3.14 Configuration of the Installed System

The system is installed now but not configured for use. No users, hardware, or services are configured, yet. If the configuration fails at one of the steps of this stage, it restarts and continues from the last successful step.

First, provide a password for the account of the system administrator (the root user). Configure your Internet access and network connection. With a working Internet connection, you can perform an update of the system as part of the installation. You can also connect to an authentication server for centralized user administration in a local network. Finally, configure the hardware devices connected to the machine.

3.14.1 Password for the System Administrator root

root is the name of the superuser, the administrator of the system. Unlike regular users, who may or may not have permission to do certain things on the system, root has unlimited power to do anything: change the system configuration, install programs, and set up new hardware. If users forget their passwords or have other problems with the system, root can help. The root account should only be used for system administration, maintenance, and repair. Logging in as root for daily work is rather risky: a single mistake could lead to irretrievable loss of system files.

For verification purposes, the password for root must be entered twice. Do not forget the root password. Once entered, this password cannot be retrieved.

When typing passwords, the characters are replaced by dots, so you do not see the string you are typing. If you are unsure whether you typed the correct string, use the Test Keyboard Layout field for testing purposes.

SUSE Linux Enterprise can use the DES, MD5, or Blowfish encryption algorithms for passwords. The default encryption type is Blowfish. To change the encryption type, click Expert Options > Encryption Type and select the new type.

The root can be changed any time later in the installed system. To do so run YaST and start Security and Users > User Management.

3.14.2 Hostname and Domain Name

The hostname is the computer's name in the network. The domain name is the name of the network. A hostname and domain are proposed by default. If your system is part of a network, the hostname has to be unique in this network whereas the domain name has to be common to all hosts on the network.

In many networks, the system receives its name over DHCP. In this case it is not necessary to modify the hostname and domain name. Select Change Hostname via DHCP instead. To be able to access your system using this hostname, even when it is not connected to the network, select Write Hostname to /etc/hosts. If you often change networks without restarting the desktop environment (e.g. when switching between different WLANs), do not enable this option, because the desktop system may get confused when the hostname in /etc/hosts changes.

To change hostname settings at any time after installation, use YaST Network Devices > Network Card. For more information, see Section 30.4.1, Configuring the Network Card with YaST.

3.14.3 Network Configuration

HINT: IBM System z: Network Configuration

For the IBM System z platforms, a working network connection is needed at installation time to connect to the target system, the installation source, and the YaST terminal controlling the process. The steps to set up the network are discussed in the network configuration chapter of the Architecture-Specific Information manual (Section 2.0, Preparing for Installation, (↑ Architecture-Specific Information )). The IBM System z platforms only support the types of network interfaces mentioned there (OSA Token Ring, OSA Ethernet, OSA Gigabit Ethernet, OSA Express Fast Ethernet, Escon, IUCV, and OSA Express High-Speed Token Ring). The YaST dialog simply displays the interface with its settings as already configured. Just confirm this dialog to continue.

By default, Traditional Method without NetworkManager Applet is enabled. If desired, you can also use NetworkManager to manage all your network devices. However, the traditional method is the preferred option for server solutions. Find detailed information about NetworkManager in Section 30.6, Managing Network Connections with NetworkManager.

This configuration step also lets you configure the network devices of your system and make security settings, for example, for a firewall or proxy. To configure your network connection later, select Skip Configuration and click Next. Network hardware can also be configured after the system installation has been completed. If you skip the network device configuration, your system is left offline and is unable to retrieve any available updates.

Apart from the device configuration, the following network settings can be configured in this step:

Network Mode

Enable or disable the use of NetworkManager as described above.

Firewall

By default SuSEfirewall2 is enabled on all configured network interfaces. To globally disable the firewall for this computer, click on disable. If the firewall is enabled, you may open the SSH port in order to allow remote connections via secure shell. To open the detailed firewall configuration dialog, click on Firewall. See Section 43.4.1, Logging Level for detailed information.

IPv6

By default, the IPv6 support is enabled. To disable it, click Disable IPv6. For more information about IPv6, see Section 30.2, IPv6—The Next Generation Internet.

VNC Remote Administration

To administer your machine remotely by VNC, click Change > VNC Remote Administration, enable remote administration, and open the port in the firewall. If you have multiple network devices and want to select on which to open the port, click Firewall Details and select the network device. You can also use SSH, a more secure option, for remote administration.

Proxy

If you have a proxy server controlling the Internet access in your network, configure the proxy URLs and authentication details in this dialog.

HINT: Resetting the Network Configuration to the Defaults

Reset the network settings to the original proposed values by clicking Change > Reset to Defaults. This discards any changes made.

Test Internet Connection

After having configured a network connection, you can test it. For this purpose, YaST establishes a connection to the SUSE Linux Enterprise server and downloads the latest release notes. Read them at the end of the installation process. A successful test is also a prerequisite for registering and updating online.

If you have multiple network interfaces, verify that the desired card is used to connect to the Internet. If not, click Change Device.

To start the test, select Yes, Test Connection to the Internet and click Next. In the next dialog, view the progress of the test and the results. Detailed information about the test process is available via View Logs. If the test fails, click Back to return to the network configuration to correct your entries.

If you do not want to test the connection at this point, select No, Skip This Test then Next. This also skips downloading the release notes, configuring the customer center, and updating online. These steps can be performed any time after the system has been initially configured.

3.14.4 Novell Customer Center Configuration

To get technical support and product updates, first register and activate your product. Novell Customer Center Configuration provides assistance for doing so.

If you are offline or want to skip this step, select Configure Later. This also skips SUSE Linux Enterprise online update.

