3.2. Software Changes from Version to Version

The individual aspects changed from version to version are outlined in the following in detail. This summary indicates, for example, whether basic settings have been completely reconfigured, whether configuration files have been moved to other places, or whether common applications have been significantly changed. Significant modifications that affect the daily use of the system at either the user level or the administrator level are mentioned here.

Problems and special issues of the respective versions are published online as they are identified. See the links listed below. Important updates of individual packages can be accessed at http://www.novell.com/products/linuxprofessional/downloads/ using the YaST Online Update (YOU)—see Section 2.3.4, “Updating Software Online” (↑Start-Up).

3.2.1. From 9.0 to 9.1

Refer to the article “Known Problems and Special Features in SUSE Linux 9.1” in the SUSE Support Database at http://portal.suse.com under the keyword special features. These articles are published for every SUSE Linux version. Upgrading to Kernel 2.6

SUSE Linux is now based entirely on kernel 2.6. The predecessor version 2.4 cannot be used any longer, because the enclosed applications do not work with kernel 2.4. Note the following details:

  • The loading of modules is configured by means of the file /etc/modprobe.conf. The file /etc/modules.conf is obsolete. YaST tries to convert the file (also see script /sbin/generate-modprobe.conf).

  • Modules have the suffix .ko.

  • The module ide-scsi is no longer needed for burning CDs.

  • The prefix snd_ has been removed from the ALSA sound module options.

  • sysfs now complements the /proc file system.

  • Power management (especially ACPI) has been improved and can be configured by means of a YaST module. Mounting VFAT Partitions

When mounting VFAT partitions, the parameter code must be changed to codepage. If you have difficulties mounting a VFAT partition, check if the file /etc/fstab contains the old parameter name. Standby and Suspend with ACPI

The kernel 2.6 supports standby and suspend with ACPI. This function is still in an experimental stage and may not be supported by some hardware components. To use this function, you need the powersave package. Information about this package is available in /usr/share/doc/packages/powersave. A graphical front-end is available in the kpowersave package. Input Devices

Regarding the changes in connection with the input devices, refer to the already-mentioned portal article “Known Problems and Special Features in SUSE LINUX 9.1” in the Support Database at http://portal.suse.com under the keyword special features. Native POSIX Thread Library and glibc 2.3.x

Applications linked against NGPT (Next Generation POSIX Threading) do not work with glibc 2.3.x. All affected applications that are not shipped with SUSE Linux must be compiled with linuxthreads or with NPTL (Native POSIX Thread Library). NPTL is preferred, because this is the standard for the future.

If NPTL causes difficulties, the older linuxthreads implementation can be used by setting the following environment variable (replace kernel-version with the version number of the respective kernel):


The following version numbers are possible:

2.2.5 (i386, i586):

linuxthreads without floating stacks

2.4.1 (AMD64, IPF, s390x, i586, i686):, 2.4.1 (AMD64, i586, i686):

linuxthread with floating stacks

Notes regarding the kernel and linuxthreads with floating stacks: Applications using errno, h_errno, and _res must include the header files (errno.h, netdb.h, and resolv.h) with #include. For C++ programs with multithread support that use thread cancellation, the environment variable LD_ASSUME_KERNEL=2.4.1 must be used to prompt the use of the linuxthreads library. Adaptations for Native POSIX Thread Library

NPTL is included in SUSE Linux 9.1 as the thread package. NPTL is binary-compatible with the older linuxthreads library. However, areas in which linuxthreads violates the POSIX standard require NPTL adaptions. This includes the following: signal handling, getpid returning the same value in all threads, and thread handlers registered with pthread_atfork not working if vfork is used. Network Interface Configuration

The configuration of the network interface has changed. Formerly, the hardware was initialized following the configuration of a nonexistent interface. Now, the system searches for new hardware and initializes it immediately, enabling the configuration of the new network interface.

New names have been introduced for the configuration files. Because the name of a network interface is generated dynamically and the use of hotplug devices is increasing steadily, a name like eth0 or eth1 is no longer suitable for configuration purposes. For this reason, unique designations, like the MAC address or the PCI slot, are used for naming interface configurations. You can use interface names as soon as they appear. Commands like ifup eth0 or ifdown eth0 are still possible.

The device configurations are located in /etc/sysconfig/hardware. The interfaces provided by these devices are usually located in /etc/sysconfig/network (with different names). See the detailed description in /usr/share/doc/packages/sysconfig/README. Sound Configuration

Following an update, the sound cards must be reconfigured. This can be done with the YaST sound module. As root, enter /sbin/yast2 sound. Top-Level Domain .local as “link-local” Domain

The resolver library treats the top-level domain .local as “link-local” domain and sends multicast DNS queries to the multicast address, port 5353, instead of normal DNS queries. This is an incompatible change. If the domain .local is already used in the name server configuration, use a different domain name. For more information about multicast DNS, see http://www.multicastdns.org. Systemwide UTF-8 Encoding

The default encoding for the system is UTF-8. Thus, when performing a standard installation, a locale is set with UTF-8 encoding, such as en_US.UTF-8. For more information, see http://www.suse.de/~mfabian/suse-cjk/locales.html. Converting Filenames to UTF-8

Files in previously created file systems do not use UTF-8 encoding for the filenames (unless specified otherwise). If these filenames contain non-ASCII characters, they will be garbled. To correct this, use the convmv script, which converts the encoding of filenames to UTF-8. Shell Tools Compatible with POSIX Standard of 2001

In the default setting, shell tools from the coreutils package (tail, chown, head, sort, etc.) no longer comply with the POSIX standard of 1992 but with the POSIX standard of 2001 (Single UNIX Specification, version 3 == IEEE Std 1003.1-2001 == ISO/IEC 9945:2002). The old behavior can be forced with an environment variable:


The new value is 200112 and is used as the default for _POSIX2_VERSION. The SUS standard can be reviewed (free of charge, but registration is required) at http://www.unix.org.


Third-party software may not yet comply with the new standard. In this case, set the environment variable as described above. /etc/gshadow Obsolete

/etc/gshadow has been abandoned and removed, because this file is superfluous for the following reasons:

  • It is not supported by glibc.

  • There is no official interface for this file. Even the shadow suite does not contain such an interface.

  • Most tools that check the group password do not support the file and ignore it for the said reasons. OpenLDAP

Because the database format has changed, the databases must be regenerated. During the update, the system attempts to perform this conversion automatically. However, there will certainly be cases in which the conversion fails.

The schema check has undergone substantial improvement. Therefore, a number of standard-noncompliant operations that were possible with the former LDAP server are no longer possible.

The syntax of the configuration file has partly changed with a view to ACLs. Following the installation, information regarding the update is available in the file /usr/share/doc/packages/openldap2/README.update. Apache 1.3 Replaced with Apache 2

The Apache Web server (version 1.3) has been replaced with Apache 2. Detailed documentation for version 2.0 is available at the Web page http://httpd.apache.org/docs-2.0/en/. On a system with an HTTP server installation, an update removes the Apache package and installs Apache 2. Subsequently, the system must be adapted with YaST or manually. The configuration files in /etc/httpd are now located in /etc/apache2.

Either threads or processes can be selected for handling multiple concurrent queries. The process management has been moved to an independent module, the multiprocessing module (MPM). Accordingly, Apache 2 needs the apache2-prefork package (recommended for stability) or the apache2-worker package. Depending on the MPM, Apache 2 reacts differently to queries. This affects the performance as well as the use of modules. These characteristics are discussed in detail in Section 26.4.4, “Multiprocessing Modules”.

Apache 2 now supports the next-generation Internet protocol IPv6.

A mechanism has been implemented that enables module programmers to specify the desired loading sequence of the modules, relieving users of this task. The sequence in which modules are executed is often important. In earlier versions, it was determined by means of the loading sequence. For instance, a module that only gives authenticated users access to certain resources must be loaded first to prevent users without access permissions from seeing the pages.

Queries to and responses from Apache can be processed with filters. From Samba 2.x to Samba 3.x

Following the update from Samba 2.x to Samba 3.x, winbind authentication is no longer available. The other authentication methods can still be used. For this reason, the following programs have been removed:


See also http://www.squid-cache.org/Doc/FAQ/FAQ-23.html#ss23.5. OpenSSH Update (Version 3.8p1)

gssapi support has been replaced with gssapi-with-mic to prevent potential MITM attacks. These two versions are not compatible. This means that you cannot authenticate with Kerberos tickets from older distributions, because other authentication methods are used. SSH and Terminal Applications

When establishing a connection from a remote host (especially via SSH, telnet, and RSH) between version 9 (standard configuration with activated UTF-8) and older systems (SUSE Linux 9.0 and earlier versions in which UTF-8 is not activated by default or not supported), terminal applications may display faulty characters.

This is because OpenSSH does not forward local settings. Therefore, the default system settings that may not match the remote terminal settings are used. This affects YaST in text mode and applications executed from a remote host as a normal user (not root). The applications started by root are only affected if the user changes the standard locales for root (only LC_CTYPE is set by default). libiodbc Discarded

Users of FreeRADIUS must now link against unixODBC, because libiodbc has been discarded. XML Resources in /usr/share/xml

XML resources (DTDs, stylesheets, etc.) are installed in /usr/share/xml. Therefore, some directories are no longer available in /usr/share/sgml. If you encounter problems, modify your scripts and makefiles or use the official catalogs (especially /etc/xml/catalog or /etc/sgml/catalog). Removable Media with subfs

Removable media are now integrated with subfs. Media no longer need to be mounted manually with mount. To mount the medium, simply change to the respective device directory in /media. Media cannot be ejected as long as they are accessed by a program.

3.2.2. From 9.1 to 9.2

Refer to the article “Known Problems and Special Features in SUSE LINUX 9.2” in the SUSE Support Database at http://portal.suse.com under the keyword special features. Activation of the Firewall in the Proposal Dialog During the Installation

To increase the security, the enclosed firewall solution SuSEFirewall2 is activated at the end of the installation in the proposal dialog. This means that all ports are closed initially and can be opened in the proposal dialog if necessary. By default, you cannot log in from remote systems. It also interferes with network browsing and multicast applications, such as SLP, Samba ("Network Neighborhood"), and some games. You can fine-tune the firewall settings using YaST.

If network access is required during the installation or configuration of a service, the respective YaST module opens the needed TCP and UDP ports of all internal and external interfaces. If this is not desired, the user can close the ports in the YaST module or specify other detailed firewall settings. KDE and IPv6 Support

By default, IPv6 support is not enabled for KDE. You can enable it using the /etc/sysconfig editor of YaST. The reason for disabling this feature is that IPv6 addresses are not properly supported by all Internet service providers and, as a consequence, this would lead to error messages while browsing the Web and delays while displaying Web pages. YaST Online Update and Delta Packages

The YaST Online Update now supports a special kind of RPM package that only stores the binary difference from a given base package. This technique significantly reduces the package size and download time at the expense of higher CPU load for reassembling the final package. In /etc/sysconfig/onlineupdate, configure whether YOU should use these delta packages. See /usr/share/doc/packages/deltarpm/README for technical details. Print System Configuration

At the end of the installation (proposal dialog), the ports needed for the print system must be open in the firewall configuration. Port 631/TCP and port 631/UDP are needed for CUPS and should not be closed for normal operation. Port 515/TCP (for the old LPD protocol) and the ports used by Samba must also be open for printing via LPD or SMB. Change to X.Org

The change from XFree86 to X.Org is facilitated by compatibility links that enable access to important files and commands with the old names.

Table 3.1. Commands









Table 3.2. Log Files in /var/log







In the course of the change to X.Org, the packages were renamed from XFree86* to xorg-x11*. Terminal Emulators for X11

We have removed a number of terminal emulators because they are either no longer maintained or do not work in the default environment, especially by not supporting UTF-8. SUSE Linux offers standard terminals, such as xterm, the KDE and GNOME terminals, and mlterm (Multilingual Terminal Emulator for X), which might be a replacement for aterm and eterm. Changes in the powersave Package

The configuration files in /etc/sysconfig/powersave have changed:

Table 3.3. Split Configuration Files in /etc/sysconfig/powersave


Now split into








/etc/powersave.conf has become obsolete. Existing variables have been moved to the files listed in Table 3.3, “Split Configuration Files in /etc/sysconfig/powersave”. If you changed the “event” variables in /etc/powersave.conf, these must now be adapted in /etc/sysconfig/powersave/events.

The names of sleep states have changed from:

  • suspend (ACPI S4, APM suspend)

  • standby (ACPI S3, APM standby)


  • suspend to disk (ACPI S4, APM suspend)

  • suspend to ram (ACPI S3, APM suspend)

  • standby (ACPI S1, APM standby) OpenOffice.org (OOo)


OOo is now installed in /usr/lib/ooo-1.1 instead of /opt/OpenOffice.org. The default directory for user settings is now ~/.ooo-1.1 instead of ~/OpenOffice.org1.1.


There are some new wrappers for starting the OOo components. The new names are shown Table 3.4, “Wrapper”.

Table 3.4. Wrapper
























The wrapper now supports the option --icons-set for switching between KDE and GNOME icons. The following options are no longer supported: --default-configuration, --gui, --java-path, --skip-check, --lang (the language is now determined by means of locales), --messages-in-window, and --quiet.

KDE and GNOME Support:

KDE and GNOME extensions are available in the OpenOffice_org-kde and OpenOffice_org-gnome packages. Sound Mixer kmix

The sound mixer kmix is preset as the default. For high-end hardware, there are other mixers, like QAMix. KAMix, envy24control (only ICE1712), or hdspmixer (only RME Hammerfall). DVD Burning

In the past, a patch was applied to the cdrecord binary from the cdrecord package to support burning DVDs. Instead, a new binary cdrecord-dvd is installed that has this patch.

The growisofs program from the dvd+rw-tools package can now burn all DVD media (DVD+R, DVD-R, DVD+RW, DVD-RW, DVD+RL). Try using that one instead of the patched cdrecord-dvd. Multiple Kernels

It is possible to install multiple kernels side by side. This feature is meant to allow administrators to upgrade from one kernel to another by installing the new kernel, verifying that the new kernel works as expected, then uninstalling the old kernel. While YaST does not yet support this feature, kernels can easily be installed and uninstalled from the shell using rpm -i package.rpm.

The default boot loader menus contain one kernel entry. Before installing multiple kernels, it is useful to add an entry for the extra kernels, so that they can easily be selected. The kernel that was active before installing a new kernel can be accessed as vmlinuz.previous and initrd.previous. By creating a boot loader entry similar to the default entry and having this entry refer to vmlinuz.previous and initrd.previous instead of vmlinuz and initrd, the previously active kernel can be accessed. Alternatively, GRUB and LILO support wild card boot loader entries. Refer to the GRUB info pages (info grub) and to the lilo.conf (5) manual page for details.

3.2.3. From 9.2 to 9.3

Refer to the article “Known Problems and Special Features in SUSE Linux 9.3” in the SUSE Support Database at http://portal.suse.com under the keyword special features. Starting Manual Installation at the Kernel Prompt

The Manual Installation mode is gone from the boot loader screen. You can still get linuxrc into manual mode using manual=1 at the boot prompt. Normally this is not necessary because you can set installation options at the kernel prompt directly, such as textmode=1 or a URL as the installation source. Kerberos for Network Authentication

Kerberos is the default for network authentication instead of heimdal. Converting an existing heimdal configuration automatically is not possible. During a system update, backup copies of configuration files are created as shown in Table 3.5, “Backup Files”.

Table 3.5. Backup Files

Old File

Backup File





The client configuration (/etc/krb5.conf) is very similar to the one of heimdal. If nothing special was configured, it is enough to replace the parameter kpasswd_server with admin_server.

It is not possible to copy the server-related (kdc and kadmind) data. After the system update, the old heimdal database is still available under /var/heimdal. MIT kerberos maintains the database under /var/lib/kerberos/krb5kdc. JFS: Not Supported Anymore

Due to technical problems with JFS, it is no longer supported. The kernel file system driver is still there, but YaST does not offer partitioning with JFS. AIDE as a Tripwire Replacement

As an intrusion detection system, use AIDE (package name aide), which is released under the GPL. Tripwire is no longer available on SUSE Linux. X.Org Configuration File

The configuration tool SaX2 writes the X.Org configuration settings into /etc/X11/xorg.conf. During an installation from scratch, no compatibility link from XF86Config to xorg.conf is created. XView and OpenLook Support Dropped

The packages xview, xview-devel, xview-devel-examples, olvwm, and xtoolpl were dropped. In the past, we just provided the XView (OpenLook) base system. The XView libraries are no longer provided after the system update. Even more important, OLVWM (OpenLook Virtual Window Manager) is no longer available. PAM Configuration

New Configuration Files (containing comments for more information)


Default PAM configuration for auth section


Default PAM configuration for account section


Default PAM configuration for password changing


Default PAM configuration for session management

You should include these default configuration files from within your application-specific configuration file, because it is easier to modify and maintain one file instead of the approximately forty files that used to exist on the system. If you install an application later, it inherits the already applied changes and the administrator is not required to remember to adjust the configuration.

The changes are simple. If you have the following configuration file (which should be the default for most applications):

auth     required       pam_unix2.so
account  required       pam_unix2.so
password required       pam_pwcheck.so
password required       pam_unix2.so    use_first_pass use_authtok
#password required      pam_make.so     /var/yp
session required        pam_unix2.so

you can change it to:

auth     include        common-auth
account  include        common-account
password include        common-password
session  include        common-session Stricter tar Syntax

The tar usage syntax is stricter now. The tar options must come before the file or directory specifications. Appending options, like --atime-preserve or --numeric-owner, after the file or directory specification makes tar fail. Check your backup scripts. Commands such as the following no longer work:

tar czf etc.tar.gz /etc --atime-preserve

See the tar info pages for more information.

