SUSE Linux Enterprise Desktop 12 SP2

Release Notes

These release notes are generic for all SUSE Linux Enterprise Desktop 12 SP2 based products. Some parts may not apply to particular architectures or products. Where this is not the case, the respective architecture is listed explicitly. General documentation may be found at: http://www.suse.com/documentation/sled-12/

Publication Date: 2017-06-05, Version: 12.2.20170602

1 SUSE Linux Enterprise Desktop

SUSE Linux Enterprise Desktop is the market's only enterprise-quality Linux desktop ready for routine business use. Developed and backed by SUSE, SUSE Linux Enterprise Desktop provides market-leading usability, seamless interoperability with existing IT systems, and dozens of essential applications—all at a fraction of the price of proprietary operating systems.

1.1 Interoperability and Hardware Support

It comes bundled with the latest versions of leading applications such as LibreOffice office productivity suite, Mozilla Firefox web browser, and Evolution e-mail and calendar suite. In addition, it integrates with Microsoft SharePoint for group collaboration and supports a wide range of multimedia file formats, wireless and networking standards, and plug-and-play devices.

Through the latest enhancements in power management and security, SUSE Linux Enterprise Desktop also provides an environmentally friendly IT experience (Green IT) and an error-proof desktop. Finally, SUSE Linux Enterprise Desktop offers unparalleled flexibility. You can deploy it on a wide range of thick client devices (including desktops, notebooks, netbooks, and workstations), on thin client devices, or as a virtual desktop. By leveraging the power of SUSE Linux Enterprise Desktop, your business can dramatically reduce costs, improve end user security and increase workforce productivity.

1.2 Support and Life Cycle

SUSE Linux Enterprise Desktop 12 has a 7 year life cycle. The current version (SP2) will be fully maintained and supported until 6 months after the release of SUSE Linux Enterprise 12 SP3.

1.3 What Is New?

SUSE Linux Enterprise Desktop 12 introduces a number of innovative changes. Here are some of the highlights:

  • Robustness on administrative errors and improved management capabilities with full system rollback based on Btrfs as the default file system for the operating system partition and snapper technology from SUSE.

  • An overhaul of the installer introduces a new workflow that allows you to register your system and receive all available maintenance updates as part of the installation.

  • New core technologies like systemd, replacing the time honored System V based init process.

  • GNOME 3.20 gives users a modern desktop environment with a choice of several different look and feel options, including a special SUSE Linux Enterprise Classic mode for easier migration from earlier SUSE Linux Enterprise Desktop environments.

  • For users wishing to use the full range of productivity applications of a Desktop with SUSE Linux Enterprise Server, we are now offering the SUSE Linux Enterprise Workstation Extension

  • Integration with the new SUSE Customer Center, the central web portal from SUSE to manage subscriptions, entitlements, and provide access to support.

1.4 Documentation and Other Information

1.4.1 Available on the Product Media

  • Read the READMEs on the media.

  • Get the detailed changelog information about a particular package from the RPM (FILENAME is the name of the RPM):

    rpm --changelog -qp FILENAME.rpm
  • Check the ChangeLog file in the top level of the media for a chronological log of all changes made to the updated packages.

  • Find more information in the docu directory of the media of SUSE Linux Enterprise Desktop 12 SP2. This directory includes PDF versions of the SUSE Linux Enterprise Desktop 12 SP2 Installation Quick Start and Deployment Guides. Documentation (if installed) is available below the /usr/share/doc/ directory of an installed system.

  • The up-to-date version of these release notes is available online from http://www.suse.com/releasenotes/.

    Release notes usually only list changes that happened between two subsequent releases. Therefore, if you are skipping one or more service packs, check the release notes of the skipped service packs as well.

