In association with heise online

SELinux

The support contract now covers the use of the SELinux security framework. SUSE has long used AppArmor, but began to move towards using SELinux in mid 2008. SELinux was added in SLE11 Service Pack 1, but was unsupported. SUSE has also added full support for Tomcat6. Tomcat's servlet container was previously merely a component of the software development kit. A handful of functions are classed as being technology previews, and are thus excluded from support under the terms of SLE subscriptions. These include running SUSE on a shared read-only root filesystem and the Internet Storage Naming Service (iSNS), which is designed for use on secure internal networks only.

Widely distributed

The release notes for High Availability Extension Service Pack 2 state that, in addition to "local" and "metro area" clusters, it is also now possibly to operate "geographical clustering". Under this scenario, applications can run on widely dispersed cluster nodes which replicate data between them. This guarantees the availability of services and data even if one cluster site is affected by fire or a natural disaster. To obtain support for this configuration, users need to purchase a Geo Clustering for SUSE Linux Enterprise High Availability Extension subscription.

Miscellaneous

  • As with Service Pack 1, SUSE uses GCC 4.3.4 as its default compiler and glibc 2.11.1 as its default C library. The version numbers of X Server (X.Org 7.4) and the desktop interfaces (GNOME 2.28, KDE 4.3.5) also remain unchanged.
  • OpenJDK 1.6 replaces Sun's Java as the default runtime environment for Java software.
  • The standard package includes the System Security Services Daemon (SSSD), which is able to broker authentication via LDAP or Kerberos.
  • The distribution uses biosdevname to name network interfaces. Biosdevname has seen service in a number of distributions since its introduction last year. In the ideal case, it is able to assign the name used by the chassis or motherboard to network interfaces.
  • SLE11 Service Pack 2 should be available as an operating system in Amazon's EC2 on release.
  • YaST now includes a module for configuring network interfaces which supports FCoE (Fibre Channel over Ethernet).
  • Like in Service Pack 1, users can install PHP 5.3 instead of PHP 5.2; SUSE is planning to remove PHP 5.2 in Service Pack 3.
  • The desktop edition of SLE now supports FreeRDP for connecting to Windows systems via Remote Desktop Protocol (RDP). However, Rdesktop has been marked for removal in Service Pack 3.
  • In the desktop edition, the Banshee music player supports synchronisation with the iPhone and iPod.

Various other changes are detailed on the Service Pack 2 web page and in the release notes. SUSE has also updated the documentation (server, desktop) and added several new documents. Evaluation versions of SLE11 Service Pack 2 are available from former SUSE owner Novell's download page.

SUSE generally releases service packs approximately every 18 months. Standard support for SLE11 Service Pack 1 ends in 6 months time, though support can be extended for 12, 24 or 36 months by purchasing SUSE's optional Long Term Service Pack Support package. This package allows users to extend the standard seven year support period to up to ten years.

Summary

With the snapshot-capable copy-on-write Btrfs filesystem, LXC container virtualisation and geographical clustering, SUSE Linux Enterprise 11 Service Pack 2 adds some major new features. This may all be old hat for Solaris aficionados, given that Solaris introduced these features several years ago, but they remain a rarity in the Linux world.

Proper container virtualisation in particular is a feature which has long been missing from the Linux ecosystem. Red Hat and Oracle have also been or are currently engaged in improving their products in this area. It will certainly be interesting to see how Btrfs performs in practice – on its own or in conjunction with SUSE's Snapper, it adds some interesting functionality, but supporting a filesystem which no major mainstream distribution uses as its default filesystem is a courageous step.

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit