are created with the option no copy on write.

/var/log

Log file location. Excluded from snapshots to allow log file analysis after the rollback of a broken system.

Tip
Tip: Size of Btrfs Partition

Since saved snapshots require more disk space, it is recommended to reserve enough space for Btrfs. The suggested size for a root Btrfs partition with default subvolumes is 20 GB.

9.1.2.1.1 Managing Btrfs Subvolumes using YaST

Subvolumes of a Btrfs partition can be now managed with the YaST Expert partitioner module. You can add new or remove existing subvolumes.

Procedure 9.1: Btrfs Subvolumes with YaST
  1. Start the YaST Expert Partitioner with System › Partitioner.

  2. Choose Btrfs in the left System View pane.

  3. Select the Btrfs partition whose subvolumes you need to manage and click Edit.

  4. Click Subvolume Handling. You can see a list off all existing subvolumes of the selected Btrfs partition. You can notice several @/.snapshots/xyz/snapshot entries—each of these subvolumes belongs to one existing snapshot.

  5. Depending on whether you want to add or remove subvolumes, do the following:

    1. To remove a subvolume, select it from the list of Exisitng Subvolumes and click Remove.

    2. To add a new subvolume, enter its name to the New Subvolume text box and click Add new.

      Btrfs Subvolumes in YaST Partitioner
      Figure 9.2: Btrfs Subvolumes in YaST Partitioner
  6. Confirm with OK and Finish.

  7. Leave the partitioner with Finish.

9.1.3 Editing a Partition

When you create a new partition or modify an existing partition, you can set various parameters. For new partitions, the default parameters set by YaST are usually sufficient and do not require any modification. To edit your partition setup manually, proceed as follows:

  1. Select the partition.

  2. Click Edit to edit the partition and set the parameters:

    File System ID

    Even if you do not want to format the partition at this stage, assign it a file system ID to ensure that the partition is registered correctly. Typical values are Linux, Linux swap, Linux LVM, and Linux RAID.

    File System

    To change the partition file system, click Format Partition and select file system type in the File System list.

    SUSE Linux Enterprise Desktop supports several types of file systems. Btrfs is the Linux file system of choice for the root partition because of its advanced features. It supports copy-on-write functionality, creating snapshots, multi-device spanning, subvolumes, and other useful techniques. XFS, Ext3 and JFS are journaling file systems. These file systems can restore the system very quickly after a system crash, using write processes logged during the operation. Ext2 is not a journaling file system, but it is adequate for smaller partitions because it does not require much disk space for management.

    The default file system for the root partition is Btrfs. The default file system for additional partitions is XFS.

    Swap is a special format that allows the partition to be used as a virtual memory. Create a swap partition of at least 256 MB. However, if you use up your swap space, consider adding more memory to your system instead of adding more swap space.

    Warning
    Warning: Changing the File System

    Changing the file system and reformatting partitions irreversibly deletes all data from the partition.

    For details on the various file systems, refer to Storage Administration Guide.

    Encrypt Device

    If you activate the encryption, all data is written to the hard disk in encrypted form. This increases the security of sensitive data, but reduces the system speed, as the encryption takes some time to process. More information about the encryption of file systems is provided in Book “Security Guide”, Chapter 11 “Encrypting Partitions and Files”.

    Mount Point

    Specify the directory where the partition should be mounted in the file system tree. Select from YaST suggestions or enter any other name.

    Fstab Options

    Specify various parameters contained in the global file system administration file (/etc/fstab). The default settings should suffice for most setups. You can, for example, change the file system identification from the device name to a volume label. In the volume label, use all characters except / and space.

    To get persistent devices names, use the mount option Device ID, UUID or LABEL. In SUSE Linux Enterprise Desktop, persistent device names are enabled by default.

    If you prefer to mount the partition by its label, you need to define one in the Volume label text entry. For example, you could use the partition label HOME for a partition intended to mount to /home.

    If you intend to use quotas on the file system, use the mount option Enable Quota Support. This must be done before you can define quotas for users in the YaST User Management module. For further information on how to configure user quota, refer to Section 13.3.4, “Managing Quotas”.

  3. Select Finish to save the changes.

Note
Note: Resize File Systems

To resize an existing file system, select the partition and use Resize. Note, that it is not possible to resize partitions while mounted. To resize partitions, unmount the relevant partition before running the partitioner.

9.1.4 Expert Options

After you select a hard disk device (like sda) in the System View pane, you can access the Expert menu in the lower right part of the Expert Partitioner window. The menu contains the following commands:

Create New Partition Table

This option helps you create a new partition table on the selected device.

Warning
Warning: Creating a New Partition Table

Creating a new partition table on a device irreversibly removes all the partitions and their data from that device.

Clone This Disk

This option helps you clone the device partition layout (but not the data) to other available disk devices.

9.1.5 Advanced Options

After you select the host name of the computer (the top-level of the tree in the System View pane), you can access the Configure menu in the lower right part of the Expert Partitioner window. The menu contains the following commands:

Configure iSCSI

To access SCSI over IP block devices, you first need to configure iSCSI. This results in additionally available devices in the main partition list.

Configure Multipath

Selecting this option helps you configure the multipath enhancement to the supported mass storage devices.

9.1.6 More Partitioning Tips

The following section includes a few hints and tips on partitioning that should help you make the right decisions when setting up your system.

Tip
Tip: Cylinder Numbers

Note, that different partitioning tools may start counting the cylinders of a partition with 0 or with 1. When calculating the number of cylinders, you should always use the difference between the last and the first cylinder number and add one.

9.1.6.1 Using swap

Swap is used to extend the available physical memory. It is then possible to use more memory than physical RAM available. The memory management system of kernels before 2.4.10 needed swap as a safety measure. Then, if you did not have twice the size of your RAM in swap, the performance of the system suffered. These limitations no longer exist.

Linux uses a page called Least Recently Used (LRU) to select pages that might be moved from memory to disk. Therefore, running applications have more memory available and caching works more smoothly.

If an application tries to allocate the maximum allowed memory, problems with swap can arise. There are three major scenarios to look at:

System with no swap

The application gets the maximum allowed memory. All caches are freed, and thus all other running applications are slowed. After a few minutes, the kernel's out-of-memory kill mechanism activates and kills the process.

System with medium sized swap (128 MB–512 MB)

At first, the system slows like a system without swap. After all physical RAM has been allocated, swap space is used as well. At this point, the system becomes very slow and it becomes impossible to run commands from remote. Depending on the speed of the hard disks that run the swap space, the system stays in this condition for about 10 to 15 minutes until the out-of-memory kill mechanism resolves the issue. Note that you will need a certain amount of swap if the computer needs to perform a suspend to disk. In that case, the swap size should be large enough to contain the necessary data from memory (512 MB–1GB).

System with lots of swap (several GB)

It is better to not have an application that is out of control and swapping excessively in this case. If you use such application, the system will need many hours to recover. In the process, it is likely that other processes get timeouts and faults, leaving the system in an undefined state, even after terminating the faulty process. In this case, do a hard machine reboot and try to get it running again. Lots of swap is only useful if you have an application that relies on this feature. Such applications (like databases or graphics manipulation programs) often have an option to directly use hard disk space for their needs. It is advisable to use this option instead of using lots of swap space.

If your system is not out of control, but needs more swap after some time, it is possible to extend the swap space online. If you prepared a partition for swap space, add this partition with YaST. If you do not have a partition available, you can also use a swap file to extend the swap. Swap files are generally slower than partitions, but compared to physical RAM, both are extremely slow so the actual difference is negligible.

Procedure 9.2: Adding a Swap File Manually

To add a swap file in the running system, proceed as follows:

  1. Create an empty file in your system. For example, if you want to add a swap file with 128 MB swap at /var/lib/swap/swapfile, use the commands:

    mkdir -p /var/lib/swap
    dd if=/dev/zero of=/var/lib/swap/swapfile bs=1M count=128
  2. Initialize this swap file with the command

    mkswap /var/lib/swap/swapfile
    Note
    Note: Changed UUID for Swap Partitions when Formatting via mkswap

    Do not reformat existing swap partitions with mkswap if possible. Reformatting with mkswap will change the UUID value of the swap partition. Either reformat via YaST (will update /etc/fstab) or adjust /etc/fstab manually.

  3. Activate the swap with the command

    swapon /var/lib/swap/swapfile

    To disable this swap file, use the command

    swapoff /var/lib/swap/swapfile
  4. Check the current available swap spaces with the command

    cat /proc/swaps

    Note that at this point, it is only temporary swap space. After the next reboot, it is no longer used.

  5. To enable this swap file permanently, add the following line to /etc/fstab:

    /var/lib/swap/swapfile swap swap defaults 0 0

9.1.7 Partitioning and LVM

From the Expert partitioner, access the LVM configuration by clicking the Volume Management item in the System View pane. However, if a working LVM configuration already exists on your system, it is automatically activated upon entering the initial LVM configuration of a session. In this case, all disks containing a partition (belonging to an activated volume group) cannot be repartitioned. The Linux kernel cannot reread the modified partition table of a hard disk when any partition on this disk is in use. If you already have a working LVM configuration on your system, physical repartitioning should not be necessary. Instead, change the configuration of the logical volumes.

At the beginning of the physical volumes (PVs), information about the volume is written to the partition. To reuse such a partition for other non-LVM purposes, it is advisable to delete the beginning of this volume. For example, in the VG system and PV /dev/sda2, do this with the command dd if=/dev/zero of=/dev/sda2 bs=512 count=1.

Warning
Warning: File System for Booting

The file system used for booting (the root file system or /boot) must not be stored on an LVM logical volume. Instead, store it on a normal physical partition.

9.2 LVM Configuration

This section explains specific steps to take when configuring LVM.

Warning
Warning: Back up Your Data

Using LVM is sometimes associated with increased risk such as data loss. Risks also include application crashes, power failures, and faulty commands. Save your data before implementing LVM or reconfiguring volumes. Never work without a backup.

9.2.1 LVM Configuration with YaST

The YaST LVM configuration can be reached from the YaST Expert Partitioner (see Section 9.1, “Using the YaST Partitioner”) within the Volume Management item in the System View pane. The Expert Partitioner allows you to edit and delete existing partitions and create new ones that need to be used with LVM. The first task is to create PVs that provide space to a volume group:

  1. Select a hard disk from Hard Disks.

  2. Change to the Partitions tab.

  3. Click Add and enter the desired size of the PV on this disk.

  4. Use Do not format partition and change the File System ID to 0x8E Linux LVM. Do not mount this partition.

  5. Repeat this procedure until you have defined all the desired physical volumes on the available disks.

9.2.1.1 Creating Volume Groups

If no volume group exists on your system, you must add one (see Figure 9.3, “Creating a Volume Group”). It is possible to create additional groups by clicking Volume Management in the System View pane, and then on Add Volume Group. One single volume group is usually sufficient.

  1. Enter a name for the VG, for example, system.

  2. Select the desired Physical Extend Size. This value defines the size of a physical block in the volume group. All the disk space in a volume group is handled in blocks of this size.

  3. Add the prepared PVs to the VG by selecting the device and clicking Add. Selecting several devices is possible by holding Ctrl while selecting the devices.

  4. Select Finish to make the VG available to further configuration steps.

Creating a Volume Group
Figure 9.3: Creating a Volume Group

If you have multiple volume groups defined and want to add or remove PVs, select the volume group in the Volume Management list and click Resize. In the following window, you can add or remove PVs to the selected volume group.

9.2.1.2 Configuring Logical Volumes

After the volume group has been filled with PVs, define the LVs which the operating system should use in the next dialog. Choose the current volume group and change to the Logical Volumes tab. Add, Edit, Resize, and Delete LVs as needed until all space in the volume group has been occupied. Assign at least one LV to each volume group.

Logical Volume Management
Figure 9.4: Logical Volume Management

Click Add and go through the wizard-like pop-up that opens:

  1. Enter the name of the LV. For a partition that should be mounted to /home, a name like HOME could be used.

  2. Select the type of the LV. It can be either Normal Volume, Thin Pool, or Thin Volume. Note that you need to create a thin pool first, which can store individual thin volumes. The big advantage of thin provisioning is that the total sum of all thin volumes stored in a thin pool can exceed the size of the pool itself.

  3. Select the size and the number of stripes of the LV. If you have only one PV, selecting more than one stripe is not useful.

  4. Choose the file system to use on the LV and the mount point.

By using stripes it is possible to distribute the data stream in the LV among several PVs (striping). However, striping a volume can only be done over different PVs, each providing at least the amount of space of the volume. The maximum number of stripes equals to the number of PVs, where Stripe "1" means "no striping". Striping only makes sense with PVs on different hard disks, otherwise performance will decrease.

Warning
Warning: Striping

YaST cannot, at this point, verify the correctness of your entries concerning striping. Any mistake made here is apparent only later when the LVM is implemented on disk.

If you have already configured LVM on your system, the existing logical volumes can also be used. Before continuing, assign appropriate mount points to these LVs. With Finish, return to the YaST Expert Partitioner and finish your work there.

9.3 Soft RAID Configuration with YaST

This section describes actions required to create and configure various types of RAID. .

9.3.1 Soft RAID Configuration with YaST

The YaST RAID configuration can be reached from the YaST Expert Partitioner, described in Section 9.1, “Using the YaST Partitioner”. This partitioning tool enables you to edit and delete existing partitions and create new ones to be used with soft RAID:

  1. Select a hard disk from Hard Disks.

  2. Change to the Partitions tab.

  3. Click Add and enter the desired size of the raid partition on this disk.

  4. Use Do not Format the Partition and change the File System ID to 0xFD Linux RAID. Do not mount this partition.

  5. Repeat this procedure until you have defined all the desired physical volumes on the available disks.

For RAID 0 and RAID 1, at least two partitions are needed—for RAID 1, usually exactly two and no more. If RAID 5 is used, at least three partitions are required, RAID 6 and RAID 10 require at least four partitions. It is recommended to use partitions of the same size only. The RAID partitions should be located on different hard disks to decrease the risk of losing data if one is defective (RAID 1 and 5) and to optimize the performance of RAID 0. After creating all the partitions to use with RAID, click RAID › Add RAID to start the RAID configuration.

In the next dialog, choose between RAID levels 0, 1, 5, 6 and 10. Then, select all partitions with either the Linux RAID or Linux native type that should be used by the RAID system. No swap or DOS partitions are shown.

Tip
Tip: Classify Disks

For RAID types where the order of added disks matters, you can mark individual disks with one of the letters A to E. Click the Classify button, select the disk and click of the Class X buttons, where X is the letter you want to assign to the disk. Assign all available RAID disks this way, and confirm with OK. You can easily sort the classified disks with the Sorted or Interleaved buttons, or add a sort pattern from a text file with Pattern File.

RAID Partitions
Figure 9.5: RAID Partitions

To add a previously unassigned partition to the selected RAID volume, first click the partition then Add. Assign all partitions reserved for RAID. Otherwise, the space on the partition remains unused. After assigning all partitions, click Next to select the available RAID Options.

In this last step, set the file system to use, encryption and the mount point for the RAID volume. After completing the configuration with Finish, see the /dev/md0 device and others indicated with RAID in the expert partitioner.

9.3.2 Troubleshooting

Check the file /proc/mdstat to find out whether a RAID partition has been damaged. If Th system fails, shut down your Linux system and replace the defective hard disk with a new one partitioned the same way. Then restart your system and enter the command mdadm /dev/mdX --add /dev/sdX. Replace 'X' with your particular device identifiers. This integrates the hard disk automatically into the RAID system and fully reconstructs it.

Note that although you can access all data during the rebuild, you may encounter some performance issues until the RAID has been fully rebuilt.

9.3.3 For More Information

Configuration instructions and more details for soft RAID can be found in the Howtos at:

Linux RAID mailing lists are available, such as http://marc.info/?l=linux-raid.

10 Installing or Removing Software

Abstract

Use YaST's software management module to search for software components you want to add or remove. YaST resolves all dependencies for you. To install packages not shipped with the installation media, add additional software repositories to your setup and let YaST manage them. Keep your system up-to-date by managing software updates with the update applet.

Change the software collection of your system with the YaST Software Manager. This YaST module is available in two flavors: a graphical variant for X Window and a text-based variant to be used on the command line. The graphical flavor is described here—for details on the text-based YaST, see Book “Administration Guide”, Chapter 5 “YaST in Text Mode”.

Note
Note: Confirmation and Review of Changes

When installing, updating or removing packages, any changes in the Software Manager are only applied after clicking Accept or Apply. YaST maintains a list with all actions, allowing you to review and modify your changes before applying them to the system.

10.1 Definition of Terms

Repository

A local or remote directory containing packages, plus additional information about these packages (package metadata).

(Repository) Alias/Repository Name

A short name for a repository (called Alias within Zypper and Repository Name within YaST). It can be chosen by the user when adding a repository and must be unique.

Repository Description Files

Each repository provides files describing content of the repository (package names, versions, etc.). These repository description files are downloaded to a local cache that is used by YaST.

Product

Represents a whole product, for example SUSE® Linux Enterprise Desktop.

Pattern

A pattern is an installable group of packages dedicated to a certain purpose. For example, the Laptop pattern contains all packages that are needed in a mobile computing environment. Patterns define package dependencies (such as required or recommended packages) and come with a preselection of packages marked for installation. This ensures that the most important packages needed for a certain purpose are available on your system after installation of the pattern. If necessary, you can manually select or deselect packages within a pattern.

