Suse Enterprise Administration Bulletin, 2008

[Dec 14, 2008] Cool Solutions Using ClusterSSH to Perform Tasks on Multiple Servers Simultaneously By Martijn Pepping

Problem: 

As an administrator of SLES/OES Linux clusters or multiple SUSE Linux servers you are probably familiar with that fact that you have to make an identical change on more than one server. Those can be things like editing files, execute commands, collect data or some other administrative task.

There are a couple of way to do this. You can write a script that performs the change for you, or you can SSH into a server, make the change and repeat that task manually for every server.

Now both ways can cost an extended amount of time. Writing and testing a shell script takes some time and performing the task by hand on lets say five or more servers also costs time.

Now, wouldn't it be a real timesaver when you have only one console in which you can perform tasks on multiple servers simultaneously? This solution can be found in ClusterSSH.

Solution:

With ClusterSSH it is possible to make a SSH connection to multiple servers and perform tasks from one single command window, without any scripting. The 'cssh' command lets you connect to any server specified as a command line argument, or to groups of servers (or cluster nodes) defined in a configuration file.

The 'cssh' command opens a terminal window to every server which can be used to review the output sent from the cssh-console, or to edit a single host directly. Commands given in to the cssh-console are executed on every connected host. When you start typing in the cssh-console you'll see that the same command also show up on the commandline of the connected systems.

The state of connected systems can be toggled from the cssh-console. So if you want to exclude certain hosts temporarily from specific command, you can do this with a single mouseclick. Also, hosts can be added on the fly and open terminal windows can automatically be rearranged.

One caveat to be aware of is when editing files. Never assume that file is identical on all systems. For example, lines in a file you are editing may be in a different order. Don't just go to a certain line in a file and start editing. Instead search for the text you want to exit, just to be sure the correct text is edited on all connected systems.

Example:

Configuration files section from the man-page:

/etc/clusters

This file contains a list of tags to server names mappings. When any name is used on the command line it is checked to see if it is a tag in /etc/clusters (or the .csshrc file, or any additional cluster file specified by -c). If it is a tag, then the tag is replaced with the list of servers from the file. The file is formatted as follows:

<tag> [user@]<server> [user@]<server> [...]

i.e.

# List of servers in live

live admin1@server1 admin2@server2 server3 server4

Clusters may also be specified within the users .csshrc file, as documented below.

/etc/csshrc & $HOME/.csshrc

This file contains configuration overrides - the defaults are as marked. Default options are overwritten first by the global file, and then by the user file.

Environment:

ClusterSSH can be used to any system running the SSH daemon.

• ClusterSSH RPM for openSUSE 10.2/10.3 and SLE10 are available through the openSUSE Build-service: http://download.opensuse.org/repositories/home:/martijn/
• The ClusterSSH sourcecode can be downloaded from: http://sourceforge.net/project/showfiles.php?group_id=89139

[Nov 21, 2008] rsnapshot - Local-Remote Filesystem backups utility in openSUSE SUSE & openSUSE

Probably does not make much sense but Perl codebase might be reused.

Posted by admin on October 4th, 2008

rsnapshot is a filesystem backup utility based on rsync. Using rsnapshot, it is possible to take snapshots of your filesystems at different points in time. Using hard links, rsnapshot creates the illusion of multiple full backups, while only taking up the space of one full backup plus differences. When coupled with ssh, it is possible to take snapshots of remote filesystems as well.

rsnapshot is written in Perl, and depends on rsync. OpenSSH, GNU cp, GNU du, and the BSD logger program are also recommended, but not required. rsnapshot is written with the lowest common denominator in mind. It only requires at minimum Perl 5.004 and rsync. As a result of this, it works on pretty much any UNIX-like system you care to throw at it.

rsnapshot can run almost out of the box with very little configuration changes although advanced configurations can be done with little more effort.

[Sep 19, 2008] aMSN - opensource MSN messenger client for openSUSE SUSE & openSUSE

aMSN is a free open source MSN Messenger clone for Windows, Linux, Unix & Mac

Some of the Features include,

Offline Messaging
Voice Clips

Display pictures
Custom emoticons

Multi-language support (around 40 languages currently supported)
Webcam support
Sign in to more than one account at once
Full-speed File transfers
Group support
Normal, and animated emoticons with sounds
Chat logs
Timestamping
Event alarms
Conferencing support
Tabbed chat windows

[Sep 19, 2008] A Comparative Look at Compact Sysadmin Distributions

Things go wrong. Hard disks fail and whole servers crash. Luckily, many Linux-based distributions are available to help systems administrators handle minor catastrophes. We looked at four of the most portable, all of which fit on a 210MB mini CD -- SliTaz, Parted Magic, GParted, and RIPLinuX.

Each of these distributions is easy to use -- just insert the CD or plug in the USB drive on which it's installed, then boot. Each gives you access to a variety of open source tools that you can use to manage disks, partitions, and files and perform diagnostics and network troubleshooting. These distributions provide most of the tools that you might need in an emergency situation.

To choose the most appropriate sysadmin distribution, you have to consider several factors. One is the supported boot devices. Most distributions can boot and run from a live CD, but you may want the flexibility of being able to boot from a USB device or even network Preboot eXecution Environment (PXE). Another factor is size: can it fit onto a 128MB USB drive or a mini CD, or do you need a DVD? If you like a smaller distribution, make sure that it holds all the tools and utilities you need. Lastly, consider usability. Does the distro offers tools that have a GUI, or only those you can use from the command line? The CLI may not pose a problem for system administrators, but a GUI may expedite the solution and increase the user base of the distribution, often resulting in greater support and more frequent updates.

Parted Magic

 ,,, ,,, ,,.

Parted Magic is a Linux From Scratch (LFS) distribution, and only 45MB in size. The latest version, 3.0, runs on the 2.6.26 kernel. You can boot and run it using a live CD, USB, or even PXE. It features an aesthetically pleasing GUI based on Xfce. However, be wary of its memory requirements. The latest version removed the live boot option, so the whole distribution is loaded into memory. You must have at least 300MB of RAM. Failure to meet this minimum requirement will result in problems loading Parted Magic. You may not be able to load all the programs, and even if you can, you might not have access to the graphical desktop.

This distribution's primary component is the popular GParted tool, but it also includes the data recovery tools TestDisk and PhotoRec, as well as a disk imaging program called Partition Image. Other tools include Xarchiver for viewing and extracting archives,

• Xfburn for CD burning,
• ISO Master for creating ISO images.
• Use the graphical Leafpad for text editing,
• the latest version of Firefox (3.0.1) for Internet browsing,
• Grsync for backing up data.

Parted Magic includes several command-line tools; most are disk related and include dd, ddrescue (for disk recovery), cfdisk, and fdisk. The variety of disk tools enables Parted Magic to support many file systems, including ext2, ext3, ext4, FAT16, FAT32, HFS, HFS+, JFS, Linux swap, NTFS, ReiserFS, Reiser4, and XFS. It includes some advanced network tools too, such as tcpdump.

Parted Magic is a great distribution for its intended purpose: filesystem and partition management, manipulation, and recovery. Its GUI makes it easy for average users and system administrators alike to perform disk-related tasks.

GParted Live

GParted Live is a Debian-based distribution from the GParted team. The latest version is 0.3.7-7, running on the 2.6.24 kernel, and is only 90MB in size. You can boot and run it via live CD, USB, or PXE, and you can even install it on a hard disk. You will need a Pentium II or higher and at least 64MB of RAM, with 128MB recommended.

GParted's boot menu is simple and mostly related to the type of video display. Like other live CD sysadmin distributions, it offers Memtest86+ as a choice in the boot menu. Upon boot, it asks you about the keyboard type you'll be using.

GParted Live's graphical desktop is simple and shows a shortcut to the GParted tool on the desktop. It utilizes a Fluxbox menu in which you can run other disk programs and editing tools. The Fluxbox menu has a limited set of tools:

• Vim and nano for text editing,
• GNU Midnight Commander for file management,
• Partition Image for imaging,
• TestDisk for partition recovery, and PhotoRec for file recovery.

As with Parted Magic, you can access other disk tools using the CLI. An extensive collection of tools enables GParted Live to support the same filesystems as Parted Magic, and a shortcut for live USB creation is also available on the desktop. However, unlike Parted Magic, GParted Live doesn't have network support. This means it's missing Internet browsers, commands like ping and netstat, and features like rsync and Grsync, because they're dependent on a network connection. Likewise, the distribution offers no CD-burning software.

With no network support or ability to burn data on a CD, GParted is designed solely for partition management and manipulation on a local machine. You can recover data, but you need a locally accessible device, such as another hard disk or an external drive, to save the recovered data.

If you're concerned only with disk partitioning and related tasks, GParted Live is easy enough to use for both system administrators and average users. However, if you're able to meet its higher memory requirements, Parted Magic may be a better way to go.