1.4.2 Additional or Updated Documentation

For SUSE Linux Enterprise Desktop 12 documentation, see http://www.suse.com/documentation/sled-12/, where you can download PDF documents. For installation with YaST software management or with zypper, packages are available on the product media. Some of these packages are installed by default. These are the package names:

  • sled-installquick_en-pdf: SLED 12 SP2 Installation Quick Start

  • sled-gnomeuser_en-pdf: SLED 12 SP2 GNOME User Guide

  • sled-admin_en-pdf: SLED 12 SP2 Administration Guide

  • sled-deployment_en-pdf: SLED 12 SP2 Deployment Guide

  • sled-security_en-pdf: SLED 12 SP2 Security Guide

  • sled-tuning_en-pdf: SLED 12 SP2 Tuning Guide

  • sled-manuals_en: the set of all SLED books in HTML format

1.5 How to Obtain Source Code

This SUSE product includes materials licensed to SUSE under the GNU General Public License (GPL). The GPL requires SUSE to provide the source code that corresponds to the GPL-licensed material. The source code is available for download at http://www.suse.com/download-linux/source-code.html. Also, for up to three years after distribution of the SUSE product, upon request, SUSE will mail a copy of the source code. Requests should be sent by e-mail to mailto:sle_source_request@suse.com or as otherwise instructed at http://www.suse.com/download-linux/source-code.html. SUSE may charge a reasonable fee to recover distribution costs.

1.6 Support Statement for SUSE Linux Enterprise Desktop

To learn how to obtain support, see http://www.suse.com/products/desktop/.

1.6.1 Technology Previews

Technology Preview features are either not supported or supported in a limited fashion. These features are mainly included for customer convenience and may be functionally incomplete, unstable or in other ways not suitable for production use.

1.6.1.1 Support for Current AMD Radeon GPUs

As a technical preview, SUSE Linux Enterprise ships the graphics driver xf86-video-amdgpu for current AMD Radeon GPUs.

Since this driver is still in an experimental state, it is not installed by default. By default, it is only enabled for one GPU on which it was tested successfully.

Important: At this stage, this driver is not supported.

To be able to use the driver, first install the package xf86-video-amd. Then, enable it for your GPU by editing /etc/X11/xorg_pci_ids.

The required format is: \<VendorID\>\<DeviceID\>. It is also described in the configuration file itself.

To find vendor ID and device ID, use the command:

lspci -n | grep 0300

All supported vendor IDs/device IDs are already in the file but are commented out. For your vendor ID/device ID combination, remove the comment character # from the beginning of the line.

1.7 Related Products

This sections lists related products. In many cases, these products have own release notes documents that are available from https://www.suse.com/releasenotes/.

Additionally, there are the following extensions which are not covered by SUSE support agreements, available at no additional cost and without an extra registration key:

2 Installation and Upgrade

This section includes information related to the initial installation of SUSE Linux Enterprise Desktop 12 SP2. For information about installing, see Deployment Guide at https://www.suse.com/documentation/sled-12/book_sle_deployment/data/book_sle_deployment.html.

2.1 Updating the Installer at the Beginning of the Installation or Upgrade

Until SLES 12 SP1, the only method of updating the installer was through the use of a driver update disk. This required manual work such as downloading the driver update and explicitly pointing the installer at it.

Starting with the SLES 12 SP2 installer, at the beginning of the installation or upgrade, the installer can contact the update server to find out whether updates for the installer are available. If there are, they are automatically applied and YaST is restarted. The installer is able to download the updates from the regular update server, a local SMT server, or a custom URL.

By default, this functionality is off. Enable this feature using the boot option self_update=1.

For more information, see the documentation at https://github.com/yast/yast-installation/blob/SLE-12-SP2/doc/SELF_UPDATE.md (https://github.com/yast/yast-installation/blob/SLE-12-SP2/doc/SELF_UPDATE.md).

2.2 Installation

2.2.1 Installer Crashes When Set to Mount by Label by Default

When setting the default mount value to By Label during partitioning, the installer will report an error and crash.

As a workaround, use another option for installation. If needed, switch back to By Label on the running system.

2.2.2 Media-based Sources Are Disabled After Installation If They Are Not Needed

Previously, when installing from local media, like a CD/DVD or USB drive, these sources remained enabled after the installation.