Package

A package is a compressed file in rpm format that contains the files for a particular program.

Patch

A patch consists of one or more packages and may be applied by means of delta RPMs. It may also introduce dependencies to packages that are not installed yet.

Resolvable

A generic term for product, pattern, package or patch. The most commonly used type of resolvable is a package or a patch.

Delta RPM

A delta RPM consists only of the binary diff between two defined versions of a package, and therefore has the smallest download size. Before being installed, the full RPM package is rebuilt on the local machine.

Package Dependencies

Certain packages are dependent on other packages, such as shared libraries. In other terms, a package may require other packages—if the required packages are not available, the package cannot be installed. In addition to dependencies (package requirements) that must be fulfilled, some packages recommend other packages. These recommended packages are only installed if they are actually available, otherwise they are ignored and the package recommending them is installed nevertheless.

10.2 Registering an Installed System

If you skipped the registration during the installation or want to re-register your system, you can register the system at any time using the YaST module Product Registration or the command line tool SUSEConnect.

10.2.1 Registering with YaST

To register the system, start YaST and go to Software, then Product Registration.

By default the system is registered with the SUSE Customer Center. If your organization provides local registration servers, you can either choose one fromq the list of auto-detected servers or provide the URL manually.

10.2.2 Registering with SUSEConnect

To register from the command line, use the command

tux > sudo SUSEConnect -r REGISTRATION_CODE -e EMAIL_ADDRESS

Replace REGISTRATION_CODE with the registration code you received with your copy of SUSE Linux Enterprise Server. Replace EMAIL_ADDRESS with the e-mail address associated with the SUSE account you or your organization uses to manage subscriptions.

To register with a local registration server, also provide the URL to the server:

tux > sudo SUSEConnect -r REGISTRATION_CODE -e EMAIL_ADDRESS --url "URL"

10.3 Using the YaST Software Manager

Start the software manager from the YaST Control Center by choosing Software › Software Management.

10.3.1 Views for Searching Packages or Patterns

The YaST software manager can install packages or patterns from all currently enabled repositories. It offers different views and filters to make it easier to find the software you are searching for. The Search view is the default view of the window. To change view, click View and select one of the following entries from the drop-down box. The selected view opens in a new tab.

Patterns

Lists all patterns available for installation on your system.

Package Groups

Lists all packages sorted by groups such as Graphics, Programming, or Security.

RPM Groups

Lists all packages sorted by functionality with groups and subgroups. For example Networking › Email › Clients.

Languages

A filter to list all packages needed to add a new system language.

Repositories

A filter to list packages by repository. To select more than one repository, hold the Ctrl key while clicking repository names. The pseudo repository @System lists all packages currently installed.

Search

Lets you search for a package according to certain criteria. Enter a search term and press Enter. Refine your search by specifying where to Search In and by changing the Search Mode. For example, if you do not know the package name but only the name of the application that you are searching for, try including the package Description in the search process.

Installation Summary

If you have already selected packages for installation, update or removal, this view shows the changes that will be applied to your system when you click Accept. To filter for packages with a certain status in this view, activate or deactivate the respective check boxes. Press ShiftF1 for details on the status flags.

Tip
Tip: Finding Packages Not Belonging to an Active Repository

To list all packages that do not belong to an active repository, choose View › Repositories › @System and then choose Secondary Filter › Unmaintained Packages. This is useful, for example, if you have deleted a repository and want to make sure no packages from that repository remain installed.

10.3.2 Installing and Removing Packages or Patterns

Certain packages are dependent on other packages, such as shared libraries. On the other hand, some packages cannot coexist with others on the system. If possible, YaST automatically resolves these dependencies or conflicts. If your choice results in a dependency conflict that cannot be automatically solved, you need to solve it manually as described in Section 10.3.4, “Checking Software Dependencies”.

Note
Note: Removal of Packages

When removing any packages, by default YaST only removes the selected packages. If you want YaST to also remove any other packages that become unneeded after removal of the specified package, select Options › Cleanup when deleting packages from the main menu.

  1. Search for packages as described in Section 10.3.1, “Views for Searching Packages or Patterns”.

  2. The packages found are listed in the right pane. To install a package or remove it, right-click it and choose Install or Delete. If the relevant option is not available, check the package status indicated by the symbol in front of the package name—press ShiftF1 for help.

    Tip
    Tip: Applying an Action to All Packages Listed

    To apply an action to all packages listed in the right pane, go to the main menu and choose an action from Package › All in This List.

  3. To install a pattern, right-click the pattern name and choose Install.

  4. It is not possible to remove a pattern per se. Instead, select the packages of a pattern you want to remove and mark them for removal.

  5. To select more packages, repeat the steps mentioned above.

  6. Before applying your changes, you can review or modify them by clicking View › Installation Summary. By default, all packages that will change status, are listed.

  7. To revert the status for a package, right-click the package and select one of the following entries: Keep if the package was scheduled to be deleted or updated, or Do Not Install if it was scheduled for installation. To abandon all changes and quit the Software Manager, click Cancel and Abandon.

  8. When you are finished, click Accept to apply your changes.

  9. In case YaST found dependencies on other packages, a list of packages that have additionally been chosen for installation, update or removal is presented. Click Continue to accept them.

    After all selected packages are installed, updated or removed, the YaST Software Manager automatically terminates.

Note
Note: Installing Source Packages

Installing source packages with YaST Software Manager is not possible at the moment. Use the command line tool zypper for this purpose. For more information, see Book “Administration Guide”, Chapter 6 “Managing Software with Command Line Tools”, Section 6.1.2.5 “Installing or Downloading Source Packages”.

10.3.3 Updating Packages

Instead of updating individual packages, you can also update all installed packages or all packages from a certain repository. When mass updating packages, the following aspects are generally considered:

  • priorities of the repositories that provide the package,

  • architecture of the package (for example, AMD64/Intel 64),

  • version number of the package,

  • package vendor.

Which of the aspects has the highest importance for choosing the update candidates depends on the respective update option you choose.

  1. To update all installed packages to the latest version, choose Package › All Packages › Update if Newer Version Available from the main menu.

    All repositories are checked for possible update candidates, using the following policy: YaST first tries to restrict the search to packages with the same architecture and vendor like the installed one. If the search is positive, the best update candidate from those is selected according to the process below. However, if no comparable package of the same vendor can be found, the search is expanded to all packages with the same architecture. If still no comparable package can be found, all packages are considered and the best update candidate is selected according to the following criteria:

    1. Repository priority: Prefer the package from the repository with the highest priority.

    2. If more than one package results from this selection, choose the one with the best architecture (best choice: matching the architecture of the installed one).

    If the resulting package has a higher version number than the installed one, the installed package will be updated and replaced with the selected update candidate.

    This option tries to avoid changes in architecture and vendor for the installed packages, but under certain circumstances, they are tolerated.

    Note
    Note: Update Unconditionally

    If you choose Package › All Packages › Update Unconditionally instead, the same criteria apply but any candidate package found is installed unconditionally. Thus, choosing this option might actually lead to downgrading some packages.

  2. To make sure that the packages for a mass update derive from a certain repository:

    1. Choose the repository from which to update as described in Section 10.3.1, “Views for Searching Packages or Patterns” .

    2. On the right hand side of the window, click Switch system packages to the versions in this repository. This explicitly allows YaST to change the package vendor when replacing the packages.

      When you proceed with Accept, all installed packages will be replaced by packages deriving from this repository, if available. This may lead to changes in vendor and architecture and even to downgrading some packages.

    3. To refrain from this, click Cancel switching system packages to the versions in this repository. Note that you can only cancel this before you click the Accept button.

  3. Before applying your changes, you can review or modify them by clicking View › Installation Summary. By default, all packages that will change status, are listed.

  4. If all options are set according to your wishes, confirm your changes with Accept to start the mass update.

10.3.4 Checking Software Dependencies

Most packages are dependent on other packages. If a package, for example, uses a shared library, it is dependent on the package providing this library. On the other hand, some packages cannot coexist, causing a conflict (for example, you can only install one mail transfer agent: sendmail or postfix). When installing or removing software, the Software Manager makes sure no dependencies or conflicts remain unsolved to ensure system integrity.

In case there exists only one solution to resolve a dependency or a conflict, it is resolved automatically. Multiple solutions always cause a conflict which needs to be resolved manually. If solving a conflict involves a vendor or architecture change, it also needs to be solved manually. When clicking Accept to apply any changes in the Software Manager, you get an overview of all actions triggered by the automatic resolver which you need to confirm.

By default, dependencies are automatically checked. A check is performed every time you change a package status (for example, by marking a package for installation or removal). This is generally useful, but can become exhausting when manually resolving a dependency conflict. To disable this function, go to the main menu and deactivate Dependencies › Autocheck. Manually perform a dependency check with Dependencies › Check Now. A consistency check is always performed when you confirm your selection with Accept.

To review a package's dependencies, right-click it and choose Show Solver Information. A map showing the dependencies opens. Packages that are already installed are displayed in a green frame.

Note
Note: Manually Solving Package Conflicts

Unless you are very experienced, follow the suggestions YaST makes when handling package conflicts, otherwise you may not be able to resolve them. Keep in mind that every change you make, potentially triggers other conflicts, so you can easily end up with a steadily increasing number of conflicts. In case this happens, Cancel the Software Manager, Abandon all your changes and start again.

Conflict Management of the Software Manager
Figure 10.1: Conflict Management of the Software Manager

10.3.4.1 Handling of Package Recommendations

In addition to the hard dependencies required to run a program (for example a certain library), a package can also have weak dependencies, that add for example extra functionality or translations. These weak dependencies are called package recommendations.

The way package recommendations are handled has slightly changed starting with SUSE Linux Enterprise Desktop 12 SP1. Nothing has changed when installing a new package—recommended packages are still installed by default.

Prior to SUSE Linux Enterprise Desktop 12 SP1, missing recommendations for already installed packages were installed automatically. Now these packages will no longer be installed automatically. To switch to the old default, set PKGMGR_REEVALUATE_RECOMMENDED="yes" in /etc/sysconfig/yast2. To install all missing recommendations for already installed packages, start YaST › Software Manager and choose Extras › Install All Matching Recommended Packages.

To disable the installation of recommended packages when installing new packages, deactivate Dependencies › Install Recommended Packages in the YaST Software Manager. If using the command line tool Zypper to install packages, use the option --no-recommends.

10.4 Managing Software Repositories and Services

To install third-party software, add additional software repositories to your system. By default, the product repositories such as SUSE Linux Enterprise Desktop-DVD 12 SP4 and a matching update repository are automatically configured after you have registered your system. For more information about registration, see Section 3.7, “SUSE Customer Center Registration” or Section 17.8, “Registering Your System”. Depending on the initially selected product, an additional repository containing translations, dictionaries, etc. might also be configured.

To manage repositories, start YaST and select Software › Software Repositories. The Configured Software Repositories dialog opens. Here, you can also manage subscriptions to so-called Services by changing the View at the right corner of the dialog to All Services. A Service in this context is a Repository Index Service (RIS) that can offer one or more software repositories. Such a Service can be changed dynamically by its administrator or vendor.

Each repository provides files describing content of the repository (package names, versions, etc.). These repository description files are downloaded to a local cache that is used by YaST. To ensure their integrity, software repositories can be signed with the GPG Key of the repository maintainer. Whenever you add a new repository, YaST offers the ability to import its key.

Warning
Warning: Trusting External Software Sources

Before adding external software repositories to your list of repositories, make sure this repository can be trusted. SUSE is not responsible for any problems arising from software installed from third-party software repositories.

10.4.1 Adding Software Repositories

You can either add repositories from DVD/CD, removable mass storage devices (such as flash disks), a local directory, an ISO image or a network source.

To add repositories from the Configured Software Repositories dialog in YaST proceed as follows:

  1. Click Add.

  2. Select one of the options listed in the dialog:

    Adding a Software Repository
    Figure 10.2: Adding a Software Repository
    • To scan your network for installation servers announcing their services via SLP, select Scan Using SLP and click Next.

    • To add a repository from a removable medium, choose the relevant option and insert the medium or connect the USB device to the machine, respectively. Click Next to start the installation.

    • For the majority of repositories, you will be asked to specify the path (or URL) to the media after selecting the respective option and clicking Next. Specifying a Repository Name is optional. If none is specified, YaST will use the product name or the URL as repository name.

    The option Download Repository Description Files is activated by default. If you deactivate the option, YaST will automatically download the files later, if needed.

  3. Depending on the repository you have added, you may be prompted to import the repository's GPG key or asked to agree to a license.

    After confirming these messages, YaST will download and parse the metadata. It will add the repository to the list of Configured Repositories.

  4. If needed, adjust the repository Properties as described in Section 10.4.2, “Managing Repository Properties”.

  5. Confirm your changes with OK to close the configuration dialog.

  6. After having successfully added the repository, the software manager starts and you can install packages from this repository. For details, refer to Chapter 10, Installing or Removing Software.

10.4.2 Managing Repository Properties

The Configured Software Repositories overview of the Software Repositories lets you change the following repository properties:

Status

The repository status can either be Enabled or Disabled. You can only install packages from repositories that are enabled. To turn a repository off temporarily, select it and deactivate Enable. You can also double-click a repository name to toggle its status. To remove a repository completely, click Delete.

Refresh

When refreshing a repository, its content description (package names, versions, etc.) is downloaded to a local cache that is used by YaST. It is sufficient to do this once for static repositories such as CDs or DVDs, whereas repositories whose content changes often should be refreshed frequently. The easiest way to keep a repository's cache up-to-date is to choose Automatically Refresh. To do a manual refresh click Refresh and select one of the options.

Keep Downloaded Packages

Packages from remote repositories are downloaded before being installed. By default, they are deleted upon a successful installation. Activating Keep Downloaded Packages prevents the deletion of downloaded packages. The download location is configured in /etc/zypp/zypp.conf, by default it is /var/cache/zypp/packages.

Priority

The Priority of a repository is a value between 1 and 200, with 1 being the highest priority and 200 the lowest priority. Any new repositories that are added with YaST get a priority of 99 by default. If you do not care about a priority value for a certain repository, you can also set the value to 0 to apply the default priority to that repository (99). If a package is available in more than one repository, then the repository with the highest priority takes precedence. This is useful if you want to avoid downloading packages unnecessarily from the Internet by giving a local repository (for example, a DVD) a higher priority.

Important
Important: Priority Compared to Version

The repository with the highest priority takes precedence in any case. Therefore, make sure that the update repository always has the highest priority, otherwise you might install an outdated version that will not be updated until the next online update.

Name and URL

To change a repository name or its URL, select it from the list with a single-click and then click Edit.

10.4.3 Managing Repository Keys

To ensure their integrity, software repositories can be signed with the GPG Key of the repository maintainer. Whenever you add a new repository, YaST offers to import its key. Verify it as you would do with any other GPG key and make sure it does not change. If you detect a key change, something might be wrong with the repository. Disable the repository as an installation source until you know the cause of the key change.

To manage all imported keys, click GPG Keys in the Configured Software Repositories dialog. Select an entry with the mouse to show the key properties at the bottom of the window. Add, Edit or Delete keys with a click on the respective buttons.

10.5 Keeping the System Up-to-date

SUSE offers a continuous stream of software security patches for your product. They can be installed using the Book “Administration Guide”, Chapter 3 “YaST Online Update” module. It also offers advanced features to customize the patch installation.

The GNOME desktop also provides a tool for installing patches and for installing package updates of packages that are already installed. In contrast to a Patch, a package update is only related to one package and provides a newer version of a package. The GNOME tool lets you install both patches and package updates with a few clicks as described in Section 10.5.2, “Installing Patches and Package Updates”.

10.5.1 The GNOME Software Updater

Whenever new patches or package updates are available, GNOME shows a notification about this at the bottom of the desktop (or on the locked screen).

Update Notification on GNOME Lock Screen
Figure 10.3: Update Notification on GNOME Lock Screen

10.5.2 Installing Patches and Package Updates

Whenever new patches or package updates are available, GNOME shows a notification about this at the bottom of the desktop (or on the locked screen).

Update Notification on GNOME Desktop
Figure 10.4: Update Notification on GNOME Desktop
  1. To install the patches and updates, click Install updates in the notification message. This opens the GNOME update viewer. Alternatively, open the update viewer from Applications › System Tools › Software Update or press AltF2 and enter gpk-update-viewer.

  2. All Security Updates and Important Updates are preselected. It is strongly recommended to install these patches. Other Updates can be manually selected by activating the respective check boxes. Get detailed information on a patch or package update by clicking its title.

  3. Click Install Updates to start the installation. You will be prompted for the root password.

  4. Enter the root password in the authentication dialog and proceed.

GNOME Update Viewer
Figure 10.5: GNOME Update Viewer

10.5.3 Configuring the GNOME Software Updater

To configure notifications, select Applications › System Settings › Notification › Software Update and adjust the desired settings.

To configure how often to check for updates or to activate or deactivate repositories, select Applications › System Tools › Settings › Software Settings. The tabs of the configuration dialog let you modify the following settings:

Update Settings
Check for Updates

Choose how often a check for updates is performed: Hourly, Daily, Weekly, or Never.

Check for Major Upgrades

Choose how often a check for major upgrades is performed: Daily, Weekly, or Never.

