Release Notes #

For SUSE Linux Enterprise Desktop 12 documentation, see http://www.suse.com/documentation/sled-12/, where you can download PDF documents. For installation with YaST software management or with zypper, packages are available on the product media. Some of these packages are installed by default. These are the package names:

Technology Preview features are either not supported or supported in a limited fashion. These features are mainly included for customer convenience and may be functionally incomplete, unstable or in other ways not suitable for production use.

lspci -n | grep 0300

When setting the default mount value to By Label during partitioning, the installer will report an error and crash.

As a workaround, use another option for installation. If needed, switch back to By Label on the running system.

Previously, when installing from local media, like a CD/DVD or USB drive, these sources remained enabled after the installation.

This could cause problems during software installation, upgrade or migration because an old or obsolete installation source remained there. Additionally, if the source was physically removed (for instance, by ejecting the CD/DVD), Zypper would complain about the source not being available.

After the installation, YaST will now check every local source to determine if the product they provide is also available through a remote repository. In that case, the local source will be disabled.

YaST is a highly configurable installer that allows setting very different behaviors for each product using it (SUSE Enterprise Linux, openSUSE, etc.). In previous versions of YaST, it was possible to use a feature called "Flexible Partitioning". This feature has become obsolete, as the more standard proposal mechanism has been used by SLE and openSUSE in all recent releases.

The new version of YaST detects when a (modified) installer tries to use the obsolete "Flexible Partitioning" feature, alerts the user and falls back to the standard proposal mechanism automatically.

In earlier versions of SUSE Linux Enterprise, you could clone the system configuration as an AutoYaST profile during installation. However, many services and system parameters can only be configured after the installation process has completed and the system is up and running. This can result in an AutoYaST profile missing parts of the desired configuration.

The option of creating an AutoYaST profile during installation has been removed. However, you can still create an AutoYaST profile from the running system, after you have made sure that the system configuration fits your needs.

The following minor changes have been identified in the 4.4 kernel:

When SUSE Linux Enterprise 12 was first released, the sudo binary did not correctly support SASL authentication for LDAP because the package was built without a build dependency on the package cyrus-sasl-devel.

To be able to use sudo with SASL, update to the latest version of the package sudo. For information about enabling SASL authentication for sudo, see man 5 sudoers.ldap.

To ease future maintenance, in SLE 12 SP2, systemd was updated to version 228. This version does not support using System V and LSB init scripts from the systemd daemon itself any more.

This functionality is now implemented as a generator that creates systemd unit files from System V/LSB init scripts. These unit files are generated at boot or when systemd is reloaded. Therefore, to have changed System V init scripts recognized by systemd, run systemctl daemon-reload or reboot the machine.

For more information, see the man page of systemd-sysv-generator (man systemd-sysv-generator).

If you are packaging software that ships System V init scripts, use the RPM macros documented at https://en.opensuse.org/openSUSE:Systemd_packaging_guidelines (https://en.opensuse.org/openSUSE:Systemd_packaging_guidelines#Register_services_in_install_scripts) (Section "Register Services in Install Scripts").

Due to a problem in the AutoYaST version shipped with SLE 12 SP1, the network configuration used during the first stage was always copied to the installed system. This happened regardless of the value of keep_install_network in the AutoYaST profile.

SLE 12 SP2 behaves as expected and keep_install_network will be set to true by default.

ntp was updated to version 4.2.8.

Name resolution for the affected hosts works otherwise.

Parameter changes

The meaning of some parameters for the sntp command-line tool have changed or have been dropped, for example sntp -s is now sntp -S. Please review any sntp usage in your own scripts for required changes.

After having been deprecated for several years, ntpdc is now disabled by default for security reasons. It can be re-enabled by adding the line enable mode7 to /etc/ntp.conf, but preferably ntpq should be used instead.

The configuration UI for bridges in YaST did not always show all information and did not always convert parameters properly when editing older configurations.

In SLE 12 SP2, this behavior has been improved upon:

Additionally, to improve the user experience, the management of bridges and bonding has been unified and the interface is now updated after any change.

