This SUSE product includes materials licensed to SUSE under the GNU General Public License (GPL). The GPL requires that SUSE makes available certain source code that corresponds to the GPL-licensed material. The source code is available for download.

For up to three years after SUSE’s distribution of the SUSE product, SUSE will mail a copy of the source code upon request. Requests should be sent by e-mail or as otherwise instructed here. SUSE may charge a fee to recover reasonable costs of distribution.

Version Revision History

  • June 22nd, 2021: 4.0.14 release

  • April 19th, 2021: 4.0.13.1 release

  • April 15th, 2021: 4.0.13 release

  • February 25th, 2021: 4.0.12.1 release

  • February 11th, 2021: 4.0.12 release

  • November 19th, 2020: 4.0.11 release

  • October 15th, 2020: 4.0.10 release

  • September 10th, 2020: 4.0.9 release

  • August 6th, 2020: 4.0.8 release

  • July 21st, 2020: 4.0.7 release

  • May 7th, 2020: 4.0.6 release

  • March 12th, 2020: 4.0.5 release

  • December 20th, 2019: 4.0.4 release

  • November 7th, 2019: 4.0.3 release

  • September, 6th 2019: 4.0.2 release

  • July 9th, 2019: 4.0.1 release

  • June 26th, 2019: 4.0.0 release

About SUSE Manager 4

Now based on SUSE Linux Enterprise 15 Service Pack 1 and the Uyuni project, SUSE Manager 4 further delivers a best-in-class open source infrastructure management solution that lowers costs, enhances availability and reduces complexity.

As a key component of a software-defined infrastructure, SUSE Manager 4 allows our customers to:

Lower costs and simplify management

  • Simplify management and reduce operational expenditure with enhanced package staging through a new Content Lifecycle Management user interface and improved APIs for managing packages, patches, and configurations. Moving packages across multiple stages, like development, QA and production is now a simple UI-based task.

  • Ease virtual machine management with new Salt-based virtual machine management that allows near real-time management of hundreds of servers. This allows managing virtual machines not just through a UI, with start/stop buttons, but also by defining Salt states. For example, you can create a Salt state that always ensures that the same three virtual machines are created and running on all your branch servers. Advanced virtual machine management is a technology preview and will require a paid-for add-on subscription per virtualization host.

Increase availability and visibility with expanded monitoring and alerting capabilities

Gain better infrastructure insights and reduce downtime, with the ability to provision, configure, and automate a reliable and easy to use monitoring and alerting infrastructure built on the next generation Prometheus based monitoring stack. With a single tool, you can now deploy, configure and manage your Linux infrastructure, and also monitor the health of that infrastructure. Monitoring is a paid-for add-on subscription per managed system.

Reduce complexity and regain control

  • SUSE Manager now supports managing openSUSE Leap 15.1 and Ubuntu LTS 16.04 and 18.04 clients.

  • SUSE Manager 4 can be deployed from the unified SUSE Linux Enterprise 15 installer.

  • “Formulas with Forms” capabilities for SAP allow the easy set-up of SAP HANA nodes and HA cluster configuration according to best practices. Formulas are provided as a technology preview via SUSE Package Hub.

Keep Informed

You can stay up-to-date regarding information about SUSE Manager and SUSE products:

Installation

Requirements

SUSE Manager Server 4 is provided through SUSE Customer Center and can be installed with the unified installer for SUSE Linux Enterprise 15 Service Pack 1. It is available for x86-64, POWER (ppc64le), or IBM Z (s390x). No separate SUSE Linux Enterprise subscription is required.

With the adoption of a unified installer in SUSE Linux Enterprise 15, system roles are used to customize the installation for each product. The unified installer provides an easier way to install the operating system and the SUSE Manager Server application together with specific pre-configured system settings. This addresses the need for enterprise deployments to standardize on the base operating system as well as on specific storage setups.

PostgreSQL is the only supported database. Using a remote PostgreSQL database is not supported.

Update from previous versions of SUSE Manager Server

In-place updates from previous versions of SUSE Manager Server are not supported. The supported upgrade method is to migrate the data from your SUSE Manager Server 3.2 installation to SUSE Manager Server 4.0.

If your SUSE Manager Server 3.2 uses an older version of PostgreSQL, you need to upgrade to PostgreSQL 10 before performing the migration!

All connected clients will continue to run and remain unchanged.

For detailed upgrading instructions, see the Upgrade Guide on https://documentation.suse.com/suma/4.0/.

Migrating from Red Hat Satellite

Migrating from Red Hat Satellite to SUSE Manager Server 4.0 is conditionally supported. To perform this migration, we strongly recommend you get in contact with a SUSE sales engineer or consultant before starting the migration.

Scaling SUSE Manager

The default configuration of SUSE Manager will scale around one thousand clients, when deployed according to the instructions in the Installation Guide on https://documentation.suse.com/suma/4.0/. Scaling beyond that number needs special consideration.

For more information and instructions on large-scale deployments, see https://documentation.suse.com/external-tree/en-us/suma/4.0/suse-manager/salt/large-scale-tuning.html.

Before you begin, you should always get advice from a SUSE partner, sales engineer, or consultant.

High availability

SUSE Manager can be deployed in a highly-available setup, but specific configuration and tuning for each use case is needed. Please get in touch with SUSE Consulting for the details.

Channels with a large number of packages

Some channels, like SUSE Linux Enterprise Server with Expanded Support or Red Hat Enterprise Linux, come with a very large number of packages that may cause taskomatic to run out of memory. If this occurs, we recommended that you increase the maximum amount of memory allowed for taskomatic by editing /etc/rhn/rhn.conf and adding this line:

taskomatic.java.maxmemory=8192

You will need to restart taskomatic after this change.

This grants taskomatic up to 8 GB of memory (up from the default of 4 GB). If taskomatic continues to run out of memory, you can increase the number further. However, keep in mind that this will affect the total memory required by SUSE Manager Server.

Major changes since SUSE Manager Server 4.0 GA

Features and changes

Version 4.0.14

This is a bugfix release which also introduces several features, backported from SUSE Manager 4.1.

Deprecated products
  • Red Hat Enterprise Linux 6

  • SUSE Linux Enterprise Server Expanded Support 6

  • Ubuntu 16.04 LTS

The support policy of SUSE Manager clients can be summarized as: "if the operating system is under general support by its vendor, then SUSE Manager supports it as a client".

RHEL 6 and SLES ES 6 ended upstream general support on November 30th, 2020. After a grace period of 7 months, we are now ending support for these operating systems.

Ubuntu 16.04 LTS ended upstream general support on April 30th, 2021. After a grace period of 3 months, we are now ending support for these operating systems.

Please note "end of support" from the SUSE Manager side means these products and their client tools remain available in the SUSE Manager product tree and can still be added, mirrored and used. But in case they stop working at some point in time, support will only be provided as on a best-effort basis (which in general means if the issue can be reproduced with a supported operating system, it will be fixed; but if the issue is specific to the unsupported operating system, a fix should not be expected).

Salt 3002

Salt has been upgraded to upstream version 3002, plus a number of patches, backports and enhancements by SUSE, for the SUSE Manager Server, Proxy and Client Tools (where the client operating system supports Python 3.5+; otherwise Salt 3000 or 2016.11 are used).

Salt 3002 only works with Python 3.5+, therefore:

  • Salt 3002 is only available on SLE 15, RHEL 8 and SLES ES 8, and Ubuntu 18.04 and 20.04. Only a Python 3 version is provided.

  • Salt 3000 is still the version of Salt for SLE 12, RHEL 7 and SLES ES 7. Only a Python 2 version is provided. SLE 12 additionally provides a Python 3 version.

  • Salt 2016.11 is still the version of Salt for SLE 11 SP4. Only a Python 2 version is provided.

For more details about changes in your manually-created Salt states, see the Salt 3002 upstream release notes.

Monitoring updates
Updated Grafana

Grafana has been updated from version 7.1.5 to version 7.4.2 in the Client Tools channels.

Check the upstream documentation for details on what has changed:

Updated Node Exporter

The Prometheus Node Exporter has been update from version 1.0.1 to version 1.1.2.

Check the upstream documentation for details on what has changed:

Updated Prometheus Exporters formula

The Prometheus Exporters formula can now be used to configure the Prometheus Exporter Exporter (reverse proxy) on Ubuntu clients.

Version 4.0.13

This is a bugfix release with a few notable enhancements.

New products enabled
  • MicroFocus Open Enterprise Server 2018 SP3

Enable SAN SSL certificates

Subject Alternative Name (SAN) is an extension to X.509 that allows various values to be associated with a security certificate using a subjectAltName field. This is commonly used to generate SSL certificates that protect multiple domains with a single certificate.

Since this kind of certificate is becoming popular amongst users with their own Certificate Authority, we have implemented support.

OpenSCAP from SSM

Mass-auditing Salt clients with OpenSCAP is now possible from the System Set Manager.

Ubuntu Universe repository changes

Ubuntu 20.04 LTS provides the OpenSCAP scanner in the Universe repository, which made mirroring Universe a requirement for OpenSCAP analysis to work on Ubuntu 20.04 LTS clients. We are now providing the OpenSCAP scanner package in the SUSE Manager Client Tools for Ubuntu 20.04 LTS channel, therefore mirroring Ubuntu Universe is no longer required and has become an optional channel.

For users who still want to mirror Ubuntu Universe, we have added the universe-update and universe-security repositories to the Product Wizard, as optional.

Version 4.0.12.1

Fixes for Salt security issues

You should patch all your SUSE Manager Server, Proxy, Retail Branch Server, and Salt minions as soon as possible.

Version 4.0.12

CPU mitigations formula

Unsupported clients are now handled gracefully and mitigations have been added for the Xen hypervisor.

CentOS 6 URLs

CentOS 6 reached end-of-life on November 30th, 2020, and the CentOS Project moved its repositories to the vault archive. URLs in the product wizard have been updated. If you were using CentOS 6, you must refresh your product list to receive the new URLs.

Please note when importing the CentOS 6 ISO or deploying new CentOS 6 clients, the default repository URLs (pointing to mirror.centos.org) will not work. When those systems are registered with SUSE Manager, everything will work as expected.

Other operating systems in the same class also reached end-of-life but require no change, since they will continue to work as-is: SUSE Linux Enterprise Server Expanded Support 6 (URLs not changed), Oracle Linux 6 (URLs not changed) and Red Hat Enterprise Linux 6 (URLs are provided by users).

New countries and timezones

The country and timezone lists have been refreshed, adapting to the latest timezone and geopolitical changes.

Monitoring updates
Prometheus 2.22.1

The core of our monitoring solution, Prometheus, has been updated from version 2.18.0 to version 2.22.1, which brings a number of bugfixes and improvement.

Notable improvements:

  • Web: Remove APIv2.

  • React UI: Implement missing TSDB head stats section.

  • UI: Add Collapse all button to targets page.

  • UI: Clarify alert state toggle via checkbox icon.

  • Gracefully handle unknown WAL record types.

  • Issue a warning for 64-bit systems running 32-bit binaries.

  • TSDB: Memory-map full chunks of Head (in-memory) block from disk. This reduces memory footprint and makes restarts faster.

  • TSDB: Reduced contention in isolation for high load.

  • Discovery: Added discovery support for Triton global zones.

  • Remote Read: Added prometheus_remote_storage_remote_read_queries_total counter to count the total number of remote read queries.

  • Added time range parameters for label names and label values API.

For details on what changed in each version between 2.18.0 and 2.22.1, see:

Grafana 7.3.1

Grafana Server has been updated to version 7.3.1 which brings a number of bugfixes and improvements.

Notable improvements:

  • Add monitoring mixing for Grafana.

  • New Cloudwatch metrics

  • Elasticsearch: Support multiple pipeline aggregations for a query.

  • Support request cancellation properly for PostgreSQL, Loki and Prometheus

  • Postgres: Support Unix socket for host

  • Loki: Re-introduce running of instant queries

  • Prometheus: Support request cancellation properly. Add $__rate_interval variable

  • API improvements

  • Variables: enables cancel for slow query variables queries

  • Table: Adds column filtering

Breaking changes:

  • CloudWatch: The AWS CloudWatch data source’s authentication scheme has changed. See the upgrade notes for details and how this may affect you.

  • Units: The date time units YYYY-MM-DD HH:mm:ss and MM/DD/YYYY h:mm:ss a have been renamed to Datetime ISO and Datetime US respectively.

A detailed changelog is available upstream.

Prometheus Exporter Exporter for Ubuntu 18.04 LTS

The reverse proxy exporter, which simplifies security and networking policies, is now also available on Ubuntu 18.04.

More operating systems will be added in future releases of SUSE Manager.

Version 4.0.11

Security fixes

This release includes the fixes for CVE-2020-16846, CVE-2020-17490, and CVE-2020-25592 that were previously released as part of a security patch. If you have not yet done so, patch your SUSE Manager Servers, Proxies, Retail Branch Servers, and Salt minions as soon as possible.

The postgresql-jdbc driver has been updated from version 9.4-1200 to version 42.2.10 to fix the CVE-2020-13692 security issue. Only the SUSE Manager Server is affected by this issue.

DNSSEC enabled by default by bind update

With the update of ISC bind to version 9.16.6 on SLES 15 SP1 and SP2, DNSSEC is now enabled by default, which may cause DNS resolution to fail unless there are fallback DNS servers.

The Retail Branch Server formula has been modified to disable DNSSEC, and will be updated to support DNSSEC in a future release of SUSE Manager. For existing Retail Branch Servers, you can disable DNSSEC to retain the same behaviour ISC bind showed until version 9.11.2. To do that, edit /etc/bind and set:

dnssec-enable no; dnssec-validation no;
Bootstrap repositories and desynchronized products

A new --force parameter has been added to mgr-create-bootstrap-repo to enforce generation even when some products are not synchronized. In general, we recommend your products are properly synchronized, therefore this option should be used only in exceptional circumstances.

One valid use case for the --force parameter is when a SUSE Linux Enterprise product moves from supported under its regular lifecycle, to Long Term Service Pack Support. If you do not have an LTSS subscription, you will need to use --force for mgr-create-bootstrap-repo to keep using the version of Salt provided by the operating system without LTSS.

Salt SSH performance improvements

Salt-ssh actions can now be executed in parallel, thus improving its performance.

Version 4.0.10

Bugfix release.

Additionally, the SUSE PackageHub GPG key is now trusted by default on the SUSE Manager Server. Therefore, manually accepting the key from the command-line before product synchronization can start is no longer required.

New products enabled
  • SUSE Linux Enterprise for High Performance Computing 15 SP2

  • SUSE Container as a Service Platform 4.5

  • SUSE Enterprise Storage 7 Beta

  • SUSE Linux Enterprise Server 15 SP3 Alpha

Version 4.0.9

Bugfix release.

In addition to other bugs, this maintenance update fixes the CVE-2020-8028 security issue, where a malicious user could snoop and inject traffic on the Salt master. We recommend all users to update as soon as possible.

New products enabled
  • SUSE Linux Enterprise Real Time 15 SP2

Version 4.0.8

This is mostly a bugfix release, with two highlights:

  • Virtual storage volumes can now be edited from the WebUI. This fixes the known issue present in SUSE Manager 4.0.7, which is now gone.

  • A Salt module.run compatibility state has been made available to you in preparation for the next update of Salt.

Salt module.run compatibility state

A new mgrcompat.module_run custom compatibility state for Salt is available for registered systems.

In Salt 2019.2, a new syntax for module.run was introduced. Up until Salt 3000 (the version currently shipped by SUSE Manager), Salt has supported both the old syntax and the new syntax.

From Salt 3001 on, Salt will no longer support the old syntax. This means any custom SLS file or "Configuration State Channel" that is using a module.run state needs to be adapted to the new syntax. This turns even more problematic when you have minions with different Salt versions (e. g. SLES 11 with Salt 2016.11), because some minions would accept the new syntax but others would fail with it, so the SLS files would require extra logic to handle the different Salt versions and configurations.