Check for updates when using mobile broadband

This configuration option is only available on mobile computers. Turned off by default.

Check for updates on battery power

This configuration option is only available on mobile computers. Turned off by default.

Software Sources
Repositories

Lists the repositories that will be checked for available patches and package updates. You can enable or disable certain repositories.

Important
Important: Keep Update Repository Enabled

To make sure that you are notified about any patches that are security-relevant, keep the Updates repository for your product enabled.

More options are configurable using gconf-editor: apps › gnome-packagekit.

11 Installing Modules, Extensions, and Third Party Add-On Products

Abstract

Modules and extensions add parts or functionality to the system. Modules are fully supported parts of SUSE Linux Enterprise Desktop with a different life cycle and update timeline. They are a set of packages, have a clearly defined scope and are delivered via online channel only.

Extensions, such as the Workstation Extension or the High Availability Extension, add extra functionality to the system and require an own registration key that is liable for costs. Extensions are delivered via online channel or physical media. Registering at the SUSE Customer Center or a local registration server is a prerequisite for subscribing to the online channels. The Package Hub (Section 11.5, “SUSE Package Hub”) and SUSE Software Development Kit (Section 11.4, “SUSE Software Development Kit (SDK) 12 SP4) extensions are exceptions which do not require a registration key and are not covered by SUSE support agreements.

A list of modules and extensions for your product is available after having registered your system at SUSE Customer Center or a local registration server. If you skipped the registration step during the installation, you can register your system at any time using the SUSE Customer Center Configuration module in YaST. For details, refer to Section 17.8, “Registering Your System”.

Some add-on products are also provided by third parties, for example, binary-only drivers that are needed by certain hardware to function properly. If you have such hardware, refer to the release notes for more information about availability of binary drivers for your system. The release notes are available from http://www.suse.com/releasenotes/, from YaST or from /usr/share/doc/release-notes/ in your installed system.

11.1 List of Optional Modules

Besides the base server operating system, SUSE Linux Enterprise Desktop 12 provides optional modules included in the subscription. Each module has a different lifecycle. This approach offers faster integration with upstream updates. Below is a list of all optional modules together with brief descriptions:

Software Development Kit

This is the Software Development Kit (SDK) for the family of SUSE Linux Enterprise products. It is a free of charge extension for partners and customers working with SUSE Linux Enterprise Server, Desktop, and derived products.

For more information about SUSE Software Development Kit, refer to Section 11.4, “SUSE Software Development Kit (SDK) 12 SP4.

Package Hub

SUSE Package Hub provides access to community maintained packages built to run on SUSE Linux Enterprise Desktop. Built from the same sources used in the openSUSE distributions, these quality packages provide additional software to what is found in SUSE Linux Enterprise Desktop.

For more information about SUSE Package Hub, refer to Section 11.5, “SUSE Package Hub”.

Containers Module

This module contains several packages revolving around containers and related tools, including the Docker Open Source Engine and prepackaged images for SUSE Linux Enterprise Server 11 and SUSE Linux Enterprise Server 12.

11.2 Installing Modules and Extensions from Online Channels

Tip
Tip: SUSE Linux Enterprise Desktop

As of SUSE Linux Enterprise 12, SUSE Linux Enterprise Desktop is not only available as a separate product, but also as a Workstation Extension for SUSE Linux Enterprise Server. If you register at the SUSE Customer Center, the Workstation Extension can be selected for installation. Note that installing it requires a valid registration key.

The following procedure requires that you have registered your system with SUSE Customer Center, or a local registration server. When registering your system, you will see a list of extensions and modules immediately after having completed Step 4 of Section 17.8, “Registering Your System”. In that case, skip the next steps and proceed with Step 2.

Note
Note: Viewing Already Installed Add-Ons

To view already installed add-ons, start YaST and select Software › Add-Ons

Procedure 11.1: Installing Add-ons and Extensions from Online Channels with YaST
  1. Start YaST and select Software › Add System Extensions or Modules.

    YaST connects to the registration server and displays a list of Available Extensions and Modules.

    Note
    Note: Available Extensions and Modules

    The amount of available extensions and modules depends on the registration server. A local registration server may only offer update repositories and no additional extensions.

    Note
    Note: Module Life Cycles

    Life cycle end dates of modules are available at https://scc.suse.com/docs/lifecycle/sle/12/modules.

  2. Click an entry to see its description.

  3. Select one or multiple entries for installation by activating their check marks.

    Installation of System Extensions
    Figure 11.1: Installation of System Extensions
  4. Click Next to proceed.

  5. Depending on the repositories to be added for the extension or module, you may be prompted to import the repository's GPG key or asked to agree to a license.

    After confirming these messages, YaST will download and parse the metadata. The repositories for the selected extensions will be added to your system—no additional installation sources are required.

  6. If needed, adjust the repository Properties as described in Section 10.4.2, “Managing Repository Properties”.

Note
Note: For More Information

White paper SUSE Linux Enterprise Server 12 Modules.

11.3 Installing Extensions and Third Party Add-On Products from Media

When installing an extension or add-on product from media, you can select various types of product media, like DVD/CD, removable mass storage devices (such as flash disks), or a local directory or ISO image. The media can also be provided by a network server, for example, via HTTP, FTP, NFS, or Samba.

  1. Start YaST and select Software › Add-On Products. Alternatively, start the YaST Add-On Products module from the command line with sudo yast2 add-on.

    The dialog will show an overview of already installed add-on products, modules and extensions.

    List of Installed Add-on Products, Modules and Extensions
    Figure 11.2: List of Installed Add-on Products, Modules and Extensions
  2. Choose Add to install a new add-on product.

  3. In the Add-On Product dialog, select the option that matches the type of medium from which you want to install:

    Installation of an Add-on Product or an Extension
    Figure 11.3: Installation of an Add-on Product or an Extension
    • To scan your network for installation servers announcing their services via SLP, select Scan Using SLP and click Next.

    • To add a repository from a removable medium, choose the relevant option and insert the medium or connect the USB device to the machine, respectively. Click Next to start the installation.

    • For most media types, you will prompted to specify the path (or URL) to the media after selecting the respective option and clicking Next. Specifying a Repository Name is optional. If none is specified, YaST will use the product name or the URL as the repository name.

    The option Download Repository Description Files is activated by default. If you deactivate the option, YaST will automatically download the files later, if needed.

  4. Depending on the repository you have added, you may be prompted to import the repository's GPG key or asked to agree to a license.

    After confirming these messages, YaST will download and parse the metadata. It will add the repository to the list of Configured Repositories.

  5. If needed, adjust the repository Properties as described in Section 10.4.2, “Managing Repository Properties”.

  6. Confirm your changes with OK to close the configuration dialog.

  7. After having successfully added the repository for the add-on media, the software manager starts and you can install packages. For details, refer to Chapter 10, Installing or Removing Software.

11.4 SUSE Software Development Kit (SDK) 12 SP4

SUSE Software Development Kit 12 SP4 is an extension for SUSE Linux Enterprise 12 SP4. It is a complete tool kit for application development. In fact, to provide a comprehensive build system, SUSE Software Development Kit 12 SP4 includes all the open source tools that were used to build the SUSE Linux Enterprise Server product. It provides you as a developer, independent software vendor (ISV), or independent hardware vendor (IHV) with all the tools needed to port applications to all the platforms supported by SUSE Linux Enterprise Desktop and SUSE Linux Enterprise Server.

The SUSE Software Development Kit does not require a registration key and is not covered by SUSE support agreements.

SUSE Software Development Kit also contains integrated development environments (IDEs), debuggers, code editors, and other related tools. It supports most major programming languages, including C, C++, Java, and most scripting languages. For your convenience, SUSE Software Development Kit includes multiple Perl packages that are not included in SUSE Linux Enterprise.

The SDK extension is available via an online channel from the SUSE Customer Center. Alternatively, go to http://download.suse.com/, search for SUSE Linux Enterprise Software Development Kit and download it from there. Refer to Chapter 11, Installing Modules, Extensions, and Third Party Add-On Products for details.

11.5 SUSE Package Hub

In the list of Available Extensions and Modules you find the SUSE Package Hub. It is available without any additional fee. It provides a large set of additional community packages for SUSE Linux Enterprise that can easily be installed but are not supported by SUSE.

More information about SUSE Package Hub and how to contribute is available at https://packagehub.suse.com/

Important
Important: SUSE Package Hub is Not Supported

Be aware that packages provided in the SUSE Package Hub are not officially supported by SUSE. SUSE only provides support for enabling the Package Hub repository and help with installation or deployment of the RPM packages.

12 Installing Multiple Kernel Versions

Abstract

SUSE Linux Enterprise Desktop supports the parallel installation of multiple kernel versions. When installing a second kernel, a boot entry and an initrd are automatically created, so no further manual configuration is needed. When rebooting the machine, the newly added kernel is available as an additional boot option.

Using this functionality, you can safely test kernel updates while being able to always fall back to the proven former kernel. To do this, do not use the update tools (such as the YaST Online Update or the updater applet), but instead follow the process described in this chapter.

Warning
Warning: Support Entitlement

Be aware that you lose your entire support entitlement for the machine when installing a self-compiled or a third-party kernel. Only kernels shipped with SUSE Linux Enterprise Desktop and kernels delivered via the official update channels for SUSE Linux Enterprise Desktop are supported.

Tip
Tip: Check Your Boot Loader Configuration Kernel

It is recommended to check your boot loader configuration after having installed another kernel to set the default boot entry of your choice. See Book “Administration Guide”, Chapter 13 “The Boot Loader GRUB 2”, Section 13.3 “Configuring the Boot Loader with YaST” for more information.

12.1 Enabling and Configuring Multiversion Support

Installing multiple versions of a software package (multiversion support) is enabled by default from SUSE Linux Enterprise Server 12 onward. To verify this setting, proceed as follows:

  1. Open /etc/zypp/zypp.conf with the editor of your choice as root.

  2. Search for the string multiversion. If multiversion is enabled for all kernel packages capable of this feature, the following line appears uncommented:

    multiversion = provides:multiversion(kernel)
  3. To restrict multiversion support to certain kernel flavors, add the package names as a comma-separated list to the multiversion option in /etc/zypp/zypp.conf—for example

    multiversion = kernel-default,kernel-default-base,kernel-source
  4. Save your changes.

Warning
Warning: Kernel Module Packages (KMP)

Make sure that required vendor provided kernel modules (Kernel Module Packages) are also installed for the new updated kernel. The kernel update process will not warn about eventually missing kernel modules because package requirements are still fulfilled by the old kernel that is kept on the system.

12.1.1 Automatically Deleting Unused Kernels

When frequently testing new kernels with multiversion support enabled, the boot menu quickly becomes confusing. Since a /boot partition usually has limited space you also might run into trouble with /boot overflowing. While you can delete unused kernel versions manually with YaST or Zypper (as described below), you can also configure libzypp to automatically delete kernels no longer used. By default no kernels are deleted.

  1. Open /etc/zypp/zypp.conf with the editor of your choice as root.

  2. Search for the string multiversion.kernels and activate this option by uncommenting the line. This option takes a comma-separated list of the following values:

    4.4.126-48 keep the kernel with the specified version number

    latest keep the kernel with the highest version number

    latest-N keep the kernel with the Nth highest version number

    running keep the running kernel

    oldest keep the kernel with the lowest version number (the one that was originally shipped with SUSE Linux Enterprise Desktop)

    oldest+N keep the kernel with the Nth lowest version number

    Here are some examples

    multiversion.kernels = latest,running

    Keep the latest kernel and the one currently running. This is similar to not enabling the multiversion feature, except that the old kernel is removed after the next reboot and not immediately after the installation.

    multiversion.kernels = latest,latest-1,running

    Keep the last two kernels and the one currently running.

    multiversion.kernels = latest,running,4.4.126-48

    Keep the latest kernel, the one currently running, and 4.4.126-48.

    Tip
    Tip: Keep the Running Kernel

    Unless you are using a special setup, always keep the kernel marked running.

    If you do not keep the running kernel, it will be deleted when updating the kernel. In turn, this means that all of the running kernel's modules are also deleted and cannot be loaded anymore.

    If you decide not to keep the running kernel, always reboot immediately after a kernel upgrade to avoid issues with modules.

12.1.2 Use Case: Deleting an Old Kernel after Reboot Only

You want to make sure that an old kernel will only be deleted after the system has rebooted successfully with the new kernel.

Change the following line in /etc/zypp/zypp.conf:

multiversion.kernels = latest,running

The previous parameters tell the system to keep the latest kernel and the running one only if they differ.

12.1.3 Use Case: Keeping Older Kernels as Fallback

You want to keep one or more kernel versions to have one or more spare kernels.

This can be useful if you need kernels for testing. If something goes wrong (for example, your machine does not boot), you still can use one or more kernel versions which are known to be good.

Change the following line in /etc/zypp/zypp.conf:

multiversion.kernels = latest,latest-1,latest-2,running

When you reboot your system after the installation of a new kernel, the system will keep three kernels: the current kernel (configured as latest,running) and its two immediate predecessors (configured as latest-1 and latest-2).

12.1.4 Use Case: Keeping a Specific Kernel Version

You make regular system updates and install new kernel versions. However, you are also compiling your own kernel version and want to make sure that the system will keep them.

Change the following line in /etc/zypp/zypp.conf:

multiversion.kernels = latest,3.12.28-4.20,running

When you reboot your system after the installation of a new kernel, the system will keep two kernels: the new and running kernel (configured as latest,running) and your self-compiled kernel (configured as 3.12.28-4.20).

12.2 Installing/Removing Multiple Kernel Versions with YaST

  1. Start YaST and open the software manager via Software › Software Management.

  2. List all packages capable of providing multiple versions by choosing View › Package Groups › Multiversion Packages.

    The YaST Software Manager: Multiversion View
    Figure 12.1: The YaST Software Manager: Multiversion View
  3. Select a package and open its Version tab in the bottom pane on the left.

  4. To install a package, click the check box next to it. A green check mark indicates it is selected for installation.

    To remove an already installed package (marked with a white check mark), click the check box next to it until a red X indicates it is selected for removal.

  5. Click Accept to start the installation.

12.3 Installing/Removing Multiple Kernel Versions with Zypper

  1. Use the command zypper se -s 'kernel*' to display a list of all kernel packages available:

    S | Name           | Type       | Version         | Arch   | Repository
    --+----------------+------------+-----------------+--------+-------------------
    v | kernel-default | package    | 2.6.32.10-0.4.1 | x86_64 | Alternative Kernel
    i | kernel-default | package    | 2.6.32.9-0.5.1  | x86_64 | (System Packages)
      | kernel-default | srcpackage | 2.6.32.10-0.4.1 | noarch | Alternative Kernel
    i | kernel-default | package    | 2.6.32.9-0.5.1  | x86_64 | (System Packages)
    ...
  2. Specify the exact version when installing:

    zypper in kernel-default-2.6.32.10-0.4.1
  3. When uninstalling a kernel, use the commands zypper se -si 'kernel*' to list all kernels installed and zypper rm PACKAGENAME-VERSION to remove the package.

13 Managing Users with YaST

During installation, you could have created a local user for your system. With the YaST module User and Group Management you can add more users or edit existing ones. It also lets you configure your system to authenticate users with a network server.

13.1 User and Group Administration Dialog

To administer users or groups, start YaST and click Security and Users › User and Group Management. Alternatively, start the User and Group Administration dialog directly by running sudo yast2 users & from a command line.

YaST User and Group Administration
Figure 13.1: YaST User and Group Administration

Every user is assigned a system-wide user ID (UID). Apart from the users which can log in to your machine, there are also several system users for internal use only. Each user is assigned to one or more groups. Similar to system users, there are also system groups for internal use.

Depending on the set of users you choose to view and modify with, the dialog (local users, network users, system users), the main window shows several tabs. These allow you to execute the following tasks:

Managing User Accounts

From the Users tab create, modify, delete or temporarily disable user accounts as described in Section 13.2, “Managing User Accounts”. Learn about advanced options like enforcing password policies, using encrypted home directories, or managing disk quotas in Section 13.3, “Additional Options for User Accounts”.

Changing Default Settings

Local users accounts are created according to the settings defined on the Defaults for New Users tab. Learn how to change the default group assignment, or the default path and access permissions for home directories in Section 13.4, “Changing Default Settings for Local Users”.

Assigning Users to Groups

Learn how to change the group assignment for individual users in Section 13.5, “Assigning Users to Groups”.

Managing Groups

From the Groups tab, you can add, modify or delete existing groups. Refer to Section 13.6, “Managing Groups” for information on how to do this.

Changing the User Authentication Method

When your machine is connected to a network that provides user authentication methods like NIS or LDAP, you can choose between several authentication methods on the Authentication Settings tab. For more information, refer to Section 13.7, “Changing the User Authentication Method”.

For user and group management, the dialog provides similar functionality. You can easily switch between the user and group administration view by choosing the appropriate tab at the top of the dialog.

Filter options allow you to define the set of users or groups you want to modify: On the Users or Group tab, click Set Filter to view and edit users or groups according to certain categories, such as Local Users or LDAP Users, for example (if you are part of a network which uses LDAP). With Set Filter › Customize Filter you can also set up and use a custom filter.

Depending on the filter you choose, not all of the following options and functions will be available from the dialog.

13.2 Managing User Accounts

YaST offers to create, modify, delete or temporarily disable user accounts. Do not modify user accounts unless you are an experienced user or administrator.

