8.3.1 Multiple Kernels

It is possible to install multiple kernels side by side. This feature is meant to allow administrators to upgrade from one kernel to another by installing the new kernel, verifying that the new kernel works as expected, then uninstalling the old kernel. While YaST does not yet support this feature, kernels can easily be installed and uninstalled from the shell using rpm -i package.rpm.

The default boot loader menus contain one kernel entry. Before installing multiple kernels, it is useful to add an entry for the extra kernels, so they can be selected easily. The kernel that was active before installing the new kernel can be accessed as vmlinuz.previous and initrd.previous. By creating a boot loader entry similar to the default entry and having this entry refer to vmlinuz.previous and initrd.previous instead of vmlinuz and initrd, the previously active kernel can be accessed. Alternatively, GRUB and LILO support wild card boot loader entries. Refer to the GRUB info pages (info grub) and to the lilo.conf(5) manual page for details.

8.3.2 Changes with Kernel Modules

The following kernel modules are no longer available:

The following kernel module package was changed internally:

For technical reasons, it was necessary to drop support for Ralink WLAN cards. The following modules were not part of the distribution and will not be added in the future:

8.3.3 Stricter tar Syntax

The tar usage syntax is stricter now. The tar options must come before the file or directory specifications. Appending options, like --atime-preserve or --numeric-owner, after the file or directory specification makes tar fail. Check your backup scripts. Commands such as the following no longer work:

tar czf etc.tar.gz /etc --atime-preserve

See the tar info pages for more information.

8.3.4 Kerberos for Network Authentication

Kerberos is the default for network authentication instead of heimdal. Converting an existing heimdal configuration automatically is not possible. During a system update, backup copies of configuration files are created as shown in Table 8-1.

The client configuration (/etc/krb5.conf) is very similar to the one of heimdal. If nothing special was configured, it is enough to replace the parameter kpasswd_server with admin_server.

It is not possible to copy the server-related (kdc and kadmind) data. After the system update, the old heimdal database is still available under /var/heimdal. MIT kerberos maintains the database under /var/lib/kerberos/krb5kdc. For more information, see Section 40.0, Network Authentication—Kerberos.

8.3.5 Hotplug Events Handled by the udev Daemon

Hotplug events are now completely handled by the udev daemon (udevd). The event multiplexer system in /etc/hotplug.d and /etc/dev.d is no longer used. Instead, udevd calls all hotplug helper tools directly according to its rules. Udev rules and helper tools are provided by udev and various other packages.

8.3.6 Firewall Activation During the Installation

To increase security, the enclosed firewall solution SuSEFirewall2 is activated at the end of the installation in the proposal dialog. This means that all ports are closed initially and can be opened in the proposal dialog if necessary. By default, you cannot log in from remote systems. It also interferes with network browsing and multicast applications, such as SLP, Samba ("Network Neighborhood"), and some games. You can fine-tune the firewall settings using YaST.

If network access is required during the installation or configuration of a service, the respective YaST module opens the needed TCP and UDP ports of all internal and external interfaces. If this is not desired, close the ports in the YaST module or specify other detailed firewall settings.

8.3.7 KDE and IPv6 Support

By default, IPv6 support is not enabled for KDE. You can enable it using the /etc/sysconfig editor of YaST. The reason for disabling this feature is that IPv6 addresses are not properly supported by all Internet service providers and, as a consequence, this would lead to error messages while browsing the Web and delays while displaying Web pages.

8.3.8 Online Update and Delta Packages

Online Update now supports a special kind of RPM package that only stores the binary difference from a given base package. This technique significantly reduces the package size and download time at the expense of higher CPU load for reassembling the final package. See /usr/share/doc/packages/deltarpm/README for technical details.

8.3.9 Print System Configuration

At the end of the installation (proposal dialog), the ports needed for the print system must be open in the firewall configuration. Port 631/TCP and port 631/UDP are needed for CUPS and should not be closed for normal operation. Port 515/TCP (for the old LPD protocol) and the ports used by Samba must also be open for printing via LPD or SMB.