SUSE Manager will ship Salt 3001 in a future release. In preparation for this syntax breakage, SUSE has developed the new mgrcompat.module_run compatibility state. This is a wrapper over module.run which accepts the old syntax and takes care of tailoring the parameters for the new module.run if necesasary according to the specific minion version and configuration.

To make your Salt states compatible with all versions of Salt, including Salt 3001 and newer, you only need to change module.run to mgrcompat.module_run in your SLS files and "Configuration State Channels".

As an example of this, a non-migrated state like this:

my_module_run_state:
  module.run:
    - name: mymodule.func
    - m_name: foobar
    - other: 1234

would look like this once adapted:

my_module_run_state:
  mgrcompat.module_run:
    - name: mymodule.func
    - m_name: foobar
    - other: 1234

All users are encouraged to migrate their Salt states. Once Salt 3001 comes to SUSE Manager, not migrated states will simply fail.

Version 4.0.7

In addition to fixing bugs, this Maintenance Update brings a number of features and enhancements.

Since the SUSE Manager Client Tools have been updated, you will need to regenerate your bootstrap repositories.

New products enabled
  • SUSE Linux Enterprise 15 SP2 family

  • SUSE Linux Enterprise Real Time 12 SP5

  • openSUSE Leap 15.2

  • Ubuntu 20.04 LTS

Salt 3000

Salt has been upgraded to upstream version 3000, plus a number of patches, backports and enhancements by SUSE, for the SUSE Manager Server, Proxy and Client Tools. In particular, CVE-2020-11651 and CVE-2020-11652 fixes are included in our release.

As part of this upgrade, cryptography is now managed by the Python-M2Crypto library (which is itself based on the well-known OpenSSL library).

We intend to regularly upgrade Salt to more recent versions.

For more details about changes in your manually-created Salt states, see the Salt 3000 upstream release notes.

Please note Salt 3000 is the last version of Salt which will support the old syntax of the module.run module.

Updated Grafana and Prometheus

Grafana has been updated to version 7.0.3 and Prometheus to version 2.18.

Updated Node Exporter

The Prometheus Node Exporter has been updated to version 0.18.1.

All the changes can be found in the changelog for the package, or upstream (changelog for 0.18.0 and 0.18.1).

The new version includes some breaking changes:

  • Renamed interface label to device in netclass collector for consistency with other network metrics

  • The cpufreq metrics now separate the cpufreq and scaling data based on what the driver provides

  • The labels for the network_up metric have changed

  • Bonding collector now uses mii_status instead of operstatus

  • Several systemd metrics have been turned off by default to improve performance. These include unit_tasks_current, unit_tasks_max, service_restart_total, and unit_start_time_seconds

  • The systemd collector blacklist now includes automount, device, mount, and slice units by default

Performance improvements
Content Lifecycle Magement

Content Lifecycle Management has been optimized, with basic operations (build, promotion) up to two orders of magnitude faster and a quicker UI loading in installations with many channels and organizations.

Prometheus Service Discovery

Thanks to a number of enhancements and optimizations, Prometheus Service Discovery is now 10 times faster, on average, than it was in previous versions.

Third-party GPG keys now included

Enabling verification of non-SUSE product metadata used to require manual acceptance, and sometimes even manual installation, of the third-party keys for products available from the product tree. Alternatively, an option to not verify the GPG key signature was there.

In addition to SUSE’s, SUSE Manager 4.0.7 now includes the GPG keys used to sign packages and/or metadata by other vendors whose products are available in the product tree in the WebUI:

  • openSUSE

  • CentOS

  • Oracle Linux

  • Ubuntu

  • MicroFocus Open Enterprise Server

Manual acceptance of those keys is no longer required for GPG signature verification for those products to work.

Manual acceptance of GPG keys for any other product or repository is still required for security reasons.

Version 4.0.6

This is mostly a bugfix release, with some highlights.

Critical security update for Salt

Two critical security flaws (CVE-2020-11651, CVE-2020-11652) were identified in Salt, with a CVSS score of 10.0/10.

In coordination with and at the same time as upstream SaltStack, security patches for SUSE Linux Enterprise and all client tools were released on April 30th.

Together with SUSE Manager 4.0.6, a new security update to the Salt packages is also released, fixing a corner case in the previous patch.

We recommend you immediately patch the SUSE Manager Server, Proxy, Retail Branch Server, and all Salt minions. Traditional clients are not affected by this security issue.

OpenVPN formula with forms

As part of SUSE’s Home Office Workplace initiative in reponse to the crisis caused by the COVID-19, the SUSE Manager team has created a formula with forms to provision an OpenVPN Server node and manage client certificates from SUSE Manager. For more details, see the SUSE Home Office Workplace blog, documentation and webinar.

Monitoring
New CaaS Platform dashboard

A new Grafana dashboard for SUSE Container as a Service Platform has been added to the grafana-formula package.

Prometheus federation

The Prometheus formula has been enhanced to configure Prometheus federation, which serves various use cases: multiple Prometheus servers, multiple sites, and multiple SUSE products with its own product-specific Prometheus server.

Note that suitable recording rules have to be configured on the Prometheus instances (for example at CaaSP Prometheus instances). For more information about Prometheus federation, check the official documentation.

PostgreSQL 10

While PostgreSQL 12 is now available on SLES 15 SP1, SUSE Manager 4.0 continues to use PostgreSQL 10, to avoid database migrations. PostgreSQL 12 is the default database engine in SUSE Manager 4.1.

Version 4.0.5

New products enabled
  • SUSE Linux Enterprise Real Time 12 SP5

  • SUSE Linux Enterprise 15 SP2 family

  • MicroFocus Open Enterprise Server 2018 SP2

SUSE Container as a Service Platform v4 nodes: action filtering

Nodes in a SUSE Container as a Service Platforms should be patched, rebooted, etc following CaaSP recommendations to avoid breaking cluster availability and software compability.

In SUSE Manager 4.0.5, we have introduced node locking and action filtering to prevent uninteded operations.

When CaaSP nodes are added to SUSE Manager, the registered systems will be locked automatically:

  • When a system is locked, the web UI shows a warning and you can schedule actions using the web UI or the API, but the action will fail.

  • You can enable or disable the system lock using the System Lock formula. When the system lock is disabled, all operations are permitted.

Subscription matching in public cloud: BYOS vs PAYG

In SUSE Manager 4.0.3, we introduced virtual host gatherers for Amazon Web Services, Microsoft Azure and Google Cloud Engine. With these gatherers, our subscription matcher gained the ability to also include virtual machines running on the cloud in its calculations.

We have now enhanced the subscription matcher to exclude pay-as-you-go (PAYG) instances. Those do not require a subscription, as the agreement between the Cloud Service Provider and the Customer covers them.

Salt clients: provisioning API

Enable provisioning API with Salt and bootstrap entitled systems. Previously, this only worked for traditional clients.

Ubuntu enhancements

Each SUSE Manager release and maintenance update brings better Ubuntu support. In SUSE Manager 4.0.5, we have include two small but valuable improvements:

  • Support package pre-downloading, to ensure all content (.deb packages) is downloaded before patching. This should be very useful for large Ubuntu deployments managed by SUSE Manager.

  • Display additional information in the UI for .deb packages (dependencies and more headers)

Red Hat Enterprise Linux 8 onboarding simplified

If you use the client tools shipped with SUSE Manager 4.0.5, it is no longer necessary to have Python 3 on RHEL8 systems for the onboarding to work. With this enhancement, even plain-text RHEL machines can be onboarded directly.

Version 4.0.4

New products enabled
  • SLES12 SP5

  • RHEL 8 and SLES ES 8

  • CaaSP 4

SUSE Container as a Service Platform v4 support

The Virtual Host Manager functionality has been extended to support SUSE Container as a Service Platform v4.

You can register each CaaSP node to SUSE Manager using the same method as you would a Salt client. After doing this, you will be able to see the patch level status of each node, perform configuration management on the nodes and assign channels o clusters.

We strongly recommend to check the documentation on the scope and extent of the CaaSPv4 integration in SUSE Manager 4.0.4: https://documentation.suse.com/external-tree/en-us/suma/4.0/suse-manager/client-configuration/vhm-caasp.html

Upcoming versions of SUSE Manager will enhance CaaSP integration.

RHEL 8 and SLES ES 8 support

Red Hat Enterprise Linux 8 and SUSE Linux Enterprise Server Expanded Support 8 are now supported clients as Salt minions. The traditional stack will not be supported on these operating systems.

With the new application streams concept introduced in these operating systems, you will need to import both the BaseOS and the AppStream directories from the ISO image for the bootstrap repository to be created correctly. If the AppStream directory is not imported, you will receive an error about missing Python 3 packages.

AppStream awareness in the UI and Content Lifecycle Management will be available in an upcoming version of SUSE Manager.

Monitoring

This version of SUSE Manager includes formulas to install Prometheus and Grafana, and makes the Apache exporter available for Ubuntu 18.04, RES6, RES7 and Proxy.

Additionally, self-monitoring capabilities have been implemented in the Admin Monitoring UI.

Package Hub

SUSE Package Hub is now supported on the Server, since the problems with the search that were caused by PackageHub-provided packages have been solved.

If you were using Package Hub as a source of packages for you clients, it is recommended that you re-generate all package metadata. The reason for this is in the Package Hub repositories there may exist multiple packages with the same NEVRA but different checksums. This might result in checksum errors when repositories are used on the clients as SUSE Manager randomly selected any of those packages. After this update, SUSE Manager will generate the checksum into the package path to ensure the right package is used. If you use also SUSE Manager Proxy / SUSE Manager Retail Branch Server please update all of them before you re-generate the metadata.

Formulas

The Formulas with Forms screen has an enhanced layout that folds vertically instead of nesting deep inside, making if cleaner. Besides this, validators are now possible in formulas using the JEXL expression language.

The cpu-mitigations-formula is now installed by default.

The Retail branch network formula now works all SUSE and openSUSE based distros, using SuSEfirewall or firewalld as appropriate.

Technology preview: SLE 15-based images for Retail

SUSE Manager can build Retail images based on SUSE Linux Enterprise Server 15 SP1. This feature is delivered as a technology preview and is expected to be fully supported with SUSE Manager 4.1 and SLE 15-SP2.

This technology preview is not able to print any message (including information for salt client onboarding) on graphical boot screen. As a workaround it is recommended to build image without the Plymouth packages.

The activation key for building these images must contain these repositories:

  • SLE-Product-SLES15-SP1

  • SLE-Module-DevTools15-SP1

  • SLE-Module-Desktop-Applications15-SP1

  • SLE-Module-Basesystem15-SP1

  • SLE-Manager-Tools15 (including updates)

You can always find the latest templates for the Retail images at https://github.com/SUSE/manager-build-profiles/tree/master/OSImage

SLE15 SP1 images should only be built on SLE15 SP1 build hosts. Trying to build SLE15 SP1 images on SLE12 build hosts will fail.

Version 4.0.3

New Content Lifecycle Management filters

In SUSE Manager 4.0.0 we introduced Content Lifecycle Management with a filter to exclude packages and patches based on their name. Feedback for this feature was very positive and many proposals for enhancement were received.

In this release, we are introducing a lot of new possibilities for Content Lifecycle Management:

  • New filters: by date, by keyword (e. g. "reboot needed" or "package manager restart required"), by type (security, recommended or optional), by synopsis and "patch contains package".

  • New ALLOW mode, which in addition to the existing DENY mode, makes possible to filter out packages, and then include them again into the resulting set.

  • New matchers: in addition to the existing greater than, lesser than, equals, etc, we have now added a regular expression matcher for package names, patch names, patch synopsis and package names in patches.

  • Better visualization of the filters attached to a CLM project, with ALLOW and DENY now shown on each side of the screen.

We have documented two typical use cases: a monthly patch cycle and live patching.

More enhancements to Content Lifecycle Management will come in future releases of SUSE Manager 4.0.

Enhanced support for Debian and Ubuntu

With each release of SUSE Manager, we continue to enhance our Debian and Ubuntu support.

SUSE Manager 4.0.3 greatly improves our compatibility thanks to:

  • Support for all of the headers in .deb packages, including custom ones, when syncing Debian/Ubuntu repositories. You can use the new script mgr-update-pkg-extra-tags to update extra fields in DB without recreating all Debian/Ubuntu channels.

  • Support for .deb packages with hyphens in the package name or version. There remain a very small percentage (<0.1%) of packages for which our version comparison algorithm fails; we will fix this known issue in a coming release.

New Prometheus exporters and formulas

A new set of client tool packages now includes Prometheus exporters for more clients: RHEL 6, RHEL 7, SLES ES 6, SLES ES 7, Ubuntu 18.04 and SLES 11 SP4 (only x86-64 and i586). Both the Prometheus node exporter and the PostgreSQL exporter are provided for those operating systems. The prometheus-exporters-formula formula makes easy to deploy them.

Subscription matching in Public Cloud

We’ve added new types of Virtual Host Managers in order to gather virtual instances from Public Cloud providers. Azure, AWS and Google Cloud are now supported, in addition to the existing VMware and generic (file-based, manually-maintained, useful for any cloud provider) gatherer modules.

Creating VHM to gather virtual instances from the Public Cloud will enable the subscription matcher to match "1-2 virtual machines" subscriptions for those instances that are running on the same Public Cloud zone.

Please take into account the following considerations in this version. They will be addressed in upcoming versions of SUSE Manager:

  • This functionality will only work with Salt clients.

  • Manual installation of the virtual-host-gatherer-libcloud package is required.

  • The public cloud gatherers will report and try to match all instances, no matter if they are BYOS or PAYG, leading to an incorrect calculation of the required subscriptions if you combine BYOS and PAYG.

Preventive shutdown of Server when running out of disk space

Some customers have hit in the past a database corruption problem when PostgreSQL ran out of space.

In order to prevent that from happening in the future, we have added a diskchecker to SUSE Manager Server. This feature will send a warning mail when the most common and important SUSE Manager directories are below 10% of free disk space, and will shut down the SUSE Manager Serve when those directories are below 5% of free disk space.

This new feature is only enabled by defult in new installations. For existing installations, the administrator can enable the tool manually after updating to the latest maintenance update by running:

systemctl --quiet enable spacewalk-diskcheck.timer

systemctl start spacewalk-diskcheck.timer

Full details on the parameterization of this new feature are available in the Managing disk space documentation page.

Single Page Application UI

In an effort to provide our web UI users with a smoother navigation, we have implemented large parts of the user interface as a single page application.

This feature is optional in SUSE Manager 4.0 and is disabled by default. To enable it, customers can now add web.spa.enable = true to /etc/rhn/rhn.conf, and then restart Tomcat.

Other changes
  • Since this version, as part of a bugfix, it is no longer allowed to delete a channel when there are cloned channels based on it.

  • Taskomatic now takes a maximum of 4 GB of RAM (it used to be 2 GB), which better matches the current average use case.

  • Salt clients can now be re-provisioned from SUSE Manager. This allows major version OS updates for SLES and SUSE Manager Proxy.

  • Normalize date formats for actions, notifications and CLM

  • RHEL 8, SLES ES 8 and CentOS 8 clients are not yet supported. While the changelog shows many changes to enable them on the Server and Proxy side, the client tools are not ready yet. SUSE Manager 4.0.4 will bring initial support RHEL 8 and SLES ES 8 clients as Salt minions.

Version 4.0.2

New products supported
  • SUSE Linux Enterprise Real Time 12 SP4

Grafana

Grafana is a tool for data visualization, monitoring, and analysis. It is used to create dashboards with panels representing specific metrics over a set period of time. Grafana is commonly used together with Prometheus, but also supports other data sources such as ElasticSearch, MySQL, PostgreSQL, and Influx DB.