Note
Note: Changing User IDs of Existing Users

File ownership is bound to the user ID, not to the user name. After a user ID change, the files in the user's home directory are automatically adjusted to reflect this change. However, after an ID change, the user no longer owns the files he created elsewhere in the file system unless the file ownership for those files are manually modified.

In the following, learn how to set up default user accounts. For further options, refer to Section 13.3, “Additional Options for User Accounts”.

Procedure 13.1: Adding or Modifying User Accounts
  1. Open the YaST User and Group Administration dialog and click the Users tab.

  2. With Set Filter define the set of users you want to manage. The dialog lists users in the system and the groups the users belong to.

  3. To modify options for an existing user, select an entry and click Edit.

    To create a new user account, click Add.

  4. Enter the appropriate user data on the first tab, such as Username (which is used for login) and Password. This data is sufficient to create a new user. If you click OK now, the system will automatically assign a user ID and set all other values according to the default.

  5. Activate Receive System Mail if you want any kind of system notifications to be delivered to this user's mailbox. This creates a mail alias for root and the user can read the system mail without having to first log in as root.

    The mails sent by system services are stored in the local mailbox /var/spool/mail/USERNAME, where USERNAME is the login name of the selected user. To read e-mails, you can use the mail command.

  6. To adjust further details such as the user ID or the path to the user's home directory, do so on the Details tab.

    If you need to relocate the home directory of an existing user, enter the path to the new home directory there and move the contents of the current home directory with Move to New Location. Otherwise, a new home directory is created without any of the existing data.

  7. To force users to regularly change their password or set other password options, switch to Password Settings and adjust the options. For more details, refer to Section 13.3.2, “Enforcing Password Policies”.

  8. If all options are set according to your wishes, click OK.

  9. Click OK to close the administration dialog and to save the changes. A newly added user can now log in to the system using the login name and password you created.

    Alternatively, to save all changes without exiting the User and Group Administration dialog, click Expert Options › Write Changes Now.

Tip
Tip: Matching User IDs

For a new (local) user on a laptop which also needs to integrate into a network environment where this user already has a user ID, it is useful to match the (local) user ID to the ID in the network. This ensures that the file ownership of the files the user creates offline is the same as if he had created them directly on the network.

Procedure 13.2: Disabling or Deleting User Accounts
  1. Open the YaST User and Group Administration dialog and click the Users tab.

  2. To temporarily disable a user account without deleting it, select the user from the list and click Edit. Activate Disable User Login. The user cannot log in to your machine until you enable the account again.

  3. To delete a user account, select the user from the list and click Delete. Choose if you also want to delete the user's home directory or if you want to retain the data.

13.3 Additional Options for User Accounts

In addition to the settings for a default user account, SUSE® Linux Enterprise Desktop offers further options, such as options to enforce password policies, use encrypted home directories or define disk quotas for users and groups.

13.3.1 Automatic Login and Passwordless Login

If you use the GNOME desktop environment you can configure Auto Login for a certain user and Passwordless Login for all users. Auto login causes a user to become automatically logged in to the desktop environment on boot. This functionality can only be activated for one user at a time. Login without password allows all users to log in to the system after they have entered their user name in the login manager.

Warning
Warning: Security Risk

Enabling Auto Login or Passwordless Login on a machine that can be accessed by more than one person is a security risk. Without the need to authenticate, any user can gain access to your system and your data. If your system contains confidential data, do not use this functionality.

to activate auto login or login without password, access these functions in the YaST User and Group Administration with Expert Options › Login Settings.

13.3.2 Enforcing Password Policies

On any system with multiple users, it is a good idea to enforce at least basic password security policies. Users should change their passwords regularly and use strong passwords that cannot easily be exploited. For local users, proceed as follows:

Procedure 13.3: Configuring Password Settings
  1. Open the YaST User and Group Administration dialog and select the Users tab.

  2. Select the user for which to change the password options and click Edit.

  3. Switch to the Password Settings tab. The user's last password change is displayed on the tab.

  4. To make the user change his password at next login, activate Force Password Change.

  5. To enforce password rotation, set a Maximum Number of Days for the Same Password and a Minimum Number of Days for the Same Password.

  6. To remind the user to change his password before it expires, set the number of Days before Password Expiration to Issue Warning.

  7. To restrict the period of time the user can log in after his password has expired, change the value in Days after Password Expires with Usable Login.

  8. You can also specify a certain expiration date for the complete account. Enter the Expiration Date in YYYY-MM-DD format. Note that this setting is not password-related but rather applies to the account itself.

  9. For more information about the options and about the default values, click Help.

  10. Apply your changes with OK.

13.3.3 Managing Encrypted Home Directories

To protect data in home directories against theft and hard disk removal, you can create encrypted home directories for users. These are encrypted with LUKS (Linux Unified Key Setup), which results in an image and an image key being generated for the user. The image key is protected with the user's login password. When the user logs in to the system, the encrypted home directory is mounted and the contents are made available to the user.

With YaST, you can create encrypted home directories for new or existing users. To encrypt or modify encrypted home directories of already existing users, you need to know the user's current login password. By default, all existing user data is copied to the new encrypted home directory, but it is not deleted from the unencrypted directory.

Warning
Warning: Security Restrictions

Encrypting a user's home directory does not provide strong security from other users. If strong security is required, the system should not be physically shared.

Find background information about encrypted home directories and which actions to take for stronger security in Book “Security Guide”, Chapter 11 “Encrypting Partitions and Files”, Section 11.2 “Using Encrypted Home Directories”.

Procedure 13.4: Creating Encrypted Home Directories
  1. Open the YaST User and Group Management dialog and click the Users tab.

  2. To encrypt the home directory of an existing user, select the user and click Edit.

    Otherwise, click Add to create a new user account and enter the appropriate user data on the first tab.

  3. In the Details tab, activate Use Encrypted Home Directory. With Directory Size in MB, specify the size of the encrypted image file to be created for this user.

  4. Apply your settings with OK.

  5. Enter the user's current login password to proceed if YaST prompts for it.

  6. Click OK to close the administration dialog and save the changes.

    Alternatively, to save all changes without exiting the User and Group Administration dialog, click Expert Options › Write Changes Now.

Procedure 13.5: Modifying or Disabling Encrypted Home Directories

Of course, you can also disable the encryption of a home directory or change the size of the image file at any time.

  1. Open the YaST User and Group Administration dialog in the Users view.

  2. Select a user from the list and click Edit.

  3. to disable the encryption, switch to the Details tab and disable Use Encrypted Home Directory.

    If you need to enlarge or reduce the size of the encrypted image file for this user, change the Directory Size in MB.

  4. Apply your settings with OK.

  5. Enter the user's current login password to proceed if YaST prompts for it.

  6. Click OK to close the administration dialog and save the changes.

    Alternatively, to save all changes without exiting the User and Group Administration dialog, click Expert Options › Write Changes Now.

13.3.4 Managing Quotas

To prevent system capacities from being exhausted without notification, system administrators can set up quotas for users or groups. Quotas can be defined for one or more file systems and restrict the amount of disk space that can be used and the number of inodes (index nodes) that can be created there. Inodes are data structures on a file system that store basic information about a regular file, directory, or other file system object. They store all attributes of a file system object (like user and group ownership, read, write, or execute permissions), except file name and contents.

SUSE Linux Enterprise Desktop allows usage of soft and hard quotas. Additionally, grace intervals can be defined that allow users or groups to temporarily violate their quotas by certain amounts.

Soft Quota

Defines a warning level at which users are informed that they are nearing their limit. Administrators will urge the users to clean up and reduce their data on the partition. The soft quota limit is usually lower than the hard quota limit.

Hard Quota

Defines the limit at which write requests are denied. When the hard quota is reached, no more data can be stored and applications may crash.

Grace Period

Defines the time between the overflow of the soft quota and a warning being issued. Usually set to a rather low value of one or several hours.

Procedure 13.6: Enabling Quota Support for a Partition

To configure quotas for certain users and groups, you need to enable quota support for the respective partition in the YaST Expert Partitioner first.

  1. In YaST, select System › Partitioner and click Yes to proceed.

  2. In the Expert Partitioner, select the partition for which to enable quotas and click Edit.

  3. Click Fstab Options and activate Enable Quota Support. If the quota package is not already installed, it will be installed once you confirm the respective message with Yes.

  4. Confirm your changes and leave the Expert Partitioner.

  5. Make sure the service quotaon is running by entering the following command:

    systemctl status quotaon

    It should be marked as being active. If this is not the case, start it with the command systemctl start quotaon.

Procedure 13.7: Setting Up Quotas for Users or Groups

Now you can define soft or hard quotas for specific users or groups and set time periods as grace intervals.

  1. In the YaST User and Group Administration, select the user or the group you want to set the quotas for and click Edit.

  2. On the Plug-Ins tab, select the Manage User Quota entry and click Launch to open the Quota Configuration dialog.

  3. From File System, select the partition to which the quota should apply.

  4. Below Size Limits, restrict the amount of disk space. Enter the number of 1 KB blocks the user or group may have on this partition. Specify a Soft Limit and a Hard Limit value.

  5. Additionally, you can restrict the number of inodes the user or group may have on the partition. Below Inodes Limits, enter a Soft Limit and Hard Limit.

  6. You can only define grace intervals if the user or group has already exceeded the soft limit specified for size or inodes. Otherwise, the time-related text boxes are not activated. Specify the time period for which the user or group is allowed to exceed the limits set above.

  7. Confirm your settings with OK.

  8. Click OK to close the administration dialog and save the changes.

    Alternatively, to save all changes without exiting the User and Group Administration dialog, click Expert Options › Write Changes Now.

SUSE Linux Enterprise Desktop also ships command-line tools like repquota or warnquota. System administrators can use these tools to control the disk usage or send e-mail notifications to users exceeding their quota. Using quota_nld, administrators can also forward kernel messages about exceeded quotas to D-BUS. For more information, refer to the repquota, the warnquota and the quota_nld man page.

13.4 Changing Default Settings for Local Users

When creating new local users, several default settings are used by YaST. These include, for example, the primary group and the secondary groups the user belongs to, or the access permissions of the user's home directory. You can change these default settings to meet your requirements:

  1. Open the YaST User and Group Administration dialog and select the Defaults for New Users tab.

  2. To change the primary group the new users should automatically belong to, select another group from Default Group.

  3. To modify the secondary groups for new users, add or change groups in Secondary Groups. The group names must be separated by commas.

  4. If you do not want to use /home/USERNAME as default path for new users' home directories, modify the Path Prefix for Home Directory.

  5. To change the default permission modes for newly created home directories, adjust the umask value in Umask for Home Directory. For more information about umask, refer to Book “Security Guide”, Chapter 10 “Access Control Lists in Linux” and to the umask man page.

  6. For information about the individual options, click Help.

  7. Apply your changes with OK.

13.5 Assigning Users to Groups

Local users are assigned to several groups according to the default settings which you can access from the User and Group Administration dialog on the Defaults for New Users tab. In the following, learn how to modify an individual user's group assignment. If you need to change the default group assignments for new users, refer to Section 13.4, “Changing Default Settings for Local Users”.

Procedure 13.8: Changing a User's Group Assignment
  1. Open the YaST User and Group Administration dialog and click the Users tab. It lists users and the groups the users belong to.

  2. Click Edit and switch to the Details tab.

  3. To change the primary group the user belongs to, click Default Group and select the group from the list.

  4. To assign the user additional secondary groups, activate the corresponding check boxes in the Additional Groups list.

  5. Click OK to apply your changes.

  6. Click OK to close the administration dialog and save the changes.

    Alternatively, to save all changes without exiting the User and Group Administration dialog, click Expert Options › Write Changes Now.

13.6 Managing Groups

With YaST you can also easily add, modify or delete groups.

Procedure 13.9: Creating and Modifying Groups
  1. Open the YaST User and Group Management dialog and click the Groups tab.

  2. With Set Filter define the set of groups you want to manage. The dialog lists groups in the system.

  3. To create a new group, click Add.

  4. To modify an existing group, select the group and click Edit.

  5. In the following dialog, enter or change the data. The list on the right shows an overview of all available users and system users which can be members of the group.

  6. To add existing users to a new group select them from the list of possible Group Members by checking the corresponding box. To remove them from the group deactivate the box.

  7. Click OK to apply your changes.

  8. Click OK to close the administration dialog and save the changes.

    Alternatively, to save all changes without exiting the User and Group Administration dialog, click Expert Options › Write Changes Now.

To delete a group, it must not contain any group members. To delete a group, select it from the list and click Delete. Click OK to close the administration dialog and save the changes. Alternatively, to save all changes without exiting the User and Group Administration dialog, click Expert Options › Write Changes Now.

13.7 Changing the User Authentication Method

When your machine is connected to a network, you can change the authentication method. The following options are available:

NIS

Users are administered centrally on a NIS server for all systems in the network. For details, see Book “Security Guide”, Chapter 3 “Using NIS”.

SSSD

The System Security Services Daemon (SSSD) can locally cache user data and then allow users to use the data, even if the real directory service is (temporarily) unreachable. For details, see Book “Security Guide”, Chapter 4 “Setting Up Authentication Servers and Clients Using YaST”, Section 4.3 “SSSD”.

Samba

SMB authentication is often used in mixed Linux and Windows networks. For details, see Book “Administration Guide”, Chapter 28 “Samba” and Book “Security Guide”, Chapter 7 “Active Directory Support”.

To change the authentication method, proceed as follows:

  1. Open the User and Group Administration dialog in YaST.

  2. Click the Authentication Settings tab to show an overview of the available authentication methods and the current settings.

  3. To change the authentication method, click Configure and select the authentication method you want to modify. This takes you directly to the client configuration modules in YaST. For information about the configuration of the appropriate client, refer to the following sections:

    NIS:  Book “Security Guide”, Chapter 3 “Using NIS”, Section 3.2 “Configuring NIS Clients”

    LDAP:  Book “Security Guide”, Chapter 4 “Setting Up Authentication Servers and Clients Using YaST”, Section 4.1 “Configuring an Authentication Server”

    Samba:  Book “Administration Guide”, Chapter 28 “Samba”, Section 28.4.1 “Configuring a Samba Client with YaST”

  4. After accepting the configuration, return to the User and Group Administration overview.

  5. Click OK to close the administration dialog.

14 Changing Language and Country Settings with YaST

Working in different countries or having to work in a multilingual environment requires your computer to be set up to support this. SUSE® Linux Enterprise Desktop can handle different locales in parallel. A locale is a set of parameters that defines the language and country settings reflected in the user interface.

The main system language was selected during installation and keyboard and time zone settings were adjusted. However, you can install additional languages on your system and determine which of the installed languages should be the default.

For those tasks, use the YaST language module as described in Section 14.1, “Changing the System Language”. Install secondary languages to get optional localization if you need to start applications or desktops in languages other than the primary one.

Apart from that, the YaST timezone module allows you to adjust your country and timezone settings accordingly. It also lets you synchronize your system clock against a time server. For details, refer to Section 14.2, “Changing the Country and Time Settings”.

14.1 Changing the System Language

Depending on how you use your desktop and whether you want to switch the entire system to another language or only the desktop environment itself, there are several ways to do this:

Changing the System Language Globally

Proceed as described in Section 14.1.1, “Modifying System Languages with YaST” and Section 14.1.2, “Switching the Default System Language” to install additional localized packages with YaST and to set the default language. Changes are effective after the next login. To ensure that the entire system reflects the change, reboot the system or close and restart all running services, applications, and programs.

Changing the Language for the Desktop Only

Provided you have previously installed the desired language packages for your desktop environment with YaST as described below, you can switch the language of your desktop using the desktop's control center. Refer to Book “GNOME User Guide”, Chapter 3 “Customizing Your Settings”, Section 3.2.2 “Configuring Language Settings” for details. After the X server has been restarted, your entire desktop reflects your new choice of language. Applications not belonging to your desktop framework are not affected by this change and may still appear in the language that was set in YaST.

Temporarily Switching Languages for One Application Only

You can also run a single application in another language (that has already been installed with YaST). To do so, start it from the command line by specifying the language code as described in Section 14.1.3, “Switching Languages for Standard X and GNOME Applications”.

14.1.1 Modifying System Languages with YaST

YaST knows two different language categories:

Primary Language

The primary language set in YaST applies to the entire system, including YaST and the desktop environment. This language is used whenever available unless you manually specify another language.

Secondary Languages

Install secondary languages to make your system multilingual. Languages installed as secondary languages can be selected manually for a specific situation. For example, use a secondary language to start an application in a certain language to do word processing in this language.

Before installing additional languages, determine which of them should be the default system language (primary language).

To access the YaST language module, start YaST and click System › Language. Alternatively, start the Languages dialog directly by running sudo yast2 language & from a command line.

Procedure 14.1: Installing Additional Languages

When installing additional languages, YaST also allows you to set different locale settings for the user root, see Step 4. The option Locale Settings for User root determines how the locale variables (LC_*) in the file /etc/sysconfig/language are set for root. You can either set them to the same locale as for normal users, keep it unaffected by any language changes or only set the variable RC_LC_CTYPE to the same values as for the normal users. This variable sets the localization for language-specific function calls.

