Copyright © 2006 Novell, Inc.
Nämä julkaisutiedot sisältävät seuraavat kohdat:
Yleistä: Kaikille oleellista tietoa.
Update: Changes that are not mentioned in the Start-Up Manual, Chapter 2.
Asennus: Täydentävää tietoa asennuksesta.
Tekninen: Tämä osio sisältää kokeneille käyttäjille suunnattua tietoa teknisistä muutoksista ja parannuksista.
In the Start-Up Manual, find information about installation and basic system configuration. In the Reference Guide, the system configuration is explained in detail. Additionally, the most important applications are described in the Applications Manual.
The new registration procedure helps customers to manage their systems with Novell's infrastructure. Once registered, packages and patch sources suitable for the current system are automatically detected and made available to the package management system (zmd). Register as part of the installation procedure, using the YaST module, or with the suse_register command.
The registration procedure transfers zmd's unique device identifier to Novell's registration Web service. To determine the appropriate packages and package sources, information about the hardware architecture, operating system, and version is also sent. The current time zone is transmitted then used to select a source mirror site in your area.
To provide maximum flexibility, Novell's Web service asks for required parameters depending on the needs of the registration procedure. The following local commands may be run to determine the needed information:
hwinfo
uname
PRIVACY: To allow for maximum customer privacy, the procedure can be configured to deny optionally requested parameters. It is still possible to register, but the experience may be less user-friendly because many human readable system parameters will not be displayed. If you do not register, the underlying system will continue to work. However, the registration service cannot provide the online update configuration unless registration is performed to pass mandatory information, including product, operating system type and version, and CPU type.
If you send only the mandatory information, your system is configured for getting online updates from an appropriate source. If you have a purchased version of SUSE Linux, you can send optional information to register for your installation support. Sending the optional information for SUSE Linux Enterprise products gives access to a wide range of additional features. See the Novell Web site for details.
The phone numbers for the Free and Advanced Support in Germany are incorrect in the Start-Up manual, Chapter 9.7. Use the following numbers:
Free Installation Support: Germany: 0180 500 36 12 (12 Cent/minute)
Advanced Support: Germany: 0900 111 2 777 (1.86 €/minute)
If you skip Online Update Configuration during the installation and perform it later, you cannot see update packages listed in YaST even if ZENworks (rug or Software Updater) shows them. As a work-around after running the Online Update Configuration, run rug refresh as root from the command line, which lets YaST know about the update catalog.
This release of SUSE Linux Server ships with Novell AppArmor, which can protect your applications from software exploits. AppArmor protection can be enabled via the AppArmor control panel, which is located in YaST under Novell AppArmor.
The AppArmor profiles included with SUSE Linux have been developed in conjunction with our best efforts to reproduce how most users will use their software. The profiles we have provided will work unmodified for many users—however, some users will find our profiles too restrictive for their environments.
If you discover that some of your applications do not function as you expected, you may need to use the AppArmor Update Profile Wizard in YaST (or use the aa-logprof command line utility) to update your AppArmor profiles. You may place all your profiles into learning mode with the following:
aa-complain /etc/apparmor.d/*
When a program generates many complaints, the system's performance will be degraded; to mitigate this, we recommend periodically running the Update Profile Wizard (or aa-logprof) to update your profiles even if you choose to leave them in learning mode. This will reduce the number of learning events logged to disk which will improve the performance of the system.
SUSE Linux comes with an add-on CD-ROM (CD6) that contains binary-only software. On this CD-ROM, find, for example, the firmware for WLAN cards such as Intel Centrino or an alternative Java engine.
Include the add-on medium by activating the "Include Add-On Products from Separate Media" option in the YaST installation type dialog at the beginning of the installation or update.
On some computers, Firefox with Pango support enabled is very slow. The performance seems to depend on the X server. Set MOZ_DISABLE_PANGO=0 if you want to switch on font rendering for your environment anyway:
export MOZ_DISABLE_PANGO=0
firefox
The English, German, and Czech manuals are the mandatory reference if the contents of a language version differs from the English text due to late software changes. Here is the list of noteworthy differences in the Start-Up manual:
Chapter 1, "Installation with YaST": The installation workflow is more detailed now: New section about "Selecting the Source of the Installation Data". The "Time Zone" gets set up between "System Analysis" and "Desktop Selection". There are now steps for "Cleanup" and "Completing Installation" with the possibility to "Clone this System for AutoYaST."
Chapter 2, "System Configuration with YaST": Enhancements and adjustments to "Installing and Removing Software", "Installing Add-On Products", "Automatic Online Update", "Registering", "Infrared Device" (IrDa), "Network Services" (Kerberos), and "Update from the Command Line" (rug User Management).