This version of SUSE Manager includes Grafana in the client tools channel, both for 4.0 and 3.2. A SUSE Manager Grafana dashboard is provided as an example.

The Monitoring section of the Administration Guide contains full detail on how to configure Grafana together with SUSE Manager.

Prometheus service autodiscovery

Prometheus is a monitoring tool used to record real-time metrics in a time-series database. Metrics are collected using HTTP pulls, allowing for higher performance and scalability.

We have updated the Prometheus package with a new version that include a built-in service discovery mechanism that will allow users to more easily configure monitoring on their SUSE Manager systems.

Previously, after configuring the exporters on managed clients, users had to manually configure their Prometheus servers to start scrapping metrics from those systems. With this update, it will be possible to use a "service discovery" mechanism that will automate this part of the configuration. The configuration options are simple: it is only required to provide a SUSE Manager Server URL and valid API credentials.

Under the hood, what this mechanism does is letting Prometheus poll the SUSE Manager API, asking for a list of systems that have monitoring enabled, and automatically configuring Prometheus to collect metrics from those systems.

In this version, the autodiscovery functionality is provided as a Technology Preview.

More information about configuring Prometheus can be found in the Monitoring section of the Administration Guide.

CPU mitigation formula

CPU mitigations have been introduced to improve security on CPUs affected by vulnerabilities such as Meltdown and Spectre. The mitigations are available in SUSE Linux Enterprise 12 SP3 and later in the cpu-mitigations-formula package, which is not installed by default.

The new CPU Mitigation formula allows you to control which mitigations are enabled.

Updated documentation

The SUSE Manager documentation has received improvements in all of the books, with small clarifications and enhancements all around: content lifecycle management filters, public cloud, JeOS, retail images and formulas, etc

Of particular interest for customers with large installations will be the new Large Scale Deployment and Salt Tuning sections in the Salt Guide. Given that modifying advanced parameters can cause catastrophic failure, we strongly recommend that you contact SUSE Consulting for assistance with tuning for your specific case.

Additionally, the search functionality in the documentation now works offline.

Enhanced support for Ubuntu and Debian clients

The Multi-Arch and Pre-depends headers are now supported for .deb repositories, hence avoiding installation problems that could arise in some cases when deploying packages from the UI.

Also, Ubuntu and Debian channels now come preconfigured in spacewalk-common-channels. The Debian CDN is used to provide the best mirror at each moment. For Ubuntu, you may want to replace the default mirror with a closer geo-mirror.

Keep in mind SUSE does not provide support for the spacewalk-common-channels tool form the spacewalk-utils package.

UEFI boot (Retail)

SUSE Manager for Retail can now create the required partitions and image machines with an EFI boot, using the Saltboot formula.

Version 4.0.1

New products supported
  • SLES12 SP3 LTSS

  • openSUSE Leap 15.1

Patches

SUSE Customer Center provides a simple online service to view released patches: https://scc.suse.com/patches

Version 4.0.14

cobbler:

  • Make "fence_ipmitool" a wrapper for "fence_ipmilan" using always lanplus (bsc#1184361)

  • Remove unused template for fence_ipmitool.

  • Prevent some race conditions when writting tftpboot files and the destination directory is not existing (bsc#1186124)

  • Fix trail stripping in case of using UTF symbols (bsc#1184561)

grafana-formula:

  • Fix Grafana dashboards requiring single series (bsc#1184471)

patterns-suse-manager:

  • Add require for py27-compat-salt (salt 3002 does not provide python2-salt anymore)

prometheus-exporters-formula:

  • Move exporters configurations to dedicated group prometheus_exporters

  • Add formula data schema migration script

  • This version changes the formula data schema and is not backwards compatible. Downgrading from this version will require reconfiguring the formula for all your minions.

  • Add Ubuntu support for Prometheus exporters' reverse proxy

pxe-default-image-sle15:

  • Adapt rpm-properties.xml for containment-rpm-pxe v0.2.1 and newer

py26-compat-salt:

  • Prevent command injection in the snapper module (bsc#1185281) (CVE-2021-31607)

spacewalk-backend:

  • Maintainer field in debian packages are only recommended (bsc#1186508)

  • Switch to www group for satellite logs (bsc#1185097)

spacewalk-java:

  • Change Prometheus exporters formula data schema to make it more generic and extendable

  • Adapt logging for testing accessability of URLs (bsc#1182817)

  • Fix problem reading product_tree.json from wrong location in offline setups (bsc#1184283)

  • For a SUSE system get metadata and package from same source (bsc#1184475)

  • Check if the directory exists prior to modular data cleanup (bsc#1184311)

  • Assign right base product for res8 (bsc#1184005)

  • Fix check for for mirrorlist URLs when refreshing products (bsc#1184861)

spacewalk-utils:

  • Bugfix for ubuntu-18.04 repo urls: multiverse, restricted and backports

  • Add multiverse, restricted and backports to Ubuntu 16.04, 18.04 and 20.04

susemanager:

  • Add python3-pycryptodome to Ubuntu 18 and 20 bootstrap repos (bsc#1186346)

  • Require gio-branding-SLE for SLE15 but not for openSUSE Leap 15

  • Add python3-distro to RES8, SLE15 and Ubuntu20.04 bootstrap repositories to fix bootstrapping issues (bsc#1184332)

susemanager-doc-indexes:

  • Update for Disconnected Setup chapter in Administration Guide

susemanager-docs_en:

  • Update for Disconnected Setup chapter in Administration Guide

susemanager-sls:

  • Do not install python2-salt on Salt 3002.2 Docker build hosts (bsc#1185506)

  • Fix insecure JMX configuration (bsc#1184617)

  • Avoid conflicts with running ioloop on mgr_events engine (bsc#1172711)

tika-core:

  • New upstream version 1.26. Fixes:

    • Infinite loop in the MP3Parser (bsc#1184892, CVE-2021-28657)

    • Out of memory error while loading a file in PDFBox before 2.0.23.

    • Infinite loop while loading a file in PDFBox before 2.0.23.

    • System.exit vulnerability in Tika’s OneNote Parser; out of memory errors and/or infinite loops in Tika’s ICNSParser, MP3Parser, MP4Parser, SAS7BDATParser, OneNoteParser and ImageParser.

    • Excessive memory usage (DoS) vulnerability in Apache Tika’s PSDParser

    • Infinite Loop (DoS) vulnerability in Apache Tika’s PSDParser

Version 4.0.13

cobbler:

  • Fix string replacement for @@xyz@@

golang-github-lusitaniae-apache_exporter:

  • Build with Go 1.15

mgr-osad:

  • Adapt to new SSL implementation of rhnlib (bsc#1181807)

py26-compat-msgpack-python:

  • Added versioned Python2 for RHEL8

py26-compat-salt:

  • Do not crash when unexpected cmd output received at listing patches (bsc#1181290)

rhnlib:

  • Change SSL implementation to Python SSL for better SAN and hostname matching support (bsc#1181807)

saltboot-formula:

spacecmd:

  • Handle SIGPIPE without a user-visible exception (bsc#1181124)

spacewalk-backend:

  • Deb_src repo plugin is not restoring config namespace on exception (bsc#1182197, bsc#1184179)

  • Fixing improper exception handling causing another exception in ThreadedDownloader

  • Avoid race condition due multiple reposync import threads (bsc#1183151)

  • Fix for UnicodeDecodeError in satellite-sync: Opening RPM file in binary mode (bsc#1181274)

  • Open repomd files as binary (bsc#1173893)

spacewalk-client-tools:

  • Fallback to sysfs when reading info from python-dmidecode fails (bsc#1182603)

  • Adapt to new SSL implementation of rhnlib (bsc#1181807)

spacewalk-config:

  • Increase Apache SSL logs to include response code and process time

spacewalk-java:

  • Raise length limit for kernel options (bsc#1182916)

  • Log shell command output on failure when checking known_hosts file permissions

  • Improve fromdir with better mapping of URL to local files

  • Homogenizes style in filter buttons, facilitating testability

  • Fix user creation with PAM authentication and no password (bsc#1179579)

  • Do not call page decorator in HEAD requests (bsc#1181228)

  • Ensure new files are synced just after writing them (bsc#1175660)

  • Enable OpenSCAP auditing for Salt systems in SSM (bsc#1157711)

  • Show packages from channels assigned to the targeted system (bsc#1181423)

spacewalk-setup:

  • Set AJP parameters differently to prevent AH00992, AH00877 and AH01030: ajp_ilink_receive() can’t receive header errors (bsc#1179271)

spacewalk-utils:

  • Add the Universe Updates and Security repositories for Ubuntu

spacewalk-web:

  • Speed up susemanager-nodejs-sdk-devel RPM build

susemanager:

  • Add SLE 15 SP3 bootstrap repository definitions (bsc#1182008)

  • Python3-dbus-python and dependencies not installed by default on JeOS SLE15 images, add them to the bootstrap repository list of packages for traditional (bsc#1182071)

susemanager-doc-indexes:

  • Added Ubuntu 20.04 instructions (bsc#1183394)

  • Removed Oracle mention from index page

  • Added procedure for running configure-proxy.sh script when replacing a proxy

susemanager-docs_en:

  • Added Ubuntu 20.04 instructions (bsc#1183394)

  • Removed Oracle mention from index page

  • Added procedure for running configure-proxy.sh script when replacing a proxy

susemanager-schema:

  • Raise length limit for kernel options (bsc#1182916)

  • Enable openscap auditing for salt systems in SSM (bsc#1157711)

susemanager-sls:

  • Prevent useless package list refresh actions on zypper minions (bsc#1183661)

  • Skip removed product classes with satellite-sync

  • Handle GPG keys when bootstrapping ssh minions (bsc#1181847)

  • Ubuntu 18 has version of apt which does not correctly support auth.conf.d directory. Detect the working version and use this feature only when we have a higher version installed

  • Require new kiwi-systemdeps packages (bsc#1184271)

susemanager-sync-data:

  • Define missing Ubuntu Universe update channels (bsc#1182842)

  • Define UEK repositories for Oracle Linux

  • Add OES2018 SP3 (bsc#1183845)

Version 4.0.12

cpu-mitigations-formula:

  • Handle unsupported target systems gracefully (bsc#1179273)

  • add mitigations for Xen hypervisor

nutch-core:

  • Fix XXE injection in DmozParser CVE-2021-23901 (bsc#1181356)

smdba:

  • Do not remove the database if there is no backup and deal with manifest

  • Fix smdba throws error on mgr-setup/installation

  • Raise an exception on failed external process call

  • Fix TablePrint formatting

  • Rename configuration parameter wal_keep_segments to wal_keep_size (jsc#SLE-17030)

  • Revert modifying cpu_tuple_cost

  • Adapted spec file for RHEL8

  • Adapt recover mechanism for postgresql12 and later

spacecmd:

  • Fix spacecmd with no parameters produces traceback on SLE 11 SP4 (bsc#1176823)

spacewalk-backend:

  • Reposync: Fixed Kickstart functionality.

  • Reposync: Fixed URLGrabber error handling.

  • Reposync: Fix modular data handling for cloned channels (bsc#1177508)

  • Truncate author name in the changelog (bsc#1180285)

  • Drop Transfer-Encoding header from proxy respone to fix error response messages (bsc#1176906)

  • Prevent tracebacks on missing mail configuration (bsc#1179990)

  • Fix pycurl.error handling in suseLib.py (bsc#1179990)

  • Use sanitized repo label to build reposync repo cache path (bsc#1179410)

  • Quote the proxy settings to be used by Zypper (bsc#1179087)

  • Fix spacewalk-repo-sync to successfully manage and sync ULN repositories

  • Fix errors in spacewalk-debug and align postgresql queries to new DB version

spacewalk-branding:

  • Set Copyright year to 2021

spacewalk-certs-tools:

  • Improve check for correct CA trust store directory (bsc#1176417)

spacewalk-java:

  • Fix modular data handling for cloned channels (bsc#1177508)

  • Fix reboot action race condition (bsc#1177031)

  • Fix availability check for debian repositories (bsc#1180127)

  • Ignore duplicate NEVRAs in package profile update (bsc#1176018)

  • Prevent deletion of CLM environments if they’re used in an autoinstallation profile (bsc#1179552)

  • Register saltkey XMLRPC handler and fix behavior of delete salt key (bsc#1179872)

  • Add validation for custom repository labels

  • Fix expanded support detection based on CentOS installations (bsc#1179589)

  • Add translation strings for newly added countries and timezones (jsc#PM-2081)

  • Fix the activation key handling from kickstart profile (bsc#1178647)

  • Update exception message in findSyncedMandatoryChannels

  • Fix check for available products on ISS Slaves (bsc#1177184)

  • Get media.1/products for cloned channels (bsc#1178303)

  • Calculate size to truncate a history message based on the htmlified version (bsc#1178503)

  • Change message "Minion is down" to be more accurate

  • XMLRPC: Report architecture label in the list of installed packages (bsc#1176898)

spacewalk-reports:

  • Fixes no file content in spacewalk-report config-files

  • Write <binary data> placeholder instead of dumping binary data

spacewalk-utils:

  • Fix modular data handling for cloned channels (bsc#1177508)

spacewalk-web:

  • Prevent deletion of CLM environments if they’re used in an autoinstallation profile (bsc#1179552)

  • Fix mandatory channels JS API to finish loading in case of error (bsc#1178839)

supportutils-plugin-susemanager:

  • Remove checks for obsolete packages

  • Gather new configfiles

  • Add more important informations

susemanager-doc-indexes:

  • Added new section for bootstrap repository for end of life products in Client Configuration Guide

  • Remove old certs before renaming moved to Administration Guide (bsc#1171836)

  • Fixed error in Create and Replace CA and Server Certificates of Administration Guide (bsc#1180001)

  • Combining activation keys works only with traditional clients. Updated in Client Configuration Guide and Reference. (bsc#1164451)

susemanager-docs_en:

  • Added new section for bootstrap repository for end of life products in Client Configuration Guide

  • Remove old certs before renaming moved to Administration Guide (bsc#1171836)

  • Fixed error in Create and Replace CA and Server Certificates of Administration Guide (bsc#1180001)

  • Combining activation keys works only with traditional clients. Updated Client Configuration Guide and Reference. (bsc#1164451)

susemanager-frontend-libs:

  • Update Bootstrap to 3.1.0

susemanager-schema:

  • Add new valid countries and timezones (jsc#PM-2081)

susemanager-sls:

  • Fix apt login for similar channel labels (bsc#1180803)

  • Change behavior of mgrcompat wrapper after deprecation changes on Salt 3002

  • Make autoinstallation provisoning compatible with GRUB and ELILO in addition to GRUB2 only (bsc#1164227)

  • Fix: sync before start action chains (bsc#1177336)

susemanager-sync-data:

  • Change centos 6 URLs to vault.centos.org

  • Add new channel families for CAASP on ARM64 and HPC15 SP2 LTSS

  • Remove duplicate repo definition

Version 4.0.11

bind-formula:

  • Temporarily disable dnssec-validation as hotfix for bsc#1177790

  • Update to version 0.1.1603299886.60e4bcf

grafana-formula:

  • Use variable for product name

  • Add support for system groups in Client Systems dashboard

postgresql-jdbc:

prometheus-exporters-formula:

  • Fix empty directory values initialization

  • Disable reverse proxy on default

prometheus-formula:

  • Update to version 0.2.3

  • Disable Alertmanager clustering (bsc#1178145)

  • Update to version 0.2.2

  • Use variable for product name

salt-netapi-client:

spacewalk-admin:

  • Use the license macro to mark the LICENSE in the package so that when installing without docs, it does install the LICENSE file