[Sep 11, 2008] The LXF Guide 10 tips for lazy sysadmins Linux Format The website of the UK's best-selling Linux magazine

A lazy sysadmin is a good sysadmin. Time spent in finding more-efficient shortcuts is time saved later on for that ongoing project of "reading the whole of the internet", so try Juliet Kemp's 10 handy tips to make your admin life easier...

1. Cache your password with ssh-agent
2. Speed up logins using Kerberos
3. screen: detach to avoid repeat logins
4. screen: connect multiple users
5. Expand Bash's tab completion
6. Automate your installations
7. Roll out changes to multiple systems
8. Automate Debian updates
9. Sanely reboot a locked-up box
10. Send commands to several PCs

[Sep 5, 2008] CONCLUSION System is NOT up-to-date! - NOVELL FORUMS

In this situation you need to switch to update from DVD. That usually helps. Otherwise you need to reregister your suse system and retry again.

On a test device that has been patched up to SP2, SPident still reports this:

dss-cs99la03:/var/opt/novell/log # SPident

CONCLUSION: System is NOT up-to-date!
found SLE-10-i386 + "online updates"
expected SLE-10-i386-SP2
---

SuSE-release thinks I'm on SP1, so it's all out of whack.

dss-cs99la03:/var/opt/novell/log # cat /etc/SuSE-release
SUSE Linux Enterprise Server 10 (i586)
VERSION = 10
PATCHLEVEL = 1

---

How is this all determined by SLES?

brunold Novell SysOp

Ryan,

first you need to load the full sp2 distribution media using the zlmload tool into a single zlm bundle. The zlmload is available here:

ZLMLoad 1.4 | Novell User Communities

a sample command line:
# zlmload -P password -d /install/sles10sp2 -b SLES10-SP2-i586-DIST -a sles-10-i586

/install/sles10sp2 was where the extracted sp2 iso was at that time

After you have that single bundle, add it to a catalog and assign it to the device you want to update. Next refresh that device, subscribe to the catalog and run "rug up". That should bring you up to sp2. If you want to install the post sp2 updates as well, assign that catalog also during that time and then you will have a fully pachted system.

Rainer

rsmccain Junior Member Join Date: Jul 2008

Posts: 28

No luck attempting to patch SLED 10 device Here's the steps I followed........................

I download SLED-10-SP1-x86-DVD1.iso here: NOVELL: Downloads

Next, I mount the .iso to /media/iso and run zlmload:

dss-cs99la36:# zlmload -P foo -b SLED10-x86-SP1-ZLMLOAD -a sles-10-i586 -d /media/iso

As you can see, I have the correct ISO:

dss-cs99la36:# cat /media/iso/content
PRODUCT SUSE_SLED_SP1
VERSION 10.1-0
DISTPRODUCT SUSE-Linux-Enterprise-Desktop-SP1
DISTVERSION 10-SP1
VENDOR SUSE LINUX Products GmbH, Nuernberg, Germany
RELNOTESURL http://www.novell.com/linux/releasen...notes-sled.rpm
ARCH.i686 i686 i586 i486 i386 noarch
ARCH.i586 i586 i486 i386 noarch
ARCH.i486 i486 i386 noarch
ARCH.i386 i386 noarch
DEFAULTBASE i586
REQUIRES sled-release-10-sp1 pattern:basesystem
PROVIDES product:SUSE_SLED = 10.1
PROVIDES product:SUSE_SLE = 10.1
PATTERNS desktop-base x11 desktop-gnome apparmor 32bit
OBSOLETES product:SUSE_SLED < 10.1
SHORTLABEL SLED 10 SP1
LABEL SUSE Linux Enterprise Desktop 10 SP1 10.1-0
LABEL.de SUSE Linux Enterprise Desktop 10 SP1
DESCRDIR suse/setup/descr
DATADIR suse
FLAGS update
LANGUAGE en_US
TIMEZONE America/Los_Angeles
--SNIP--

This creates the bundle fine. I then create an empty catalog, then assign this bundle to it and name the catalog 'SLED10-x86-SP1-ZLMLOAD.' I then assign the catalog to my workstation, "3N2DHB1".


This is from my workstation:

3N2DHB1:/tmp/zlm # SPident -vv

Summary (using 1152 packages)
Product/ServicePack conflict match update (shipped)
SLE-10-i386 11 0.4% 478 41.5% 19 (2524 18.9%)
- MozillaFirefox 2.0.0.13-1.1 < 1.5.0.4-1.7
- flash-player 9.0.31.0-2.1 < 7.0.63.0-8.1
- imlib2 1.4.0-0.pm.0 < 1.2.1-17.2
- mozilla-nspr 4.7.0-7.4 < 4.6.1-22.2
- mozilla-nspr-devel 4.7.0-7.4 < 4.6.1-22.2
- mozilla-nss 3.11.9-1.2 < 3.11-21.2
- mozilla-nss-devel 3.11.9-1.2 < 3.11-21.2
- netcat 0.7.1-1.i386 < 1.10-883.2.i586
- nmap 2:4.20-1.i386 < 4.00-14.2.i586
- python-elementtree 1.2.6-18 < 1.2.6-18.2
- rpm-python 4.4.2-40 < 4.4.2-43.4
SLE-10-i386-SP1 12 0.6% 984 85.4% 5 (1948 50.5%)
- MozillaFirefox 2.0.0.13-1.1 < 2.0.0.2-2.13
- flash-player 9.0.31.0-2.1 < 9.0.31.0-1.7
- imlib2 1.4.0-0.pm.0 < 1.2.1-17.2
- mozilla-nspr 4.7.0-7.4 < 4.6.4-0.7
- mozilla-nspr-devel 4.7.0-7.4 < 4.6.4-0.7
- mozilla-nss 3.11.9-1.2 < 3.11.4-0.7
- mozilla-nss-devel 3.11.9-1.2 < 3.11.4-0.7
- netcat 0.7.1-1.i386 < 1.10-883.2.i586
- python-elementtree 1.2.6-18 < 1.2.6-18.2
- rpm-python 4.4.2-40 < 4.4.2-43.19
- rug 7.1.1.0-18.23 < 7.2.0.0-0.8
- yast2-samba-server 2.13.11-1.3 < 2.13.22-0.8
Unknown 166 14.4%

Legend for Package Details:
- conflicting package (found < expected)

CONCLUSION: No supported Product/ServicePack found at all!
(at least one conflict has been detected everywhere)

3N2DHB1:/tmp/zlm # cat /etc/novell-release
SUSE Linux Enterprise Desktop 10 (i586)
VERSION = 10
PATCHLEVEL = 1
3N2DHB1:/tmp/zlm # cat /etc/SuSE-release
SUSE Linux Enterprise Desktop 10 (i586)
VERSION = 10
PATCHLEVEL = 1

3N2DHB1:/tmp/zlm # rug ca

Sub'd? | Name | Service
-------+------------------------+--------------------------
Yes | SLED10-x86-SP1-ZLMLOAD | ZENworks Linux Management

3N2DHB1:/tmp/zlm # rug lu
No updates are available.

3N2DHB1:/tmp/zlm # rug pa SLED10-x86-SP-ZLMLOAD
WARNING: 'SLED10-x86-SP-ZLMLOAD' is not a valid catalog.

S | Catalog | Bundle | Name | Version | Arch
--+-----------------+--------+------------------------------------------+-------------------------------+-------
i | System packages | | 3ddiag | 0.735-1.5 | i586
-SNIP-
i | System packages | | imlib | 1.9.14-215.2 | i586
i | System packages | | imlib2 | 1.4.0-0.pm.0 | i586
-SNIP-
i | System packages | | MozillaFirefox | 2.0.0.13-1.1 | i586
i | System packages | | mozilla-nspr | 4.7.0-7.4 | i586
i | System packages | | mozilla-nspr-devel | 4.7.0-7.4 | i586
i | System packages | | mozilla-nss | 3.11.9-1.2 | i586
i | System packages | | mozilla-nss-devel | 3.11.9-1.2 | i586
-SNIP-
i586
i | System packages | | netcat | 0.7.1-1 | i386
i | System packages | | nmap | 4.20-1 | i386
-SNIP-
3N2DHB1:/tmp/zlm #


---

2 questions:

1) Why is it an invalid catalog?
2) Why does it not detect any updates? I guess that could be because it's an invalid catalog.....

Thanks, Ryan

 

SP2 Broken patches & newer version installed than available - NOVELL FORUMS

The typical situation after attempt to upgrade to SP2 is:

SPident:
CONCLUSION: System is NOT up-to-date!
found SLE-10-x86_64-SP1 + "online updates"
expected SLE-10-x86_64-SP2

Look like Novell screwed the patches database during the update to SP2 on many servers.  It ian undocumented database and we are stuck with Microsoft style situation.  In this situation you need to switch to update from DVD. That usually helps. Otherwise you need to reregister your suse system and retry again.

zugenmaier Junior Member Join Date: Aug 2008 Posts: 2

SP2: Broken patches & newer version installed than available

---

Hello,

I updated to SLES 10 SP2, and now I have "broken patches". In the graphical GUI of Yast2, they are marked with an exclamation mark in a triangle (road sign). The cli says "this patch is broken".
In the "add/remove software" GUI, some software packages are marked red, and the installed version is newer than the available version. That is the state after my own efforts to solve the problem. Before that, it was the other way round, and the line was marked blue instead of black. If I try to "update" these software-packages, than Yast says, it cannot resolve the dependencies and it wants to deinstall all dependent packages.