  1. To add additional languages in the YaST language module, select the Secondary Languages you want to install.

  2. To make a language the default language, set it as Primary Language.

  3. Additionally, adapt the keyboard to the new primary language and adjust the time zone, if appropriate.

    Tip
    Tip: Advanced Settings

    For advanced keyboard or time zone settings, select Hardware › System Keyboard Layout or System › Date and Time in YaST to start the respective dialogs. For more information, refer to Section 8.1, “Setting Up Your System Keyboard Layout” and Section 14.2, “Changing the Country and Time Settings”.

  4. To change language settings specific to the user root, click Details.

    1. Set Locale Settings for User root to the desired value. For more information, click Help.

    2. Decide if you want to Use UTF-8 Encoding for root or not.

  5. If your locale was not included in the list of primary languages available, try specifying it with Detailed Locale Setting. However, some localization may be incomplete.

  6. Confirm your changes in the dialogs with OK. If you have selected secondary languages, YaST installs the localized software packages for the additional languages.

The system is now multilingual. However, to start an application in a language other than the primary one, you need to set the desired language explicitly as explained in Section 14.1.3, “Switching Languages for Standard X and GNOME Applications”.

14.1.2 Switching the Default System Language

  1. To globally switch the default system language, start the YaST language module.

  2. Select the desired new system language as Primary Language.

    Important
    Important: Deleting Former System Languages

    If you switch to a different primary language, the localized software packages for the former primary language will be removed from the system. To switch the default system language but keep the former primary language as additional language, add it as Secondary Language by enabling the respective check box.

  3. Adjust the keyboard and time zone options as desired.

  4. Confirm your changes with OK.

  5. After YaST has applied the changes, restart current X sessions (for example, by logging out and logging in again) to make YaST and the desktop applications reflect your new language settings.

14.1.3 Switching Languages for Standard X and GNOME Applications

After you have installed the respective language with YaST, you can run a single application in another language.

Start the application from the command line by using the following command:

LANG=LANGUAGE application

For example, to start f-spot in German, run LANG=de_DE f-spot. For other languages, use the appropriate language code. Get a list of all language codes available with the locale  -av command.

14.2 Changing the Country and Time Settings

Using the YaST date and time module, adjust your system date, clock and time zone information to the area you are working in. To access the YaST module, start YaST and click System › Date and Time. Alternatively, start the Clock and Time Zone dialog directly by running sudo yast2 timezone & from a command line.

First, select a general region, such as Europe. Choose an appropriate country that matches the one you are working in, for example, Germany.

Depending on which operating systems run on your workstation, adjust the hardware clock settings accordingly:

  • If you run another operating system on your machine, such as Microsoft Windows*, it is likely your system does not use UTC, but local time. In this case, deactivate Hardware Clock Set To UTC.

  • If you only run Linux on your machine, set the hardware clock to UTC and have the switch from standard time to daylight saving time performed automatically.

Important
Important: Set the Hardware Clock to UTC

The switch from standard time to daylight saving time (and vice versa) can only be performed automatically when the hardware clock (CMOS clock) is set to UTC. This also applies if you use automatic time synchronization with NTP, because automatic synchronization will only be performed if the time difference between the hardware and system clock is less than 15 minutes.

Since a wrong system time can cause serious problems (missed backups, dropped mail messages, mount failures on remote file systems, etc.) it is strongly recommended to always set the hardware clock to UTC.

You can change the date and time manually or opt for synchronizing your machine against an NTP server, either permanently or only for adjusting your hardware clock.

Procedure 14.2: Manually Adjusting Time and Date
  1. In the YaST timezone module, click Other Settings to set date and time.

  2. Select Manually and enter date and time values.

  3. Confirm your changes.

Procedure 14.3: Setting Date and Time With NTP Server
  1. Click Other Settings to set date and time.

  2. Select Synchronize with NTP Server.

  3. Enter the address of an NTP server, if not already populated.

  4. Click Synchronize Now to get your system time set correctly.

  5. To use NTP permanently, enable Save NTP Configuration.

  6. With the Configure button, you can open the advanced NTP configuration. For details, see Book “Administration Guide”, Chapter 26 “Time Synchronization with NTP”, Section 26.1 “Configuring an NTP Client with YaST”.

  7. Confirm your changes.

Part VI Updating and Upgrading SUSE Linux Enterprise

15 Life Cycle and Support

This chapter provides background information on terminology, SUSE product lifecycles and Service Pack releases, and recommended upgrade policies.

16 Upgrading SUSE Linux Enterprise

SUSE® Linux Enterprise (SLE) allows to upgrade an existing system to the new version, for example, going from SLE 11 SP4 to the latest SLE 12 service pack. No new installation is needed. Existing data, such as home and data directories and system configuration, is kept intact. You can update from a local CD or DVD drive or from a central network installation source.

This chapter explains how to manually upgrade your SUSE Linux Enterprise system, be it by DVD, network, an automated process, or SUSE Manager.

17 Upgrading Offline

This chapter describes how to upgrade an existing SUSE Linux Enterprise installation using YaST which is booted from an installation medium. The YaST installer can, for example, be started from a DVD, over the network, or from the hard disk the system resides on.

18 Upgrading Online

SUSE offers an intuitive graphical and a simple command line tool to upgrade a running system to a new service pack. They provide support for rollback of service packs and more. This chapter explains how to do a service pack upgrade step by step with these tools.

19 Backporting Source Code

SUSE extensively uses backports, for example for the migration of current software fixes and features into released SUSE Linux Enterprise packages. The information in this chapter explains why it can be misleading to compare version numbers to judge the capabilities and the security of SUSE Linux Enterprise software packages. This chapter also explains how SUSE keeps the system software secure and current while maintaining compatibility for your application software on top of SUSE Linux Enterprise products. You will also learn how to check which public security issues actually are addressed in your SUSE Linux Enterprise system software, and the current status of your software.

15 Life Cycle and Support

Abstract

This chapter provides background information on terminology, SUSE product lifecycles and Service Pack releases, and recommended upgrade policies.

15.1 Terminology

This section uses several terms. To understand the information, read the definitions below:

Backporting

Backporting is the act of adapting specific changes from a newer version of software and applying it to an older version. The most commonly used case is fixing security holes in older software components. Usually it is also part of a maintenance model to supply enhancements or (less commonly) new features.

Delta RPM

A delta RPM consists only of the binary diff between two defined versions of a package, and therefore has the smallest download size. Before being installed, the full RPM package is rebuilt on the local machine.

Downstream

A metaphor of how software is developed in the open source world (compare it with upstream). The term downstream refers to people or organizations like SUSE who integrate the source code from upstream with other software to build a distribution which is then used by end users. Thus, the software flows downstream from its developers via the integrators to the end users.

Extensions, Add-On Products

Extensions and third party add-on products provide additional functionality of product value to SUSE Linux Enterprise Desktop. They are provided by SUSE and by SUSE partners, and they are registered and installed on top of the base product SUSE Linux Enterprise Desktop.

LTSS

LTSS is the abbreviation for Long Term Service Pack Support, which is available as an extension for SUSE Linux Enterprise Desktop.

Major Release, General Availability (GA) Version

The major release of SUSE Linux Enterprise (or any software product) is a new version which brings new features and tools, decommissions previously deprecated components and comes with backward-incompatible changes. Major releases for example are SUSE Linux Enterprise 11 or 12.

Migration

Updating to a Service Pack (SP) by using the online update tools or an installation medium to install the respective patches. It updates all packages of the installed system to the latest state.

Migration Targets

Set of compatible products to which a system can be migrated, containing the version of the products/extensions and the URL of the repository. Migration targets can change over time and depend on installed extensions. Multiple migration targets can be selected, for example SLE 12 SP2 and SES2 or SLE 12 SP2 and SES3.

Modules

Modules are fully supported parts of SUSE Linux Enterprise Desktop with a different life cycle. They have a clearly defined scope and are delivered via online channel only. Registering at the SUSE Customer Center, SMT (Subscription Management Tool), or SUSE Manager is a prerequisite for being able to subscribe to these channels.

Package

A package is a compressed file in rpm format that contains all files for a particular program, including optional components like configuration, examples, and documentation.

Patch

A patch consists of one or more packages and may be applied by means of delta RPMs. It may also introduce dependencies to packages that are not installed yet.

Service Packs (SP)

Combines several patches into a form that is easy to install or deploy. Service packs are numbered and usually contain security fixes, updates, upgrades, or enhancements of programs.

Upstream

A metaphor of how software is developed in the open source world (compare it with downstream). The term upstream refers to the original project, author or maintainer of a software that is distributed as source code. Feedback, patches, feature enhancements, or other improvements flow from end users or contributors to upstream developers. They decide if the request will be integrated or rejected.

If the project members decide to integrate the request, it will show up in newer versions of the software. An accepted request will benefit all parties involved.

If a request is not accepted, it may be for different reasons. Either it is in a state that is not compliant with the project's guidelines, it is invalid, it is already integrated, or it is not in the interest or roadmap of the project. An unaccepted request makes it harder for upstream developers as they need to synchronize their patches with the upstream code. This practice is generally avoided, but sometimes it is still needed.

Update

Installation of a newer minor version of a package, which usually contains security or bug fixes.

Upgrade

Installation of a newer major version of a package or distribution, which brings new features.

15.2 Product Life Cycle

SUSE has the following life cycle for products:

  • SUSE Linux Enterprise Server has a 13-year life cycle: 10 years of general support and 3 years of extended support.

  • SUSE Linux Enterprise Desktop has a 10-year life cycle: 7 years of general support and 3 years of extended support.

  • Major releases are made every 4 years. Service packs are made every 12-14 months.

SUSE supports previous service packs for 6 months after the release of the new service pack. Figure 15.1, “Major Releases and Service Packs” depicts some mentioned aspects.

Major Releases and Service Packs
Figure 15.1: Major Releases and Service Packs

If you need additional time to design, validate and test your upgrade plans, Long Term Service Pack Support can extend the support you get by an additional 12 to 36 months in 12-month increments, giving you a total of between 2 and 5 years of support on any service pack (see Figure 15.2, “Long Term Service Pack Support”).

Long Term Service Pack Support
Figure 15.2: Long Term Service Pack Support

For more information refer to https://www.suse.com/products/long-term-service-pack-support/.

For the life cycles of all products refer to https://www.suse.com/lifecycle/.

15.3 Module Life Cycles

With SUSE Linux Enterprise 12, SUSE introduces modular packaging. The modules are distinct sets of packages grouped into their own maintenance channel and updated independently of service pack life cycles. This allows you to get timely and easy access to the latest technology in areas where innovation is occurring at a rapid pace. For information about the life cycles of modules refer to https://scc.suse.com/docs/lifecycle/sle/12/modules.

15.4 Generating Periodic Life Cycle Report

SUSE Linux Enterprise Desktop can regularly check for changes in the support status of all installed products and send the report via e-mail in case of changes. To generate the report, install the zypper-lifecycle-plugin with zypper in zypper-lifecycle-plugin.

Enable the report generation on your system with systemctl:

root # systemctl enable lifecycle-report

The recipient and subject of the report e-mail, as well as the report generation period can be configured in the file /etc/sysconfig/lifecycle-report with any text editor. The settings MAIL_TO and MAIL_SUBJ define the mail recipient and subject, while DAYS sets the interval at which the report is generated.

The report displays changes in the support status after the change occurred and not in advance. If the change occurs right after the generation of the last report, it can take up to 14 days until you are notified of the change. Take this into account when setting the DAYS option. Change the following configuration entries to fit your requirements:

MAIL_TO='root@localhost'
MAIL_SUBJ='Lifecycle report'
DAYS=14

The latest report is available in the file /var/lib/lifecycle/report. The file contains two sections. The first section informs about the end of support for used products. The second section lists packages with their support end dates and update availability.

15.5 Support Levels

The range for extended support levels starts from year 10 and ends in year 13. These contain continued L3 engineering level diagnosis and reactive critical bug fixes. With these support levels, you will receive updates for trivially exploitable root exploits in the kernel and other root exploits directly executable without user interaction. Furthermore, they support existing workloads, software stacks, and hardware with limited package exclusion list. Find an overview in Table 15.1, “Security Updates and Bug Fixes”.

Table 15.1: Security Updates and Bug Fixes
 

General Support for Most Recent Service Pack (SP)

General Support for Previous SP, with LTSS

Extended Support with LTSS

Feature

Year 1-5

Year 6-7

Year 8-10

Year 4-10

Year 10-13

Technical Services

Yes

Yes

Yes

Yes

Yes

Access to Patches and Fixes

Yes

Yes

Yes

Yes

Yes

Access to Documentation and Knowledge Base

Yes

Yes

Yes

Yes

Yes

Support for Existing Stacks and Workloads

Yes

Yes

Yes

Yes

Yes

Support for New Deployments

Yes

Yes

Limited (Based on partner and customer requests)

Limited (Based on partner and customer requests)

No

Enhancement Requests

Yes

Limited (Based on partner and customer requests)

Limited (Based on partner and customer requests)

No

No

Hardware Enablement and Optimization

Yes

Limited (Based on partner and customer requests)

Limited (Based on partner and customer requests)

No

No

Driver updates via SUSE SolidDriver Program (formerly PLDP)

Yes

Yes

Limited (Based on partner and customer requests)

Limited (Based on partner and customer requests)

No

Backport of Fixes from Recent SP

Yes

Yes

Limited (Based on partner and customer requests)

N/A

N/A

Critical Security Updates

Yes

Yes

Yes

Yes

Yes

Defect Resolution

Yes

Yes

Limited (Severity Level 1 and 2 defects only)

Limited (Severity Level 1 and 2 defects only)

Limited (Severity Level 1 and 2 defects only)

15.6 Repository Model

The repository layout corresponds to the product lifecycles. The following sections contain a list of all relevant repositories.

Description of Required Repositories
Updates

Maintenance updates to packages in the corresponding Core or Pool repository.

Pool

Containing all binary RPMs from the installation media, plus pattern information and support status metadata.

Description of Optional Repositories
Debuginfo-Pool, Debuginfo-Updates

These repositories contain static content. Of these two, only the Debuginfo-Updates repository receives updates. Enable these repositories if you need to install libraries with debug information in case of an issue.

Note
Note: Origin of Packages for SUSE Linux Enterprise 12 and Later

With the update to SUSE Linux Enterprise 12 there are only two repositories available: SLED12-GA-Pool and SLED12-GA-Updates. Any previous repositories from SUSE Linux Enterprise 11 are not visible anymore.

15.6.1 Required Repositories for SUSE Linux Enterprise Server

SLES 12
SLES12-GA-Pool
SLES12-GA-Updates
SLES 12 SP1
SLES12-SP1-Pool
SLES12-SP1-Updates
SLES 12 SP2
SLES12-SP2-Pool
SLES12-SP2-Updates
SLES 12 SP3
SLES12-SP3-Pool
SLES12-SP3-Updates
SLES 12 SP4
SLES12-SP4-Pool
SLES12-SP4-Updates

15.6.2 Optional Repositories for SUSE Linux Enterprise Server

SLES 12
SLES12-GA-Debuginfo-Core
SLES12-GA-Debuginfo-Updates
SLES 12 SP1
SLES12-SP1-Debuginfo-Core
SLES12-SP1-Debuginfo-Updates
SLES 12 SP2
SLES12-SP2-Debuginfo-Core
SLES12-SP2-Debuginfo-Updates
SLES 12 SP3
SLES12-SP3-Debuginfo-Core
SLES12-SP3-Debuginfo-Updates
SLES 12 SP4
SLES12-SP4-Debuginfo-Core
SLES12-SP4-Debuginfo-Updates

15.6.3 Module-Specific Repositories for SUSE Linux Enterprise Server

The following listing contains only the core repositories for each module, but not Debuginfo or Source repositories.

Modules Available for SLES 12 GA/SP1/SP2/SP3/SP4
  • Advanced Systems Management Module: CFEngine, Puppet and the Machinery tool

    SLE-Module-Adv-Systems-Management12-Pool
    SLE-Module-Adv-Systems-Management12-Updates
  • Certification Module: FIPS 140-2 certification-specific packages (not available on AArch64 and POWER)

    SLE-Module-Certifications12-Pool
    SLE-Module-Certifications12-Updates
  • Containers Module: Docker Open Source Engine, tools, prepackaged images

    SLE-Module-Containers12-Pool
    SLE-Module-Containers12-Updates
  • Legacy Module: Sendmail, old IMAP stack, old Java, … (not available on AArch64)

    SLE-Module-Legacy12-Pool
    SLE-Module-Legacy12-Updates
  • Public Cloud Module: public cloud initialization code and tools

    SLE-Module-Public-Cloud12-Pool
    SLE-Module-Public-Cloud12-Updates
  • Toolchain Module: GNU Compiler Collection (GCC)

    SLE-Module-Toolchain12-Pool
    SLE-Module-Toolchain12-Updates
  • Web and Scripting Module: PHP, Python, Ruby on Rails

    SLE-Module-Web-Scripting12-Pool
    SLE-Module-Web-Scripting12-Updates
Modules Available for SLES 12 SP2/SP3/SP4
  • HPC Module: tools and libraries related to High Performance Computing

    SLE-Module-HPC12-Pool
    SLE-Module-HPC12-Updates

15.6.4 Required Repositories for SUSE Linux Enterprise Desktop

SLED 12
SLED12-GA-Pool
SLED12-GA-Updates
SLED 12 SP1
SLED12-SP1-Pool
SLED12-SP1-Updates
SLED 12 SP2
SLED12-SP2-Pool
SLED12-SP2-Updates
SLED 12 SP3
SLED12-SP3-Pool
SLED12-SP3-Updates
SLED 12 SP4
SLED12-SP4-Pool
SLED12-SP4-Updates

15.6.5 Optional Repositories for SUSE Linux Enterprise Desktop

SLED 12
SLED12-GA-Debuginfo-Core
SLED12-GA-Debuginfo-Updates
SLED 12 SP1
SLED12-SP1-Debuginfo-Core
SLED12-SP1-Debuginfo-Updates
SLED 12 SP2
SLED12-SP2-Debuginfo-Core
SLED12-SP2-Debuginfo-Updates
SLED 12 SP3
SLED12-SP3-Debuginfo-Core
SLED12-SP3-Debuginfo-Updates
SLED 12 SP4
SLED12-SP4-Debuginfo-Core
SLED12-SP4-Debuginfo-Updates

15.6.6 Register and Unregister Repositories with SUSEConnect

On registration, the system receives repositories from the SUSE Customer Center (see https://scc.suse.com/) or a local registration proxy like SMT. The repository names map to specific URIs in the customer center. To list all available repositories on your system, use zypper as follows:

root # zypper repos -u

This gives you a list of all available repositories on your system. Each repository is listed by its alias, name and whether it is enabled and will be refreshed. The option -u gives you also the URI from where it originated.