8.3.10 Change to X.Org

The change from to is facilitated by compatibility links that enable access to important files and commands with the old names.

In the course of the change to X.Org, the packages were renamed from XFree86* to xorg-x11*.

8.3.11 X.Org Configuration File

The configuration tool SaX2 writes the X.Org configuration settings into /etc/X11/xorg.conf. During an installation from scratch, no compatibility link from XF86Config to xorg.conf is created.

8.3.12 XView and OpenLook Support Dropped

The packages xview, xview-devel, xview-devel-examples, olvwm, and xtoolpl were dropped. In the past, only the XView (OpenLook) base system was provided. The XView libraries are no longer provided after the system update. Even more important, OLVWM (OpenLook Virtual Window Manager) is no longer available.

8.3.13 Terminal Emulators for X11

A number of terminal emulators were removed because they are either no longer maintained or do not work in the default environment, especially by not supporting UTF-8. SUSE Linux Enterprise Server offers standard terminals, such as xterm, the KDE and GNOME terminals, and mlterm (Multilingual Terminal Emulator for X), which might be a replacement for aterm and eterm.

8.3.14 OpenOffice.org (OOo)

Directories

OOo is now installed in /usr/lib/ooo-2.0 instead of /opt/OpenOffice.org. The default directory for user settings is now ~/.ooo-2.0 instead of ~/OpenOffice.org1.1.

Wrapper

There are some new wrappers for starting the OOo components. The new names are shown in Table 8-4.

Table 8-4 Wrapper

Old	New
/usr/X11R6/bin/OOo-calc	/usr/bin/oocalc
/usr/X11R6/bin/OOo-draw	/usr/bin/oodraw
/usr/X11R6/bin/OOo-impress	/usr/bin/ooimpress
/usr/X11R6/bin/OOo-math	/usr/bin/oomath
/usr/X11R6/bin/OOo-padmin	/usr/sbin/oopadmin
/usr/X11R6/bin/OOo-setup	–
/usr/X11R6/bin/OOo-template	/usr/bin/oofromtemplate
/usr/X11R6/bin/OOo-web	/usr/bin/ooweb
/usr/X11R6/bin/OOo-writer	/usr/bin/oowriter
/usr/X11R6/bin/OOo	/usr/bin/ooffice
/usr/X11R6/bin/OOo-wrapper	/usr/bin/ooo-wrapper

The wrapper now supports the option --icons-set for switching between KDE and GNOME icons. The following options are no longer supported: --default-configuration, --gui, --java-path, --skip-check, --lang (the language is now determined by means of locales), --messages-in-window, and --quiet.

KDE and GNOME Support

KDE and GNOME extensions are available in the OpenOffice_org-kde and OpenOffice_org-gnome packages.

8.3.15 Sound Mixer kmix

The sound mixer kmix is preset as the default. For high-end hardware, there are other mixers, like QAMix. KAMix, envy24control (only ICE1712), or hdspmixer (only RME Hammerfall).

8.3.16 DVD Burning

In the past, a patch was applied to the cdrecord binary from the cdrecord package to support burning DVDs. Instead, a new binary cdrecord-dvd is installed that has this patch.

The growisofs program from the dvd+rw-tools package can now burn all DVD media (DVD+R, DVD-R, DVD+RW, DVD-RW, DVD+RL). Try using that one instead of the patched cdrecord-dvd.

8.3.17 Starting Manual Installation at the Kernel Prompt

The Manual Installation mode is gone from the boot loader screen. You can still get linuxrc into manual mode using manual=1 at the boot prompt. Normally this is not necessary because you can set installation options at the kernel prompt directly, such as textmode=1 or a URL as the installation source.

8.3.18 JFS: Not Supported Anymore

Due to technical problems with JFS, it is no longer supported. The kernel file system driver is still there, but YaST does not offer partitioning with JFS.

8.3.19 AIDE as a Tripwire Replacement

As an intrusion detection system, use AIDE (package name aide), which is released under the GPL. Tripwire is no longer available on SUSE Linux.