>SPident:
CONCLUSION: System is NOT up-to-date!
found SLE-10-x86_64-SP1 + "online updates"
expected SLE-10-x86_64-SP2

>rug sa:
Sub'd? | Name | Service
-------+-------------------------------------------------------+------------------------------------------------------
| SUSE Linux Enterprise Server 10 | SUSE Linux Enterprise Server 10
| SUSE Linux Enterprise Server 10 SP2 | SUSE Linux Enterprise Server 10 SP2
Yes | SUSE Linux Enterprise Software Development Kit 10 SP2 | SUSE Linux Enterprise Software Development Kit 10 SP2
| SLES10-SP1-Online | https://nu.novell.com
| SLES10-SP1-Updates | https://nu.novell.com
| SLE10-SP1-Debuginfo-Updates | https://nu.novell.com
| SLES10-Updates | https://nu.novell.com
| SLE10-Debuginfo-Updates | https://nu.novell.com
Yes | SLES10-SP2-Online | https://nu.novell.com
Yes | SLES10-SP2-Updates | https://nu.novell.com
| SLE10-SP2-Debuginfo-Updates | https://nu.novell.com

>rug sl:
# | Status | Type | Name | URI
--+--------+------+-------------------------------------------------------+-----
1 | Active | ZYPP | SUSE Linux Enterprise Server 10 | i...
2 | Active | ZYPP | SUSE Linux Enterprise Server 10 SP2 | i...
3 | Active | NU | https://nu.novell.com | h...
4 | Active | ZYPP | SUSE Linux Enterprise Software Development Kit 10 SP2 | i...

I have a test system, where the "broken patches" problem does not appear. I experimented a bit, but I only worsened things. ZMD is now permanently refreshing ...

I cannot find anywhere a reasonable description of the several SUSE updater services around ... Can anyone help?

[Aug 29, 2008] Hans Reiser Sentenced to 15-to-Life Threat Level from Wired.com

OAKLAND, California – Linux guru and convicted murdered Hans Reiser was handed a prison sentence of 15-to-life Friday, putting a final capstone on a case that began as a murder mystery, and ended with Reiser leading police to a makeshift grave a short distance from where he strangled his wife.

"I wish to humbly apologize to society for my crime," Reiser said in a statement before his sentence was pronounced. "Every human life is sacred. I took the life of a human being and I'm very sorry for that."

Hans Reiser killed his wife, Nina, at about 4:30 p.m. on Sept. 3, 2006, according to the belated confession Reiser wrote as part of his deal, said prosecutor Paul Hora after the sentencing. He first punched her in the mouth, cutting his hand, then strangled her to death.

He briefly stored the body in the bathroom, then moved it to his car, where it stayed for two days while he searched for a place to bury her.

 Nina Reiser, at age 31, was last seen alive at Hans Reiser's house in the Oakland hills on the day of her murder, when she dropped off the once-happy couple's two young children to stay with him the Labor Day weekend. The couple were in the middle of a heated divorce.

The developer of the ReiserFS file system becomes eligible for parole in about 13 years, having already served two years since his October 2006 arrest.

The 44-year-old defendant's jury trial here concluded in April this year with Reiser's first-degree murder conviction. That carries a 25-to-life term, but the authorities, in a backroom deal, later offered him 15-to-life if he produced his wife's body and waived any rights to appeal his conviction.

[Aug 29, 2008] OpenSuSE 10.1 small review

New in OpenSuSE 10.1 is also "rug - rug is the command-line interface to the ZENworks Linux Management (ZLM) agent. It works with the ZLM daemon to install, update, and remove software according to the commands you give it. The software which it installs can be from ZENworks 7 Linux Management, ZENworks 6.6.x Linux Management servers, aptrpm repositories, as well as local files.
ZENworks Linux Management servers sort software by category into catalogs, which are groups of similar software. For example, one catalog might contain software from the operating system vendor, and another the Novell Linux Desktop. You can subscribe to individual catalogs to control the display of available packages and prevent the accidental installation of unwanted software. By default, all operations are performed on software from within catalogs to which you are subscribed, although you may alter this with the --allow-unsubscribed flag."

As I said, suse_register is used by the update (and install ?!) manager. The tool automatically detects package and patch sources suitable for the current device and feeds the underlying package management system (zmd)
accordingly.. You may wonder why. Here it is:

To perform its task suse_register transfers zmd's unique device identifier to Novell's registration webservice.
In order for the webservice to calculate the appropriate package and package
sources, suse_register also passes hardware architecture, operating system and version to the webservice. The current timezone is also passed so that the webservice can select a geographically close source mirror sites of its
knowledge.
Additionally Novell's backend systems allow for customer device management.
Customers can review their available systems and associate them with
appropriate entitlements they have purchased. In order to fulfill that task
suse_register can be configured to also transmit certain device details like
hostname, CPU type etc. so that customers can easier identify their devices.
To provide a maximum amount of flexibility Novell's webservice is able to ask back for needed parameters dependent on the needs of the registration procedure. Therefore certain device side invoked commands can be requested for their outputs. These hard coded commands are:

• hwinfo
• uname
• lsb_release

Novell Customer Center registration problem - NOVELL FORUMS

On Wed, 28 May 2008 19:26:02 +0000, swicklund wrote:

> If I select to the check box to enter registration codes then click next I
> get a server error.
>
> None of the installed products can be registered at the Novell
> registration server.
>
> My server stopped downloading updates, so I deleted its registration. Now
> I am trying to re-register it.

Stop the zmd service, delete the deviceid & secret files from /etc/zmd,
start the zmd service, then try running the NCC Configuration utility
again.

--
Joe Marton
Novell Support Forum SysOp
Novell does not officially monitor these forums!
http://forums.novell.com/

Problem with suse_register - NOVELL FORUMS

On Wed, 07 Mar 2007 02:26:42 +0000, haych.c wrote:

> I can see all three of the servers. One server works, two don't. I have
> tried removing the broken ones and re-registering them. They do re-appear
> in customer centre wit han active status but still dont work on the
> system.

Interesting. I would remove all three, not just the two broken ones.
Then pick a broken one and following the following TIDs to clear secrets,
database, and cache before rerunning suse_register: 3303599, 3181469, and
3818394.

--
Joe Marton
Novell Support Forum SysOp
Novell does not officially monitor these forums!

Software Management-Registration - openSUSE

Version 13, 19 December 2006.

This paper describes how the registration process is implemented on Linux systems. What happens on Novell.com is documented elsewhere.

The registration process is invoked in one of the following ways:

1. During interactive installation, the user will be asked if they want to connect to the network and retrieve updates. This will cause interactive registration (see below). The user may skip this process, in which case the system will not be updated and the ZMD update facility will not be configured.

2. During scripted installation (i.e. with autoyast) registration may be completely scripted using the registration utility (see below). As with interactive installation, this may be skipped.

3. Manually calling the registration utility from YaST. When running in a graphical mode (i.e., webconsole or when YaST can realize an HTML widget), the registration process may be interactive.

4. Manually calling the registration utility from the command-line.

5. When the user attempts to use a ZMD-related command and ZMD is not configured, an error message will be generated prompting them to register in order to configure the update service. They will then need to manually register using one of the entry points described above. Optionally, if appropriate, the command may invoke a wrapper script that will call the registration utility.

Registration Utility: suse_register

suse_register [ options ] [-a parameter=value ...]

The suse_register utility collects system configuration and user information needed to connect the system to network-delivered services from Novell and configure the patch and update service. The information is supplied to a registration service at Novell.com, and Novell.com will return an XML-structured file with the information needed to configure ZMD for patch and update.

Options

-i | --interactive – launch web browser and interactively collect registration information

--product <product> - product to register

-p | --list-parameters – contact the registration service for a list of parameters

--xml-output – print results in XML to stdout (for scripting)

-n | --no-optional – don't submit passively collected optional system information

-f | --force-registration – mark all parameters mandatory which are required for registration even though registration itself might be optional

--no-hw-data – never submit hardware data, even if they are mandatory

-L file | --log=file – log XML blocks sent to and received from the registration service to file

--locale=locale – force messages to a specific language and encoding

-b path | --browser=path – use web browser specified by path for interactive registration

--no-proxy – don't use proxies, even if the appropriate environment variables are set

--xml-output – print XML output

-h | -? | --help – print command-line syntax help

 

[edit]

Description

[edit]

List Products

At the beginning of each call, suse_register will ask the server so send a list of known products. This happens by calling the URL https://secure-www.novell.com/center/regsvc/?command=listproducts .