  • Prevent javax.net.ssl.SSLHandshakeException after upgrading from SUSE Manager 3.2 (bsc#1177435)

spacewalk-backend:

  • ISS: Differentiate packages with same nevra but different checksum in the same channel (bsc#1178195)

  • Fix unique machine_id detection (bsc#1176074)

spacewalk-java:

  • Revert: Sync state modules when starting action chain execution (bsc#1177336)

  • Sync state modules when starting action chain execution (bsc#1177336)

  • Fix repo url of AppStream in generated RHEL/Centos 8 kickstart file (bsc#1175739)

  • Log token verify errors and check for expired tokens

  • Execute Salt SSH actions in parallel (bsc#1173199)

  • Take pool and volume from Salt virt.vm_info for files and blocks disks (bsc#1175987)

  • Fix action chain resuming when patches updating salt-minion don’t cause service to be restarted (bsc#1144447)

  • Renaming autoinstall distro didn’t change the name of the Cobbler distro (bsc#1175876)

spacewalk-web:

  • Fix link to documentation in Admin -> Manager Configuration -> Monitoring (bsc#1176172)

  • Don’t allow selecting spice for Xen PV and PVH guests

susemanager:

  • Add --force to mgr-create-bootstrap-repo to enforce generation even when some products are not synchronized

susemanager-schema:

susemanager-sls:

  • Revert: Sync state modules when starting action chain execution (bsc#1177336)

  • Sync state modules when starting action chain execution (bsc#1177336)

  • Fix grub2 autoinstall kernel path (bsc#1178060)

  • Move channel token information from sources.list to auth.conf on Debian 10 and Ubuntu 18 and newer

  • Fix action chain resuming when patches updating salt-minion don’t cause service to be restarted (bsc#1144447)

  • Make grub2 autoinstall kernel path relative to the boot partition root (bsc#1175876)

Version 4.0.10

prometheus-exporters-formula:

  • Bugfix: Avoid inline-if statements without else sections

  • Bugfix: More robust handling of NoneType arguments (bsc#1176844)

  • Bugfix: Handle <NoneType> arguments (bsc#1176844)

salt-netapi-client:

  • Fix text resource usage

spacecmd:

  • Reverse order for activation keys is needed (bsc#1167907)

spacewalk-java:

  • Log exception trace on fatal Taskomatic startup error

  • Force disable SPA for non-navigation links (bsc#1175512)

  • Pass the log level parameter to matcher

  • Detect client organization from connected proxy (bsc#1175545)

  • Fix max password length check at user creation (bsc#1176765)

  • Fix syntax error in mgr-create-bootstrap-repo (bsc#1177623)

spacewalk-web:

  • Fix the jQuery selector in SP Migration page (bsc#1176500)

  • Fix JavaScript error caused by SPA navigation event with empty event field (bsc#1176503)

  • Force disable SPA for non-navigation links (bsc#1175512)

  • Changes in the logic to update the tick icon.

  • For the postgres localhost:5432 case, use the

  • Fix internal server errors by returning 0 instead of dying

  • Add missing dependency to spacewalk-base-minimal (bsc#678126)

  • Change kickstart to autoinstallation in navigation on pxt pages

  • Debranding

subscription-matcher:

  • Allow matching any guest products for Unlimited Virtualization subscriptions (bsc#1165287)

  • Only report confirmed matches in the output.json

  • Expose the log level setting to the command line

  • In the subscriptions CSV output, print the active subscriptions first

susemanager:

  • Fix logrotate config

  • Add missing packages to SLE12 >= SP1 bootstrap data to fix JeOS bootstrap problems (bsc#1176913)

  • Add missing packages to ubuntu20.04 bootstrap data (bsc#1176629)

  • Add LTSS PIDs for SLE12SP1, SLE12SP2, SLE12SP3 and SLE12SP4 to the bootstrap definitions as some packages from LTSS are required (bsc#1177524)

susemanager-build-keys:

  • Replace "SuSE" user-facing references with "SUSE"

  • Trust PackageHub key (bsc#1175103)

susemanager-sls:

  • Ensure the yum/dnf plugins are enabled

Version 4.0.9

hibernate5:

image-sync-formula:

  • Allow image-sync state on regular minion. Image sync state requires branch-network pillars to get the directory where to sync images. Use default /srv/saltboot if that pillar is missing so image-sync can be applied on non branch minions as well.

openvpn-formula:

  • Add hint that ssl certs must be on system (bsc#1172279)

prometheus-exporters-formula:

  • Bugfix: Handle exporters proxy for unsupported distros (bsc#1175555)

  • Add support for exporters proxy (exporter_exporter)

  • Update the apache exporter config file for Debian

salt-netapi-client:

  • Refresh authentication module list to newer Salt versions

saltboot-formula:

spacecmd:

  • Python3 fixes for errata in spacecmd (bsc#1169664)

  • Python3 fix for sorted usage (bsc#1167907)

  • Fix softwarechannel_listlatestpackages throwing error on empty channels (bsc#1175889)

  • Fix escaping of package names (bsc#1171281)

spacewalk-admin:

  • Use the Salt API in authenticated and encrypted form (bsc#1175884, CVE-2020-8028)

spacewalk-certs-tools:

  • Add option --nostricthostkeychecking to spacewalk-ssh-push-init

  • Strip SSL Certificate Common Name after 63 Characters (bsc#1173535)

spacewalk-java:

  • Fix EntityExistsException on migration from traditional to salt minion via proxy (bsc#1175556)

  • Use media.1/products from media when not specified different (bsc#1175558)

  • Fix: use quiet API method when using spacewalk-common-channels (bsc#1175529)

  • Fix alignment on icon on entitlement page

  • Reset the server path on minion registration (bsc#1174254)

  • Upgrade jQuery and adapt the code - CVE-2020-11022 (bsc#1172831)

  • Fix error when rolling back a system to a snapshot (bsc#1173997)

  • Avoid deadlock when syncing channels and registering minions at the same time (bsc#1173566)

  • Provide comps.xml and modules.yaml when using onlinerepo for kickstart

  • Set CPU and memory info for virtual instances (bsc#1170244)

  • Change system list header text to something better (bsc#1173982)

  • Use the Salt API in authenticated and encrypted form (bsc#1175884, CVE-2020-8028)

spacewalk-setup:

  • Use the Salt API in authenticated and encrypted form (bsc#1175884, CVE-2020-8028)

spacewalk-utils:

  • Avoid exceptions on the logs when looking for channels that do not exist (bsc#1175529)

spacewalk-web:

  • Fix login page after jQuery upgrade (bsc#1175224)

  • Upgrade jQuery and adapt the code - CVE-2020-11022 (bsc#1172831)

  • Warn when a system is in multiple groups that configure the same formula in the system formula’s UI (bsc#1173554)

susemanager:

  • Define bootstrap repo data for SUSE Manager Proxies (bsc#1174470)

susemanager-frontend-libs:

  • Upgrade jquery to 3.5.1 - CVE-2020-11022 (bsc#1172831)

susemanager-schema:

  • Prevent a deadlock error involving delete_server and update_needed_cache (bsc#1173073)

susemanager-sls:

  • Fix the dnf plugin to add the token to the HTTP header (bsc#1175724)

  • Fix reporting of missing products in product.all_installed (bsc#1165829)

  • Require PyYAML version >= 5.1

  • Get redhat-release only when it is not a symlink

  • Fix: supply a dnf base when dealing w/repos (bsc#1172504)

  • Fix: autorefresh in repos is zypper-only

susemanager-sync-data:

  • Remove version from centos and oracle linux identifier (bsc#1173584)

virtualization-host-formula:

  • Update to version 0.5

  • Ensure kernel-default and libvirt-python3 are installed

  • Set bridge network as default

  • Fix conditionals (bsc#1175791)

Version 4.0.8

cobbler:

pxe-default-image-sle15:

  • Rollback the workaround for bsc#1172807, as dracut is now fixed

  • Fix /sbin/ifup for multiple /tmp/leaseinfo files (bsc#1172807)

saltboot-formula:

  • Use kexec --kexec-syscall-auto if possible (bsc#1172829)

  • Update to version 0.1.1592576670.67bdfea

spacewalk-admin:

  • Restrict websockify to server localhost only (bsc#1149644)

spacewalk-backend:

  • Fix issues importing RPM packages with long RPM headers (bsc#1174871)

  • Make media.1/products available for every channel. Needed for autoinstallation of SLE15 SP2 (bsc#1173204)

spacewalk-branding:

  • Revise system group update status messages (bsc#1170468)

spacewalk-config:

  • Don’t use SSL to proxy mgr-websockify with apache (bsc#1149644)

spacewalk-java:

  • Data null means the sync never ran yet (bsc#1174357)

  • Don’t output virtualization pillar for systems without virtualization entitlement

  • Use volumes for VMs disks

  • Toggle virtpoller when toggling virtualization host entitlement (bsc#1172962)

  • Pass minion ip to the kiwi_collect_image runner as fallback instead of fqdn if not present (bsc#1170737)

  • Fix up2date detection on RH8 when salt-minion is used for registration

  • Improve performance of the System Groups page with many clients (bsc#1172839)

  • Adapt expectations for jobs return events after switching Salt states to use 'mgrcompat.module_run' state.

  • Fix NPE on auto installation when no kernel options are given (bsc#1173932)

  • Fix issue with disabling self_update for autoyast autoupgrade (bsc#1170654)

  • Serve media.1/products when available (bsc#1173204)

  • Use repo metadata of the synced base channel when kernel option "useonlinerepo" is provided (bsc#1173204)

  • Prevent deadlock on suseusernotification (bsc#1173073)

  • Include number of non-patch package updates to non-critical update counts in system group pages (bsc#1170468)

  • Compute the websockify URL on browser side (bsc#1149644)

  • Deleting registered VM doesn’t remove them VM from the Guests list (bsc#1170096)

  • Improve salt-ssh error parsing on bootstrapping (bsc#1172120)

spacewalk-web:

  • Fix VM creation page when there is no volume in the default storage pool

  • Use volumes for VMs disks

  • Use ReactJS Context in Form components

  • Product list in the Wizard doesn’t show SLE products first (bsc#1173522)

  • Compute the websockify URL on browser side (bsc#1149644)

susemanager:

  • Migrate proxy list in cobbler settings (bsc#1169536)

  • Migrate all occurrences of kickstart to autoinstall in cobbler database (bsc#1169780)

susemanager-doc-indexes:

  • Added information about /etc/salt/master.d/susemanager.conf

  • Fixed stop and start proxy service on the proxy in Proxy Update Section

  • Combining activation keys works only with traditional clients. Updated in Client Configuration Guide and Reference. (bsc#1164451)

susemanager-docs_en:

  • Added information about /etc/salt/master.d/susemanager.conf

  • Fixed stop and start proxy service on the proxy in Proxy Update Section

  • Combining activation keys works only with traditional clients. Updated in Client Configuration Guide and Reference. (bsc#1164451)

susemanager-schema:

  • Add VM disk format support

  • Add new comps type mediaproducts (bsc#1173204)

susemanager-sls:

  • Remove VM disk type attribute

  • Merge virtualization fragment into suma-minion pillar (bsc#1172962)

  • Use minion fqdn instead of minion id as target in kiwi_collect_image runner. If fqdn is not present or is localhost, use minion ip as fallback (bsc#1170737)

  • Log out of Docker registries after image build (bsc#1165572)

  • Prevent "module.run" deprecation warnings by using custom mgrcompat module

  • Prevent stuck Hardware Refresh actions on Salt 2016.11.10 based SSH minions (bsc#1173169)

Version 4.0.7

cobbler:

grafana-formula:

  • Restart Grafana when updating configuration

image-sync-formula:

  • Install shim.efi on usb boot image

patterns-suse-manager:

  • Remove Recommends for traditional client from proxy pattern as this will install the traditional stack during upgrades (bsc#1171494)

  • Add requires for openvpn-formula

prometheus-formula:

  • Bugfix: Check for non-empty credentials (bsc#1168805)

saltboot-formula:

  • Allow wildcards for device name (bsc#1170824)

  • Fix corner cases of RAID setup

  • Update form and metadata to use new formula features

spacecmd:

  • Only report real error, not result (bsc#1171687)

  • Use defined return values for spacecmd methods so scripts can check for failure (bsc#1171687)

spacewalk-backend:

  • Supportconfig speedup fixes, add option to not compress spacewalk-debug output dir

  • Prevent failure when syncing from RHEL CDN due extra params (bsc#1171885)

  • Use default sender address from web namespace

spacewalk-branding:

  • Updated the message about automatically installing product packages (bsc#1169520)

spacewalk-java:

  • Avoid traceback with AssertionError: Failed to update row (bsc#1172558)

  • Apply highstate when add-on system types should be applied to the system on bootstrapping (bsc#1172190)

  • Fixed bug where in scheduling a vhm refresh would result in a permission error for org admins

  • Make automatic system locking for cluster node (CaaSP) user configurable

  • Speed up getAllChannels api call (bsc#1153234)

  • Improve Content Lifecycle Management build and promotion performance (bsc#1159226)

  • Correctly set action to failed in case of Salt errors on execution (bsc#1169604)

  • Fix saving image profile custom info values with XMLRPC (bsc#1171526)

  • Fix nullpointer exception during proxy registration (bsc#1171287)

  • Assign Activation Key channels only (bsc#1166516)

  • Prevent race condition on metadata generation (bsc#1170197)

  • New API endpoint for retrieving combined formula data for a list of systems

  • New API endpoint for retrieving network information for a list of system

  • New API endpoint for retrieving system groups information for systems with a given entitlement

  • Fix activation keys request error in image import page (bsc#1170046)

  • Fix custom info values input in image profile edit form (bsc#1169773)

  • Add check for non-existing formulas when assigning formulas to a system/group

  • Add check for non-existing formulas in xmlrpc calls

  • Use salt for registration for selected install types (bsc#1164836)

  • Added a new API end point to manage package state (bsc#1169520)

  • Avoid multiple base channels when onboarding minions (bsc#1167871)

  • Enable the monitoring checkbox for Ubuntu 20.04 systems (bsc#1173120)

spacewalk-web:

  • Remove lowercase image label limitation

  • Sort activation keys on bootstrapping page (bsc#1171251)

  • Auto select recommended and mandatory channels by default (bsc#1162843)

  • Add hint to edit formulas before applying state (bsc#1168805)

  • Fix custom info values input in image profile edit form (bsc#1169773)

supportutils-plugin-susemanager:

  • Supportconfig speedup fixes, add option to not compress spacewalk-debug output dir

susemanager:

  • Copy /var/lib/spacewalk during migration (bsc#1169550)

  • Enable support for bootstrapping Ubuntu 20.04 LTS added from the Setup Wizard or mgr-sync

  • Make systemd services and timers enablement really quiet

  • Migrate cobbler configs for ks_mirror -> distro_mirror rename (bsc#1169209)

  • Packages for the Ubuntu 18.04 bootstrap repo are now populated with Python3 dependencies (bsc#1168845)

  • Use python2-uyuni-common-libs and python3-uyuni-common-libs for bootstrap repositories (bsc#1173946)

  • Add SLE 15 LTSS Product ID to SLE15 bootstrap repositories, as it is required to get python3-M2crypto (https://bugzilla.suse.com/show_bug.cgi?id=1174167)[bsc#1174167)

susemanager-build-keys:

susemanager-doc-indexes:

  • Updates for Ubuntu 20.04

  • Remove 4.x Upgrade instructions from 4.0

  • Admon re changing auth method

  • Stop and start proxy service on the proxy

susemanager-docs_en:

  • Updates for Ubuntu 20.04

  • Remove 4.x Upgrade instructions from 4.0

  • Admon re changing auth method

  • Stop and start proxy service on the proxy

susemanager-schema:

  • Enable the monitoring entitlement for s390x (bsc#1172627)

susemanager-sls:

  • Trust customer gpg key when metadata signing is enabled

  • Specify gpg key for RH systems in repo file (bsc#1172286)

  • Handle GPG check flags different for yum/dnf (bsc#1171859)

  • Set YAML loader to fix deprecation warnings

  • Fix failing "Hardware Refresh" actions because wrong "instance_id" reported from minion due a captive portal on the network (bsc#1171491)

  • Ubuntu no longer shows removed packages as installed (bsc#1171461)

  • Avoid SSL certificate issue when bootstrapping OpenSUSE Leap 15.2 (bsc#1172712)

  • Add missing certs SLS files for Debian 10 and Ubuntu 20.04 (bsc#1173896)

virtualization-host-formula:

  • Hidden required fields should not be required

Version 4.0.6

branch-network-formula:

  • Handle application/efi mime type

  • Allow http access to saltboot directory

cobbler:

  • Signatures file now uses "default_autoinstall" which fixes import problem happening with some distributions (bsc#1159010)

  • Fix for kernel and initrd detection (bsc#1159010)

dhcpd-formula:

  • UEFI HTTPBoot support

  • Changed default of filename_efi to shim.efi for secure boot

grafana-formula:

  • Add CaaSP datasource and dashboards

image-sync-formula:

  • Install dosfstools package for sync_image_usb module to work

patterns-suse-manager:

  • Require yast2-migration to allow online OS migrations (bsc#1167777)

prometheus-formula:

  • Add meta-monitoring configuration

  • Add federation configuration

pxe-formula:

  • Add non-EFI grub menu variant

  • Use /usr/lib64/efi/shim.efi path (workaround for bsc#1166523)

  • Use grub2 variable "prefix" instead of hardcoded /boot

  • Prepare configuration for UEFI with Secure Boot

  • Add support fot new terminal naming for UEFI network boot

py26-compat-salt:

  • Do not make py26-compat-salt to require python-tornado on SLE15 (all SPs)

  • Backport saltutil state module to 2016.11 codebase (bsc#1167556)

  • Add new custom SUSE capability for saltutil state module

python-susemanager-retail:

  • Fix retail_branch_init python error due to change in branch id handling

saltboot-formula:

  • Add grain to force image redeployment and repartition

  • Allow pillar customizable download urls Saltboot now recognizes following pillars:

  • saltboot_download_server: specifies from where download the images, kernel, etc.