In Include for Convenience, select whether to send unsolicited additional information when registering. This simplifies the registration process. Click on Details to obtain in-depth information about data privacy and the data collected.

Apart from activating and registering your product, this module also adds the official update catalog to your configuration. This catalog provides fixes for known bugs or security issues which can be installed via an online update.

To keep your catalogs valid, select Regularly Synchronize with Customer Center. This option checks your catalogs and adds newly available catalogs or removes obsolete ones. It does not touch manually added catalogs.

HINT: Technical Support

Find more information about the technical support at http://www.novell.com/support/products/linuxenterpriseserver/.

3.14.5 Online Update

If the Novell Customer Center Configuration was successful, select whether to perform a YaST online update. If there are any patched packages available on the servers, download and install them now to fix known bugs or security issues. Directives on how to perform an online update in the installed system are available at Section 8.3.5, YaST Online Update

IMPORTANT: Downloading Software Updates

The download of updates might take quite some time, depending on the bandwidth of the Internet connection and the size of the update files. In case the patch system itself is updated, the online update will restart and download more patches after the restart. If the kernel was updated, the system will reboot before completing the configuration.

3.14.6 Network Services

Having configured the network, a dialog opens in which to enable and configure two important network services: a certificate authority and an OpenLDAP server. If preferred, you can skip this configuration proposal for now. After the installation is finished, configure and start the same services with the help of YaST.

Figure 3-6 Proposed Setup for Network Services

CA Management

The purpose of a CA (certificate authority) is to guarantee a trust relationship among all network services communicating with each other. Without a CA, you can secure server communications with SSL and TLS separately for each individual service. By default, a CA is created and enabled during the installation. Find details about the creation of a CA with YaST in Section 42.0, Managing X.509 Certification.

OpenLDAP Server

You can run an LDAP service on your host to have a central facility manage a range of configuration files. Typically, an LDAP server handles user account data, but with SUSE Linux Enterprise it can also be used for mail, DHCP, and DNS data. Find details about LDAP and its configuration with YaST in Section 36.0, LDAP—A Directory Service.

HINT: Resetting the Service Configuration to Defaults

Restore the defaults by clicking Change > Reset to Defaults. This discards any changes made.

3.14.7 Users

If network access was configured successfully during the previous steps of the installation, you can now choose from several user management options. If a network connection has not been configured, create local user accounts. For detailed information about user management, see Section 8.9.1, User Managementthe SUSE Linux Enterprise Server documentation.

Local (/etc/passwd)

Users are administered locally on the installed host. This is a suitable option for stand-alone workstations. User data is managed by the local file /etc/passwd. All users who are entered in this file can log in to the system even if no network is available.

If YaST found a former version of SUSE Linux Enterprise or another system using /etc/passwd, it offers to import local users. To do so, check Read User Data from a Previous Installation and click Choose. In the next dialog, select the users to import and click OK.

LDAP

Users are administered centrally on an LDAP server for all systems in the network. More information is available in Section 36.6, Configuring an LDAP Client with YaST.

NIS

Users are administered centrally on a NIS server for all systems in the network. See Section 35.2, Configuring NIS Clients for more information.

Windows Domain

SMB authentication is often used in mixed Linux and Windows networks. Detailed information is available in Section 37.6, Samba Server in the Network with Active Directory.

NOTE: Content of the Authentication Menu

If you use the custom package selection and one or more authentication methods are missing from the menu, the required packages probably are not installed.

Along with the selected user administration method, you can use Kerberos authentication. This is essential for integrating your SUSE Linux Enterprise to an Active Directory domain, which is described in Section 37.6, Samba Server in the Network with Active Directory. To use Kerberos authentication, select Set Up Kerberos Authentication.

3.14.8 Release Notes

After completing the user authentication setup, YaST displays the release notes. Reading them is recommended, because they contain important up-to-date information which was not available when the manuals were printed. If you tested the Internet connection, read the most recent version of the release notes, as fetched from SUSE Linux Enterprise's servers. Use Miscellaneous > Release Notes to view the release notes after installation.

3.14.9 Hardware Configuration

At the end of the installation, YaST opens a dialog for the configuration of the graphics card and other hardware components connected to the system. Click the individual components to start the hardware configuration. For the most part, YaST detects and configures the devices automatically.

HINT: IBM System z: Hardware Configuration

On the IBM System z, there is no display that would be supported by XFree. Accordingly, you do not find a Graphics Cards entry on these systems.

You can skip any peripheral devices and configure them later, as described in Section 8.4, Hardware . To skip the configuration, select Skip Configuration and click Next.

However, you should configure the graphics card right away. Although the display settings as configured by YaST should be generally acceptable, most users have very strong preferences as far as resolution, color depth, and other graphics features are concerned. To change these settings, select the respective item and set the values as desired. To test your new configuration, click Test the Configuration.

HINT: Resetting Hardware Configuration to Defaults

You can cancel changes by clicking Change > Reset to Defaults. YaST then shows the original proposal again.

3.14.10 Completing the Installation

After a successful installation, YaST shows the Installation Completed dialog. In this dialog, select whether to clone your newly installed system forAutoYaST. To do so, select Clone This System for AutoYaST. The profile of the current system is stored in /root/autoyast.xml. Cloning is selected by default.

AutoYaST is a system for installing one or more SUSE Linux Enterprise systems automatically without user intervention. AutoYaST installations are performed using a control file with installation and configuration data. For detailed information, refer to Section 5.0, Automated Installation. Finish the installation of SUSE Linux Enterprise with Finish in the final dialog.