This could cause problems during software installation, upgrade or migration because an old or obsolete installation source remained there. Additionally, if the source was physically removed (for instance, by ejecting the CD/DVD), Zypper would complain about the source not being available.

After the installation, YaST will now check every local source to determine if the product they provide is also available through a remote repository. In that case, the local source will be disabled.

2.2.3 Partitioning Proposal: "Flexible Partitioning" Feature Has Been Removed

YaST is a highly configurable installer that allows setting very different behaviors for each product using it (SUSE Enterprise Linux, openSUSE, etc.). In previous versions of YaST, it was possible to use a feature called "Flexible Partitioning". This feature has become obsolete, as the more standard proposal mechanism has been used by SLE and openSUSE in all recent releases.

The new version of YaST detects when a (modified) installer tries to use the obsolete "Flexible Partitioning" feature, alerts the user and falls back to the standard proposal mechanism automatically.

2.2.4 Option to Create AutoYaST Profile During Installation Has Been Removed

In earlier versions of SUSE Linux Enterprise, you could clone the system configuration as an AutoYaST profile during installation. However, many services and system parameters can only be configured after the installation process has completed and the system is up and running. This can result in an AutoYaST profile missing parts of the desired configuration.

The option of creating an AutoYaST profile during installation has been removed. However, you can still create an AutoYaST profile from the running system, after you have made sure that the system configuration fits your needs.

3 Architecture Independent Information

3.1 Kernel

3.1.1 Incompatible Changes in the New 4.4 Kernel

The following minor changes have been identified in the 4.4 kernel:

  • Support for TCP Limited Slow Start (RFC3742) has been removed. This feature had multiple drawbacks and questionable benefit. Its implementation was inefficient and difficult to configure. The problem that Limited Slow Start was trying to solve is now better covered by the Hybrid Slow Start algorithm which is part of default congestion control algorithm, CUBIC.

  • The kernel.blk_iopoll sysctl has been removed. This setting allowed toggling some block device drivers between iopoll and non-iopoll mode. This allowed for easier debugging of these drivers during early development. Since using this toggle was dangerous and the toggle is not needed for production setups, it has been removed.

  • The cgroup.event_control file is only available in cgroups with a memcg attached to it. There was no code using this interface outside of memcg, so this change is considered harmless.

  • The vm.scan_unevictable_pages sysctl has been removed because the functionality it was backing had been removed in 2011. Any usage of the file has been reported to the kernel log with an explanation that the file has no effect. There were no reports about a use case requiring this functionality.

  • The /sys/devices/system/memory/memory%d/end_phys_index file has been removed, because the information it exposed is considered internal to the kernel and an implementation detail. This information is not required for the memory hotplug functionality.

3.2 Systems Management

3.2.1 SASL Integration in sudo

When SUSE Linux Enterprise 12 was first released, the sudo binary did not correctly support SASL authentication for LDAP because the package was built without a build dependency on the package cyrus-sasl-devel.

To be able to use sudo with SASL, update to the latest version of the package sudo. For information about enabling SASL authentication for sudo, see man 5 sudoers.ldap.

3.2.2 systemd: Support for System V and LSB Init Scripts Has Been Moved Out of Core Daemon

To ease future maintenance, in SLE 12 SP2, systemd was updated to version 228. This version does not support using System V and LSB init scripts from the systemd daemon itself any more.

This functionality is now implemented as a generator that creates systemd unit files from System V/LSB init scripts. These unit files are generated at boot or when systemd is reloaded. Therefore, to have changed System V init scripts recognized by systemd, run systemctl daemon-reload or reboot the machine.

For more information, see the man page of systemd-sysv-generator (man systemd-sysv-generator).

If you are packaging software that ships System V init scripts, use the RPM macros documented at https://en.opensuse.org/openSUSE:Systemd_packaging_guidelines (https://en.opensuse.org/openSUSE:Systemd_packaging_guidelines#Register_services_in_install_scripts) (Section "Register Services in Install Scripts").

