Page 1 SUSE Linux Enterprise Desktop www.novell.com Deployment Guide March 17, 2009...
Page 2 That this manual, specifically for the printed format, is reproduced and/or distributed for noncommercial use only. The express authorization of Novell, Inc must be obtained prior to any other use of any manual or part thereof. http://www.novell For Novell trademarks, see the Novell Trademark and Service Mark list .com/company/legal/trademarks/tmlist.html.
Page 3: Table Of Contents
Contents About This Guide 1 Planning for SUSE Linux Enterprise Desktop Hardware Requirements ..... . . Reasons to Use SUSE Linux Enterprise Desktop ... . . Part I Manual Deployment 2 Deployment Strategies Deploying up to 10 Workstations .
Page 4 4 Updating SUSE Linux Enterprise Updating SUSE Linux Enterprise ....Installing Service Packs ..... . . Software Changes from Version 10 to Version 11 .
Page 5 1 0 Changing Language and Country Settings with YaST 10.1 Changing the System Language ....10.2 Changing the Country and Time Settings ....1 1 Remote Installation 11.1 Installation Scenarios for Remote Installation .
Page 6 16.2 Creating Images ......16.3 For More Information ..... . 1 7 Deploying Customized Preinstallations 17.1 Preparing the Master Machine .
Page 7: About This Guide
Internet. For an overview of the documentation available for your product and the latest docu- http://www.novell.com/documentation mentation updates, refer to or to the following section.
Page 8 Introduces basic concepts of system security, covering both local and network se- curity aspects. Shows how to make use of the product inherent security software like Novell AppArmor (which lets you specify per program which files the program may read, write, and execute) or the auditing system that reliably collects informa- tion about any security-relevant events.
Page 9: Documentation Conventions
• To report bugs for a product component or to submit enhancements requests, please use https://bugzilla.novell.com/. If you are new to Bugzilla, you might find the Bug Writing FAQs helpful, available from the Novell Bugzilla home page. • We want to hear your comments and suggestions about this manual and the other documentation included with this product.
Page 10 • placeholder: replace placeholder with the actual value • PATH: the environment variable PATH • ls, --help: commands, options, and parameters • user: users or groups • Alt , Alt + F1 : a key to press or a key combination; keys are shown in uppercase as on a keyboard •...
Page 11: Planning For Suse Linux Enterprise Desktop
Chapter 2, Deployment Strategies (page 7). How do you get software updates for your deployment? All patches provided by Novell for your product are available for download to http://www registered users. Register and find the patch support database at .novell.com/linux/suse/portal/index.html.
Page 12: Hardware Requirements
1.1 Hardware Requirements For a standard installation of SUSE Linux Enterprise Desktop including the desktop environment and a wealth of applications, the following configuration is recommended: • Intel Pentium IV, 2.4 GHz or higher or any AMD64 or Intel 64 processor •...
Page 13 Being backed by Novell and their networking expertise, SUSE Linux Enterprise Desktop naturally offers you support for Novell technologies, like GroupWise, Novell Client for Linux, and iPrint, and it also offers authentication support for Novell eDirectory services. Application Security with Novell AppArmor SUSE Linux Enterprise Desktop enables you to secure your applications by enforc- ing security profiles tailor-made for your applications.
Page 15: Part I Manual Deployment
Part I. Manual Deployment...
Page 17: Deployment Strategies
Linux Enterprise Desktop prior to rolling it out to real hardware. You could also experiment with basic Windows*-in-SLED setups. For more information about the virtualization technology available with SUSE Linux Enterprise Desktop, refer http://www.novell.com/documentation/sles10/xen_admin/ data/bookinfo.html. 2.1 Deploying up to 10 Workstations...
Page 18 Installing from a Network Server Using SLP (page 8) Consider this approach if you have a single workstation or a small number of workstations and if a network installation server announced via SLP is available. Installing from a Network Server (page 9) Consider this approach if you have a single workstation or a small number of workstations and if a network installation server is available.
Page 19: Deploying Up To 100 Workstations
Remotely Controlled Tasks None, but this method can be combined with VNC Details Section 3.1.1, “Installing from a Network Server Using SLP” (page 19) Table 2.3 Installing from a Network Server Installation Source Network installation server holding the SUSE Linux Enterprise Desktop installation media Tasks Requiring Manual •...
