ProHoster > Blog > internet news > SUSE distribution is available Linux Enterprise 15 SP4

SUSE distribution is available Linux Enterprise 15 SP4

After a year of development, SUSE has released the SUSE distribution Linux Enterprise 15 SP4. Based on the SUSE platform Linux Enterprise products such as SUSE are formed Linux Enterprise Server, SUSE Linux Enterprise Desktop, SUSE Manager and SUSE Linux Enterprise High Performance Computing. The distribution is free to download and use, but access to updates and patches is limited to a 60-day trial period. This release is available in builds for the aarch64, ppc64le, s390x, and x86_64 architectures.

In SUSE Linux Enterprise 15 SP4 maintains full binary compatibility with the community-developed openSUSE Leap 15.4 distribution, scheduled for release tomorrow. This high level of compatibility was achieved through openSUSE's shared SUSE platform. Linux Enterprise binary package set, rather than rebuilding src packages. The idea is that users can first build and test a working solution using openSUSE, and then seamlessly switch to the commercial version of SUSE. Linux with full support, SLA, certification, long-term update releases, and advanced tools for mass deployment.

Major changes:

  • Core Linux updated to release 5.14.
  • Desktop environment updated to GNOME 41 and GTK4. Provided the ability to use a desktop session based on the Wayland protocol in environments with proprietary NVIDIA drivers.
  • Added Pipewire media server, which is currently only used for screen sharing in Wayland-based environments. For sound, PulseAudio continues to be used.
  • Removed Python 2 packages. Only python3 package remains.
  • Updated versions of PHP 8, OpenJDK 17, Python 3.10, MariaDB 10.6, PostgreSQL 14, Apparmor 3.0, Samba 4.15, OpenSSL 3.0.1, systemd 249, QEMU 6.2, Xen 4.16, libvirt 0.8.0, virt-manager 4.0.0.
  • Implemented the ability to apply live patches to update user-space components such as Glibc and OpenSSL on the fly. Patching is done without restarting processes by applying patches to in-memory libraries.
  • JeOS images (minimalistic SUSE builds) Linux Enterprise for virtualization systems) have been renamed to Minimal-VM.
  • Fulfilled SLSA level 4 requirements to protect against malicious changes during development. To verify applications and container images using digital signatures, the Sigstore service is used, which maintains a public log for authentication (transparency log).
  • Support for managing servers with SUSE is provided Linux Enterprise using the Salt centralized configuration management system.
  • Added experimental support for the schedutil (cpufreq governor) processor frequency control mechanism, which directly uses information from the task scheduler to make a decision on changing the frequency and can immediately contact the cpufreq drivers to quickly change the frequency, instantly adjusting the CPU operation parameters to the current load.
  • The wicked network configurator used in SLES added an experimental ability to decode the SMBIOS Management Controller Host Interface structure and configure the Host Network Interface in the BMC using the Redfish over IP protocol, which allows you to use the Redfish service for remote system management.
  • Support for the Intel Alderlake graphics platform has been moved to the i915 driver. For ARM systems, it includes the etnaviv driver for Vivante GPUs used in various ARM SoCs such as the NXP Layerscape LS1028A/LS1018A and NXP i.MX 8M, as well as the etnaviv_dri library for Mesa.
  • Provided the ability to activate Real-Time mode in the kernel for real-time systems by setting the preempt=full parameter during boot of the standard SUSE kernel LinuxThe separate kernel-preempt package has been removed from the distribution.
  • By default, the kernel disables the ability to run eBPF programs by unprivileged users (the /proc/sys/kernel/unprivileged_bpf_disabled parameter is set) due to the risks of using eBPF to attack the system. Implemented support for the BTF (BPF Type Format) mechanism, which provides information for type checking in BPF pseudocode. Updated BPF toolkit (libbpf, bcc). Added support for the bpftrace tracing mechanism.
  • Allowed Btrfs to use 64K memory pages when working with a file system formatted with a block size smaller than the kernel memory page size (for example, FS with 4KB blocks can now be used not only in kernels with the same memory page size).
  • The kernel includes support for the SVA (Shared Virtual Addressing) mechanism for sharing virtual addresses between the CPU and peripherals, allowing hardware accelerators to access data structures in the main CPU.
  • Improved support for NVMe drives and added the ability to use advanced features such as CDC (Centralized Discovery Controller). The nvme-cli package has been updated to version 2.0. Added new packages libnvme 1.0 and nvme-stas 1.0.
  • Official support has been provided for placing swap in a zRAM block device, which provides compressed data storage in RAM.
  • Added support for NVIDIA vGPU 12 and 13.
  • Instead of the fbdev drivers used for output via Framebuffer, a universal simpledrm driver is proposed that uses the EFI-GOP or VESA framebuffer provided by the UEFI firmware or BIOS for output.
  • The composition includes the OpenSSL 3.0 cryptographic library, in addition to the OpenSSL 1.1.1 version used in system applications.
  • YaST has improved booting from network drives configured with the "_netdev" option.
  • The BlueZ Bluetooth stack has been updated to version 5.62. High quality audio codecs for Bluetooth have been added to the pulseaudio package.
  • Enabled automatic conversion of System V init.d scripts to systemd services using systemd-sysv-generator. In the next major branch of SUSE, support for init.d scripts will be dropped entirely and conversion disabled.
  • In builds for ARM, the range of supported ARM SoCs has been expanded.
  • Added support for AMD SEV technology, which provides transparent memory encryption at the hardware level. virtual machines (Only the current guest system has access to the decrypted data, while other virtual machines and the hypervisor receive an encrypted set of data when attempting to access this memory).
  • The chrony NTP server includes support for time synchronization based on the NTS (Network Time Security) protocol, which uses public key infrastructure (PKI) elements and allows the use of TLS and authenticated encryption AEAD (Authenticated Encryption with Associated Data) for cryptographic protection of client interaction and server via NTP (Network Time Protocol).
  • 389 Directory is used as the primary LDAP server. Server & HostingOpenLDAP server support has been discontinued.
  • Removed toolkit for working with LXC containers (libvirt-lxc and virt-sandbox).
  • A new minimal version of the BCI (Base Container Image) container has been proposed, which ships the busybox package instead of bash and coreutils. The image is designed to be used to run applications pre-built with all dependencies in a container. Added BCI containers for Rust and Ruby.

Source: opennet.ru

Buy reliable hosting for sites with DDoS protection, VPS VDS servers 🔥 Buy reliable website hosting with DDoS protection, VPS VDS servers | ProHoster