The server return a list of products, for example:

<?xml version="1.0" encoding="UTF-8"?>
<productlist xmlns="http://www.novell.com/center/xml/regsvc10"
             lang="en-US">
  <privacy url="http://www.novell.com/company/policies/privacy/"
           description="Novell Privacy Statement"
           class="informative"/>
  <product>Novell Linux Desktop</product>
  <product>SUSE Linux</product>
  <product>SUSE SLES</product>
</productlist>

[edit]

List Parameters

When invoked with the --list-parameters option, the suse_register command will contact the registration service at https://secure-www.novell.com/center/regsvc/?command=listparams, supplying the desired encoding and language identifiers for textual descriptions of the parameters. The content includes the product information.

<?xml version="1.0" encoding="UTF-8"?>
<listparams xmlns="http://www.novell.com/xml/center/regsvc-1_0">
    <product version="10.1" release="Beta9" arch="i686"><![CDATA[SUSE LINUX]]></product>
</listparams>

The encoding and language specifiers are supplied using HTML form post or get methods, and are passed using the encoding and lang identifiers, respectively. The default values for encoding and language are derived from the LANG locale variable, and may be set in the runtime environment using the LANG environment variable. An appropriate value may also be passed on the command line using the --locale option. This value is structured as lang.encoding. The value for lang may require normalization by suse_register in order to conform to IETF RFC 3066. For example, en_US would be transformed to en-US. The value for encoding must be UTF-8; in instances where other character encodings are required, suse_register must normalize or de-normalize message strings.

The registration service will then return an XML structured document with a list of parameters, their description, and a command that may be used to collect the desired information (if applicable). The registration service may modify the language and encoding to match supported message catalogs. For example, if suse_register passes lang="en-GB", the registration service may change the language value to en because a single English language message catalog is supported.

The tag privacy has an url and a description attribute. The url is the link to the current privacy policy of Novell. The description a short description about the policy.

<?xml version="1.0" encoding="utf-8"?>
<paramlist xmlns="http://www.novell.com/center/xml/regsvc10" lang="en">
    <param id="ostype"
           description="Operating System Type"
           command="lsb_release -sd"/>
    <param id="osversion"
           description="Operating System Version"
           command="lsb_release -sr"/>
    <param id="processor"
           description="Processor Type"
           command="uname -p"/>
    <param id="platform"
           description="Hardware Platform Type"
           command="uname -i"/>
    <param id="timezone"
           description="Timezone Offset from GMT"
           command="date +'%z'"/>
    <param id="username"
           description="Novell Account User Name"/>
    <!-- etc. -->
    <privacy url="http://www.novell.com/company/policies/privacy/"
             description="Submit information to help you manage systems in the Customer Center."
             class="informative"/>
</paramlist>

If suse_register was invoked with the --xml-output option, then the returned file will be sent to stdout. Otherwise, a human-readable version of the parameter list will be printed to stdout.

Registration

In all other cases, the suse_register command will send an XML structured document to the registration service at https://secure-www.novell.com/center/regsvc/?command=register .

The registration service may respond with a redirect, in which case the request is resubmitted to the indicated URL.

The URL should contain the protocol version of suse_register, e.g. version=1.0, as query option.

The XML document will contain a globally-unique identifier (GUID) for the device provided by ZMD and any collected parameters. The ZMD GUID is one of two randomly-generated “unique" numbers that the system and the Novell.com ZLM server will exchange with each other. The other is a registration code that will be passed back later in the process.

For virtualization the GUID of the Domain-0 could be provide inside the <host>...</host> element. This could be understand as a “link" to the entitlement of Domain-0. More about this is defined in an separate document.

At a minimum, the suse_register command will passively collect the products, the processor and hardware platform type, and the timezone. The products are used for update catalog selection. The timezone information is used to select an update server. The XML document will also include the desired language and encoding specifiers, as outlined above.

The mirrors tag ask for maximal count of mirrors returned by the registration server. If this value is missing in the request, the value is “1" . Update sources with the same catalog name are defined to be mirrors with the same content.

The product has the following attributes: version, release (might be empty) and arch. The value is the product name.

<?xml version="1.0" encoding="UTF-8"?>
<register xmlns="http://www.novell.com/xml/center/regsvc-1_0"
          lang="en" accept="optional" force="registration">
    <guid>1badbeef4abadb01</guid>
    <host>564894af454e9d12</host>
    <product version="10" release="" arch="i686">
          <![CDATA[SUSE-Linux-Enterprise-Server-i386]]>
    </product>
    <param id="processor">i686</parameter>
    <param id="platform">i386</parameter>
    <param id="timezone">US/Mountain</parameter>
    <mirrors count="5" />
</register>

It is possible to register more that one product. suse_register will submit the set intersection of server known products (i.e., products returned from a listproducts command), installed products, and any products provided via the --product command line parameter.

If the supplied information is sufficient to complete registration of the system, then the registration service will send back and XML structured document with configuration information for ZMD.

<?xml version="1.0" encoding="UTF-8"?>
<zmdconfig xmlns="http://www.novell.com/xml/regsvc10" lang="en">
    <guid>1badbeef4abadb01</guid>
    <param id="update_inventory">true</param>
    <service id="novell-emea"
             description="Novell Network European Update Service"
             type="zenworks">
        <param id="url">
               https://dublin.network.novell.com/zlm7/
        </param>
        <param id="regcode">fade4badbeeffeed</param>
        <param name="catalog">sle-10-common-i586</param>
        <param name="catalog">sle-10-server-i586</param>
        <param name="catalog">sle-10-sdk-i586</param>
        <param name="catalog">sle-10-unsupported-i586</param>
    </service>
    <service id="mirror1"
             description="Mirror 1 in Germany"
             type="yum">
        <param id="url">
            ftp://ftp.suse.com/pub/suse/i386/update/10.1
        </param>
        <param name="catalog">SUSE-Linux-10.1-Update</param>
    </service>
</zmdconfig>

The registration code returned for a particular update service is not the activation code; it is one of two randomly-generated “unique" numbers that ZMD on the system and a Novell-hosted ZLM server exchange with each other. Types other than “zenwork" may not have a registration code. The other is the ZMD GUID that was provided earlier in the process. By using two randomly-generated numbers, a different activation code may be assigned to a system at Novell.com without having to update the system.

The server returned is either a best-guess appropriate server hosted by Novell, where “best" is determined by the timezone information supplied to the registration process, or, when possible, a company-hosted update server. In order to provide a company hosted update server, an interactive registration process must have been used so that the user could provide the necessary Novell user name and password.

The only other option currently defined is to have ZMD update the hardware and software inventory information. If optional (inventory) parameters are sent to the registration service, this will be set. If optional parameters are not sent (i.e., if the --no-optional command-line option is used), then this option will be unset. This option is a global ZMD parameter so it is send outside of a service tag.

The set of catalogs returned are based on the product information provided. For Novell-hosted update servers, Novell-defined catalogs are returned (defined elsewhere). For customer-hosted update servers, customer-defined catalogs are returned. For SUSE Linux (not enterprise) the best of a list of university mirrors are returned.

Need Info

The registration service may require additional information before completing the registration. In such cases, the registration service will return an XML structured document with a list of parameters that must be supplied to complete the registration process.

<?xml version="1.0" encoding="utf-8"?>
<needinfo xmlns="http://www.novell.com/xml/regsvc10" lang="en"
          href="https://secure-www.novell.com/center/regsvc?command=interactive&guid=1badbeef4ab">
    <param id="indentification" class="mandatory"
	     description="Identify System Owner">
        <select>
            <param id="email" description="E-Mail Address"/>
            <param id="elogin" description="Novell Account Login">
                <param id="username" description="Username"/>
                <param id="password" description="Password"/>
            </param>
            <param id="custid" description="Customer Number"/>
        </select>
    </param>
    <param id="sysident" description="System Identification">
        <param id="hostname" description="Hostname" command="uname -n"/>
        <!-- etc. -->
    </param>
    <param id="hw_inventory" description="Hardware Inventory">
        <param id="cpu" description="CPU Details" command="hwinfo --cpu"/>
        <!-- etc. -->
    </param>
    <!-- etc. -->
    <privacy url="http://www.novell.com/company/policies/privacy/"
             description="Submit information to help you manage systems in the Customer Center."
             class="informative"/>
</needinfo>

The above <needinfo> response is also sent by the service if the accept="optional" attribute is specified in the <register> request made by suse_register. This attribute should always be specified on the first <register> request made, and tells the service that respond back with optional parameters is allowed even if all mandatory parameters were already met. Whether the server really returns with a <needinfo> dependents on the business logic of the product.

If the –no-optional parameter is given, accept="mandatory" is included in the first register request.

If the –force-registration parameter is given, force="registration" is included in the first register request. In this case the server knows that the user wants a registration. Customers still would like to be able to register because they might get additional services by Novell other than patches, for example specific NTS services.

To suppress any interactive <needinfo> parameters force="batch" can be added to the <register> request by using --batch commandline parameter. When it is impossible for the server to perform the registration in this case, and error is returned.

The suse_register command will then passively collect information for all parameters where a command property is specified unless the --no-optional option is specified. If --no-optional is specified, then only parameters of class “mandatory" where a command property is specified shall be collected. The command must be one of hwinfo, lsb_release or uname; the command name will be substituted with a command-path determined by suse_register. All other command names will be rejected. lsb_release might not be installed. In this case an empty value is returned back to the server.

There are some additional "virtual" commands which are directly implemented in suse_register. These "virtual" commands are: zmd-secret, zmd-ostarget and installed-desktops .

Interactive parameters may be logically grouped by nesting parameter blocks (<param>...</param>) inside other parameter blocks, as shown in the example above. Where a choice one of a set of possible parameters is required, then the parameter blocks shall be contained within a a selection block (<select>...</select>). Note that a selection block masks inheritance of the mandatory class property.

A selection block (<select>...</select>) is forbidden if a command property is specified below.

If any information was passively collected, the registration request will be resubmitted to the registration service before suse_register continues.

If suse_register reaches a state where it does not have and cannot passively collect a value for a mandatory parameter, and the --interactive option has not been set, then it will terminate with an exit code and a diagnostic message. The diagnostic message will contain the XML “need information" block when the --xml-output option is specified, or printed in human-readable form otherwise. When the --no-optional option is used, optional parameters will be stripped from the diagnostic message.

When suse_register is invoked with the --interactive option, the utility will launch a web browser to collect the needed registration information and exchange it with Novell.com. The script will wait for the browser to exit before continuing, so the HTML exchange between the browser and Novell.com should attempt to close the browser, and advise the user that the browser must be closed in order to continue the registration process.

Because suse_register is a command-line tool, a text browser is started when the --interactive parameter is given. If the --browser option is given, it cannot be sure that calling this browser really blocks the terminal until the browser is closed, and in that case suse_register will exit with a message to restart suse_register if the registration in the browser has completed.

The privacy tag has the same information as in command=listparams.

Standard Assumption for User Identification

In the general case an e-mail address is used as a rendezvous point for subsequent subscription management information functions at Novell.com. It is used in place of Novell “eLogin" account information for usability (e.g., in cases where the user does not yet have a Novell account, can't remember the information, etc.). The activation code, if provided, enables completion of the registration process without the registering user having to subsequently visit Novell.com.

Richer workflows may be implemented using autoyast scripting or interactive registration.

Privacy Policy

Documentation and interactive user interfaces should explain that the required system information (ZMD GUID, hardware architecture tag, operating system type, OEM edition, and timezone) are required to complete the registration process, and Novell reserves the right to use this information for aggregate reporting. However, no personal- or company-identifying information will be shared outside Novell.

Documentation and interactive user interfaces should explain that the optional system information is collected and stored at Novell.com, but is not used by Novell in any way or shared with any party. It is simply collected for the convenience of the user in managing their systems and subscriptions. While users are encouraged to permit transmittal of this information for their own use, they are not required to do so.

[edit]

Provisional Registration and Re-Registration

If an activation code is not supplied when suse_register is run, then Novell.com will automatically allocate an evaluation activation code according to current Novell business policies. The registering user may subsequently assign as permanent activation code using web-based tools at Novell.com, or using the suse_register process.

The suse_register command may be re-run at any time in order to submit an activation code for this system via the command-line, change the setting for inventory transmittal, or change the identifying information. The system information at Novell.com will then be updated accordingly. This provides a mechanism for finding “lost systems" in the registration process.

Server Errors

If an error on the server occurs, it will send an HTTP error with a HTML error message page. Javascript in the error message page is not allowed.

Exit Codes

0 – registration or list command completed

1 – more information needed, not interactive

>= 2 – error

[Aug 29, 2008] Xen: Critical considerations when updating from SLES 10 SP1 to SLES 10 SP2

What are some important Xen considerations when updating SLES 10 SP1 to SLES 10 SP2?

Symptoms

ERROR:
Error: (2, 'Invalid kernel', 'xc_dom_compat_check: guest type xen-3.0-x86_32 not supported by xen kernel, sorry\n')

[Aug 29, 2008] Better version of SPident is SPident-0.9-74.24

The Novell note (document 5027381 ) about this version describes it as SPident 20080409. SP Update via YAST installs .14 by default. This version can detect if after semi-failed install the system is SP2 but is not called SP2

SPident 20080409 (83403d4cbac105fb425b735b6d8dc7d7)

This document (5027381) is provided subject to the disclaimer at the end of this document.

patches this patch supersedes

This patch does not supersede any other patches.

patches that supersede this patch This patch is not superseded by any other patches.

patch attributes

Architecture: x86-64

Revision: 1

Document ID: 5027381

Creation Date: 2008-06-04 15:46:55

abstract

SPident
SuSE Linux Maintenance Web (83403d4cbac105fb425b735b6d8dc7d7)

Applies to

Package: SPident
Product(s):
SUSE Linux Enterprise Desktop 10 SP2 for x86
SUSE Linux Enterprise Desktop 10 SP2 for AMD64 and Intel EM64T
SUSE Linux Enterprise Server 10 SP2 for x86
SUSE Linux Enterprise Server 10 SP2 for IPF
SUSE Linux Enterprise Server 10 SP2 for IBM POWER
SUSE Linux Enterprise Server 10 SP2 for IBM zSeries 64bit
SUSE Linux Enterprise Server 10 SP2 for AMD64 and Intel EM64T
Patch: sledp2o-SPident-5160

Release: 20080409
Obsoletes: none

Details

Indications Everyone should update.

Contraindications None.

Problem description

SPident has data for all architectures of SLES/SLED. Since this data is generated during the final media creation, only the local data can be completely correct. This update is meant to consolidate the data for all architectures.

Solution

Please install the updates provided at the location noted below.

Installation notes

This update is provided as an RPM package that can easily be installed onto a running system by using this command:

rpm -Fhv SPident.rpm

file contents

Files Included	Size	Date
SPident-0.9-74.24.noarch.rpm	200.7 KB (205529)	2008-06-04 15:46:58
readme_5027381.html	N/A	2008-06-04 15:48:26

source packages Download the source code of the patches for maintained products.

[Aug 29, 2008] How to update to SLES/SLED 10 SP2 (Document ID: 7000387 )

Update to SP2 via patches

Attention:The update process has to be done completely from beginning to reboot. There is no automatic way to revert changes. Furthermore, the server has to be connected online during the whole update process. Prerequisites: You have to make sure to have your system registered. If you have not done this already, you can either do so by using the "Novell Customer Center Configuration" module in YaST or use the suse_register commandline tool. This will add an update source to your system.

1) Update by using YaST Online Update

• Start the Online-Update module (YOU) from the YaST control center.
• Press 'Accept' to apply updates with 'package management' flag set. Among others, this will install SLE 10 SP2 maintenance stack updates (Patch 'slesp1-libzypp' / 'sledp1-libzypp'). After installing those, YOU will restart itself.
   
• Press 'Accept' to apply all available updates that are available for SP1. This may also install a new kernel, so you should reboot the system after applying this one.
   
• Start the Online-Update module from the YaST control center again.
• Select the optional "Update to SUSE Linux Enterprise Server/Desktop Service Pack 2" ('move-to-sles10-sp2' / 'move-to-sled10-sp2') patch. Do not select any other patch at the same time - except for for additional migration patches for add-on products. If an add-on product (e.g. the SDK) is installed, the respective migration patch will be selected automatically. The migration of the add-on product should be done at the same time as the base product, otherwise there would be rpm dependency conflicts.
• After the patch is installed, YOU will close.
   
• Start the Online-Update module from the YaST control center again.
• Amongst others patches, 'slesp2o-sp2_online' and 'product-sles10-sp2' (or 'sledp2o-sp2_online' and 'product-sled10-sp2' accordingly) are preselected. Apply these patches to bring the system to SP2 level.
   
• Reboot the system.

2) Update by using zen-updater

• Start zen-updater from the system tray.
• Apply updates with 'package management' flag ('slesp1-libzypp' / 'sledp1-libzypp', amongst others).
• At this point, an 'rczmd restart' and a restart of the zen-updater application might be necessary.
   
• Apply all maintenance updates that are available up to this point. This may also install a new kernel (a subsequent reboot is recommended).
• Select the 'move-to-sles10-sp2' patch (or 'move-to-sled10-sp2'  accordingly). If add-on products are installed, migration patches for these will be selected automatically.
   
• Select "Refresh" from the zen-updater context menu.
   
• After that, amongst other patches 'slesp2o-sp2_online' and 'product-sles10-sp2' (or 'sledp2o-sp2_online' and 'product-sled10-sp2' accordingly) are preselected in zen-updater. Apply these patches to bring the system to SP2 level.
• Reboot the system.
   

3) Update by using rug

• Open a root shell.
• It is recommended to quit zen-updater. Do not only close it's window! If unsure, run 'killall zen-updater'.
   