  • saltboot_download_protocol: specifies what protocol to use for download

  • Use more reliable progress output

  • Python3 compatibility fix

  • Use file.read instead of cp.get_file_str

  • Improve image cache debug messages

spacewalk:

  • Explicitly require postgresql10 package (bsc#1165926)

spacewalk-backend:

  • Validate cached package entries on ISS slave (bsc#1159184)

  • Do not break when syncing Oracle 7 yum channel (bsc#1158463)

  • Always use the same RPM database when running "spacewalk-repo-sync" from the command line or via taskomatic (bsc#1163468)

spacewalk-certs-tools:

  • Add minion option in config file to disable salt mine when generated by bootstrap script (bsc#1163001)

  • Disable modularity failsafe mechanism for RHEL 8 bootstrap repos (bsc#1164875)

spacewalk-client-tools:

  • Use 'int' instead of 'long' on rhn_check for both Python 2 and 3

  • Do not crash 'mgr-update-status' because 'long' type is not defined in Python 3

  • Add workaround for uptime overflow to spacewalk-update-status as well (bsc#1165921)

spacewalk-java:

  • Hide message about changed Update Tag change (bsc#1169109)

  • Refresh pillar after channel change

  • Use 'changes' field if 'pchanges' field doesn’t exist (bsc#1159202)

  • Fix the original-clone channel relationship for CLM channels (bsc#1163121)

  • Fix serializer and documentation for system.listSystems (bsc#1168083)

  • Skip and show migration targets which do not have a successor for all installed extension products (bsc#1168227)

  • Fix resource leak in taskomatic (bsc#1168696)

  • Add XMLRPC API method: proxy.listProxyClients (bsc#1166408)

  • Hide Virtualization > Provisioning tab for Salt systems (bsc#1167329)

  • Remove no longer necessary check for retail TERMINALS group membership

  • Fix error when adding systems to ssm with 'add to ssm' button (bsc#1160246)

  • Prevent build/promote on content projects which have build/promote in progress

  • Clean stale Content Lifecycle targets on Tomcat startup (bsc#1164121)

  • Show warning on products page when no SUSE Manager Server Subscription is available

  • Improve performance for States view in SystemGroups detail view (bsc#1158752)

  • Validate the suseproductchannel table and update missing date when running mgr-sync refresh (bsc#1163538)

  • Add 'init.repo' kernel option to RHEL 8 kickstart tree (bsc#1163884)

spacewalk-utils:

  • Check for delimiter as well when detecting current phase (bsc#1164771)

  • Common-channels: Fix repo type assignment for type YUM (bsc#1151683)

spacewalk-web:

  • Show warning on products page when no SUSE Manager Server Subscription is available

  • Scheme is not allowed for URI of image store’s API endpoint (bsc#1165571)

susemanager:

  • Require python3-tornado only for SLE15/SLE15SP1/openSUSE Leap 15.1 (bsc#1169865)

  • Use python3-M2Crypto for all SLE15 versions and openSUSE Leap 15.1 bootstrap repositories

  • Add missing packages to OES2018-SP1-x86_64 target for bootstrap data (bsc#1169144)

  • Add dbus-1-glib to SLE12SP5 x86_64 to allow onboarding of AWS Cloud SLE12SP5 clients (they do not have it by defaul anymore)

  • Add package redhat-rpm-config to bootstrap repo for RH and CentOS systems (bsc#1168069)

  • Add 'python-singledispatch' to SLE12 (all SPs) and RES7 bootstrap repos.

  • Fix salt bootstrapping on SLE15 (require python3-pycrypto or python3-M2Crypto to support all variants) (bsc#1164563)

susemanager-doc-indexes:

  • Removed incorrect version number attribute

  • On IBM Z by default use the Unified Installer

  • Improve nav link descriptions CLI section layout fixes

  • Update example in SUSE Manager salt configuration

  • Update salt file locations

  • Removed incorrect version number attribute

  • On IBM Z by default use the Unified Installer

  • Improve nav link descriptions CLI section layout fixes

  • Update example in SUSE Manager salt configuration

  • Update salt file locations

susemanager-docs_en:

  • Removed incorrect version number attribute

  • On IBM Z by default use the Unified Installer

  • Improve nav link descriptions CLI section layout fixes

  • Update example in SUSE Manager salt configuration

  • Update salt file locations

  • Removed incorrect version number attribute

  • On IBM Z by default use the Unified Installer

  • Improve nav link descriptions CLI section layout fixes

  • Update example in SUSE Manager salt configuration

  • Update salt file locations

susemanager-nodejs-sdk-devel: - upgrade node_module dependencies - CVE-2020-7598 and SNYK-JS-ACORN-559469

susemanager-schema:

  • Enable monitoring for ppc64le and aarch64 (bsc#1166613)

susemanager-sls:

  • Fix virt.deleted state dependency

  • Remove key grains only when file and grain exists (bsc#1167237)

  • Cleanup key grains after usage

  • Use saltutil states if available on the minion (bsc#1167556)

  • Make 'product' state module only available for minions with zypper >= 1.8.13 (bsc#1166699)

  • Adapt 'mgractionchains' module to work with Salt 3000

  • Disable modularity failsafe mechanism for RHEL 8 repos (bsc#1164875)

susemanager-tftpsync:

  • Fix few compat issues with Python3 at MultipartPostHandler

  • Use alternative method for deprecated 'Request.get_data' (bsc#1164111)

virtual-host-gatherer:

  • Cast to NodeState to str to allow serialization on libcloud 2.8.1 (bsc#1167052)

virtualization-host-formula:

  • Fix required fields

  • Fix bridge network creation

Version 4.0.5

branch-network-formula:

  • Update formula to include terminal naming and identification

image-sync-formula:

  • Prevent installing xdelta3 package and disable delta functionality on SLE12 branch servers (bsc#1159553)

mgr-osad:

patterns-suse-manager:

  • Add recommends for virtualization-host-formula to suma_server pattern

  • Add recommends for virtualization-host-formula to retail

prometheus-formula:

  • Bugfix: disabled fields not enabled when checkbox is checked

pxe-default-image-sle15:

  • Adapt to new kiwi version to fix pre registration in the bare-metal image (bsc#1153269)

pxe-formula:

  • Add support for new features in terminal naming

  • Remove branch_id from pxe form, moved to branch-network form

py26-compat-salt:

  • Replace pycrypto with M2Crypto as dependency for SLE15+

python-susemanager-retail:

  • Add support for terminal naming block

  • Add delta support for SLE15 tar.xz bundles

redstone-xmlrpc:

  • Disable external entity parsing (1790381, bsc#1164120, CVE-2020-1693)

  • Do not download external entities (1555429, bsc#1085414, CVE-2018-1077)

salt-netapi-client:

spacecmd:

  • Bugfix: attempt to purge SSM when it is empty (bsc#1155372)

spacewalk-admin:

  • Spell correctly "successful" and "successfully"

spacewalk-backend:

  • Fix mgrcfg-client python3 breakage (bsc#1164309)

  • Update doc link to point to new documentation server

  • Prevent timestamp format exception on mgr-inter-sync while processing comps (bsc#1157346)

  • When downloading repo metadata, don’t add "/" to the repo url if it already ends with one (bsc#1158899)

  • Use HTTP proxy settings when fetching the mirrorlist on spacewalk-repo-sync (bsc#1159076)

  • Enhance suseProducts via ISS to fix SP migration on slave server (bsc#1159184)

  • Prevent a traceback when reposyncing openSUSE 15.1 (bsc#1158672)

  • Close config files after reading them (bsc#1158283)

  • Associate VMs and systems with the same machine ID at bootstrap (bsc#1144176)

spacewalk-certs-tools:

  • Add 'start_event_grains' minion option to configfile when generated by bootstrap script

  • Forbid multiple activation keys for salt minions during bootstrap (bsc#1164452)

  • Add additional minion options to configfile when generated by bootstrap script (bsc#1159492)

  • Change the order to check the version correctly for RES (bsc#1152795)

spacewalk-client-tools:

  • Spell correctly "successful" and "successfully"

spacewalk-java:

  • Feat: enable Salt system lock when CaaSP node is onboarded and add dependency to 'system-lock-formula' (bsc#1165541)

  • Support non discoverable fqdns via custom grain (bsc#1155281)

  • Handle the non-existent requested grains gracefully

  • Get the machineid grain from the minion startup event

  • Use term 'patch' instead of 'errata' (bsc#1164649)

  • Enable provisioning API with salt and bootstrap entitled systems

  • Fix a problem with removing the monitoring entitlement from a system

  • Improve performance when adding systems to system groups (bsc#1158754)

  • Migrate pillar and formula data on minion id change (bsc#1161755)

  • Change doc links pointing to new documentation server

  • Call saltutil.sync_all before calling highstate (bsc#1152673)

  • Exclude base products from PAYG (Pay-As-You-Go) instances when doing subscription matching

  • Show additional headers and dependencies for deb packages

  • Show adequate message on saving formulas that change only pillar data

  • Fix mgr-sync add channel when fromdir is configured (bsc#1160184)

  • Handle not found re-activation key (bsc#1159012)

  • Write a list of formulas sorted by execution order (bsc#1083326)

  • Use channel name from product tree instead of constructing it (bsc#1157317)

  • Read the subscriptions from the output instead of input (bsc#1140332)

  • Rename rhncfg-actions to mgr-cfg-actions in UI advice (bsc#1137248)

  • Fix container image import (bsc#1154246)

  • Add missing permission checks on formula api (bsc#1123274)

  • Generate metadata with empty vendor (bsc#1158480)

  • Remove undefined variable from redhat_register snippet

  • Add a method in API to check if the provided session key is a valid one.

  • Associate VMs and systems with the same machine ID at bootstrap (bsc#1144176)

  • Fix minion id when applying engine-events state (bsc#1158181)

  • Remove unnecessary WARN log entries from Kubernetes integration

  • Fix for pillar not being refreshed when CaaSP pattern is detected upon software profile update (bsc#1166061)

spacewalk-search:

spacewalk-setup:

  • Spell correctly "successful" and "successfully"

spacewalk-utils:

  • Spell "successfully" correctly

spacewalk-web:

subscription-matcher:

  • Add missing library for SLE15 SP2 (slf4j-log4j12)

  • Make the code usable with Math3 on SLES

  • Use log4j12 package on newer SLE versions

  • Aggregate stackable subscriptions with same parameters

  • Implement new "swap move" used in optaplanner (bsc#1140332)

  • Enable aarch64 builds, except for SLE < 15

susemanager:

  • Add missing python libraries to RES8/RHEL8/CentOS 8 boostrap repos (bsc#1164875)

  • Add bootstrap-repo data for OES 2018 SP2 (bsc#1161862)

  • Add bootstrap-repo data for SLE15 SP2 Family

  • Fix documentation URL in installer (bsc#1154590)

  • Update requirements to match documented values (bsc#1154599)

susemanager-doc-indexes:

  • Adding Additional FQDNS for Proxies with Salt

  • Reference guide review and update moving content into tabular format

  • Autogenerate pdf index from antora html nav lists

  • Documentation needs to address using RHEL8 in the correct way (bsc#1159023)

  • Traditional clients bootstrap, the example applies to SLES ES 7 only (bsc#1158564)

  • Remove auditlog-keeper from list

  • Removed duplicate client requirements entries

  • Fix missing spaces throughout docs

  • Added the complete path for using manager-setup

  • Fix typo in vhm-kubernetes

  • Cleaned up client registration documents

  • Improved ubuntu instructions

  • Explain how to compose a DSN string for monitoring

  • Added publishing dates to individual book intros

  • Updated common spacewalk-common-channels usage

  • Adding Additional FQDNS for Proxies with Salt

  • Reference guide review and update moving content into tabular format

  • Autogenerate pdf index from antora html nav lists

  • Documentation needs to address using RHEL8 in the correct way (bsc#1159023)

  • Traditional clients bootstrap, the example applies to SLES ES 7 only (bsc#1158564)

  • Remove auditlog-keeper from list

  • Removed duplicate client requirements entries

  • Fix missing spaces throughout docs

  • Added the complete path for using manager-setup

  • Fix typo in vhm-kubernetes

  • Cleaned up client registration documents

  • Improved ubuntu instructions

  • Explain how to compose a DSN string for monitoring

  • Added publishing dates to individual book intros

  • Updated common spacewalk-common-channels usage

susemanager-docs_en:

  • Adding Additional FQDNS for Proxies with Salt

  • Reference guide review and update moving content into tabular format

  • Autogenerate pdf index from antora html nav lists

  • Documentation needs to address using RHEL8 in the correct way (bsc#1159023)

  • Traditional clients bootstrap, the example applies to SLES ES 7 only (bsc#1158564)

  • Remove auditlog-keeper from list

  • Removed duplicate client requirements entries

  • Fix missing spaces throughout docs

  • Added the complete path for using manager-setup

  • Fix typo in vhm-kubernetes

  • Cleaned up client registration documents

  • Improved ubuntu instructions

  • Explain how to compose a DSN string for monitoring

  • Added publishing dates to individual book intros

  • Updated common spacewalk-common-channels usage

  • Adding Additional FQDNS for Proxies with Salt

  • Reference guide review and update moving content into tabular format

  • Autogenerate pdf index from antora html nav lists

  • Documentation needs to address using RHEL8 in the correct way (bsc#1159023)

  • Traditional clients bootstrap, the example applies to SLES ES 7 only (bsc#1158564)

  • Remove auditlog-keeper from list

  • Removed duplicate client requirements entries

  • Fix missing spaces throughout docs

  • Added the complete path for using manager-setup

  • Fix typo in vhm-kubernetes

  • Cleaned up client registration documents

  • Improved ubuntu instructions

  • Explain how to compose a DSN string for monitoring

  • Added publishing dates to individual book intros

  • Updated common spacewalk-common-channels usage

susemanager-schema:

  • Add new 'payg' attribute to rhnServer table

  • Enable re-activation keys for salt managed systems (bsc#1159012)

  • Generate metadata with empty vendor (bsc#1158480)

  • Fix rhnActionVirtDelete when migrating from 3.2 to 4.0 (bsc#1158178)

susemanager-sls:

  • Install dmidecode before HW profile update when missing

  • Add mgr_start_event_grains.sls to update minion config

  • Add 'product' custom state module to handle installation of SUSE products at client side (bsc#1157447)

  • Support reading of pillar data for minions from multiple files (bsc#1158754)

  • Do not workaround util.syncmodules for SSH minions (bsc#1162609)

  • Force to run util.synccustomall when triggering action chains on SSH minions (bsc#1162683).