8.3.20 PAM Configuration

New Configuration Files (containing comments for more information)

common-auth

Default PAM configuration for auth section

common-account

Default PAM configuration for account section

common-password

Default PAM configuration for password changing

common-session

Default PAM configuration for session management

You should include these default configuration files from within your application-specific configuration file, because it is easier to modify and maintain one file instead of the approximately forty files that used to exist on the system. If you install an application later, it inherits the already applied changes and the administrator is not required to remember to adjust the configuration.

The changes are simple. If you have the following configuration file (which should be the default for most applications):

#%PAM-1.0
auth     required       pam_unix2.so
account  required       pam_unix2.so
password required       pam_pwcheck.so
password required       pam_unix2.so    use_first_pass use_authtok
#password required      pam_make.so     /var/yp
session required        pam_unix2.so

you can change it to:

#%PAM-1.0
auth     include        common-auth
account  include        common-account
password include        common-password
session  include        common-session

8.3.21 Becoming the Superuser Using su

By default, calling su to become root does not set the PATH for root. Either call su - to start a login shell with the complete environment for root or set ALWAYS_SET_PATH to yes in /etc/default/su if you want to change the default behavior of su.

8.3.22 Changes in the powersave Package

The configuration files in /etc/sysconfig/powersave have changed:

/etc/powersave.conf has become obsolete. Existing variables have been moved to the files listed in Table 8-5. If you changed the event variables in /etc/powersave.conf, these must now be adapted in /etc/sysconfig/powersave/events.

The names of sleep states have changed from:

To:

8.3.23 Powersave Configuration Variables

Names of the powersave configuration variables are changed for consistency, but the sysconfig files are still the same. Find more information in Section 27.5.1, Configuring the powersave Package.

8.3.24 PCMCIA

cardmgr no longer manages PC cards. Instead, as with Cardbus cards and other subsystems, a kernel module manages them. All necessary actions are executed by hotplug. The pcmcia start script has been removed and cardctl is replaced by pccardctl. For more information, see /usr/share/doc/packages/pcmciautils/README.SUSE.

8.3.25 Setting Up D-BUS for Interprocess Communication in .xinitrc

Many applications now rely on D-BUS for interprocess communication (IPC). Calling dbus-launch starts dbus-daemon. The systemwide /etc/X11/xinit/xinitrc uses dbus-launch to start the window manager.

If you have a local ~/.xinitrc file, you must change it accordingly. Otherwise applications like f-spot, banshee, tomboy, or Network Manager banshee might fail. Save your old ~/.xinitrc. Then copy the new template file into your home directory with:

cp /etc/skel/.xinitrc.template ~/.xinitrc

Finally, add your customizations from the saved .xinitrc.

8.3.26 NTP-Related Files Renamed

For reasons of compatibility with LSB (Linux Standard Base), most configuration files and the init script were renamed from xntp to ntp. The new filenames are:

8.3.27 File System Change Notification for GNOME Applications

For proper functionality, GNOME applications depend on file system change notification support. For local-only file systems, install the gamin package (preferred) or run the FAM daemon. For remote file systems, run FAM on both the server and client and open the firewall for RPC calls by FAM.

GNOME (gnome-vfs2 and libgda) contains a wrapper that picks gamin or fam to provide file system change notification:

8.3.28 Starting an FTP Server (vsftpd)

By default, xinetd no longer starts the vsftpd FTP server. It is now a stand-alone daemon and you must configure it with the YaST runtime editor.

8.3.29 Firefox 1.5: The URL Open Command

With Firefox 1.5, the method for applications to open a Firefox instance or window has changed. The new method was already partly available in former versions where the behavior was implemented in the wrapper script.

If your application does not use mozilla-xremote-client or firefox -remote, you do not need to change anything. Otherwise the new command to open a URL is firefox url and it does not matter whether Firefox is already running or not. If it is already running, it follows the preference configured in Open links from other applications in.

From the command line, you can influence the behavior by using firefox -new-window url or firefox -new-tab url.