• Run 'rug in -t patch slesp1-libzypp' (or 'rug in -t patch sledp1-libzypp' accordingly). This will update the maintenance stack.
   
• Run 'sleep 40 && rug ping -a' to wait for the ZMD to wake up after it's restart.
• Run 'rug in -t patch move-to-sles10-sp2' (or 'rug in -t patch move-to-sled10-sp2' accordingly).
• Run 'rug refresh && rug ping -a'.
   
• Run 'rug up -t patch' to update more packages with 'packagemanagement flag' set.
   
• Run 'sleep 240 && rug ping -a' in order to wait for ZMD to become responsive again.
• Run 'rug up -t patch' again.
   
• Reboot the system.
• The following script can be used as a base for a complete unattended update from SP1 to SP2:
  
  #!/bin/bash
  set -x
  rug in -y -t patch slesp1-libzypp          # For SLED use sledp1-libzypp
  sleep 40 && rug ping -a
  rug in -y -t patch move-to-sles10-sp2 # For SLED use move-to-sled10-sp2
  rug refresh && rug ping -a
  rug up -y -t patch
  sleep 240 && rug ping -a
  rug up -y --agree-to-third-party-licences  -t patch <<EOF
  n                                                          # For an automatic reboot after the migration, you may change 'n' to 'y'
  EOF

Resetting your ZEN Updater and Novell Customer Center key registration

This document (3303599) is provided subject to the disclaimer at the end of this document.

Environment

Novell SUSE Linux Enterprise Desktop 10
Novell SUSE Linux Enterprise Server 10
Novell ZENworks Linux Management Linux Management 7 - ZLM7
 

Situation

Registering another key for the SUSE Linux Enterprise 10 server or desktop is resulting in a quick response of "success". However, the key is still not used and is also not listed.

If the evaluation key was used first to register SLED 10 or SLES 10, the new registration key that is aquired on purchase needs to be changed by following the below steps. The old key needs to be cleared to enable the new key to be used.

Resolution

The key must be cleared from the local server or workstation. The process is :

1. Stop the Zen management daemon using "/etc/init.d/novell-zmd stop".
2. Remove the device ID using "rm /etc/zmd/deviceid".
3. Remove the Zen secret using "rm /etc/zmd/secret".
4. Restart the Zen management daemon using "/etc/init.d/novell-zmd start"

With this complete, restart YaST, and then launch the Novell Customer Center. This will register any new keys that were needed.

[Aug 20, 2008] It's probably time to install Suse 10 SP2 on production systems...

It's already thee month old upgrade. Major problems with installer are ironed out and automatic patch install does a reasonable job in upgrading the system. Installation takes than less hour on PE1950/2050 and requires a couple of reboots.

Problem arise when you use privately compiled bind or sendmail. In this case it's better to use default Suse upgrade and face consequences. after that you can restore your pre-compiled packages  and delete those that are not needed.

[Aug 2, 2008] How to install & configure Xen Virtualization in openSUSE 11.0 SUSE & openSUSE

Virtualization cannot be that simpler than in openSUSE 11.0. In openSUSE 11.0, Xen Virtualization ins pre-built and all it takes is a few clicks away from up and running with Virtualization in no time. Xen is a virtual machine monitor for x86 that supports execution of multiple guest operating systems with unprecedented levels of performance and resource isolation. This package contains the Xen Hypervisor.

[May 21, 2008] Novell Delivers SUSE Linux Enterprise 10 Enhancements in Service Pack 2

"...SUSE Linux Enterprise – version 11 – is due to arrive in the first half of 2009 and is slated to deliver major advancements in mission-critical data center technologies, UNIX* migration, virtualization, interoperability, green computing and desktop Linux. More information on SUSE Linux Enterprise can be found at www.novell.com/linux. "

WALTHAM, Mass.— 21 May 2008— Novell today announced the availability to customers worldwide of SUSE® Linux Enterprise 10 Service Pack 2 (SP2), containing enhancements in virtualization, management, hardware enablement and interoperability. SUSE Linux Enterprise Server 10 SP2 is the only Xen-based virtualization solution with full support from Microsoft for Windows* Server 2008 and Windows Server 2003 guests and live migration of those guests across physical machines. Several improvements specific to SUSE Linux Enterprise Desktop 10 and SUSE Linux Enterprise Real Time 10 are also included in SP2. Novell further unveiled the Subscription Management Tool for SUSE Linux Enterprise, designed to help customers better manage their SUSE Linux Enterprise software updates.

“This service pack for SUSE Linux Enterprise 10 has something for almost everyone – customers, partners and developers," said Holger Dyroff, vice president of outbound product management for SUSE Linux Enterprise at Novell. “The benefits of Linux in the enterprise are becoming well known, and Novell's focus is on continuing to simplify the customer's experience, always with an eye to reducing costs. Reliability, security and interoperability don't need to break the bank. That's the ongoing value Novell provides with SUSE Linux Enterprise."

Subscription Management Tool for SUSE Linux Enterprise

The Subscription Management Tool (SMT) for SUSE Linux Enterprise helps customers easily manage their SUSE Linux Enterprise software updates while maintaining corporate firewall policy and regulatory compliance requirements. SMT is a package proxy system that is integrated with the Novell® Customer Center and provides key Novell Customer Center capabilities locally at the customer site. It provides a repository and registration target that is synchronized with the Novell Customer Center, thus maintaining all the capabilities of the Novell Customer Center while allowing a more secure centralized deployment.

SMT allows customers to easily distribute updates for all SUSE Linux Enterprise devices (server, desktop or point-of-service terminal) that are running Service Pack 2 or subsequent releases. By downloading these updates only once and distributing them throughout the enterprise, the customer is able to set more restrictive firewall policies and, where applicable, avoid significant network usage stemming from repeated downloads of the same updates by each device. SMT is fully supported and available as a download to customers with an active SUSE Linux Enterprise product subscription.

SUSE Linux Enterprise Server Enhancements

Delivering Xen* version 3.2, SUSE Linux Enterprise Server 10 SP2 includes several virtualization advances, including support for fully virtualized Windows Server 2008 and Windows Server 2003 and the live migration of those Windows Server guests across physical machines. SUSE Linux Enterprise Server is the only third-party virtualization solution offering full support directly from Microsoft for Windows Server guests. In addition, extensive updates to the YaST management toolset encompass first-boot enhancements and network module support for new devices.

Srinivasa Rao Addepalli, CTO and chief architect of Intoto Inc. and a participant in the SP2 beta program, said, “SUSE Linux Enterprise Server has been the choice of customers for security applications in the virtualized environment. To secure virtual systems, Intoto has been providing UTM and MultiService Business Gateway solutions using Xen running on SUSE Linux Enterprise Server 10, and we have been pleased with the increase in performance and manageability of the SP2 release. With the addition of fully virtualized Windows Server 2008 guest support, the SP2 release facilitates creation of a true virtualization system."

Advances in high availability and storage management such as updates to Heartbeat 2 and OCFS2 are also included in SP2. Network management improvements include support for IPv6. SUSE Linux Enterprise Server 10 SP2 has been designed to meet the U.S. government's requirements for IPv6 and is currently in the certification process. Enhanced hardware enablement includes new network, storage and other drivers along with support for IBM* cryptographic hardware.

SUSE Linux Enterprise Desktop Enhancements

SUSE Linux Enterprise Desktop 10 SP2 provides improved interoperability with Microsoft* Windows and Office via local NTFS file system support, improved integration with Microsoft Active Directory* and an upgrade to OpenOffice.org 2.4 Novell Edition. The OpenOffice.org productivity suite features key enhancements to VBA macro support within Calc and embedded audio and video within Impress, as well as a technical preview of the Office Open XML (OOXML) translator. Other enhancements include plug-and-play support for wireless broadband (UMTS, 3G), improvements to Network Manager, and support for new hardware technologies from Novell partners.

Nick Piccone, network engineer for University Community Hospital and an SP2 beta tester, said, “The improved interoperability with Microsoft Windows and Office combined with the networking and hardware enablement enhancements that come with this release have demonstrated the level of productivity and reliability we have come to expect from SUSE Linux Enterprise Desktop."

Updates to SUSE Linux Enterprise Real Time

SUSE Linux Enterprise Real Time is specifically engineered to reduce the latency and increase the predictability of time-sensitive mission critical applications. Service Pack 2 further improves the performance and predictability of time-sensitive applications running on SUSE Linux Enterprise Real Time through support for adaptive locking, OpenFabrics Enterprise Distribution (OFED) 1.3 and the Precise Timing Protocol. OFED 1.3 enables the implementation of unified high-speed interconnects based on InfiniBand and 10-Gigabit Ethernet. With SP2, Novell becomes the first Linux* distributor to support OFED 1.3.

SUSE Linux Enterprise Software Development Kit (SDK)

The SUSE Linux Enterprise SDK also provides new capabilities in SP2, giving developers and technical enthusiasts even more ways to create powerful new software on and with SUSE Linux Enterprise. It includes updates to several tools that enable the creation of installation media and appliances: KIWI, YaST2 Product Creator, YaST2 Add-on Creator and YaST2 Image Creator.