  • Add custom 'is_payg_instance' grain when instance is PAYG and not BYOS.

  • Adapt sls file for pre-downloading in Ubuntu minions

  • Sort formulas by execution order (bsc#1083326)

  • Split remove_traditional_stack into two parts. One for all systems and another for clients not being a Uyuni Server or Proxy (bsc#1121640)

  • Change the order to check the version correctly for RES (bsc#1152795)

  • Do not break Servers registering to a Server

  • Remove the virt-poller cache when applying Virtualization entitlement

  • Force HTTP request timeout on public cloud grain (bsc#1157975)

susemanager-sync-data:

  • Add OES 2018 SP2 (bsc#1161862)

  • Rename RHEL 8 Base product

  • Change channel family name according to SCC data

system-lock-formula:

  • Clarified terms along documentation and product (bsc#1166061)

Version 4.0.4

bind-formula:

  • Bind form update - make options pillar optional. Fixes problem with empty options introduced in previous version

  • Improvements to bind form:

    • remove wrong default for bind options preventing correct upload of bind options using XMLRPC (bsc#1150657)

    • add explaining names to CNAME and A sections

branch-network-formula:

  • Update formula metadata: remove no longer valid limitation to only SLES12 systems

  • Enable formula for all SUSE based distros

cobbler:

  • Fix for cobbler import and buildiso (bsc#1156574)

  • Also backing up kickstart uploads from Uyuni/SUSE Manager now (bsc#1149075)

dhcpd-formula:

  • Update formula to upstream version hash e041d03bb

golang-github-lusitaniae-apache_exporter:

  • Handle OS TERM signals

  • Add option to override host name

image-sync-formula:

  • Keep image bundles in /var/cache/salt/minion/extrn_files/

  • Use bundle and delta hash to check file presence in salt cache

  • Add image_sync_usb module

  • Handle Kiwi NG image bundle

jabberd:

  • SQL scripts are now placed at /etc/jabberd/scripts to make jabberd compatible with JeOS (bsc#1148352)

  • Always require zlib-devel for building (fixes building for SLE15 SP2)

patterns-suse-manager:

  • Add prometheus-formula and grafana-formula to the server pattern

  • Add the apache exporter to the proxy pattern as "Recommends"

  • Install cpu-mitigations-formula by default

prometheus-exporters-formula:

  • Add support for provisioning the apache exporter

pxe-formula:

  • Use absolute paths in grub2 config

  • Fix missing EFI path on non-SLE systems

  • Drop IPAPPEND pxe option

python-pygit2: - Add the package to SLE15-SP1 (bsc#1157473)

python-susemanager-retail:

  • Add delta hash to pillar

  • Allow bind options to be stored to and edited by retail_yaml (bsc#1150657)

rhnlib:

  • Fix malformed XML response when data contains non-ASCII chars (bsc#1154968)

saltboot-formula:

  • Force fsck before image resize

  • Allow custom actions in initrd phase via saltboot_hook.sls

  • Make sure ImageVersion is written during deployment

spacecmd:

  • Enable building and installing for Ubuntu 16.04, Ubuntu 18.04 and RHEL/SLESES 8

  • Prevent error when piping stdout in Python 2 (bsc#1153090)

spacewalk-backend:

  • Fix specfile for systems that do not yet use systemd

  • Fix spacewalk-update-signatures for python3 (bsc#1156521)

  • Fix problems with Package Hub repos having multiple rpms with same NEVRA but different checksums (bsc#1146683)

  • Fix broken spacewalk-data-fsck utility (bsc#1131556)

spacewalk-branding:

  • Move formula form styles to spacewalk-web

spacewalk-certs-tools:

  • Fix certificate generation when the serial has leading zeroes to avoid "asn1 encoding routines:a2i_ASN1_INTEGER:odd number of chars" during setup

  • Make traditional bootstrap more robust for unknown hostname (bsc#1152298)

spacewalk-client-tools:

  • Skip dmidecode data on aarch64 to prevent coredump (bsc#1113160)

spacewalk-config:

spacewalk-java:

  • Add 'license' entry to the kiwi image inspection test data

  • Add self monitoring to Admin Monitoring UI (bsc#1143638)

  • Add formula metadata to form data response

  • Use apache proxy of websockify (bsc#1155455)

  • Create a single action when adding erratas to an action chain via the API (bsc#1148457)

  • Add information message in Tasks bunch detail page if task gets interrupted before start

  • Consider timeout value in salt remote script (bsc#1153181)

  • Fqdns are coming from salt network module instead of fqdns grain (bsc#1134860)

  • Check if metadata refresh is needed before adding new channels (bsc#1153613)

  • Fix: match image_id with newer k8s (bsc#1149741)

  • Handle refreshing hardware of VM with changed UUID (bsc#1135380)

  • Fix problems with Package Hub repos having multiple rpms with same NEVRA but different checksums (bsc#1146683)

  • Enable Kiwi NG on SLE15

  • Add check/message for project not found (bsc#1145755)

  • Fix combinatorial explosion when generating migrations (bsc#1151888)

  • Fix sorting issues on content filter list page (bsc#1145591)

  • Fix loading proper activation key details on SPA enabled (bsc#1157141)

spacewalk-search:

  • Require lucene version we use (bsc#1156176)

  • Fix rhn-search to read memory variable from rhnconf (bsc#1154586)

spacewalk-setup-jabberd:

  • SQL scripts are now placed at /etc/jabberd/scripts to make jabberd compatible with JeOS (bsc#1148352)

spacewalk-utils:

  • Fix hostname-rename script for cobbler files

  • Enable CentOS8 at spacewalk-common-channels (bsc#1159206)

spacewalk-web:

  • Add self monitoring to Admin Monitoring UI (bsc#1143638)

  • Layout changes in formula forms, validation, deprecate $visibleIf and add new attributes: $disabled, $visisble, $required, $match

  • Fix create VM dialog when there is no virtual storage pool or network

  • Show channels and filters in CLM history

  • SPA: do not early drop modals they can contain inputs (bsc#1155800)

  • Fix WebUI invalidation time by using the package build time instead of the WebUI version (bsc#1154868)

  • Filter by description on the Products page works recursively

  • Add check/message for project not found (bsc#1145755)

  • Remove/change text on edit filters for clp (bsc#1145608)

  • Fix sorting issues on content filter list page (bsc#1145591)

  • Fix loading proper activation key details on SPA enabled (bsc#1157141)

susemanager:

  • Add bootstrap repo for RHEL 8 and ES 8

  • Prepare bootstrap data for upcoming openSUSE 15.2

  • Add bootstrap data for openSUSE 15.1 when mirrored as Vendor Channels (bsc#1154474)

  • Show help message when missing sub-command in mgr-sync call (bsc#1134708)

  • Allow bootstraping of Expanded Support 6, CentOS6 and Red Hat 6 salt-ssh minions when using the "Minimal" software set (bsc#1155295)

  • add bootstrap-repo data for SLE12 SP5 Family (bsc#1158963)

  • Allow creating bootstrap repositories for CentOS8 (bsc#1159206)

  • fix product id of SLES12 SP5 x86_64 and remove never released SLED product (bsc#1158963)

susemanager-doc-indexes:

  • Port 8050 no longer needs to be open

  • No CentOS 7 for i386

  • Update for Ubuntu spacewalk-common-channels method

  • RHEL 8 support

  • Retail updates and formula pages

  • Various wording adjustments

  • Port list update

  • Reorganize feature matrix

  • Update for ubuntu supported features

  • Added missing entities

  • Image update

  • Fixes to broken xrefs

  • Update to GPG section

  • Update to SSL Certs section

  • Monitoring: fixes for prometheus configuration

  • Salt file locations and structure update

  • Grains typo fix

  • DB migration update

  • Autostallation update

  • Technical reviews on all books

  • SD Reactivation - correction of the command that needs running (bsc#1156526)

  • Add partition permissions for SUMA subdirectories (bsc#1152735)

  • Port 8050 no longer needs to be open

  • No CentOS 7 for i386

  • Update for Ubuntu spacewalk-common-channels method

  • RHEL 8 support

  • Retail updates and formula pages

  • Various wording adjustments

  • Port list update

  • Reorganize feature matrix

  • Update for ubuntu supported features

  • Added missing entities

  • Image update

  • Fixes to broken xrefs

  • Update to GPG section

  • Update to SSL Certs section

  • Monitoring: fixes for prometheus configuration

  • Salt file locations and structure update

  • Grains typo fix

  • DB migration update

  • Autostallation update

  • Technical reviews on all books

  • SD Reactivation - correction of the command that needs running (bsc#1156526)

  • Add partition permissions for SUMA subdirectories (bsc#1152735)

susemanager-docs_en:

  • Port 8050 no longer needs to be open

  • No CentOS 7 for i386

  • Update for Ubuntu spacewalk-common-channels method

  • RHEL 8 support

  • Retail updates and formula pages

  • Various wording adjustments

  • Port list update

  • Reorganize feature matrix

  • Update for ubuntu supported features

  • Added missing entities

  • Image update

  • Fixes to broken xrefs

  • Update to GPG section

  • Update to SSL Certs section

  • Monitoring: fixes for prometheus configuration

  • Salt file locations and structure update

  • Grains typo fix

  • DB migration update

  • Autostallation update

  • Technical reviews on all books

  • SD Reactivation - correction of the command that needs running (bsc#1156526)

  • Add partition permissions for SUMA subdirectories (bsc#1152735)

  • Port 8050 no longer needs to be open

  • No CentOS 7 for i386

  • Update for Ubuntu spacewalk-common-channels method

  • RHEL 8 support

  • Retail updates and formula pages

  • Various wording adjustments

  • Port list update

  • Reorganize feature matrix

  • Update for ubuntu supported features

  • Added missing entities

  • Image update

  • Fixes to broken xrefs

  • Update to GPG section

  • Update to SSL Certs section

  • Monitoring: fixes for prometheus configuration

  • Salt file locations and structure update

  • Grains typo fix

  • DB migration update

  • Autostallation update

  • Technical reviews on all books

  • SD Reactivation - correction of the command that needs running (bsc#1156526)

  • Add partition permissions for SUMA subdirectories (bsc#1152735)

  • Support for working with RHEL 8, CentOS 8 and SLES ES 8 (bsc#1159023)

  • Traditional clients bootstrap, the example applies to SLES ES 7 only (bsc#1158564)

  • VHM and SUSE CaaS Platform docs added

susemanager-schema:

  • Migration path from 3.2.21 to 4.0.0 (bsc#1155030)

  • Prevent SELECT INSTR error in Postgres logs every minute (bsc#1157034)

susemanager-sls:

  • Support license entry in kiwi image packages list

  • Install yum plguin for only yum < 4 (bsc#1156173)

  • Add self monitoring to Admin Monitoring UI (bsc#1143638)

  • Configure GPG keys and SSL Certificates for RHEL8 and ES8

  • Always run Kiwi with empty cache (bsc#1155899)

  • Avoid traceback error due lazy loading which_bin (bsc#1155794)

  • Create Kiwi cache dir if not present

  • Consider timeout value in salt remote script (bsc#1153181)

  • Using new module path for which_bin to get rid of DeprecationWarning

  • Fix: match image_id with newer k8s (bsc#1149741)

  • Enable Kiwi NG on SLE15

susemanager-sync-data:

  • Add RHEL 8 Base product

  • Changed RHEL 5, 6 and 7 products to released

vsftpd-formula:

  • Update formula to upstream version hash cc7d6b15

Version 4.0.3

cobbler:

  • Fix for install loop caused autoinstallation profiles (bsc#1151875)

  • Update module config description to match new parameters

  • Add config migration script and runs it in post-install script

  • Fix for config backups in post install script (bsc#1149075)

  • Move apache config file cobbler.conf to conf.d directory and remove the VirtualHost container as it overwrite rules already set in conf.d

  • Realignment with Cobbler 3.0.0 release candidate.

  • Fix for typo in settings for scm_track module.

  • Optimization for settings loading in scm_track module.

cpu-mitigations-formula:

  • Fix grub entry changed for sle12* so it matches sle15* (bsc#1145873)

mgr-osad:

  • Obsolete all old python2-osa* packages to avoid conflicts (bsc#1152290)

patterns-suse-manager:

  • Add recommends for cpu-mitigations-formula

pgjdbc-ng:

prometheus-exporters-formula:

  • Allow to configure arbitrary arguments when running exporters

  • Add support for Debian/Ubuntu and Red Hat systems (RHEL/CentOS)

  • Install the LICENSE together with the package

py26-compat-salt:

  • Get tornado dependency from the system on SLE12 (bsc#1149409)

python-susemanager-retail:

  • Update to version 0.1.1568808472.be9f236

  • Parse parition type 82 as swap in SLEPOS migration (bsc#1136959)

  • Allow kernel command line for branches to be set as an option to retail_branch_init CLI

  • Automatically calculate dhcp dynamic range from branch ip if not set

python-urlgrabber:

  • Allow non-integer values for URLGRABBER_DEBUG env variable (bsc#1152514)

  • Fixes usage of log level lookup for Python3 (bsc#1146683)

spacecmd:

  • Java api expects content as encoded string instead of encode bytes like before (bsc#1153277)

  • Fix building and installing on CentOS8/RES8/RHEL8

  • Check that a channel doesn’t have clones before deleting it (bsc#1138454)

spacewalk-admin:

  • Avoid a "Permission denied" salt error when publisher_acl is set (bsc#1150154)

spacewalk-backend:

  • Fix re-registration with re-activation key (bsc#1154275)

  • Change the default value of taskomatic maxmemory to 4GB

  • Add basic support for importing modular repositories

  • Import additional fields for Deb packages

  • Add script to update additional fields in the DB for existing Deb packages

  • Use active values for diskchecker mails

  • Parse restart_suggested flag from patches and set it as keywords (bsc#1151467)

  • Improve error message when deleting channel that’s in a content lifecycle project (bsc#1145769)

  • Prevent "reposync" crash when handling metadata on RPM repos (bsc#1138358)

  • Do not show expected WARNING messages from "c_rehash"

  • Fix misspelling in spacewalk-repo-sync (bsc#1149633)

  • Remove credentials also from potential rhn.conf backup files in spacewalk-debug (bsc#1146419)

  • Do not crash 'rhn-satellite-exporter' with ModuleNotFound error (bsc#1146869)

  • Spacewalk-remove-channel check that channel doesn’t have cloned channels before deleting it (bsc#1138454)

  • Fix broken spacewalk-data-fsck utility

  • Add '--latest' support for reposync on DEB based repositories

  • Do not try to download RPMs from the unresolved mirrorlist URL

  • Fix encoding issues with DB bytes values (bsc#1144300)

  • Fix import of rhnAuthPAM to avoid issues when using rhnpush.