To register your machine, run SUSEConnect, for example:

root # SUSEConnect -r REGCODE

If you want to unregister your machine, from SP1 and above you can use SUSEConnect too:

root # SUSEConnect --de-register

To check your locally installed products and their status, use the following command:

root # SUSEConnect -s

16 Upgrading SUSE Linux Enterprise

Abstract

SUSE® Linux Enterprise (SLE) allows to upgrade an existing system to the new version, for example, going from SLE 11 SP4 to the latest SLE 12 service pack. No new installation is needed. Existing data, such as home and data directories and system configuration, is kept intact. You can update from a local CD or DVD drive or from a central network installation source.

This chapter explains how to manually upgrade your SUSE Linux Enterprise system, be it by DVD, network, an automated process, or SUSE Manager.

16.1 Supported Upgrade Paths to SLE 12 SP4

Overview of Supported Upgrade Paths
Figure 16.1: Overview of Supported Upgrade Paths
Important
Important: Cross-architecture Upgrades Are Not Supported

Cross-architecture upgrades, such as upgrading from a 32-bit version of SUSE Linux Enterprise Desktop to the 64-bit version, or upgrading from big endian to little endian are not supported!

Specifically, SLE 11 on POWER (big endian) to SLE 12 SP2 on POWER (new: little endian!), is not supported.

Also, since SUSE Linux Enterprise 12 is 64-bit only, upgrades from any 32-bit SUSE Linux Enterprise 11 systems to SUSE Linux Enterprise 12 and later are not supported.

To make a cross-architecture upgrade, you need to perform a new installation.

Note
Note: Skipping Service Packs

Skipping Service Packs on SUSE Linux Enterprise Desktop is not supported. You need to consecutively install all Service Packs.

Note
Note: Upgrading to Major Releases

We recommend to do a fresh install when upgrading to a new Major Release, for example from SUSE Linux Enterprise 11 to SUSE Linux Enterprise 12.

Supported Upgrade Paths per Version
Upgrading from SUSE Linux Enterprise 10 (any Service Pack)

There is no supported direct migration path to SUSE Linux Enterprise 12. We recommend a fresh installation in this case.

Upgrading from SUSE Linux Enterprise 11 GA / SP1 / SP2 / SP3

There is no supported direct migration path to SUSE Linux Enterprise 12. You need at least SLE 11 SP4 before you can proceed to SLE 12 SP4.

If you cannot do a fresh install, first upgrade your installed SLE 11 Service Pack to SLE 11 SP4. These steps are described in the Deployment Guide for SUSE Linux Enterprise 11: https://www.suse.com/documentation/sled11/.

Upgrading from SUSE Linux Enterprise 11 SP4

Upgrading from SLE 11 SP4 to SLE 12 SP4 is only supported via an offline upgrade. Refer to Chapter 17, Upgrading Offline for details.

Upgrading from SUSE Linux Enterprise 12 GA to SP4

A direct upgrade from SLE 12 GA to SP4 is not supported. Upgrade to SLE 12 SP3 first.

Upgrading from SUSE Linux Enterprise 12 SP1 to SP4

A direct upgrade from SLE 12 SP1 to SP4 is not supported. Upgrade to SLE 12 SP3 first.

Upgrading from SUSE Linux Enterprise 12 SP2 to SP4

A direct upgrade from SLE 12 SP2 to SP4 is not supported. Upgrade to SLE 12 SP3 first.

Upgrading from SUSE Linux Enterprise 12 SP3 to SP4

Upgrading from SUSE Linux Enterprise 12 SP3 to SP4 is supported.

16.2 Online and Offline Upgrade

SUSE supports two different upgrade and migration methods. For more information about the terminology, see Section 15.1, “Terminology”. The methods are:

Online

All upgrades that are executed from the running system are considered to be online. Examples: Connected through SUSE Customer Center, Subscription Management Tool (SMT), SUSE Manager using Zypper or YaST.

When migrating between Service Packs of the same major release, we suggest following Section 18.4, “Upgrading with the Online Migration Tool (YaST)” or Section 18.5, “Upgrading with Zypper”.

Offline

Offline methods usually boot another operating system from which the installed SLE version is upgraded. Examples are: DVD, flash disk, ISO image, AutoYaST, plain RPM or PXE boot.

Upgrading from SUSE Linux Enterprise 11 SP4 to SUSE Linux Enterprise 12 SP4 is only supported via an offline upgrade. See Chapter 17, Upgrading Offline.

Upgrading from SUSE Linux Enterprise 12 LTSS SP1 to SP4 is supported using all offline and online methods. See Chapter 17, Upgrading Offline and Chapter 18, Upgrading Online.

Important
Important: SUSE Manager Clients

If your machine is managed by SUSE Manager, the upgrade procedure should be started in the management interface. For details, see Section 17.6, “Updating via SUSE Manager”.

16.3 Preparing the System

Before starting the upgrade procedure, make sure your system is properly prepared. Among others, preparation involves backing up data and checking the release notes.

16.3.1 Make Sure the Current System Is Up-To-Date

Upgrading the system is only supported from the most recent patch level. Make sure the latest system updates are installed by either running zypper patch or by starting the YaST module Online-Update.

16.3.2 Read the Release Notes

In the release notes you can find additional information on changes since the previous release of SUSE Linux Enterprise Desktop. Check the release notes to see whether:

  • your hardware needs special considerations;

  • any used software packages have changed significantly;

  • special precautions are necessary for your installation.

The release notes also provide information that could not make it into the manual on time. They also contain notes about known issues.

Find the release notes locally in the directory /usr/share/doc/release-notes or online at https://www.suse.com/releasenotes/.

16.3.3 Make a Backup

Before updating, copy existing configuration files to a separate medium (such as tape device, removable hard disk, etc.) to back up the data. This primarily applies to files stored in /etc and some directories and files in /var and /opt. You may also want to write the user data in /home (the HOME directories) to a backup medium. Back up this data as root. Only root has read permissions for all local files.

If you have selected Update an Existing System as the installation mode in YaST, you can choose to do a (system) backup at a later point in time. You can choose to include all modified files and files from the /etc/sysconfig directory. However, this is not a complete backup, as all the other important directories mentioned above are missing. Find the backup in the /var/adm/backup directory.

16.3.3.1 Listing Installed Packages and Repositories

It is often useful to have a list of installed packages, for example when doing a fresh install of a new major SLE release or reverting to the old version.

Be aware that not all installed packages or used repositories are available in newer releases of SUSE Linux Enterprise. Some may have been renamed and others replaced. It is also possible that some packages are still available for legacy purposes while another package is used by default. Therefore some manual editing of the files might be necessary. This can be done with any text editor.

Create a file named repositories.bak containing a list of all used repositories:

root # zypper lr -e repositories.bak

Also create a file named installed-software.bak containing a list of all installed packages:

root # rpm -qa --queryformat '%{NAME}\n' > installed-software.bak

Back up both files. The repositories and installed packages can be restored with the following commands:

root # zypper ar repositories.bak
root # zypper install $(cat installed-software.bak)
Note
Note: Amount of Packages Increases with an Update to a New Major Release

A system upgraded to a new major version (SLE X+1) may contain more packages than the initial system (SLE X). It will also contain more packages than a fresh installation of SLE X+1 with the same pattern selection. Reasons for this are:

  • Packages got split to allow a more fine-grained package selection. For example, 37 texlive packages on SLE 11 were split into 422 packages on SLE 12.

  • When a package got split into other packages all new packages are installed in the upgrade case to retain the same functionality as with the previous version. However, the new default for a fresh installation of SLE X+1 may be to not install all packages.

  • Legacy packages from SLE X may be kept for compatibility reasons.

  • Package dependencies and the scope of patterns may have changed.

16.3.4 Migrate your MySQL Database

As of SUSE Linux Enterprise 12, SUSE switched from MySQL to MariaDB. Before you start any upgrade, it is highly recommended to back up your database.

To perform the database migration, do the following:

  1. Log in to your SUSE Linux Enterprise 11 machine.

  2. Create a dump file:

    root # mysqldump -u root -p --all-databases > mysql_backup.sql

    By default, mysqldump does not dump the INFORMATION_SCHEMA or performance_schema database. For more details refer to https://dev.mysql.com/doc/refman/5.5/en/mysqldump.html.

  3. Store your dump file, the configuration file /etc/my.cnf, and the directory /etc/mysql/ for later investigation (NOT installation!) in a safe place.

  4. Perform your upgrade. After the upgrade, your former configuration file /etc/my.cnf is still intact. You can find the new configuration in the file /etc/my.cnf.rpmnew.

  5. Configure your MariaDB database to your needs. Do NOT use the former configuration file and directory, but use it as a reminder and adapt it.

  6. Make sure you start the MariaDB server:

    root # systemctl start mysql

    If you want to start the MariaDB server on every boot, enable the service:

    root # systemctl enable mysql
  7. Verify that MariaDB is running properly by connecting to the database:

    root # mysql -u root -p

16.3.5 Migrate your PostgreSQL Database

A newer version of the PostgreSQL database is shipped as a maintenance update. Because of the required migration work of the database, there is no automatic upgrade process. As such, the switch from one version to another needs to be done manually.

The migration process is conducted by the pg_upgrade command which is an alternative method of the classic dump and reload. In comparison with the dump & reload method, pg_upgrade makes the migration less time-consuming.

The program files for each PostgreSQL version are stored in different, version-dependent directories. For example, in /usr/lib/postgresql96/ for version 9.6 and in /usr/lib/postgresql10/ for version 10. Note that the versioning policy of PostgreSQL has changed between the major versions 9.6 and 10. For details, see https://www.postgresql.org/support/versioning/.

Important
Important: Upgrading from SLE 11

When upgrading from SLE 11, postgresql94 will be uninstalled and cannot be used for the database migration to a higher PostgreSQL version. Therefore in this case make sure to migrate the PostgreSQL database before you upgrade your system.

The procedure below describes the database migration from version 9.6 to 10. When using a different version as start or target, replace the version numbers accordingly.

To perform the database migration, do the following:

  1. Make sure the following preconditions are fulfilled:

    • If not already done, upgrade any package of the old PostgreSQL version to the latest release through a maintenance update.

    • Create a backup of your existing database.

    • Install the packages of the new PostgreSQL major version. For SLE12 SP4 this means to install postgresql10-server and all the packages it depends on.

    • Install the package postgresql10-contrib which contains the command pg_upgrade.

    • Make sure you have enough free space in your PostgreSQL data area, which is /var/lib/pgsql/data by default. If space is tight, try to reduce size with the following SQL command on each database (can take very long!):

      VACUUM FULL
  2. Stop the PostgreSQL server with either:

    root # /usr/sbin/rcpostgresql stop

    or

    root # systemctl stop postgresql.service

    (depending on the SLE version you use as the start version for your upgrade).

  3. Rename your old data directory:

    root # mv /var/lib/pgsql/data /var/lib/pgsql/data.old
  4. Initialize your new database instance either manually with initdb or by starting and stopping PostgreSQL, which will do it automatically:

    root # /usr/sbin/rcpostgresql start
    root # /usr/sbin/rcpostgresql stop

    or

    root # systemctl start postgresql.service
    root # systemctl stop postgresql.service

    (depending on the SLE version you use as the start version for your upgrade).

  5. If you have changed your configuration files in the old version, consider transferring these changes to the new configuration files. This may affect the files postgresql.auto.conf, postgresql.conf, pg_hba.conf and pg_ident.conf. The old versions of these files are located in /var/lib/pgsql/data.old/, the new versions can be found in /var/lib/pgsql/data.

    Note that just copying the old configuration files is not recommended, because this may overwrite new options, new defaults and changed comments.

  6. Start the migration process as user postgres:

    root # su - postgres
    postgres > pg_upgrade \
       --old-datadir "/var/lib/pgsql/data.old" \
       --new-datadir "/var/lib/pgsql/data" \
       --old-bindir "/usr/lib/postgresql96/bin/" \
       --new-bindir "/usr/lib/postgresql10/bin/"
  7. Start your new database instance with either:

    root # /usr/sbin/rcpostgresql start

    or

    root # systemctl start postgresql.service

    (depending on the SLE version you use as the start version for your upgrade).

  8. Check if the migration was successful. The scope of the test depends on your use case. There is no general tool to automate this step.

  9. Remove any old PostgreSQL packages and your old data directory:

    root # zypper search -s postgresql96 | xargs zypper rm -u
    root # rm -rf /var/lib/pgsql/data.old

16.3.6 Create Non-MD5 Server Certificates for Java Applications

During the update from SP1 to SP2, MD5-based certificates were disabled as part of a security fix. If you have certificates created as MD5, re-create your certificates with the following steps:

  1. Open a terminal and log in as root.

  2. Create a private key:

    root # openssl genrsa -out server.key 1024

    If you want a stronger key, replace 1024 with a higher number, for example, 4096.

  3. Create a certificate signing request (CSR):

    root # openssl req -new -key server.key -out server.csr
  4. Self-sign the certificate:

    root # openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
  5. Create the PEM file:

    root # cat server.key server.crt > server.pem
  6. Place the files server.crt, server.csr, server.key, and server.pem in the respective directories where the keys can be found. For Tomcat, for example, this directory is /etc/tomcat/ssl/.

16.3.7 Shut Down Virtual Machine Guests

If your machine serves as a VM Host Server for KVM or Xen, make sure to properly shut down all running VM Guests prior to the update. Otherwise you may not be able to access the guests after the update.

16.3.8 Adjust Your SMT Client Setup

If the machine you want to upgrade is registered as a client against an SMT server, take care of the following:

Check if the version of the clientSetup4SMT.sh script on your host is up to date. clientSetup4SMT.sh from older versions of SMT cannot manage SMT 12 clients. If you apply software patches regularly on your SMT server, you can always find the latest version of clientSetup4SMT.sh at <SMT_HOSTNAME>/repo/tools/clientSetup4SMT.sh.

In case upgrading your machine to a higher version of SUSE Linux Enterprise Desktop fails, de-register the machine from the SMT server as described in Procedure 16.1. Afterward, restart the upgrade process.

Procedure 16.1: De-registering a SUSE Linux Enterprise Client from an SMT Server
  1. Log in to the client machine.

  2. The following step depends on the current operating system of the client:

    • For SUSE Linux Enterprise 11, execute the following commands:

      tux > sudo suse_register -E
      tux > sudo rm -f /etc/SUSEConnect
      tux > sudo rm -rf /etc/zypp/credentials.d/*
      tux > sudo rm -rf /etc/zypp/repos.d/*
      tux > sudo rm -f /etc/zypp/services.d/*
      tux > sudo rm -f /var/cache/SUSERegister/*
      tux > sudo rm -f /etc/suseRegister*
      tux > sudo rm -f /var/cache/SUSERegister/lastzmdconfig.cache
      tux > sudo rm -f /etc/zmd/deviceid
      tux > sudo rm -f /etc/zmd/secret
    • For SUSE Linux Enterprise 12, execute the following commands:

      tux > sudo SUSEConnect --de-register
      tux > sudo SUSEConnect --cleanup
      tux > sudo rm -f /etc/SUSEConnect
      tux > sudo rm -rf /etc/zypp/credentials.d/*
      tux > sudo rm -rf /etc/zypp/repos.d/*
      tux > sudo rm -f /etc/zypp/services.d/*
  3. Log in to the SMT server.

  4. Check if the client has successfully been de-registered by listing all client registrations:

    tux > sudo smt-list-registrations
  5. If the client's host name is still listed in the output of this command, get the client's Unique ID from the first column. (The client might be listed with multiple IDs.)

  6. Delete the registration for this client:

    tux > sudo smt-delete-registration -g UNIQUE_ID
  7. If the client is listed with multiple IDs, repeat the step above for each of its unique IDs.

  8. Check if the client has now successfully been de-registered by re-running:

    tux > sudo smt-list-registrations

16.3.9 Disk Space

Software tends to grow from version to version. Therefore, take a look at the available partition space before updating. If you suspect you are running short of disk space, back up your data before increasing the available space by resizing partitions, for example. There is no general rule regarding how much space each partition should have. Space requirements depend on your particular partitioning profile and the software selected.

