SuSE Linux 6.4 - Changes and Special Features

 

See also http://sdb.suse.de/sdb/en/html/bugs64.html

  • Kernel. The package kernmod or package kernmods are no longer necessary. The accordingly optimized kernel modules are installed "in one go" together with the kernel selected (see 3.6.2). The configuration files of the installed kernel are located in /boot as vmlinuz. config-pentium (Example!), vmlinuz.autoconf.h and vmlinuz.version.h. If you want, YaST will copy these files to the tree of the kernel sources.

  • Valid login shells are entered in /etc/shells; see manpage for shells (man 5 shells). If a user is allocated to /bin/true, then this user can only log in via the X Window System; he cannot obtain a shell. /bin/false as a login shell prevents any kind of log in.

  • package aaa_base: For reasons of clarity, the maintenance work which is needed to be carried out daily on the system has been divided into a num- ber of scripts. In /etc/cron.daily there are now, apart from aaa_base, the components backup_rpmdb, clean_catman, clean_core, clean_ instlog, clean_tmp, do_mandb, rotate_logs and updatedb; in addition aaa_base reads cron.daily.local, where your own extensions can be entered. For more information on the Cron system, refer to Section 16.6.1.

  • A newer version of tar has been included. The overwrite behavior when unpacking existing files has been changed. If you rely on the old mode, please use the option --overwrite.

  • Almost all programs in the package package nkita and package nkitb are in new versions. traceroute has been moved to the package nkitb. A number of programs are already "IPv6 ready"; for this reason you should ensure that DNS is correctly configured - otherwise it is possible you might have to wait for the DNS timeout for IPv6 queries.

  • On the package postfix: further setting options have been added; the start variables have been moved to /etc/rc.config.d/postfix.rc.config; see also Section 17.5.

  • The package squid, that is, version 1.x of the WWW proxy server, is no longer included. Since the now established version version 2.x is regarded as stable, it is generally recommended that you change to this. During the update the package squid is not automatically replaced by package squid2; it is at least necessary to delete the cache and check the configuration files.

  • The recommended DHCP client is to be found in the package dhcpd; for special cases, the package package dhclient is included.

  • For reasons of security, anonymous FTP is no longer allowed automatically. In order to allow anonymous FTP with the ftp daemon, the comment sign `#' in /etc/pam.d/ftpd must be removed at the beginning of the line:
            auth     sufficient      /lib/security/pam_ftp.so
        

  • Changing the password with PAM Pluggable Authentication Modules. pam_unix can also change NIS passwords and understands md5 hashes as passwords. Caution: see Section 3.6.7.
    There is now a new pam_pwcheck module which takes over the verification of new passwords. The old entry:
            password required    /lib/security/pam_unix.so
            #strict=false
          
    must be changed (in each case just one line, or with \ at the end of the line):
            password required    /lib/security/pam_pwcheck.so \
                                 nullok #use_cracklib
            password required    /lib/security/pam_unix.so     \
                                 nullok use_first_pass use_authtok
          
    This manual intrusion is only necessary if rpm is not allowed to change the configuration files itself, because the system administrator has made his own changes. This is, by the way, the case for all PAM configuration files located in /etc/pam.d.

  • As well as the manpages (see Section 15.2.8), the info pages are now also located in /usr/share.

  • makewhatis (package makewhat) now uses the help program manpath to locate the manpages. The environment variable MANPATH should no longer be set in rc files.

  • The package ncurses is a new version, 5.0; version 4.2 of the "shared library" is still included, so that as a rule precompiled programs can be still be used.

  • The package apache package has been split up. If you need special enhancements, you should also install the mod_* subpackages. Documentation on PHP can be found in the package package phpdoc. For organisational reasons the log files can be found in /var/log/httpd.

  • Roxen is split up in the following way: The package roxen without encryption and the package roxenssl is an addition with encryption support. This has the advantage that a separate package, package roxenint no longer has to be managed.

  • The package changes was discontinued. The same information can be given by rpm:
           newbie@earth: > rpm -q --changelog [paket]