  • Avoid traceback on mgr-inter-sync when there are problems with cache of packages (bsc#1143016)

spacewalk-branding:

  • Improve menu scrollbar style for firefox

  • Add UI message when salt-formulas system folders are unreachable (bsc#1142309)

  • Prevent ISE and warn disable deletion of a Content Lifecycle channel in use (bsc#1158012)

spacewalk-certs-tools:

  • Require mgr-daemon (new name of spacewalksd) so systems with spacewalksd get always the new package installed (bsc#1149353)

  • fix bootstrap script generator to work with Expanded Support 8 product (bsc#1158002)

spacewalk-client-tools:

  • Require mgr-daemon (new name of spacewalksd) so we systems with spacewalksd get always the new package installed (bsc#1149353)

  • Enable spacewalk-update-service on package installation (bsc#1143789)

  • Invalidate cache 5 minutes before actual expiration(bsc#1143562)

spacewalk-config:

  • Change the default value of taskomatic maxmemory to 4GB

  • Resolve modules.yaml file for modular repositories

spacewalk-java:

  • Change the default value of taskomatic maxmemory to 4GB

  • Silence cache strategy Hibernate warning

  • Return result in compatible type to what defined in database procedure (bsc#1150729)

  • Allow channels names to start with numbers

  • Fix: handle special deb package names (bsc#1150113)

  • Fix: regression with Ubuntu version compare (bsc#1150113)

  • Remove extra spaces in dependencies fields in Debian repo Packages file (bsc#1145551)

  • Allow monitoring for managed systems running Ubuntu 18.04 and RedHat 6/7

  • Improve performance for 'Manage Software Channels' view (bsc#1151399)

  • Import additional fields for Deb packages

  • Use value from systemd unit file if not set in /etc/rhn/rhn.conf

  • Implement "keyword" filter for Content Lifecycle Management

  • Add support for Azure, Amazon EC2, and Google Compute Engine as Virtual Host Manager.

  • Allow ssl connections from Tomcat to Postgres (bsc#1149210)

  • Use default in case taskomatic.java.maxmemory is unset

  • Fix parsing of /etc/rhn/rhn.conf for taskomatic.java.maxmemory (bsc#1151097)

  • Change form order and change project creation message (bsc#1145744)

  • Use 'SCC organization credentials' instead of 'SCC credentials' in error message (bsc#1149425)

  • Implement "regular expression" Filter for Content Lifecycle Management matching package names, patch name, patch synopsis and package names in patches

  • Implement provisioning for salt clients

  • Explicitly mention in API docs that to preserve LF/CR, user needs to encode the data(bsc#1135442)

  • New Single Page Application engine for the UI. It can be enabled with the config 'web.spa.enable' set to true

  • Check that a channel doesn’t have clones before deleting it (bsc#1138454)

  • Fix documentation of contentmanagement handler (bsc#1145753)

  • Add new API endpoint to list available Filter Criteria

  • Improve API documentation of Filter Criteria

  • Implement "patch contains package" Filter for Content Lifecycle Management

  • Implement Filter Patch "by type" Content Lifecycle Management

  • Improve websocket authentication to prevent errors in logs (bsc#1138454)

  • Implement filtering errata by synopsis in Content Lifecycle Management

  • Normalize date formats for actions, notifications and clm (bsc#1142774)

  • Implement ALLOW filters in Content Lifecycle Management

  • Implement "by date" Filter for Content Lifecycle Management

  • UI render without error if salt-formulas system folders are unreachable (bsc#1142309)

  • Cloning Errata from a specific channel should not take packages from other channels (bsc#1142764)

  • Add susemanager as prerequired for spacewalk-java

  • Prevent ISE and warn disable deletion of a Content Lifecycle channel in use (bsc#1158012)

  • Prevent Package List Refresh actions to stay pending forever (bsc#1157034)

spacewalk-setup:

  • Fix cobbler authentication module configuration required for new cobbler package

  • Configure 150 Tomcat workers by default, matching httpds MaxClients

spacewalk-utils:

  • Add FQDN resolver for spacewalk-manage-channel-lifecycle (bsc#1153578)

  • Common-channels: Fix repo type assignment for type YUM

spacewalk-web:

  • Redirect to project when canceling creating a filter (bsc#1145750)

  • Better visualization of the filters attached to a CLM Project. Allow/deny are now split

  • Fix ui issues with content lifecycle project list page (bsc#1145587)

  • Implement "keyword" filter for Content Lifecycle Management

  • Enable Azure, Amazon EC2 and Google Compute Engine as available Virtual host Managers

  • Trim strings when creating/updating image stores/profiles (bsc#1133429)

  • Show loading spin while loading salt keys data (bsc#1150180)

  • CLM - Disable clones by default of the shown CLM Project sources

  • Change form order and change project creation message (bsc#1145744)

  • Add UI message when salt-formulas system folders are unreachable (bsc#1142309)

  • Implement "regular expression" Filter for Content Lifecycle Management matching package names, patch name, patch synopsis and package names in patches

  • New Single Page Application engine for the UI. It can be enabled with the config 'web.spa.enable' set to true

  • Add environment label when deleting environment (bsc#1145758)

  • Change color of disabled build button on clp page (bsc#1145626)

  • Fix the 'include recommended' button on channels selection in SSM (bsc#1145086)

  • Implement "patch contains package" Filter for Content Lifecycle Management

  • Implement Filter Patch "by type" Content Lifecycle Management

  • Implement filtering errata by synopsis in Content Lifecycle Management

  • Normalize date formats for actions, notifications and clm (bsc#1142774)

  • Implement ALLOW filters in Content Lifecycle Management

  • Implement "by date" Filter for Content Lifecycle Management

susemanager:

  • Require dmidecode only for SLE12 aarch64 and x86_64 (bsc#1152170)

  • Require pmtools only for SLE11 i586 and x86_64 (bsc#1150314)

  • Fix test for btrfs subvolume for new btrfs version (bsc#1151666)

  • Ensure working directory is /root during setup (bsc#1148169)

  • Dmidecode does not exist on s390x (bsc#1145119)

  • Enable and start disk space checker script during setup (bsc#1156397)

susemanager-docs_en:

  • Update text and images (mu-4.0.3); many changes caused by Technical and Content Reviews.

  • Added partition permissions to Install Guide (bsc#1152735)

  • Move Disconnected Setup from Client Config to Admin Guide

  • Updated references to documentation.suse.com (was: www.suse.com/documentation)

  • Increase default value for taskomatic to 4GB

  • Registering to proxy information in Install Guide

  • Edits to Prometheus section in Admin Guide

  • Update database migration section in Upgrade Guide

  • Update server update, upgrade, and migration chapters in Upgrade Guide

  • Update server installation and setup chapters

  • Update proxy installation and setup chapters

  • Add section about maintenance window in Admin Guide

  • Update Kubernetes chapter

  • Admin Guide: ISS: Adapt the CA path to correspond to SLES 15.1

  • Update image management

  • Update channel management screenshot in Reference

  • Update CLM

  • Provide basic documentation on foreign clients

  • Update info on mgr-sync

  • New images added to Retail Guide

  • Minor edits in Salt Guide

  • Improvements to Troubleshooting section in Admin Guide

  • Removed reference to SLP in Install Guide

  • Minor edits to SSM in Client Config Guide

susemanager-schema:

  • Fix in schema migration script when recreating the 'suseUserRoleView' (bsc#1151280)

  • Fix: handle special deb package names (bsc#1150113)

  • Refactor in suseChannelUserRoleView for retrieving the parent_channel_id (bsc#1151399)

  • Add tables rhnPackageExtraTag and rhnPackageExtraTagKey

  • Allow monitoring for Ubuntu systems

  • Add new types needed for Azure, Amazon EC2 and Google CE

  • Enable provisioning for salt clients

  • Allow package changelog entries with more than 3000 characters (bsc#1144889)

susemanager-sls:

  • Require pmtools only for SLE11 i586 and x86_64 (bsc#1150314)

  • Introduce dnf-susemanager-plugin for RHEL8 minions

  • Provide custom grain to report "instance id" when running on Public Cloud instances

  • Disable legacy startup events for new minions

  • Implement provisioning for salt clients

  • Dmidecode does not exist on ppc64le and s390x (bsc#1145119)

  • Update susemanager.conf to use adler32 for computing the server_id for new minions

  • SLE15SP1 client created in AWS is not matched with its profile in VHM with AmazonEC2 module (bsc#1155656)

  • Do not show errors when polling internal metadata API (bsc#1155794)

susemanager-sync-data:

  • Ubuntu repositories released

tika-core:

  • New upstream version 1.2.2. Fixes:

    • OOM from a crafted Zip File in Apache Tika’s RecursiveParserWrapper (CVE-2019-10088) (bsc#1144500).

    • Denial of Service in Apache Tika’s 2003ml and 2006ml Parsers (CVE-2019-10093) (bsc#1144510).

    • StackOverflow from Crafted Package/Compressed Files in Apache Tika’s RecursiveParserWrapper (CVE-2019-10094) (bsc#1144515).

virtual-host-gatherer:

  • Add new modules to deal with Amazon EC2, Azure and Google Compute

Version 4.0.2

branch-network-formula:

  • Update to version 0.1.1561374979.11123db

  • Explicitelly specify zone of the internal interface (bsc#1138586)

  • Use 'onchanges' require instead of 'wait' to clearly see when state was applied or not required to

  • Firewalld 'public' zone should be used for shared NIC (bsc#1137882)

mgr-osad:

  • Fix obsolete for old osad packages, to allow installing mgr-osad even by using osad at yum/zyppper install (bsc#1139453)

  • Ensure bytes type when using hashlib to avoid traceback (bsc#1138822)

mgr-virtualization:

  • fix package dependencies to prevent file conflict (bsc#1143856)

patterns-suse-manager:

  • Add recommends for cpu-mitigations-formula

py26-compat-salt:

  • Do not break repo files with multiple line values on yumpkg (bsc#1135360)

  • Catch SSLError for TLS 1.2 bootstraps with RES/RHEL6 and SLE11 (bsc#1147126)

python-susemanager-retail:

  • Update to version 0.1.1564399963.cf19a13

  • Initialize filename_efi in dhcpd formula (bsc#1143204)

rhnlib:

  • Add SNI support for clients

  • fix initialize ssl connection (bsc#1144155)

  • Fix bootstrapping SLE11SP4 trad client with SSL enabled (bsc#1148177)

saltboot-formula:

  • Update to version 0.1.1564399963.cf19a13

  • Fix rounding errors at the end of disk (bsc#1136857)

spacewalk-backend:

  • Do not overwrite comps and module data with older versions

  • Fix issue with "dists" keyword in url hostname

  • Import packages from all collections of a patch not just first one

  • Ensure bytes type when using hashlib to avoid traceback on XMLRPC call to "registration.register_osad" (bsc#1138822)

  • For backend-libs subpackages, exclude files for the server (already part of spacewalk-backend) to avoid conflicts (bsc#1148125)

  • prevent duplicate key violates on repo-sync with long changelog entries (bsc#1144889)

  • Don’t skip Deb package tags on package import (bsc#1130040)

  • add systemd service macros for diskcheck.service

  • port diskcheck utility to 4.0.3 branch (bsc#1156397)

  • use active values for diskchecker mails

  • do not require parameters to start on column 1

  • Add Requires: systemd for completeness

  • create /usr/lib/systemd/systemd during build

  • BuildRequires: systemd for spacewalk-diskcheck

  • add option spacecheck_shutdown; tidy up wording of notifications

  • add disk space checker script

spacecmd:

  • Fix missing runtime dependencies that made spacecmd return old versions of packages in some cases, even if newer ones were available (bsc#1148311)

spacewalk-branding:

  • Set Copyright year to 2019 (bsc#1141598)

  • Remove duplicate information message when changing system properties (bsc#1111371)

  • Add missing strings for task status page

spacewalk-certs-tools:

  • Run bootstrap.sh completely unattended on Ubuntu (bsc#1137881)

spacewalk-client-tools:

  • The rhnsd service was replaced by rhnsd timer, so registration script and systemd presets are now adapted to this (bsc#1138130)

spacewalk-common-channels:

  • Support for CentOS8 and CentOS8 stream at spacewalk-common-channels (bsc#1159206)

spacewalk-java:

  • Improve performance for retrieving the user permissions on channels (bsc#1140644)

  • Fix permissions of cobbler owned directories

  • Prerequire salt package to avoid not existing user issues

  • Support partly patched CVEs in CVE audit (bsc#1137229)

  • Remove duplicate information message when changing system properties (bsc#1111371)

  • Align selection column in software channel managers (bsc#1122559)

  • Hide channels managed by Content Lifecycle projects from available sources (bsc#1137965)

  • Add caret sorting for rpm versioning

  • API Documentation: mention the shebang in the system.scheduleScriptRun doc strings (bsc#1138655)

  • For orphan contentsources, look also in susesccrepositoryauth to make sure they are not being referenced(bsc#1138275)

  • Fallback to logged-in-user org and then vendor errata when looking up erratum on cloning (bsc#1137308)

  • Add new validation to avoid creating content lifecycle projects starting with a number (bsc#1139493)

  • Allow virtualization tab for foreign systems (bsc#1116869)

  • Improve performance of 'Systems requiring reboot' page (fate#327780)

  • Allow forcing off or resetting VMs

  • Keep querystring on ListTag parent_url for actions that have the cid param (bsc#1134677)

  • Add XML-RPC API calls to manage server monitoring

  • Fix profiles package scheduling when epoch is null (bsc#1137144)

  • Fix: initialize the hibernate transaction when merging errata via XMLRPC API (bsc#1145584)

  • Fix: set install time only if there is a value (bsc#1148714)

spacewalk-utils:

  • Fixes SSL hostname matching (bsc#1141663)

  • Hostname-rename: change hostname in cobbler db and autoinst data

  • Adds support for Ubuntu and Debian channels to spacewalk-common-channels.

spacewalk-web:

  • Redirect to first step of channel assignment after change channel submit (bsc#1137244)

  • Hide channels managed by Content Lifecycle projects from available sources (bsc#1137965)

  • Add unsupported browser warning when using Internet Explorer

  • Allow virtualization tab for foreign systems (bsc#1116869)

  • Allow forcing off or resetting VMs

  • Fix VM creation dialog with non-default pools and networks (bsc#1138268)

  • Add checks for empty required entries on formula forms (bsc#1109639)

susemanager:

  • Make dmidecode part of the bootstrap repositiories (bsc#1137952)

susemanager-docs_en:

  • Interface used for branch network on branch server is not added to internal firewall zone (bsc#1132076)

  • Increasing the maximum size allowed for configuration files (bsc#1146411)

  • Documentation: unclear how to use groups with SUMA 4 remote commands (bsc#1146443)

  • Added link to bootstrap script creation

  • Added missing zypper entity

  • Added Canonical IP safeguard

  • Update for unified proxy installer

  • lunrjs integration replaces Algolia with local search

  • Antora UI improvements

  • JeOS docs cleaned up

  • Content review and cleanup on books Administration, Installation, Salt, Retail, Client Configuration and Upgrade

  • Removed outdated command tailf

  • Added missing images

  • Improved max size for configuration files

  • Added matching salt clients by minion_id or with a wildcard

  • Clarify image store for Kiwi images

  • Public cloud doc update

  • Content lifecycle manager filter update

  • Added note about support status of IE

  • Fixed IBM Z entity render issue

  • New Salt tuning guide

susemanager-schema:

  • Improve performance for retrieving the user permissions on channels (bsc#1140644)

  • Add caret sorting for rpm versioning

  • Allow repo and manifest sources with the same url

  • Drop no longer used 'allServerKeywordSinceReboot' view (fate#327780)

  • Allow forcing off or resetting VMs

spacewalk-setup:

susemanager-sls:

  • Force VM off before deleting it (bsc#1138127)

  • Check for result of image rsync transfer to catch failures early (bsc#1104949)

  • Allow forcing off or resetting VMs

  • Make sure dmidecode is installed during bootstrap to ensure that hardware refresh works for all operating systems (bsc#1137952)

  • Fix for issue with bootstrapping RES minions (bsc#1147126)

  • Bootstrapping RES6/RHEL6/SLE11 with TLS1.2 now shows error message (bsc#1147126)

Version 4.0.1

spacewalk-backend:

  • Do not duplicate "https://" protocol when using proxies with "deb" repositories (bsc#1138313)

  • Fix reposync when dealing with RedHat CDN (bsc#1138358)

  • Fix for CVE-2019-10136. An attacker with a valid, but expired, authenticated set of headers could move some digits around, artificially extending the session validity without modifying the checksum. (bsc#1136480)

spacewalk-web:

  • Change WebUI version 4.0.1

susemanager-doc-indexes:

  • Updated wording for Prometheus section

  • JeOS VM update

  • Port 8050 for graphical console display

  • Content life-cycle docs are not enough for customer to understand (bsc#1137955)

  • Salt boot formula fails for SLES11 SP3 terminal (bsc#1136857)

  • Certificate verify failed when using vmware esxi virtual host gatherer (bsc#1136561)

susemanager-docs_en:

  • Updated wording for Prometheus section

  • JeOS VM update

  • Port 8050 for graphical console display

  • Content life-cycle docs are not enough for customer to understand (bsc#1137955)

  • Salt boot formula fails for SLES11 SP3 terminal (bsc#1136857)

  • Certificate verify failed when using vmware esxi virtual host gatherer (bsc#1136561)

susemanager-sync-data:

  • Add channel family definitions for SLES12 SP3 LTSS (bsc#1139693)

  • Add OPENSUSE to allowed channel_families to make openSUSE Leap product visible in the product list (bsc#1138364)

Major changes since SUSE Manager Server 3.2

Prometheus Monitoring

We now include packages for the latest version of Prometheus, as well as self-monitoring capabilities for SUSE Manager. The SUSE Manager Monitoring entitlement is required for all systems that have monitoring with Prometheus enabled.