Note
Note: Automatic Check for Enough Space in YaST

During the update procedure, YaST will check how much free disk space is available and display a warning to the user if the installation may exceed the available amount. In that case, performing the update may lead to an unusable system! Only if you know exactly what you are doing (by testing beforehand), you can skip the warning and continue the update.

16.3.9.1 Checking Disk Space on Non-Btrfs File Systems

Use the df command to list available disk space. For example, in Example 16.1, “List with df -h, the root partition is /dev/sda3 (mounted as /).

Example 16.1: List with df -h
Filesystem     Size  Used Avail Use% Mounted on
/dev/sda3       74G   22G   53G  29% /
tmpfs          506M     0  506M   0% /dev/shm
/dev/sda5      116G  5.8G  111G   5% /home
/dev/sda1       39G  1.6G   37G   4% /windows/C
/dev/sda2      4.6G  2.6G  2.1G  57% /windows/D

16.3.9.2 Checking Disk Space on Btrfs Root File Systems

If you use Btrfs as root file systems on your machine, make sure there is enough free space. In the worst case, an upgrade needs as much disk space as the current root file system (without /.snapshot) for a new snapshot. To display available disk space use the command:

root # df -h /

Check the available space on all other mounted partitions as well. The following recommendations have been proven:

  • For all file systems including Btrfs you need enough free disk space to download and install big RPMs. The space of old RPMs are only freed after new RPMs are installed.

  • For Btrfs with snapshots, you need at minimum as much free space as your current installation takes. We recommend to have twice as much free space as the current installation.

    If you do not have enough free space, you can try to delete old snapshots with snapper:

    root # snapper list
    root # snapper delete NUMBER

    However, this may not help in all cases. Before migration, most snapshots occupy only little space.

16.3.10 Temporarily Disabling Kernel Multiversion Support

SUSE Linux Enterprise Desktop allows installing multiple kernel versions by enabling the respective settings in /etc/zypp/zypp.conf. Support for this feature needs to be temporarily disabled to upgrade to a service pack. When the update has successfully finished, multiversion support can be re-enabled. To disable multiversion support, comment the respective lines in /etc/zypp/zypp.conf. The result should look similar to:

#multiversion = provides:multiversion(kernel)
#multiversion.kernels = latest,running

To re-activate this feature after a successful update, remove the comment signs. For more information about multiversion support, refer to Section 12.1, “Enabling and Configuring Multiversion Support”.

17 Upgrading Offline

Abstract

This chapter describes how to upgrade an existing SUSE Linux Enterprise installation using YaST which is booted from an installation medium. The YaST installer can, for example, be started from a DVD, over the network, or from the hard disk the system resides on.

17.1 Conceptual Overview

Before upgrading your system, read Section 16.3, “Preparing the System” first.

To upgrade your system, boot from an installation source, as you would do for a fresh installation. However, when the boot screen appears, you need to select Upgrade (instead of Installation). The upgrade can be started from:

17.2 Starting the Upgrade from an Installation Medium

The procedure below describes booting from a DVD, but you can also use another local installation medium like an ISO image on a USB mass storage device. The medium and boot method to select depends on the system architecture and on whether the machine has a traditional BIOS or UEFI.

Procedure 17.1: Manually Upgrading from SLE 11 SP4 to SLE 12 SP4
  1. Select and prepare a boot medium, see Section 3.2, “System Start-up for Installation”.

  2. Insert DVD 1 of the SUSE Linux Enterprise 12 SP4 installation medium and boot your machine. A Welcome screen is displayed, followed by the boot screen.

  3. Start up the system by selecting Upgrade in the boot menu.

  4. Proceed with the upgrade process as described in Section 17.5, “Upgrading SUSE Linux Enterprise”.

17.3 Starting the Upgrade from a Network Source

To start an upgrade from a network installation source, make sure that the following requirements are met:

Requirements for Upgrading from a Network Installation Source
Network Installation Source

A network installation source is set up according to Chapter 5, Setting Up the Server Holding the Installation Sources.

Network Connection and Network Services

Both the installation server and the target machine must have a functioning network connection. Required network services are:

  • Domain Name Service

  • DHCP (only needed for booting via PXE, IP can be set manually during setup)

  • OpenSLP (optional)

Boot Medium

You have a SUSE Linux Enterprise Desktop DVD 1 (or a local ISO image) at hand to boot the target system or a target system that is set up for booting via PXE according to Section 6.5, “Preparing the Target System for PXE Boot”. Refer to Chapter 7, Remote Installation for in-depth information on starting the upgrade from a remote server.

17.3.1 Manually Upgrading via Network Installation Source—Booting from DVD

This procedure describes booting from a DVD as an example, but you can also use another local installation medium like an ISO image on a USB mass storage device. The way to select the boot method and to start up the system from the medium depends on the system architecture and on whether the machine has a traditional BIOS or UEFI. For details, see the links below.

  1. Insert DVD 1 of the SUSE Linux Enterprise 12 SP4 installation media and boot your machine. A Welcome screen is displayed, followed by the boot screen.

  2. Select the type of network installation source you want to use (FTP, HTTP, NFS, SMB, or SLP). Usually you get this choice by pressing F4, but in case your machine is equipped with UEFI instead of a traditional BIOS, you may need to manually adjust boot parameters. For details, see Installing from a Network Server in Chapter 3, Installation with YaST.

  3. Proceed with the upgrade process as described in Section 17.5, “Upgrading SUSE Linux Enterprise”.

17.3.2 Manually Upgrading via Network Installation Source—Booting via PXE

To perform an upgrade from a network installation source using PXE boot, proceed as follows:

  1. Adjust the setup of your DHCP server to provide the address information needed for booting via PXE. For details, see Section 6.5, “Preparing the Target System for PXE Boot”.

  2. Set up a TFTP server to hold the boot image needed for booting via PXE. Use DVD 1 of your SUSE Linux Enterprise 12 SP4 installation media for this or follow the instructions in Section 6.2, “Setting Up a TFTP Server”.

  3. Prepare PXE Boot and Wake-on-LAN on the target machine.

  4. Initiate the boot of the target system and use VNC to remotely connect to the installation routine running on this machine. For more information, see Section 7.3.1, “VNC Installation”.

  5. Proceed with the upgrade process as described in Section 17.5, “Upgrading SUSE Linux Enterprise”.

17.4 Enabling Automatic Upgrade

The upgrade process can be executed automatically. To enable the automatic update, the kernel parameter autoupgrade=1 must be set. The parameter can be set on boot in the Boot Options field. For details, see https://www.suse.com/documentation/sles-12/book_autoyast/data/introduction.html.

17.5 Upgrading SUSE Linux Enterprise

Before you upgrade your system, read Section 16.3, “Preparing the System” first. To perform an automated migration, proceed as follows:

  1. After you have booted (either from an installation medium or the network), select the Upgrade entry on the boot screen. If you want to do the upgrade as described in the next steps manually, you need to disable the automatic upgrade process. Refer to Section 17.4, “Enabling Automatic Upgrade”.

    Warning
    Warning: Wrong Choice May Lead to Data Loss

    If you select Installation instead of Upgrade, data may be lost later. You need to be extra careful not to destroy your data partitions by doing a fresh installation.

    Make sure to select Upgrade here.

    YaST starts the installation system.

  2. On the Welcome screen, choose Language and Keyboard and accept the license agreement. Proceed with Next.

    YaST checks your partitions for already installed SUSE Linux Enterprise systems.

  3. On the Select for Upgrade screen, select the partition to upgrade and click Next.

    YaST mounts the selected partition and displays all repositories that have been found on the partition that you want to upgrade.

  4. On the Previously Used Repositories screen, adjust the status of the repositories: enable those you want to include in the upgrade process and disable any repositories that are no longer needed. Proceed with Next.

  5. On the Registration screen, select whether to register the upgraded system now (by entering your registration data and clicking Next) or if to Skip Registration. For details on registering your system, see Section 17.8, “Registering Your System”.

  6. Review the Installation Settings for the upgrade, especially the Update Options. Choose between the following options:

    • Only Update Installed Packages, in which case you might miss new features shipped with the latest SUSE Linux Enterprise version.

    • Update with Installation of New Software and Features. Click Select Patterns if you want to enable or disable patterns and packages according to your wishes.

    Note
    Note: Choice of Desktop

    If you used KDE before upgrading to SUSE Linux Enterprise 12 (DEFAULT_WM in /etc/sysconfig/windowmanager was set to kde*), your desktop environment will automatically be replaced with GNOME after the upgrade. By default, the KDM display manager will be replaced with GDM.

    To change the choice of desktop environment or window manager, adjust the software selection by clicking Select Patterns.

  7. If all settings are according to your wishes, start the installation and removal procedure by clicking Update.

  8. After the upgrade process was finished successfully, check for any orphaned packages. Orphaned packages are packages which belong to no active repository anymore. The following command gives you a list of these:

    zypper packages --orphaned

    With this list, you can decide if a package is still needed or can be uninstalled safely.

If the machine to upgrade is an SMT client, and the upgrade fails, see Procedure 16.1, “De-registering a SUSE Linux Enterprise Client from an SMT Server” and restart the upgrade procedure afterward.

17.6 Updating via SUSE Manager

SUSE Manager is a server solution for providing updates, patches, and security fixes for SUSE Linux Enterprise clients. It comes with a set of tools and a Web-based user interface for management tasks. See https://www.suse.com/products/suse-manager/ for more information about SUSE Manager.

SUSE Manager can support you with SP Migration or a full system upgrade.

SP Migration

SP Migration allows migrating from one Service Pack (SP) to another within one major version (for example, from SLES 12 SP1 to 12 SP2). For more information, see the SUSE Manager Best Practices, chapter Client Migration:

https://www.suse.com/documentation/suse-manager/, version 3.1.

System Upgrade

With SUSE Manager you can perform a system upgrade. With the integrated AutoYaST technology, upgrades from one major version to the next are possible (for example, from SLES 11 SP3 to 12 SP2). For more information, see the SUSE Manager Best Practices, chapter Client Migration

https://www.suse.com/documentation/suse-manager/: version 3.1.

17.7 Updating Registration Status after Rollback

When performing a service pack upgrade, it is necessary to change the configuration on the registration server to provide access to the new repositories. If the upgrade process is interrupted or reverted (via restoring from a backup or snapshot), the information on the registration server is inconsistent with the status of the system. This may lead to you being prevented from accessing update repositories or to wrong repositories being used on the client.

When a rollback is done via Snapper, the system will notify the registration server to ensure access to the correct repositories is set up during the boot process. If the system was restored any other way or the communication with the registration server failed for any reason (for example, because the server was not accessible because of network issues), trigger the rollback on the client manually by calling:

snapper rollback

We suggest always checking that the correct repositories are set up on the system, especially after refreshing the service using:

zypper ref -s

This functionality is available in the rollback-helper package.

17.8 Registering Your System

If you skipped the registration step during the installation, you can register your system at any time using the Product Registration module in YaST.

Registering your systems has these advantages:

  • Eligibility for support

  • Availability of security updates and bug fixes

  • Access to SUSE Customer Center

  1. Start YaST and select Software › Product Registration to open the Registration dialog.

  2. Provide the E-mail address associated with the SUSE account you or your organization uses to manage subscriptions. In case you do not have a SUSE account yet, go to the SUSE Customer Center home page (https://scc.suse.com/) to create one.

  3. Enter the Registration Code you received with your copy of SUSE Linux Enterprise Desktop.

  4. To start the registration, proceed with Next. If one or more local registration servers are available on your network, you can choose one of them from a list. Alternatively, to ignore the local registration servers and register with the default SUSE registration server, choose Cancel.

    During the registration, the online update repositories will be added to your upgrade setup. When finished, you can choose whether to install the latest available package versions from the update repositories. This provides a clean upgrade path for all packages and ensures that SUSE Linux Enterprise Desktop is upgraded with the latest security updates available. If you choose No, all packages will be installed from the installation media. Proceed with Next.

    After successful registration, YaST lists extensions, add-ons, and modules that are available for your system. To select and install them, proceed with Section 11.2, “Installing Modules and Extensions from Online Channels”.

18 Upgrading Online

Abstract

SUSE offers an intuitive graphical and a simple command line tool to upgrade a running system to a new service pack. They provide support for rollback of service packs and more. This chapter explains how to do a service pack upgrade step by step with these tools.

18.1 Conceptual Overview

Before upgrading your system, read Section 16.3, “Preparing the System”.

SUSE releases new service packs for the SUSE Linux Enterprise family at regular intervals. To make it easy for customers to migrate to a new service pack and minimize downtime, SUSE supports migrating online while the system is running.

Starting with SLE 12, YaST Wagon has been replaced by YaST migration (GUI) and Zypper migration (command line). The following features are supported:

  • System always in a defined state until the first RPM is updated

  • Canceling is possible until the first RPM is updated

  • Simple recovery, if there is an error

  • Rollback via system tools; no backup/restore needed

  • Use of all active repositories

  • The ability to skip a service pack

18.2 Service Pack Migration Workflow

A service pack migration can be executed by either YaST, zypper, or AutoYaST.

Before you can start a service pack migration, your system must be registered at the SUSE Customer Center or a local SMT server. SUSE Manager can also be used.

Regardless of the method, a service pack migration consists of the following steps:

  1. Find possible migration targets on your registered systems.

  2. Select one migration target.

  3. Request and enable new repositories.

  4. Run the migration.

The list of migration targets depends on the products you have installed and registered. If you have an extension installed for which the new SP is not yet available, it could be that no migration target is offered to you.

The list of migration targets available for your host will always be retrieved from the SUSE Customer Center and depend on products or extensions installed.

18.3 Canceling Service Pack Migration

A service pack migration can only be cancelled at specific stages during the migration process:

  1. Until the package upgrade starts, there are only minimal changes on the system, like for services and repositories. Restore /etc/zypp/repos.d/* to revert to the former state.

  2. After the package upgrade starts, you can revert to the former state by using a Snapper snapshot (see Book “Administration Guide”, Chapter 7 “System Recovery and Snapshot Management with Snapper”).

  3. After the migration target was selected, SUSE Customer Center changes the repository data. To revert this state manually, use SUSEConnect --rollback.

18.4 Upgrading with the Online Migration Tool (YaST)

To perform a service pack migration with YaST, use the Online Migration tool. By default, YaST does not install any packages from a third-party repository. If a package was installed from a third-party repository, YaST prevents packages from being replaced with the same package coming from SUSE.

Note
Note: Reduce Installation Size

When performing the SP migration, YaST will install all recommended packages. Especially in the case of custom minimal installations, this may increase the installation size of the system significantly.

To change this default behavior and allow only required packages, adjust the solver.onlyRequires option in /etc/zypp/zypp.conf.

solver.onlyRequires = true

Also, edit the file /etc/zypp/zypper.conf and change the installRecommends option.

installRecommends=false

This changes the behavior of all package operations, such as the installation of patches or new packages.

To start the service pack migration, do the following:

  1. Deactivate all unused extensions on your registration server to avoid future dependency conflicts. In case you forget an extension, YaST will later detect unused extension repositories and deactivate them.

  2. If you are logged in to a GNOME session running on the machine you are going to update, switch to a text console. Running the update from within a GNOME session is not recommended. Note that this does not apply when being logged in from a remote machine (unless you are running a VNC session with GNOME).

  3. If you are an LTSS subscriber, make sure that the LTSS extension repository is active.

  4. Run YaST online update to get the latest package updates for your system.

  5. Install the package yast2-migration and its dependencies (in YaST under Software › Software Management).

  6. Restart YaST, otherwise the newly installed module will not be shown in the control center.

  7. In YaST, choose Online Migration (depending on the version of SUSE Linux Enterprise Desktop that you are upgrading from, this module is categorized under either System or Software). YaST will show possible migration targets and a summary. If more than one migration target is available for your system, select one from the list.

  8. Select one migration target from the list and proceed with Next.

  9. In case the migration tool offers update repositories, it is recommended to proceed with Yes.

  10. If the Online Migration tool finds obsolete repositories coming from DVD or a local server, it is highly recommended to disable them. Obsolete repositories are from a previous SP. Any old repositories from SCC or SMT are removed automatically.

  11. Check the summary and proceed with the migration by clicking Next. Confirm with Start Update.

  12. After the successful migration restart your system.

18.5 Upgrading with Zypper

To perform a service pack migration with Zypper, use the command line tool zypper migration from the package zypper-migration-plugin.

Note
Note: Reduce Installation Size

When performing the SP migration, YaST will install all recommended packages. Especially in the case of custom minimal installations, this may increase the installation size of the system significantly.

To change this default behavior and allow only required packages, adjust the solver.onlyRequires option in /etc/zypp/zypp.conf.

solver.onlyRequires = true

Also, edit the file /etc/zypp/zypper.conf and change the installRecommends option.

installRecommends=false

This changes the behavior of all package operations, such as the installation of patches or new packages. To change the behavior of Zypper for a single invocation, add the parameter --no-recommends to your command line.

To start the service pack migration, do the following:

  1. If you are logged in to a GNOME session running on the machine you are going to update, switch to a text console. Running the update from within a GNOME session is not recommended. Note that this does not apply when being logged in from a remote machine (unless you are running a VNC session with GNOME).

