ProHoster > Blog > internet news > Release of the SUSE Linux Enterprise Server 16 distribution

Release of the SUSE Linux Enterprise Server 16 distribution

SUSE has released SUSE Linux Enterprise Server 16. The SUSE Linux Enterprise 16 branch marks seven years since the release of SUSE 15. SUSE 16 packages are already used as the basis for the community-supported openSUSE Leap 16 distribution. The distribution is free to download and use, but access to updates and fixes is limited to a 60-day trial period. The release is available in builds for the aarch64, ppc64le, s390x, and x86_64 architectures.

The SUSE Linux 16 branch will feature a more predictable and flexible release cycle. Service Pack (SP) updates will be replaced by a system of interim releases (16.1, 16.2, etc.) and Long Term Support (LTS). The total maintenance period for the SUSE Linux 16 branch will be 16 years. A total of seven interim releases are planned—from 16.0 to 16.6—each of which will be published annually in November. Updates for each interim release will be supported for five years: two years of General Support and three years of Extended Support (LTS).

Key changes (1, 2, 3, 4):

  • The new Agama installer is used, which is notable for separating the user interface from the internal YaST components and providing a frontend for managing the installation via a web interface.
  • The system management stack has been modernized. The traditional YaST stack is now managed by the Cockpit package, and the YaST Software GUI is replaced by the new Myrlyn package. Support for SysV init scripts has been discontinued. Only systemd units can be used.
  • By default, only desktop environments using Wayland are offered. X.org Server has been removed from the distribution. Support for running X11-based applications is retained using XWayland. The default desktop environment is based on GNOME 48. The VNC server, GTK2, Qt5, and wxWidgets have been discontinued.
  • Automatic snapshot creation capabilities for file system state slices have been expanded, based on Btrfs and the Snapper utility. Snapshots can now be used in system images for cloud platforms. By default, rollback capabilities are integrated into all components, allowing administrators to roll back virtually any change—from system updates to applying individual patches and configuration modifications.
  • The core package now includes support for Live patches, which allow you to fix vulnerabilities and critical errors in the kernel and glibc and openssl libraries without having to restart the system.
  • Support for the x86-64-v1 architecture has been discontinued. Work is only possible on x86 systems with the x86_64-v2 architecture, which is supported by processors since about 2009 (starting with Intel Nehalem) and is distinguished by the presence of such extensions as SSE3, SSE4_2, SSSE3, POPCNT, LAHF-SAHF and CMPXCHG16B.
  • By default, the kernel disables support for 32-bit x86 systems and 32-bit executables. To enable support for 32-bit system calls, set the "ia32_emulation=1" parameter when booting the Linux kernel.
  • SELinux mandatory access control is enabled by default. AppArmor support has been deprecated.
  • The package includes Ansible tools for configuration management, orchestration, centralized application installation, and parallel execution of common tasks across a group of systems. System roles have been added for configuring various system components, including the firewall, ha_cluster, selinux, and podman. Salt support remains an option.
  • The package includes libraries with built-in support for quantum-resistant cryptographic algorithms, such as ML-KEM and ML-DSA. Support for these algorithms is available in OpenSSL 3.5, Libgcrypt 1.11.1, Mozilla NSS 3.112, and Go 1.24.
  • Implemented support for reproducible builds, allowing you to create your own builds that are bit-for-bit identical to the pre-built builds offered for download, to ensure that the binaries distributed in packages are built from the provided source code and do not contain hidden changes.
  • Updated package versions include Linux kernel 6.12, glibc 2.40, Systemd 257, Python 3.13, Perl 5.42, grub2 2.12, OpenSSH 9.9, QEMU 10.0.2, MariaDB 11.8, PostgreSQL 17, PHP 8.4, Node.js 22, Rust 1.88, ruby ​​3.4, clang 19, gcc 15.
  • The year 2038 problem has been completely resolved. All packages have been moved to use the 64-bit time_t type in the distribution ports for 32-bit architectures, which continued to use the 32-bit time_t type (it cannot be used to handle times later than January 19, 2038, due to the counter for seconds elapsed since January 1, 1970 overflowing).
  • The wicked network configurator has been replaced by NetworkManager.
  • NFTables is used as a packet filter instead of iptables by default.
  • The transition from the ISC DHCP DHCP server to KEA DHCP has been completed.
  • The Xen hypervisor has been discontinued, with KVM now used as the primary hypervisor for virtualization.
  • Packages with the Redis DBMS have been replaced with a fork of Valkey.
  • Added support for lightweight stack guard pages, which, when accessed, cause an exception and process crash (SIGSEGV). The implementation is based on the madvise system call.
  • Added support for NFS over TLS.
  • The tuned background process is included, which automatically optimizes hardware and kernel settings depending on the current load.
  • The "UsrEtc" configuration file storage model is used, whereby default settings provided by the distribution are stored in the /usr/etc directory, while changes made by the local administrator are placed in /etc/example.conf.d/*.conf or /etc/example.conf. This means that packaged settings and administrator-defined settings are always separated. The default systemd settings have been moved to the /usr directory.
  • On x86_64 systems, booting is deprecated, but BIOS-based systems still support booting. UEFI is used by default for new installations. For compatibility with older systems, BIOS support is available for virtual machine migrations and upgrades from SUSE 15.
  • By default, SSH access with the root user is disabled when authenticating with a password.
  • Support for the reiserfs, hfsplus, UFS, and ocfs2 file systems has been discontinued. Btrfs is used by default. Supported options include ext4, xfs, and gfs2.
  • The /tmp partition is stored using the tmpfs file system, which stores data in memory and does not save its contents between reboots.
  • Experimental support for lklfuse has been added for mounting block devices or file system images. Lklfuse runs as an unprivileged process in user space, but uses the Linux kernel's file system drivers.
  • Experimental (Tech Preview) support has been added for a service based on the MCP (Model Context Protocol), allowing AI assistants to access operating system components. For example, the AI ​​assistant can be used to generate natural language tasks for managing infrastructure, utilities, and data. The AI ​​assistant is accessible from the Cockpit web console. Connection to various large language model providers is possible.

Source: opennet.ru

Add a comment