Prometheus is a monitoring tool that is used to record real-time metrics in a time-series database.

For more information about Prometheus, see Prometheus in the Administration Guide.

Exporters

Exporters convert existing metrics into the format Prometheus requires. We are now providing the following Prometheus Exporters as packages, for SLE12 and SLE15 as well as openSUSE Leap 15.1:

In addition we provide JMX exporter on SUSE Manager Server.

Monitoring is not yet available for other operating system platforms like Red Hat Enterprise Linux or Ubuntu.

Self-monitoring features in SUSE Manager

SUSE Manager provides metrics about its health to Prometheus. Both Server and Proxy can expose metrics. Self-monitoring can be enabled via the Web UI. For that purpose, some Prometheus exporters are pre-installed on SUSE Manager Server and Proxy.

A new formula is also included, to install and manage Node and PostgreSQL exporters on clients managed by Salt. This formula can be configured in the SUSE Manager Web UI.

Content lifecycle management

The content lifecycle management feature allows you to clone software channels through a lifecycle of several environments. You are able to create content projects, select a custom set of software channels as sources, and promote software channels through a pre-defined lifecycle of environments.

You can define filters to exclude specific packages and patches. More filters will be added in a later release.

Once you have selected your sources you can build the selected set which will populate the first environment. After the first environment is built, you can promote it through the environment lifecycle to the next environment in the loop. You can see the status of the build at any time throughout the process.

The result of the build, and the content of every environment, is a channel tree made of cloned software channels of the selected sources, to which systems can be assigned.

Virtualization management for Salt minions

The existing virtualization features have been enhanced for Salt-based systems. This is a technology preview and will require an additional Virtualization Management entitlement. Pricing will be announced soon.

Salt-based virtualization host systems can also create virtual machines using a pre-built disk image.

These features have been added:

  • Deleting virtual machines.

  • Editing virtual machines to add or remove network interfaces or disk, change CPU and memory allocation or the display type.

  • Quick update of the list and state of virtual machines.

  • Displaying virtual machines graphical display in a new tab.

Updated Documentation Structure

In this release, we have reorganized our documentation and updated our tooling to make it clearer where information is, and make it easier for you to find the content you need, when you need it.

Old Naming Format

  • Getting Started

  • Best Practices

  • Reference

  • Advanced Topics

New Naming Format

  • Installation Guide (Requirements, supported platforms, installation methods, etc)

  • Client Configuration Guide (Configuring and connecting clients to SUSE Manager)

  • Upgrade Guide (Migrate and update clients and SUSE Manager)

  • Reference Guide (Comprehensive guide to the Web UI)

  • Administration Guide (Maintenance and administration tasks in SUSE Manager)

  • Salt Guide (A comprehensive guide to Salt for system administrators)

  • Retail Guide (A guide to using SUSE Manager for Retail)

Improved logging for Salt Remote Command Page

The Salt Remote Command Page log now every command executed in a separate logfile (/var/log/rhn/rhn_salt_remote_commands.log). In addition to this, an entry in the System History is generated for every minion where the command was executed.

Salt 2019.2.0

Salt has been upgraded to the 2019.2.0 release.

We intend to regularly upgrade Salt to more recent versions.

For more detail about changes in your manually-created Salt states, see the Salt upstream release notes 2019.2.0.

Update of Traditional Client Tools and Package renames

The traditional Client Tools were updated to Uyuni version 4.0. This required some package renames.

Table 1. Package renames
Old Name New Name

osad

mgr-osad

python2-osa-common

python2-mgr-osa-common

python2-osad

python2-mgr-osad

python3-osa-common

python3-mgr-osa-common

python3-osad

python3-mgr-osad

python2-rhncfg-actions

python2-mgr-cfg-actions

python2-rhncfg-client

python2-mgr-cfg-client

python2-rhncfg-management

python2-mgr-cfg-management

python2-rhncfg

python2-mgr-cfg

python3-rhncfg-actions

python3-mgr-cfg-actions

python3-rhncfg-client

python3-mgr-cfg-client

python3-rhncfg-management

python3-mgr-cfg-management

python3-rhncfg

python3-mgr-cfg

python2-rhn-virtualization-common

python2-mgr-virtualization-common

python2-rhn-virtualization-host

python2-mgr-virtualization-host

python3-rhn-virtualization-common

python3-mgr-virtualization-common

python3-rhn-virtualization-host

python3-mgr-virtualization-host

python2-rhnpush

python2-mgr-push

python3-rhnpush

python3-mgr-push

rhn-custom-info

mgr-custom-info

rhn-virtualization-common

mgr-virtualization-common

rhn-virtualization-host

mgr-virtualization-host

rhncfg

mgr-cfg

rhncfg-actions

mgr-cfg-actions

rhncfg-client

mgr-cfg-client

rhncfg-management

mgr-cfg-management

rhnpush

mgr-push

spacewalksd

mgr-daemon

Please update your bootstrap scripts, bootstrap repositories, and activation keys if any of the packages are part of them.

Base system upgrade

The base system was upgraded to SUSE Linux Enterprise 15 SP1. As a result, all code was ported to run with Python 3 and OpenJDK 11.

Technical preview: Single Sign-On (SSO)

SUSE Manager supports Single Sign-On authentication by implementing the Security Assertion Markup Language (SAML) 2 protocol. Mandatory requirement: an already existing and configured SAML Identity Service Provider (IdP). SUSE Manager must be reconfigured to use the IdP as the source of authentication and post-login mapped users must be already created before enabling SSO.

For more on configuring SSO, see the Authentication Methods chapter in the Administration guide.

Please note SSO is currently only supported for the Web UI, not for the API and CLI tools.

Upgrading with SUSE Manager Proxy

SUSE Manager Server 4.0 works with SUSE Manager Proxy 3.2. When upgrading, upgrade the Server first, followed by the Proxies.

For instructions on upgrading with Proxies, see the Upgrade Guide on https://documentation.suse.com/suma/4.0/.

Upgrading with inter-server synchronization

When upgrading, upgrade the ISS master first, followed by the ISS slaves.

Support

Supportconfig confidentiality disclaimer

When handling Service Requests, supporters and engineers may ask for the output of the supportconfig tool from SUSE Manager Server or clients.

This disclaimer applies:

Detailed system information and logs are collected and organized in a
manner that helps reduce service request resolution times.
Private system information can be disclosed when using this tool.

If this is a concern, please prune private data from the log files.

Several startup options are available to exclude more sensitive
information. Supportconfig data is used only for diagnostic purposes
and is considered confidential information.

When you run supportconfig on the SUSE Manager Server, the output will contain information about your clients as well as about the Server. In particular, debug data for the subscription matching feature contains a list of registered clients, their installed products, and some minimal hardware information (such as the CPU socket count). It also contains a copy of the subscription data available from the SUSE Customer Center.

If this is a concern, please prune data in the subscription-matcher directory in the spacewalk-debug tarball before sending it to SUSE.

Supportability of embedded software components

All software components embedded into SUSE Manager, like Cobbler for PXE booting, are only supported in the context of SUSE Manager. Stand-alone usage (e. g. Cobbler command-line) is not supported.

Support for older products

The SUSE Manager engineering team provides 'best effort' support for products past their end-of-life date. For more information about product support, see Product Support Lifecycle.

Support for products that are considered past their end-of-life is limited to assisting you to bring production systems to a supported state. This could be either by migrating to a supported service pack or by upgrading to a supported product version.

Support for RHEL Clients

SUSE Manager supports only the latest RHEL 6,7 and 8 minor release clients. Older minor releases might still work, but cannot be officially supported.

Support for Ubuntu Clients

SUSE Manager supports Ubuntu 16.04 LTS and 18.04 LTS Clients using Salt. Traditional clients are not supported.

Support for Ubuntu is limited to a growing list of specific features. For a detailed list of supported features, check the Client Configuration Guide. .

Support for Debian and CentOS Clients

Debian and CentOS clients are only supported at L1 level support.

For Debian clients, SUSE Manager only offers a subset of its functionality, mostly aligned with Ubuntu. Manual bootstrapping is required at the moment.

For CentOS clients, SUSE Manager does not provide the metadata required by some features, such as CVE Audit.

Please contact SUSE Consulting if you need additional support or features for these operating systems.

spacewalk-utils

All commands need expertise to operate and can potentially create problems with your installation. The spacewalk-utils package is a packaged set of command line tools. We consider the spacewalk-utils tools valuable enough to be included, but are not able to fully support them.

These spacewalk-utils tools are fully supported:

  • spacewalk-clone-by-date

  • spacewalk-sync-setup

  • spacewalk-manage-channel-lifecycle

All other spacewalk-utils tools are supported at L1 level support only. L1 support is limited to problem determination, which means technical support designed to provide compatibility information, usage support, on-going maintenance, information gathering and basic troubleshooting using available documentation.

Browser support

Microsoft Interent Explorer fails to render some parts of the SUSE Manager Web UI and is therefore not a supported browser, in any version.

Please refer to the General Requirements for a list of supported browsers.

SUSE Manager installation

The SUSE Unified Installer is the only supported mechanism to install SUSE Manager. Namely, installating SUSE Manager 4.0 on top of an existing SUSE Linux Enterprise Server 15 SP1 is known to generate an incomplete installation.

If you require such a setup, please contact SUSE Consulting.

Known issues

Single Sign On, API and CLI tools

Single Sign On can be used to authenticate in the Web UI but not with the API or CLI tools.

EPEL and Salt packages

Using the Extra Packages for Enterprise Linux directly on RHEL or SLES ES clients will install the Salt packages from EPEL, which miss some features available in the SUSE Manager-provided Salt packages. This is especially important since it will result in the bootstrap repository containing the non-SUSE Salt packages. Therefore, this is an unsupported scenario.

If you need to enable the EPEL repository, make sure you filter out the Salt packages from EPEL in advance.

RHEL 6, CentOS 6, and Oracle Linux 6 minimal installations

In the case of RHEL 6, the "Minimal" installation set is missing some packages required for the onboarding to work. It is recommented to install at least a "Basic Server".

Alternatively, if using a minimal installation, you must install the perl and openssh-clients packages before onboarding.

Registering Spacewalk 2.x/Red Hat Satellite 5.x clients to SUSE Manager as Salt minions

If a client machine is running the Red Hat Satellite 5.x agent, registering it to SUSE Manager as a Salt minion will fail due to package conflicts.

Registering a RH Satellite 5.x client as a SUSE Manager traditional client works fine.

Registering a SUSE Manager traditional client as a SUSE Manager Salt minion will also work.

Works Fails

RH Satellite 5.x ⇒ SUSE Manager traditional

RH Satellite 5.x ⇒ SUSE Manager Salt minion

SUSE Manager traditional ⇒ SUSE Manager Salt minion

In order to register Red Hat Satellite 5.x clients to SUSE Manager as Salt minions, you will need to modify the bootstrap script to remove the Satellite agent packages first.

Spacewalk 2.x and Oracle Spacewalk 2.x clients will show the same behavior as Red Hat Satellite 5.x clients

Providing feedback

If you encounter a bug in any SUSE product, please report it through your support contact or in the SUSE Forums:

Resources

Latest product documentation: https://documentation.suse.com/suma/4.0/.

Technical product information for SUSE Manager: https://www.suse.com/products/suse-manager/

These release notes are available online: https://www.suse.com/releasenotes/

Visit https://www.suse.com for the latest Linux product news from SUSE.

Visit https://www.suse.com/download-linux/source-code.html for additional information on the source code of SUSE Linux Enterprise products.

SUSE LLC
Maxfeldstr. 5
D-90409 Nürnberg
Tel: +49 (0)911 740 53 - 0
Email: feedback@suse.com
Registrierung/Registration Number: HRB 21284 AG Nürnberg
Geschäftsführer/Managing Director: Felix Imendörffer, Mary Higgins, Sri Rasiah
Steuernummer/Sales Tax ID: DE 192 167 791
Erfüllungsort/Legal Venue: Nürnberg

SUSE makes no representations or warranties with regard to the contents or use of this documentation, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, SUSE reserves the right to revise this publication and to make changes to its content, at any time, without the obligation to notify any person or entity of such revisions or changes.

Further, SUSE makes no representations or warranties with regard to any software, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, SUSE reserves the right to make changes to any and all parts of SUSE software, at any time, without any obligation to notify any person or entity of such changes.

Any products or technical information provided under this Agreement may be subject to U.S. export controls and the trade laws of other countries. You agree to comply with all export control regulations and to obtain any required licenses or classifications to export, re-export, or import deliverables. You agree not to export or re-export to entities on the current U.S. export exclusion lists or to any embargoed or terrorist countries as specified in U.S. export laws. You agree to not use deliverables for prohibited nuclear, missile, or chemical/biological weaponry end uses. Please refer to the SUSE Legal information page for more information on exporting SUSE software. SUSE assumes no responsibility for your failure to obtain any necessary export approvals.

Copyright © 2012-2020 SUSE LLC.

This release notes document is licensed under a Creative Commons Attribution-NoDerivatives 4.0 International License (CC-BY-ND-4.0). You should have received a copy of the license along with this document. If not, see https://creativecommons.org/licenses/by-nd/4.0/.

SUSE has intellectual property rights relating to technology embodied in the product that is described in this document. In particular, and without limitation, these intellectual property rights may include one or more of the U.S. patents listed at https://www.suse.com/company/legal/ and one or more additional patents or pending patent applications in the U.S. and other countries.

For SUSE trademarks, see SUSE Trademark and Service Mark list (https://www.suse.com/company/legal/). All third-party trademarks are the property of their respective owners.

Colophon

Thank you for using SUSE Manager Server in your business.

Your SUSE Manager Server Team.