3.2.4. From 9.3 to 10.0

Refer to the article “Known Problems and Special Features in SUSE Linux 10” in the SUSE Support Database at http://portal.suse.com under the keyword special features. Becoming the Superuser Using su

By default, calling su to become root does not set the PATH for root. Either call su - to start a login shell with the complete environment for root or set ALWAYS_SET_PATH to yes in /etc/default/su if you want to change the default behavior of su. Powersave Configuration Variables

Names of the powersave configuration variables are changed for consistency, but the sysconfig files are still the same. Find more information in Section 33.5.1, “Configuring the powersave Package”. PCMCIA

cardmgr no longer manages PC cards. Instead, as with Cardbus cards and other subsystems, a kernel module manages them. All necessary actions are executed by hotplug. The pcmcia start script has been removed and cardctl is replaced by pccardctl. For more information, see /usr/share/doc/packages/pcmciautils/README.SUSE. Setting Up D-BUS for Interprocess Communication in .xinitrc

Many applications now rely on D-BUS for interprocess communication (IPC). Calling dbus-launch starts dbus-daemon. The systemwide /etc/X11/xinit/xinitrc uses dbus-launch to start the window manager.

If you have a local ~/.xinitrc file, you must change it accordingly. Otherwise applications like f-spot, banshee, tomboy, or Network Manager banshee might fail. Save your old ~/.xinitrc. Then copy the new template file into your home directory with:

cp /etc/skel/.xinitrc.template ~/.xinitrc

Finally, add your customizations from the saved .xinitrc. NTP-Related Files Renamed

For reasons of compatibility with LSB (Linux Standard Base), most configuration files and the init script were renamed from xntp to ntp. The new filenames are:





/etc/sysconfig/ntp Hotplug Events Handled by the udev Daemon

Hotplug events are now completely handled by the udev daemon (udevd). We do not use the event multiplexer system in /etc/hotplug.d and /etc/dev.d anymore. Instead udevd calls all hotplug helper tools directly, according to its rules. Udev rules and helper tools are provided by udev and various other packages. TEI XSL Stylesheets

Find the TEI XSL stylesheets (tei-xsl-stylesheets) with a new directory layout at /usr/share/xml/tei/stylesheet/rahtz/current. From there, for example, use base/p4/html/tei.xsl to produce HTML output. For more information, see http://www.tei-c.org/Stylesheets/teic/ File System Change Notification for GNOME Applications

For proper functionality, GNOME applications depend on file system change notification support. For local-only file systems, install the gamin package (preferred) or run the FAM daemon. For remote file systems, run FAM on both the server and client and open the firewall for RPC calls by FAM.

GNOME (gnome-vfs2 and libgda) contains a wrapper that picks gamin or fam to provide file system change notification:

  • If the FAM daemon is not running, gamin is preferred. (Rationale: Inotify is supported only by gamin and it is more efficient for local file systems).

  • If the FAM daemon is running, FAM is preferred (Rationale: If FAM is running, you probably want remote notification, which is supported only by FAM).

3.2.5. From 10.0 to 10.1

Refer to the article “Known Problems and Special Features in SUSE Linux 10” in the SUSE Support Database at http://portal.suse.com under the keyword special features. Apache 2.2

For Apache version 2.2, Chapter 26, The Apache HTTP Server was completely reworked. In addition, find generic upgrade information at http://httpd.apache.org/docs/2.2/upgrading.html and the description of new features at http://httpd.apache.org/docs/2.2/new_features_2_2.html. Starting an FTP Server (vsftpd)

By default, xinetd no longer starts the vsftpd FTP server. It is now a stand-alone daemon and you must configure it with the YaST runtime editor. Firefox 1.5: The URL Open Command

With Firefox 1.5, the method for applications to open a Firefox instance or window has changed. The new method was already partly available in former versions where the behavior was implemented in the wrapper script.

If your application does not use mozilla-xremote-client or firefox -remote, you do not have to change anything. Otherwise the new command to open a URL is firefox url and it does not matter whether Firefox is already running or not. If it is already running, it follows the preference configured in Open links from other applications in.

From the command line, you can influence the behavior by using firefox -new-window url or firefox -new-tab url.