3.2.3 AutoYaST: Applying the First-Stage Network Configuration to the Installed System

Due to a problem in the AutoYaST version shipped with SLE 12 SP1, the network configuration used during the first stage was always copied to the installed system. This happened regardless of the value of keep_install_network in the AutoYaST profile.

SLE 12 SP2 behaves as expected and keep_install_network will be set to true by default.

3.2.4 ntp 4.2.8

ntp was updated to version 4.2.8.

  • The ntp server ntpd does not synchronize with its peers anymore and the peers are specified by their host name in /etc/ntp.conf.

  • The output of ntpq --peers lists IP numbers of the remote servers instead of their host names.

Name resolution for the affected hosts works otherwise.

Parameter changes

The meaning of some parameters for the sntp command-line tool have changed or have been dropped, for example sntp -s is now sntp -S. Please review any sntp usage in your own scripts for required changes.

After having been deprecated for several years, ntpdc is now disabled by default for security reasons. It can be re-enabled by adding the line enable mode7 to /etc/ntp.conf, but preferably ntpq should be used instead.

3.3 Networking

3.3.1 Improved Bridge Handling in YaST

The configuration UI for bridges in YaST did not always show all information and did not always convert parameters properly when editing older configurations.

In SLE 12 SP2, this behavior has been improved upon:

  • The information about bridge ports and bridges is shown for each interface.

  • In the case of old configuration, upon reading the configuration, the bootproto static will be converted to none and the parameter zero IPADDR will be removed.

Additionally, to improve the user experience, the management of bridges and bonding has been unified and the interface is now updated after any change.

3.3.2 No Support for Samba as Active Directory-Style Domain Controller

The version of Samba shipped with SLE 12 GA and newer does not include support to operate as an Active Directory-style domain controller. This functionality is currently disabled, as it lacks integration with system-wide MIT Kerberos.

3.4 Virtualization

3.4.1 Others

3.4.1.1 Support for 3D Graphics in VMware Guest

The vmwgfx driver supports 3D with VMware hardware version 11.

4 Packages and Functionality Changes

4.1 New Packages

4.1.1 Mutt Has Been Updated to 1.6.0

Mutt has been updated to version 1.6.0. This version has the following new features:

  • Better internationalization support: UTF-8 mailbox support for IMAP and improved support for internationalized email and SMTPUTF8

  • $use_idn has been renamed to $idn_decode

  • Expandos for comma-separated lists of To (%r) and CC recipients (%R).

  • Improved handling of drafts: -E command-line argument for edit draft or include files, $resume_draft_files and $resume_edited_draft_files to control processing of draft files, and support for multipart draft files

  • $reflow_space_quotes allows format=flowed email quotes to be displayed with spacing between them.

  • The S/MIME message digest algorithm is now specified using the option $smime_sign_digest_alg. $smime_sign_command should be modified to include -md %d.

  • For classic GPG mode, set $pgp_decryption_okay to verify that multipart/encrypted mails are actually encrypted.

  • By default, mailto URL header parameters are restricted to body and subject. To add or remove allowed mailto URL header parameters, use mailto_allow and unmailto_allow.

  • $hostname is set differently: the domain will now be determined using DNS calls

4.1.2 Devilspie 2 Has Been Added

Desktop users often want the size and position of windows to remain the same, even across application restarts. Such functionality usually has to be implemented at the application level but not all applications do so.

In SUSE Linux Enterprise 12 SP2, Devilspie 2 (package devilspie2) has been added. Desvilspie 2 is a window matching utility that allow you to script actions on windows as they are created, such as maximizing windows or setting their size and position.

4.1.3 openldap2-ppolicy-check-password Has Been Added: OpenLDAP Password Strength Policy Enforcer

To allow evaluating and enforcing password strength in an OpenLDAP deployment, the package openldap2-ppolicy-check-password has been added. It is an OpenLDAP password policy plugin which evaluates and enforces strength in new user passwords, and denies weak passwords in password change operations. Configuration options of the plugin allow system administrators to adjust password strength requirements.