[May 6, 2008] Linux Headquarters - Kernel v2.6.9 -Documentation-filesystems-ext3.txt

See also -src-linux-xscale-linux-2.6.24-Documentation-filesystems-ext3.txt - DD-WRT - Trac

Kernel v2.6.9 /Documentation/filesystems/ext3.txt

+noload         Don't load the journal on mounting.
+
+data=journal      All data are committed into the journal prior
+         to being written into the main file system.
+
+data=ordered   (*)   All data are forced directly out to the main file
+         system prior to its metadata being committed to
+         the journal.
+
+data=writeback      Data ordering is not preserved, data may be
+         written into the main file system after its
+         metadata has been committed to the journal.
+
+commit=nrsec   (*)   Ext3 can be told to sync all its data and metadata
+         every 'nrsec' seconds. The default value is 5 seconds.
+         This means that if you lose your power, you will lose,
+         as much, the latest 5 seconds of work (your filesystem
+         will not be damaged though, thanks to journaling). This
+         default value (or any low value) will hurt performance,
+         but it's good for data-safety. Setting it to 0 will
+         have the same effect than leaving the default 5 sec.
+         Setting it to very large values will improve
+         performance.
+
+barrier=1      This enables/disables barriers. barrier=0 disables it,
+         barrier=1 enables it.
+
+orlov      (*)   This enables the new Orlov block allocator. It's enabled
+         by default.
+
+oldalloc      This disables the Orlov block allocator and enables the
+         old block allocator. Orlov should have better performance,
+         we'd like to get some feedback if it's the contrary for
+         you.
+
+user_xattr   (*)   Enables POSIX Extended Attributes. It's enabled by
+         default, however you need to confifure its support
+         (CONFIG_EXT3_FS_XATTR). This is neccesary if you want
+         to use POSIX Acces Control Lists support. You can visit
+         http://acl.bestbits.at to know more about POSIX Extended
+         attributes.
+
+nouser_xattr      Disables POSIX Extended Attributes.
+
+acl      (*)   Enables POSIX Access Control Lists support. This is
+         enabled by default, however you need to configure
+         its support (CONFIG_EXT3_FS_POSIX_ACL). If you want
+         to know more about ACLs visit http://acl.bestbits.at
+
+noacl         This option disables POSIX Access Control List support.
+
+reservation
+
+noreservation
+
+resize=
+
 bsddf       (*)   Make 'df' act like BSD.
 minixdf         Make 'df' act like Minix.
 
@@ -30,8 +87,6 @@
 
 debug         Extra debugging information is sent to syslog.
 
-noload         Don't load the journal on mounting.
-
 errors=remount-ro(*)   Remount the filesystem read-only on an error.
 errors=continue      Keep going on a filesystem error.
 errors=panic      Panic and halt the machine if an error occurs.
@@ -48,17 +103,6 @@
 
 sb=n         Use alternate superblock at this location.
 
-data=journal      All data are committed into the journal prior 
-         to being written into the main file system.
-      
-data=ordered   (*)   All data are forced directly out to the main file 
-         system prior to its metadata being committed to 
-         the journal.
-      
-data=writeback     Data ordering is not preserved, data may be 
-         written into the main file system after its
-         metadata has been committed to the journal.
-
 quota         Quota options are currently silently ignored.
 noquota         (see fs/ext3/super.c, line 594)
 grpquota

[May 6, 2008] JBD error message barrier-based sync failed

"Barriers do provide a greater degree of performance for journaling file systems and help ensure data is correctly written out to the disk so this patch can degrade filesystem performance. " So disabling them due to the bug described in Novell support note 3605538 Ext3 filesystem goes read-only without the underlying storage reporting errors can degrade performance

This document (3907838) is provided subject to the disclaimer at the end of this document.

environment

Novell SUSE Linux Enterprise Server 10
Novell SUSE Linux Enterprise Server 9
Novell Open Enterprise Server (Linux based)
Novell SUSE Linux Enterprise Desktop 10

situation

ERROR: JBD: barrier-based sync failed on sda1 - disabling barriers"
or, in general: JBD: barrier-based sync failed on storage_device - disabling barriers

resolution

This message is primarily an informational message; it does not indicate a problem.

Suppress this message globally

Please note: This method is only available for SUSE Linux Enterprise Server / Desktop (SLES/SLED) up to version 9 and for Open Enterprise Server (OES) version 1. From SLES/SLED 10 and OES2 on it is not possible to suppress the message globally. Instead use the solution in the section "Suppress this message for one filesystem".

To suppress this message globally, pass the parameter

barrier=off

to the kernel when booting (e.g., when using the GRUB boot loader, through /boot/grub/menu.lst). This will cause the kernel not to attempt to use the transaction barrier mechanism.

Suppress this message for one filesystem

To suppress this message for one particular ext3 filesystem, use the mount option barrier=0 when mounting the filesystem.

Additional notes

Background

By default, the Linux kernel will try to use transaction barriers. Transaction barriers are an additional mechanism to help maintain data integrity.  In general, modern storage subsystems may cache writes and may occasionally reorder pending writes in order to increase write performance. While this is fine in general, it is not desirable when handling journal data for journaled filesystems. With journal data, metadata updates, that is updates to the journal, should be written out to the storage prior to the regular data they are associated with, to make true crash recovery possible.

The informational message indicates that  the storage driver and/or the storage device do not support transaction barriers. Under normal operation, this does not compromise data integrity. However, barriers do provide a greater degree of performance for journaling file systems and help ensure data is correctly written out to the disk.

"JBD" in this message refers to the Journaling Block Device, an abstraction that was developed to provide the journaling capabilities of the ext3 filesystem on top of the infrastructure of the ext2 filesystem on which ext3 is based. JBD is now used by the OCFS2 filesystem as well.

document

Document ID:	3907838
Creation Date:	2008-02-01 05:33:00.0
Modified Date:	2008-02-01 05:32:20.0
Novell Product:	Open Enterprise Server
Novell Product:	SUSE Linux Enterprise Desktop
Novell Product:	SUSE Linux Enterprise Server
Novell Product:	SUSE Linux

[May 1, 2008] Ext3 filesystem goes read-only without the underlying storage reporting errors     Novell support note 3605538

This was the first serious problem with Suse 10 that we faced since Feb 2007. It proved to be quite critical for us. Now it is described in Novell support note 3605538 Ext3 filesystem goes read-only without the underlying storage reporting errors  The frequency of experiencing of this bug on production servers diminished after installation of SP1 but it did not went away. As of  Feb 2008 it still exists as we were never informed about workaround proposed (may be the workaround was created only in Feb 2008; we discovered the document only in May 2008)

Status(Last updated: 2008-02-25)

This issue is not yet fixed in a maintenance update of the kernel. Root cause analysis has been performed and it is expected that a fix for this issue will be included in the next maintenance update of the kernel.

Workaround

Explicitly disable barrier support for the affected filesystems, e.g. by specifying
 

barrier=0
 

in /etc/fstab's mount options field for the affected filesystems.

[Apr 17, 2008] Just enough operating system - Wikipedia, the free encyclopedia

JeOS is the abbreviation (pronounced "juice") for the concept of Just Enough Operating System as it applies to a software appliance.

JeOS is not a generic, one-size-fits-all operating system. Rather, it refers to a customized operating system that precisely fits the needs of a particular application. The application's OS requirements can be determined manually, or with an analytical tool, such as rPath's rBuilder.

Therefore, JeOS includes only the pieces of an operating system (often Linux) required to support a particular application and any other third-party components contained in the appliance. This makes the appliance more efficient, smaller, more secure and higher performing than an application running under a full general purpose OS.

[Apr 17, 2008] Novell announces Suse appliance program for ISVs - LinuxWorld

See press-release Novell Announces SUSE Appliance Program and LimeJeos - openSUSE

The program will enable ISVs to create appliances combining their applications with Suse Linux Enterprise in an integrated package.

Novell also announced the beta release of Suse Linux Enterprise JeOS, a minimized version of the Suse Linux Enterprise platform that ISVs can use for creating appliances

... ... ...

Novell also announced Wednesday that it will officially participate in the LimeJeOS project, which is an existing community-led project building a minimized version of the openSuse Linux distribution. Novell will release several new components of the Suse Appliance Program, including an automated tool to build appliances, it added.

Tech Watch InfoWorld Staff InfoWorld Renault in Linux deal with Microsoft, Novell January 30, 2008 0516 PM By Paul Krill

Microsoft will deliver more than 1,000 support subscription certificates for Suse Linux Enterprise Server to French automaker Renault, under an agreement announced by Microsoft and Novell on Wednesday.

Renault will receive priority support subscriptions to Novell's Suse Linux distribution. Renault plans to consolidate existing Linux distributions to Suse Linux Enterprise Server with the intent of improving interoperability and taking better advantage of virtualization, Microsoft and Novell said.