  2. Register your SUSE Linux Enterprise machine if you have not done so:

    sudo SUSEConnect --regcode YOUR_REGISTRATION_CODE
  3. If you are an LTSS subscriber, make sure that the LTSS extension repository is active.

  4. Install the latest updates:

    sudo zypper patch
  5. Install the zypper-migration-plugin package and its dependencies:

    sudo zypper in zypper-migration-plugin
  6. Run zypper migration:

    tux > sudo zypper migration
    Executing 'zypper  patch-check'
    
    Refreshing service 'SUSE_Linux_Enterprise_Server_12_x86_64'.
    Loading repository data...
    Reading installed packages...
    0 patches needed (0 security patches)
    
    Available migrations:
    
        1 | SUSE Linux Enterprise Server 12 SP1 x86_64
        2 | SUSE Linux Enterprise Server 12 SP2 x86_64

    Some notes about the migration process:

    • If more than one migration target is available for your system, Zypper allows you to select one SP from the list. This is the same as skipping one or more SPs. Keep in mind, online migration for base products (SLES, SLED) remains available only between the SPs of a major version.

    • By default, Zypper uses the option --no-allow-vendor-change which is passed to zypper dup. If a package was installed from a third-party repository, this option prevents packages from being replaced with the same package coming from SUSE.

    • If Zypper finds obsolete repositories coming from DVD or a local server, it is highly recommended to disable them. Old SCC or SMT repositories are removed automatically.

  7. Review all the changes, especially the packages that are going to be removed. Proceed by typing y (the exact number of packages to upgrade can vary on your system):

    266 packages to upgrade, 54 to downgrade, 17 new, 8 to reinstall, 5 to remove, 1 to change arch.
    Overall download size: 285.1 MiB. Already cached: 0 B  After the operation, additional 139.8 MiB will be used.
    Continue? [y/n/? shows all options] (y):

    Use the ShiftPage ↑ or ShiftPage ↓ keys to scroll in your shell.

  8. After successful migration restart your system.

18.6 Upgrading with Plain Zypper

If you cannot use YaST migration or the Zypper migration, you can still migrate with plain Zypper and some manual interactions. To start a service pack migration, do the following:

  1. If you are logged in to a GNOME session running on the machine you are going to update, switch to a text console. Running the update from within a GNOME session is not recommended. Note that this does not apply when being logged in from a remote machine (unless you are running a VNC session with GNOME).

  2. Update the package management tools with the old SUSE Linux Enterprise repositories:

    sudo zypper patch --updatestack-only
  3. If the system is registered, it needs to be de-registered:

    sudo SUSEConnect --de-register
  4. Remove the old installation sources and repositories and adjust the third-party repositories.

  5. Add the new installation sources, be it local or remote sources (for the placeholder REPOSITORY, refer to Section 15.6, “Repository Model”):

    sudo zypper addrepo REPOSITORY

    You can also use SUSE Customer Center or Subscription Management Tool. The command for SUSE Linux Enterprise 12 SP1 on x86-64 is:

    sudo SUSEConnect -p SLES/12.2/x86_64 OPTIONS

    Keep in mind, cross-architecture upgrades are not supported.

    Zypper will display a conflict between the old and new kernel. Choose Solution 1 to continue.

    Problem: product:SLES-12.2-0.x86_64 conflicts with kernel < 4.4 provided by kernel-default-VERSION
     Solution 1: Following actions will be done:
      replacement of kernel-default-VERSION with kernel-default-VERSION
      deinstallation of kernel-default-VERSION
     Solution 2: do not install product:SLES-12.2-0.x86_64
  6. Finalize the migration:

    sudo zypper ref -f -s
    sudo zypper dup --no-allow-vendor-change --no-recommends

    The first command will update all services and repositories. The second command performs a distribution upgrade. Here, the last two options are important: -no-allow-vendor-change ensures that third-party RPMs will not overwrite RPMs from the base system. The option --no-recommends ensures that packages deselected during initial installation will not be added again.

18.7 Rolling Back a Service Pack

If a service pack does not work for you, SUSE Linux Enterprise supports reverting the system to the state before the service pack migration was started. Prerequisite is a Btrfs root partition with snapshots enabled (this is the default when installing SLES 12). See Book “Administration Guide”, Chapter 7 “System Recovery and Snapshot Management with Snapper” for details.

  1. Get a list of all Snapper snapshots:

    sudo snapper list

    Review the output to locate the snapshot that was created immediately before the service pack migration was started. The column Description contains a corresponding statement and the snapshot is marked as important in the column Userdata. Memorize the snapshot number from the column # and its date from the column Date.

  2. Reboot the system. From the boot menu, select Start boot loader from a read-only snapshot and then choose the snapshot with the date and number you memorized in the previous step. A second boot menu (the one from the snapshot) is loaded. Select the entry starting with SLES 12 and boot it.

  3. The system boots into the previous state with the system partition mounted read-only. Log in as root and check whether you have chosen the correct snapshot. Also make sure everything works as expected. Note that since the root file system is mounted read-only, restrictions in functionality may apply.

    In case of problems or if you have booted the wrong snapshot, reboot and choose a different snapshot to boot from—up to this point no permanent changes have been made. If the snapshot is correct and works as expected, make the change permanent by running the following command:

    snapper rollback

    Reboot afterward. On the boot screen, choose the default boot entry to reboot into the reinstated system.

  4. Check if the repository configuration has been properly reset. Furthermore, check if all products are properly registered. If either one is not the case, updating the system at a later point in time may no longer work, or the system may be updated using the wrong package repositories.

    Make sure the system can access the Internet before starting this procedure.

    1. Refresh services and repositories by running

      sudo zypper ref -fs
    2. Get a list of active repositories by running

      sudo zypper lr

      Carefully check the output of this command. No services and repositories that were added for the update should be listed. If you, for example, are rolling back from a service pack migration from SLES 12 SP1 to SLES 12 SP2, the list must not contain the repositories SLES12-SP2-Pool and SLES12-SP2-Updates, but rather the SP1 versions.

      If wrong repositories are listed, delete them and, if necessary, replace them with the versions matching your product or service pack version. For a list of repositories for the supported migration paths refer to Section 15.6, “Repository Model”.

    3. Last, check the registration status for all products installed by running

      SUSEConnect --status

      All products should be reported as being Registered. If this is not the case, repair the registration by running

      SUSEConnect --rollback

Now you have successfully reverted the system to the state that was captured immediately before the service pack migration was started.

19 Backporting Source Code

Abstract

SUSE extensively uses backports, for example for the migration of current software fixes and features into released SUSE Linux Enterprise packages. The information in this chapter explains why it can be misleading to compare version numbers to judge the capabilities and the security of SUSE Linux Enterprise software packages. This chapter also explains how SUSE keeps the system software secure and current while maintaining compatibility for your application software on top of SUSE Linux Enterprise products. You will also learn how to check which public security issues actually are addressed in your SUSE Linux Enterprise system software, and the current status of your software.

19.1 Reasons for Backporting

Upstream developers are primarily concerned with advancing the software they develop. Often they combine fixing bugs with introducing new features which have not yet received extensive testing and which may introduce new bugs.

For distribution developers, it is important to distinguish between:

  • bugfixes with a limited potential for disrupting functionality; and

  • changes that may disrupt existing functionality.

Usually, distribution developers do not follow all upstream changes when a package has become part of a released distribution. Usually they stick instead with the upstream version that they initially released and create patches based on upstream changes to fix bugs. This practice is known as backporting.

Distribution developers generally will only introduce a newer version of software in two cases:

  • when the changes between their packages and the upstream versions have become so large that backporting is no longer feasible, or

  • for software that inherently ages badly, like anti-malware software.

SUSE uses backports extensively as we strike a good balance between several concerns for enterprise software. The most important of them are:

  • Having stable interfaces (APIs) that software vendors can rely on when building products for use on SUSE's enterprise products.

  • Ensuring that packages used in the release of SUSE's enterprise products are of the highest quality and have been thoroughly tested, both in themselves and as part of the whole enterprise product.

  • Maintaining the various certifications of SUSE's enterprise products by other vendors, like certifications for Oracle or SAP products.

  • Allowing SUSE's developers to focus on making the next version of the product as good as they can make it, rather than them having to spread their focus thinly across a wide range of releases.

  • Keeping a clear view of what is in a particular enterprise release, so that our support can provide accurate and timely information about it.

19.2 Reasons against Backports

It is a general policy rule that no new upstream versions of a package are introduced into our enterprise products. This rule is not an absolute rule however. For certain types of packages, in particular anti-virus software, security concerns weigh heavier than the conservative approach that is preferable from the perspective of quality assurance. For packages in that class, occasionally newer versions are introduced into a released version of an enterprise product line.

Sometimes also for other types of packages the choice is made to introduce a new version rather than a backport. This is done when producing a backport is not economically feasible or when there is a very relevant technical reason to introduce the newer version.

19.3 The Implications of Backports for Interpreting Version Numbers

Because of the practice of backporting, one cannot simply compare version numbers to determine whether a SUSE package contains a fix for a particular issue or has had a particular feature added to it. With backporting, the upstream part of a SUSE package's version number merely indicates what upstream version the SUSE package is based on. It may contain bug fixes and features that are not in the corresponding upstream release, but that have been backported into the SUSE package.

One particular area where this limited value of version numbers when backporting is involved can cause problems is with security scanning tools. Some security vulnerability scanning tools (or particular tests in such tools) operate solely on version information. These tools and tests are therefore prone to generating false positives (when a piece of software is incorrectly identified as vulnerable) when backports are involved. When evaluating reports from security scanning tools, always check whether an entry is based on a version number or on an actual vulnerability test.

19.4 How to Check Which Bugs are Fixed and Which Features are Backported and Available

There are several locations where information regarding backported bug fixes and features are stored:

  • The package's changelog:

    rpm -q --changelog name-of-installed-package
    rpm -qp --changelog packagefile.rpm

    The output briefly documents the change history of the package.

  • The package changelog may contain entries like bsc#1234 (Bugzilla Suse.Com) that refer to bugs in SUSE's Bugzilla tracking system or links to other bugtracking systems. Because of confidentiality policies, not all such information may be accessible to you.

  • A package may contain a /usr/share/doc/PACKAGENAME/README.SUSE file which contains general, high-level information specific to the SUSE package.

  • The RPM source package contains the patches that were applied during the building of the regular binary RPMs as separate files that can be interpreted if you are familiar with reading source code. See Book “Administration Guide”, Chapter 6 “Managing Software with Command Line Tools”, Section 6.1.2.5 “Installing or Downloading Source Packages” for installing sources of SUSE Linux Enterprise software, see Book “Administration Guide”, Chapter 6 “Managing Software with Command Line Tools”, Section 6.2.5 “Installing and Compiling Source Packages” for building packages on SUSE Linux Enterprise and see the Maximum RPM book for the inner workings of SUSE Linux Enterprise software package builds.

  • For security bug fixes, consult the SUSE security announcements. These often refer to bugs through standardized names like CAN-2005-2495 which are maintained by the Common Vulnerabilities and Exposures (CVE) project.

A Documentation Updates

This chapter lists content changes for this document.

This manual was updated on the following dates:

A.1 December 2018 (Initial Release of SUSE Linux Enterprise Desktop 12 SP4)

Part VI, “Updating and Upgrading SUSE Linux Enterprise”

A.2 October 2018 (Documentation Maintenance Update for SUSE Linux Enterprise Desktop 12 SP3)

General Changes to the Documentation
  • Improved consistency of Docker terminology throughout the documentation. This includes renaming a guide to Docker Open Source Engine Guide.

Chapter 4, Cloning Disk Images
Section 11.1, “List of Optional Modules”
Chapter 12, Installing Multiple Kernel Versions

Corrected kernel version strings in Section 12.1.1, “Automatically Deleting Unused Kernels” (https://bugzilla.suse.com/show_bug.cgi?id=1020271).

Chapter 13, Managing Users with YaST
Bugfixes

A.3 September 2017 (Initial Release of SUSE Linux Enterprise Desktop 12 SP3)

General
Chapter 6, Preparing the Boot of the Target System
Chapter 11, Installing Modules, Extensions, and Third Party Add-On Products
Chapter 15, Life Cycle and Support
Chapter 16, Upgrading SUSE Linux Enterprise
Chapter 17, Upgrading Offline
Chapter 18, Upgrading Online
Bugfixes

A.4 April 2017 (Documentation Maintenance Release)

Section 15.3, “Module Life Cycles”
Bugfixes

A.5 November 2016 (Initial Release of SUSE Linux Enterprise Desktop 12 SP2)

General
  • The e-mail address for documentation feedback has changed to doc-team@suse.com.

  • The documentation for Docker Open Source Engine has been enhanced and renamed to Docker Guide.

General Changes to this Guide
  • The complete guide has been revised, restructured, and flattened (Fate #319115).

Chapter 3, Installation with YaST
Chapter 15, Life Cycle and Support
Chapter 18, Upgrading Online
Bugfixes

A.6 March 2016 (Documentation Maintenance Release)

Chapter 9, Advanced Disk Setup

A.7 December 2015 (Initial Release of SUSE Linux Enterprise Desktop 12 SP1)

General
  • Book “Subscription Management Tool for SLES 12 SP4 is now part of the documentation for SUSE Linux Enterprise Desktop.

  • Add-ons provided by SUSE have been renamed as modules and extensions. The manuals have been updated to reflect this change.

  • Numerous small fixes and additions to the documentation, based on technical feedback.

  • The registration service has been changed from Novell Customer Center to SUSE Customer Center.

  • In YaST, you will now reach Network Settings via the System group. Network Devices is gone (https://bugzilla.suse.com/show_bug.cgi?id=867809).

Chapter 3, Installation with YaST
Chapter 10, Installing or Removing Software
Chapter 11, Installing Modules, Extensions, and Third Party Add-On Products
  • Updated chapter to reflect the software changes to the former YaST SUSE Customer Center Configuration dialog (now called Product Registration) and the YaST Add-On Products module (Fate #318800).

Chapter 9, Advanced Disk Setup
  • Mentioned that subvolumes for /var/lib/mariadb, /var/lib/pgsql, and /var/lib/libvirt/images are created with the option no copy on write by default to avoid extensive fragmenting with Btrfs.

Subscription Management
  • The chapter about registering clients at a Subscription Management Tool server has been replaced by Book “Subscription Management Tool for SLES 12 SP4”, Chapter 8 “Configuring Clients to Use SMT”.

Part VI, “Updating and Upgrading SUSE Linux Enterprise”
Bugfixes

A.8 February 2015 (Documentation Maintenance Release)

Section 3.10, “Clock and Time Zone”

With NTP disabled it is recommended to avoid writing system time to the hardware clock. Thus set SYSTOHC=no.

Bugfixes

A.9 October 2014 (Initial Release of SUSE Linux Enterprise Desktop 12)

General
  • Removed all KDE documentation and references because KDE is no longer shipped.

  • Removed all references to SuSEconfig, which is no longer supported (Fate #100011).

  • Move from System V init to systemd (Fate #310421). Updated affected parts of the documentation.

  • YaST Runlevel Editor has changed to Services Manager (Fate #312568). Updated affected parts of the documentation.

  • Removed all references to ISDN support, as ISDN support has been removed (Fate #314594).

  • Removed all references to the YaST DSL module as it is no longer shipped (Fate #316264).

  • Removed all references to the YaST Modem module as it is no longer shipped (Fate #316264).

  • Btrfs has become the default file system for the root partition (Fate #315901). Updated affected parts of the documentation.

  • The dmesg now provides human-readable time stamps in ctime()-like format (Fate #316056). Updated affected parts of the documentation.

  • syslog and syslog-ng have been replaced by rsyslog (Fate #316175). Updated affected parts of the documentation.

  • MariaDB is now shipped as the relational database instead of MySQL (Fate #313595). Updated affected parts of the documentation.

  • SUSE-related products are no longer available from http://download.novell.com but from http://download.suse.com. Adjusted links accordingly.

  • Novell Customer Center has been replaced with SUSE Customer Center. Updated affected parts of the documentation.

  • /var/run is mounted as tmpfs (Fate #303793). Updated affected parts of the documentation.

  • The following architectures are no longer supported: IA64 and x86. Updated affected parts of the documentation.

  • The traditional method for setting up the network with ifconfig has been replaced by wicked. Updated affected parts of the documentation.

  • A lot of networking commands are deprecated and have been replaced by newer commands (usually ip). Updated affected parts of the documentation.

    arp: ip neighbor
    ifconfig: ip addr, ip link
    iptunnel: ip tunnel
    iwconfig: iw
    nameif: ip link, ifrename
    netstat: ss, ip route, ip -s link, ip maddr
    route: ip route
  • Numerous small fixes and additions to the documentation, based on technical feedback.

Chapter 3, Installation with YaST
Chapter 16, Upgrading SUSE Linux Enterprise
Chapter 8, Setting Up Hardware Components with YaST
  • Removed the following sections as the respective YaST modules are no longer included: Hardware Information, Setting Up Graphics Card and Monitor, Mouse Model, and Setting Up a Scanner.

  • Removed content about mouse setup and adjusted Section 8.1, “Setting Up Your System Keyboard Layout”.

Chapter 10, Installing or Removing Software
Chapter 11, Installing Modules, Extensions, and Third Party Add-On Products
Subscription Management
  • For registering clients against an SMT server, suse_register has been replaced with SUSEConnect (Fate #316585).

Bugfixes
Print this page