4.2 Updated Packages

4.2.1 lsof Has Been Updated to Version 4.89

lsof has been updated from version 4.84 to 4.89. The changelog can be found in the file /usr/share/doc/packages/lsof/DIST.

4.2.2 Qt 5 Has Been Updated to 5.6.1

The Qt 5 libraries were updated to 5.6.1, a Qt 5.6 LTS based release. Qt 5.6.1 includes new features and security fixes for known vulnerabilities over Qt 5.5.1 (the version shipped in an upgrade to SP1).

This release includes many bug fixes and changes that improve performance and reduce memory consumption.

For security reasons, the MNG and JPEG2000 image format plugins are not shipped anymore, because the underlying MNG and JPEG2000 libraries have known security issues.

New features include:

  • Better support for high-DPI screens

  • Update of QtWebEngine which updates the included Chromium snapshot to version 45 and now uses many of the system libraries instead of bundled ones

  • New Qt WebEngineCore module for new low-level APIs

  • The Qt Location module is not fully supported.

  • Improved compatibility with C++11 and the STL

  • New QVersionNumber class

  • Added support for HTTP redirection in QNetworkAccessManager

  • Improved support for OpenGL ES 3

  • Qt Multimedia got a new PlayList QML type and an audio role API for the media player

  • Qt Canvas 3D now supports Qt Quick Items as textures and can directly render to the QML scenes foreground or background

  • Qt 3D has received many improvements and new functionality

  • Many other features and bugfixes

As part of this update, Qt Creator has been updated to 4.0.1 (from Qt Creator 3.5.1 shipped as an update to SP1).

New features of Qt Creator include:

  • Clang static analyzer integration, extended QML profiler features, path editor of Qt Quick Designer and auto test integration (experimental) are now available

  • The Clang code model is now automatically used if the (experimental) plugin is turned on

  • Improved workflow for CMake-based projects

  • The Analyze mode was merged with Debug mode, so that the new unified Debug mode includes the Debugger, Clang Static Analyzer, Memcheck, Callgrind and QML Profiler tools

  • Many other features and bugfixes

4.2.3 More IBus Engines Available

To improve Asian language support, there are now more IBus engines available:

  • ibus-rime

  • ibus-skk

  • ibus-kkc

  • ibus-table

  • ibus-chewing

  • ibus-libzhuyin

  • ibus-sunpinyin

  • ibus-mozc

  • various ibus-table-* engines

As a result of this, some components, such as openCC, were updated to more recent versions. libopencc1 package is no longer provided and has been replaced by libopencc2.

4.2.4 OpenSSH Has Been Updated to Version 7.2

OpenSSH received numerous changes and improvements in the last years. To ease further maintenance, OpenSSH was upgraded to a more current release.

Note that the SSHv1 protocol is no longer supported.

4.2.5 openSSL Has Been Updated to Version 1.0.2

openSSL has been updated from version 1.0.1 to 1.0.2 which is a compatible minor version update. This will help future maintenance, and also brings many bug fixes.

The update to openSSL 1.0.2 should be transparent to existing programs.

However, there were some functional changes were done: SSL 2 support is now fully disabled and certain weak ciphers are no longer built in.

4.2.6 Kernel and Toolchain

  • GCC 4.8

  • glibc 2.22

  • Linux kernel 4.4

4.2.7 Desktop

  • GNOME 3.20

  • X.org 7.6

4.2.8 Other Changes and Version Updates

  • Samba 4.4.2

  • UEFI Enablement on AMD64/Intel 64

  • SWAP over NFS

  • Python 2.7.9 and Python 3.4.1

  • Perl 5.18.2

  • Ruby 2.1

4.3 Deprecated Functionality

4.3.1 SLED Installation Media Without SLED Images

SLED images are no longer shipped on the SLED installation media.

4.3.2 librpcsecgss3 Has Been Removed

librpcsecgss (packages: librpcsecgss3, librpcsecgss-devel) has been removed. With the release of libtirpc, the development of libsecgss stopped and it fell out of use. We recommend using libtirpc instead.