The version of Samba shipped with SLE 12 GA and newer does not include support to operate as an Active Directory-style domain controller. This functionality is currently disabled, as it lacks integration with system-wide MIT Kerberos.

Mutt has been updated to version 1.6.0. This version has the following new features:

Desktop users often want the size and position of windows to remain the same, even across application restarts. Such functionality usually has to be implemented at the application level but not all applications do so.

In SUSE Linux Enterprise 12 SP2, Devilspie 2 (package devilspie2) has been added. Desvilspie 2 is a window matching utility that allow you to script actions on windows as they are created, such as maximizing windows or setting their size and position.

To allow evaluating and enforcing password strength in an OpenLDAP deployment, the package openldap2-ppolicy-check-password has been added. It is an OpenLDAP password policy plugin which evaluates and enforces strength in new user passwords, and denies weak passwords in password change operations. Configuration options of the plugin allow system administrators to adjust password strength requirements.

lsof has been updated from version 4.84 to 4.89. The changelog can be found in the file /usr/share/doc/packages/lsof/DIST.

The Qt 5 libraries were updated to 5.6.1, a Qt 5.6 LTS based release. Qt 5.6.1 includes new features and security fixes for known vulnerabilities over Qt 5.5.1 (the version shipped in an upgrade to SP1).

This release includes many bug fixes and changes that improve performance and reduce memory consumption.

For security reasons, the MNG and JPEG2000 image format plugins are not shipped anymore, because the underlying MNG and JPEG2000 libraries have known security issues.

New features include:

As part of this update, Qt Creator has been updated to 4.0.1 (from Qt Creator 3.5.1 shipped as an update to SP1).

New features of Qt Creator include:

To improve Asian language support, there are now more IBus engines available:

As a result of this, some components, such as openCC, were updated to more recent versions. libopencc1 package is no longer provided and has been replaced by libopencc2.

OpenSSH received numerous changes and improvements in the last years. To ease further maintenance, OpenSSH was upgraded to a more current release.

Note that the SSHv1 protocol is no longer supported.

openSSL has been updated from version 1.0.1 to 1.0.2 which is a compatible minor version update. This will help future maintenance, and also brings many bug fixes.

The update to openSSL 1.0.2 should be transparent to existing programs.

However, there were some functional changes were done: SSL 2 support is now fully disabled and certain weak ciphers are no longer built in.

SLED images are no longer shipped on the SLED installation media.

librpcsecgss (packages: librpcsecgss3, librpcsecgss-devel) has been removed. With the release of libtirpc, the development of libsecgss stopped and it fell out of use. We recommend using libtirpc instead.

The package python-tornado is no longer provided, as it was not required by any packages on SLED 12 SP2.

Starting with SLE 12 SP2, the Adobe Flash Player plugin for the Firefox browser is no longer provided by SUSE.

Adobe provides a third-party RPM repository which can be used to install Flash Player. To install Flash Player from this repository, do the following:

To add this repository to your system, in a terminal, run:

sudo zypper ar --check --refresh http://linuxdownload.adobe.com/linux/x86_64/ adobe

To see the packages provided by this repo, use:

sudo zypper se -s -r adobe

There are two packages: the Flash Player plugin itself and a package named adobe-release-x86_64. First install this additional package and add the repository key that it contains:

sudo zypper in adobe-release-x86_64
sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-adobe-linux

Then, to install the Adobe Flash Player RPM package, run:

zypper in flash-plugin

To make Mozilla Firefox detect the Flash plugin, restart Mozilla Firefox.

The following packages are deprecated and will be removed with SUSE Linux Enterprise Desktop 13.

When right-clicking the GNOME desktop and selecting Open in Terminal, GNOME Terminal will now open with the working directory set to the home directory (~) and not set to the Desktop directory (~/Desktop). This happens because the package nautilus-extension-terminal is now installed by default.

To switch to the former behavior, first uninstall nautilus-extension-terminal and then install nautilus-open-terminal. However, note that the package nautilus-open-terminal may not be provided in future service packs.