Instead of the Web Updater, use the Online Update YaST module. In "Network Services", NIS and NFS are split to client and server parts. "Start-Up Log" and "System Log" are separate sections now.
The "Saving the Package Selection" feature is not supported at the moment. The "Adding CD and DVD into System" (fstab) module was withdrawn.
To apply security updates and install additional software packages, use the ZENworks updater applet for KDE and GNOME, which replaces SUSEwatcher. The ZENworks updater helps monitor available patches. The Online Updater from within the YaST Control Center is an alternative for updating software that uses the package manager interface.
For automatic update, use rug, which replaces the YaST Online Update (YOU) in cron tables.
For more information about the ZENworks updater, see the PDF online documentation on the first installation medium (docu/en/applying_patches.pdf). More information about rug is available in the SUSE Linux Start-Up Manual.
Before starting a remote update (for example, with VNC), make sure that the firewall of your system is configured accordingly. Use YaST to open the ports that are required to access your system remotely. Start the YaST Control Center. Then click "Network Services" -> "Remote Administration" and select "Allow Remote Administration". If necessary, activate "Open Port in Firewall".
Read the YaST help text for more information.
Starting with SUSE Linux 10.1, the vsftpd FTP server can be configured to run independently or using the xinetd superdaemon. The default is now for independent use—in previous versions, the default was to use xinetd. To run it with xinetd, enable the service in the xinetd configuration file (/etc/xinetd.d/vsftpd) and set the following option line in /etc/vsftpd.conf:
listen=NO
SUSE Linux comes with MySQL 5.0. As with every major release update, it is strongly recommended to perform a backup of the MySQL table files and create an SQL dump beforehand. After the update, /etc/init.d/mysql automatically executes mysql_fix_privilege_tables. Refer to http://dev.mysql.com/doc/refman/5.0/en/upgrade.html for more information and detailed instructions.
The installation is described in the Start-Up Guide.
SUSE Linux can be installed from either the DVD or a set of CD-ROM media. However, not all packages fit on the CD-ROMs. Only those users install most often are included. Find an overview listing the differences at http://www.novell.com/products/linuxpackages/professional/diff_cd_dvd.html.
If your system lacks a DVD drive and you need a certain package, either put the DVD in another machine connected with your network and mount it remotely for installation or use YaST to select a public FTP server as an installation source.
If you encounter nonfunctional hardware, check the Hardware Compatibility List at http://en.opensuse.org/HCL. The list also offers tips on how to get certain hardware working, including information about third-party drivers for hardware, such as video cards.
Because some laptops cannot be detected properly, the Laptop Selection is not enabled automaticaly. To add the laptop selection, start the YaST software package management and select "Laptop Selection" manually. If NetworkManager is not set up by default on your laptop, configure it manually during the network configuration.
For security reasons, sudo no longer does X forwarding. If you want to start an X program such as YaST that requires root permissions, either become root first using su or call it through ssh as follows:
ssh -X -l root localhost yast2
With X.Org 6.9, the latest radeon driver is included, which supports nonrectangular MergedFB, RN50/ES1000 chips, VIVO, and BIOS hotkeys among other features. Our customers have been waiting for this impatiently for quite some time. Because several of these features touch very low level parts of the driver and customers have experienced problems with some chipset revisions, we also ship the version of the radeon driver already available on SUSE Linux 10.0 as a fallback with a reduced feature set—for example, it does not support DRI ("3D"). This old driver is called "radeonold". This old driver is not supported, because it is no longer actively developed.
If you encounter problems with the radeon driver, switch to the "radeonold" driver, which can be configured using SaX2. On a console prompt, enter sax2 -m 0=radeonold for configuration.
With some older i830 chipsets, dual head support for the X Window System is not available. Deactivate the dual head setting in the YaST hardware configuration dialog when installing SUSE Linux or manually run SaX2 (sax2) after installing SUSE Linux to deactivate dual head.
Because the sonypi kernel module does not work on recent Sony laptops, automatic loading of this module has been disabled. If you know that this kernel module does not cause trouble on your laptop, add sonypi to MODULES_LOADED_ON_BOOT in /etc/sysconfig/kernel.
The following kernel modules are no longer available:
AVM Fritz!Card DSL
AVM FRITZ! ISDN Adapters
The following kernel module package was changed internally:
Various drivers for wireless LAN cards. The madwifi driver for Atheros WLAN cards was removed.
For technical reasons, it was necessary to drop support for Ralink WLAN cards. The old driver no longer works with kernel version 2.6.16 and the new version is not yet stable enough. We intend to release an update as soon as the new version is stable enough.