Through a 2006 agreement between Novell and Microsoft, Microsoft has purchased support certificates to Suse Linux, with Novell to provide the support.

[Jan 24, 2008] freshmeat.net Project details for cgipaf

The package also contain Solaris binary of chpasswd clone, which is extremely useful for mass changes of passwords in corporate environments which include Solaris and other Unixes that does not have chpasswd utility (HP-UX is another example in this category).   Version 1.3.2 now includes Solaris binary of chpasswd which works on Solaris 9 and 10.

cgipaf is a combination of three CGI programs.

• passwd.cgi, which allow users to update their password,
• viewmailcfg.cgi, which allows users to view their current mail configuration,
• mailcfg.cgi, which updates the mail configuration.

All programs use PAM for user authentication. It is possible to run a script to update SAMBA passwords or NIS configuration when a password is changed. mailcfg.cgi creates a .procmailrc in the user's home directory. A user with too many invalid logins can be locked. The minimum and maximum UID can be set in the configuration file, so you can specify a range of UIDs that are allowed to use cgipaf.

[Jan 10, 2008] Find the speed of your Ethernet card in Linux

October 27, 2005  | All about Linux

For logging on to the net or for attaching as a node on a LAN, your computer needs a network card. The network card forms the interface between your computer and the network. There are different kinds of network cards available in the market depending on its speed and other features. Here is a tip to find out the characteristics of your network card.

If you want to find what type of network card is used, its speed, on which IRQ it is listed, and the chip type used, you use the following command :

# dmesg |grep eth0

Here eth0 is the first network card. If you have additional cards, it will be named eth1, eth2 and so on. And here is the output of the above command :

divert: allocating divert_blk for eth0
eth0: RealTek RTL8139 at 0xd800, 00:80:48:34:c2:84, IRQ 9
eth0:  Identified 8139 chip type 'RTL-8100B/8139D'
divert: freeing divert_blk for eth0
divert: allocating divert_blk for eth0
eth0: RealTek RTL8139 at 0xd800, 00:90:44:34:a5:33, IRQ 9
eth0:  Identified 8139 chip type 'RTL-8100B/8139D'
eth0: link up, 100Mbps, full-duplex, lpa 0x41E1
eth0: no IPv6 routers present
...

The important things to note here are those highlighted in colour. As you can see from the above listing, my ethernet card is a RealTek RTL8139 chipset based card on IRQ 9 (Interrupt Request). Its speed is 100 Mbps and is a full-duplex card. And the link is up.
... ... ... Another tool which also does the same thing is ethtool. Try the following command on your machine to see the output.

# ethtool eth0

Settings for eth0:
  Supported ports: [ TP MII ]
  Supported link modes:   10baseT/Half 10baseT/Full
                          100baseT/Half 100baseT/Full
  Supports auto-negotiation: Yes
  Advertised link modes:  10baseT/Half 10baseT/Full
                          100baseT/Half 100baseT/Full
  Advertised auto-negotiation: Yes
  Speed: 100Mb/s
  Duplex: Full
  Port: MII
  PHYAD: 32
  Transceiver: internal
  Auto-negotiation: on
  Supports Wake-on: pumbg
  Wake-on: p
  Current message level: 0x00000007 (7)
  Link detected: yes

Here full duplex, half duplex and auto-negotiation have the following meanings.
  Full Duplex - Logic that enables concurrent sending and receiving. This is usually desirable and enabled when your computer is connected to a switch.
  Half Duplex - This logic requires a card to only send or receive at a single point of time. When your machine is connected to a Hub, it auto-negotiates itself and uses half duplex to avoid collisions.
  Auto-negotiation - This is the process of deciding whether to work in full duplex mode or half duplex mode. An ethernet card supporting autonegotiation will decide for itself which mode is the optimal one depending on the network it is attached to.

Etc

Society

Groupthink : Two Party System as Polyarchy : Corruption of Regulators : Bureaucracies : Understanding Micromanagers and Control Freaks : Toxic Managers :   Harvard Mafia : Diplomatic Communication : Surviving a Bad Performance Review : Insufficient Retirement Funds as Immanent Problem of Neoliberal Regime : PseudoScience : Who Rules America : Neoliberalism  : The Iron Law of Oligarchy : Libertarian Philosophy

Quotes

War and Peace : Skeptical Finance : John Kenneth Galbraith :Talleyrand : Oscar Wilde : Otto Von Bismarck : Keynes : George Carlin : Skeptics : Propaganda  : SE quotes : Language Design and Programming Quotes : Random IT-related quotes :  Somerset Maugham : Marcus Aurelius : Kurt Vonnegut : Eric Hoffer : Winston Churchill : Napoleon Bonaparte : Ambrose Bierce :  Bernard Shaw : Mark Twain Quotes

Bulletin:

Vol 25, No.12 (December, 2013) Rational Fools vs. Efficient Crooks The efficient markets hypothesis : Political Skeptic Bulletin, 2013 : Unemployment Bulletin, 2010 :  Vol 23, No.10 (October, 2011) An observation about corporate security departments : Slightly Skeptical Euromaydan Chronicles, June 2014 : Greenspan legacy bulletin, 2008 : Vol 25, No.10 (October, 2013) Cryptolocker Trojan (Win32/Crilock.A) : Vol 25, No.08 (August, 2013) Cloud providers as intelligence collection hubs : Financial Humor Bulletin, 2010 : Inequality Bulletin, 2009 : Financial Humor Bulletin, 2008 : Copyleft Problems Bulletin, 2004 : Financial Humor Bulletin, 2011 : Energy Bulletin, 2010 : Malware Protection Bulletin, 2010 : Vol 26, No.1 (January, 2013) Object-Oriented Cult : Political Skeptic Bulletin, 2011 : Vol 23, No.11 (November, 2011) Softpanorama classification of sysadmin horror stories : Vol 25, No.05 (May, 2013) Corporate bullshit as a communication method  : Vol 25, No.06 (June, 2013) A Note on the Relationship of Brooks Law and Conway Law

History:

Fifty glorious years (1950-2000): the triumph of the US computer engineering : Donald Knuth : TAoCP and its Influence of Computer Science : Richard Stallman : Linus Torvalds  : Larry Wall  : John K. Ousterhout : CTSS : Multix OS Unix History : Unix shell history : VI editor : History of pipes concept : Solaris : MS DOS :  Programming Languages History : PL/1 : Simula 67 : C : History of GCC development :  Scripting Languages : Perl history   : OS History : Mail : DNS : SSH : CPU Instruction Sets : SPARC systems 1987-2006 : Norton Commander : Norton Utilities : Norton Ghost : Frontpage history : Malware Defense History : GNU Screen : OSS early history

Classic books:

The Peter Principle : Parkinson Law : 1984 : The Mythical Man-Month :  How to Solve It by George Polya : The Art of Computer Programming : The Elements of Programming Style : The Unix Hater’s Handbook : The Jargon file : The True Believer : Programming Pearls : The Good Soldier Svejk : The Power Elite

Most popular humor pages:

Manifest of the Softpanorama IT Slacker Society : Ten Commandments of the IT Slackers Society : Computer Humor Collection : BSD Logo Story : The Cuckoo's Egg : IT Slang : C++ Humor : ARE YOU A BBS ADDICT? : The Perl Purity Test : Object oriented programmers of all nations : Financial Humor : Financial Humor Bulletin, 2008 : Financial Humor Bulletin, 2010 : The Most Comprehensive Collection of Editor-related Humor : Programming Language Humor : Goldman Sachs related humor : Greenspan humor : C Humor : Scripting Humor : Real Programmers Humor : Web Humor : GPL-related Humor : OFM Humor : Politically Incorrect Humor : IDS Humor : "Linux Sucks" Humor : Russian Musical Humor : Best Russian Programmer Humor : Microsoft plans to buy Catholic Church : Richard Stallman Related Humor : Admin Humor : Perl-related Humor : Linus Torvalds Related humor : PseudoScience Related Humor : Networking Humor : Shell Humor : Financial Humor Bulletin, 2011 : Financial Humor Bulletin, 2012 : Financial Humor Bulletin, 2013 : Java Humor : Software Engineering Humor : Sun Solaris Related Humor : Education Humor : IBM Humor : Assembler-related Humor : VIM Humor : Computer Viruses Humor : Bright tomorrow is rescheduled to a day after tomorrow : Classic Computer Humor

The Last but not Least Technology is dominated by two types of people: those who understand what they do not manage and those who manage what they do not understand ~Archibald Putt. Ph.D

The statements, views and opinions presented on this web page are those of the author (or referenced source) and are not endorsed by, nor do they necessarily reflect, the opinions of the Softpanorama society. We do not warrant the correctness of the information provided or its fitness for any purpose. The site uses AdSense so you need to be aware of Google privacy policy. You you do not want to be tracked by Google please disable Javascript for this site. This site is perfectly usable without Javascript.

Last modified: March 12, 2019