4.3.3 python-tornado Has Been Removed

The package python-tornado is no longer provided, as it was not required by any packages on SLED 12 SP2.

4.3.4 Flash Player Has Been Removed

Starting with SLE 12 SP2, the Adobe Flash Player plugin for the Firefox browser is no longer provided by SUSE.

Adobe provides a third-party RPM repository which can be used to install Flash Player. To install Flash Player from this repository, do the following:

To add this repository to your system, in a terminal, run:

sudo zypper ar --check --refresh http://linuxdownload.adobe.com/linux/x86_64/ adobe

To see the packages provided by this repo, use:

sudo zypper se -s -r adobe

There are two packages: the Flash Player plugin itself and a package named adobe-release-x86_64. First install this additional package and add the repository key that it contains:

sudo zypper in adobe-release-x86_64
sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-adobe-linux

Then, to install the Adobe Flash Player RPM package, run:

zypper in flash-plugin

To make Mozilla Firefox detect the Flash plugin, restart Mozilla Firefox.

4.3.5 Packages and Features to Be Removed in the Future

The following packages are deprecated and will be removed with SUSE Linux Enterprise Desktop 13.

4.3.5.1 fcitx Is Deprecated and Will Be Replaced with the IBus Input Method

With SLE 12 SP1, the fcitx input method is deprecated. Starting with SLE 12 SP2, it will no longer be supported nor shipped. You can switch to the IBus input method.

4.3.5.2 Xemacs Has Been Removed

Xemacs has been removed in favor of GNU Emacs. Starting with SLE 12 SP2, it will no longer be provided or supported. We suggest switching to GNU Emacs which is fully supported.

4.4 Changes in Packaging and Delivery

4.4.1 GNOME Desktop: Clicking "Open in Terminal" on the Desktop Now Opens the Home Directory

When right-clicking the GNOME desktop and selecting Open in Terminal, GNOME Terminal will now open with the working directory set to the home directory (~) and not set to the Desktop directory (~/Desktop). This happens because the package nautilus-extension-terminal is now installed by default.

To switch to the former behavior, first uninstall nautilus-extension-terminal and then install nautilus-open-terminal. However, note that the package nautilus-open-terminal may not be provided in future service packs.

5 Legal Notices

SUSE makes no representations or warranties with respect to the contents or use of this documentation, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, SUSE reserves the right to revise this publication and to make changes to its content, at any time, without the obligation to notify any person or entity of such revisions or changes.

Further, SUSE makes no representations or warranties with respect to any software, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, SUSE reserves the right to make changes to any and all parts of SUSE software, at any time, without any obligation to notify any person or entity of such changes.

Any products or technical information provided under this Agreement may be subject to U.S. export controls and the trade laws of other countries. You agree to comply with all export control regulations and to obtain any required licenses or classifications to export, re-export, or import deliverables. You agree not to export or re-export to entities on the current U.S. export exclusion lists or to any embargoed or terrorist countries as specified in U.S. export laws. You agree to not use deliverables for prohibited nuclear, missile, or chemical/biological weaponry end uses. Refer to http://www.suse.com/company/legal/ for more information on exporting SUSE software. SUSE assumes no responsibility for your failure to obtain any necessary export approvals.

Copyright © 2010- 2017 SUSE LLC. This release notes document is licensed under a Creative Commons Attribution-NoDerivs 3.0 United States License (CC-BY-ND-3.0 US, http://creativecommons.org/licenses/by-nd/3.0/us/.

SUSE has intellectual property rights relating to technology embodied in the product that is described in this document. In particular, and without limitation, these intellectual property rights may include one or more of the U.S. patents listed at http://www.suse.com/company/legal/ and one or more additional patents or pending patent applications in the U.S. and other countries.

For SUSE trademarks, see SUSE Trademark and Service Mark list (http://www.suse.com/company/legal/). All third-party trademarks are the property of their respective owners.

Print this page