Find additional drivers in the kmp packages. For background information, see http://en.opensuse.org/Kernel_Module_Packages.
On some machines, CPU frequency scaling can cause hangs when the machine is idle or when powersaved starts. In these cases, disable the powersave daemon at the installation with POWERSAVE=off as a boot parameter.
Mikäli tätä asetusta ei määritetä asennuksen ensimmäisen CD-käynnistyksen alussa, virransäästödemoni voidaan myöhemmin poistaa käytöstä komennolla chkconfig powersaved off.
Paikallinen ja IO APIC 32-bittiselle x86-arkkitehtuurille on muuttunut. Paikallinen ja IO APIC (I/O Advanced Programmable Interrupt Controller) on SMP-yhteensopiva PC-tyylisten keskeytysohjaimien korvaaja. SMP-järjestelmissä ja kaikissa uusimmissa yksiprosessorijärjestelmissä on tällainen ohjain.
Aiemmin paikallinen ja IO APIC -tuki oli oletuksena poissa käytöstä yksiprosessorijärjestelmissä ja se piti ottaa erikseen käyttöön ytimen "apic"-asetuksella. Nyt se on oletuksena käytössä ja voidaan ottaa pois käytöstä käsin. 64-bittisissä järjestelmissä APIC on aina oletuksena käytössä.
Järjestelmissä, joissa on vuoden 2001 jälkeen julkaistu BIOS-versio,paikallinen ja IO APIC on oletuksena käytössä, ellei sitä ole poistettu käytöstä BIOS-asetuksissa tai käyttäjän toimesta.
Järjestelmissä, joissa on vuoden 1998 jälkeen ilmestynyt Intelin BIOS-versio, paikallinen ja IO APIC on oletuksena käytössä.
Moniprosessorijärjestelmissä paikallinen ja IO APIC on oletuksena käytössä.
Mikäli laitteiston toiminnassa on ongelmia, voit määrittää seuraavat asetukset käsin:
Poistaaksesi paikallisen APIC:in käytöstä määritä ytimen asetus nolapic (tämä poistaa välillisesti IO APIC:in käytöstä).
Poistaaksesi IO APIC:in käytöstä määritä ytimen asetus noapic.
Saadaksesi käyttöön aikaisempien julkaisujen mukaiset asetukset määritä ytimen asetus nolapic.
ulimit-asetuksia voidaan määrittää /etc/sysconfig/ulimit-tiedostossa. Perusasetuksissa ytimen oletusasetuksista on poikettu vain kahden raja-asetuksen kohdalla:
SOFTVIRTUALLIMIT=80 -asetus rajoittaa yksittäisen prosessin muistiavaruuden siten, että se ei voi varata enempää kuin 80% käytettävissä olevasta virtuaalimuistista (RAM ja swap).
SOFTRESIDENTLIMIT=85 -asetus rajoittaa yksittäisen prosessin muistiavaruuden siten, että se ei voi ottaa käyttöönsä enempää kuin 85% fyysisestä muistista (RAM).
Näitä pehmeitä rajoituksia voidaan muuttaa myös käyttäjien toimesta ulimit-komennolla. Kovia rajoituksia voi muuttaa ainoastaan pääkäyttäjä (root).
Arvot on valittu konservatiivisesti isojen, aiemmin toimineiden prosessien toimivuuden varmistamiseksi. Mikäli järjestelmässä ei ole oikeutettuja prosesseja, joilla on valtava muistinkäyttötarve, aseta raja alemmaksi saadaksesi toimivamman suojan karanneita prosesseja vastaan. Rajat ovat prosessikohtaisia eivätkä toimi suojana pahantahtoista käyttäjää vastaan. Nämä rajat on tarkoitettu suojaamaan vahingossa tapahtuvalta kohtuuttomalta muistinkäytöltä.
Käyttäjäkohtaisten raja-arvojen määrittämiseksi käytä pam_limits toiminnallisuutta määrittämällä asetukset /etc/security/limits.conf-tiedostossa. Tähän ei tarvita ulimit-pakettia, mutta molempia määritystapoja voidaan käyttää rinnakkain. limits.conf-tiedostossa määritetyt rajat ohittavat ulimit-paketin yleiset oletukset.
On SUSE Linux 10.1 a new mounting mechanism replaces the submount system used earlier. This new mechanism does not unmount media automatically, but on hardware request. Some devices, most notably older CD drives but also some new drives with broken firmware, do not send this signal. To eject the media on such devices, select Eject in the context menu (opened by right-clicking) of the device in "My Computer" or select Eject in the context menu of the device icon on the desktop.