Page 20 Choose from the following options: Simple Remote Installation via VNC—Static Network Configuration (page 11) Consider this approach in a small to medium scenario with a static network setup. A network, network installation server, and VNC viewer application are required. Simple Remote Installation via VNC—Dynamic Network Configuration (page 11) Consider this approach in a small to medium scenario with dynamic network setup through DHCP.
Page 21 Rule-Based Autoinstallation (page 15) Consider this approach for large deployments to various types of hardware. If configured to use network booting, physical interaction with the target systems is not needed at all. A network, a network installation server, a remote controlling application such as a VNC viewer or an SSH client, and several AutoYaST confi- guration profiles as well as a rule setup for AutoYaST are required.
Page 22 Best Suited For Small to medium scenarios with varying hardware Drawbacks • Each machine must be set up individually • Physical access is needed for booting Details Section 11.1.2, “Simple Remote Installation via VNC—Dynamic Network Configuration” (page 119) Table 2.6 Remote Installation via VNC—PXE Boot and Wake on LAN Installation Source Network...
Page 23 • Booting from the installation media Control and Monitoring Remote: SSH Best Suited For • Small to medium scenarios with varying hardware • Low bandwidth connections to target Drawbacks • Each machine must be set up individually • Physical access is needed for booting Details Section 11.1.4, “Simple Remote Installation via SSH—Static Network Configuration”...
Page 24 Details Section 11.1.5, “Simple Remote Installation via SSH—Dynamic Network Configuration” (page 123) Table 2.9 Remote Installation via SSH—PXE Boot and Wake on LAN Installation Source Network Preparations • Setting up the installation source • Configuring DHCP, TFTP, PXE boot, and WOL •...
Page 25 • Setting up network boot (DHCP, TFTP, PXE, WOL) Booting the target from installation media Control and Monitoring Local or remote through VNC or SSH Best Suited For • Large scenarios • Identical hardware • No access to system (network boot) Drawbacks Applies only to machines with identical hardware Details...
Page 26: Deploying More Than 100 Workstations
Control and Monitoring Local or remote through SSH or VNC Best Suited For • Varying hardware • Cross-site deployments Drawbacks Complex rule setup Details Section 18.2, “Rule-Based Autoinstallation” (page 223) 2.3 Deploying More than 100 Workstations Most of the considerations brought up for medium installation scenarios in Section 2.1, “Deploying up to 10 Workstations”...
Page 27: Installation With Yast
Installation with YaST Install your SUSE® Linux Enterprise Desktop system with YaST, the central tool for installation and configuration of your system. YaST guides you through the installation process and the basic configuration of your system. During the installation and configu- ration process, YaST analyzes both your current system settings and your hardware components and proposes installation settings based on this analysis.
Page 28 Installing from the LiveDVD In order to install from a LiveCD, boot the live system from DVD. In the running system, launch the installation routine by clicking on the Install icon on the desktop. Phase one of the installation will be carried out in a window on the desktop. It is not possible to update or repair an existing system with a LiveDVD, you can only perform a new installation with automatic configuration.
Page 29 Boot Option Description Hard Disk SUSE Linux Enterprise Desktop installation can also be booted from the hard disk. To do this, copy the kernel (linux) and the installation system (initrd) from the directory /boot/architecture/ on the installation media to the hard disk and add an appropriate entry to the existing boot loader of a previous SUSE Linux Enterprise Desktop installation.
Page 30: The Installation Workflow
3.1.2 Installing from a Network Source without SLP If your network setup does not support OpenSLP for the retrieval of network installation sources, boot the system and press F4 in the boot screen to select the desired network protocol (NFS, HTTP, FTP, or SMB/CIFS). Provide the server's address and the path to the installation media.
Page 31: The Boot Screen
how to perform non-interactive, automated installations, refer to Part III, “Automated Installations” (page 209). 3.4 The Boot Screen The boot screen displays a number of options for the installation procedure. Boot from Hard Disk boots the installed system and is selected default, because the CD is often left in the drive.
Page 32 Figure 3.1 The Boot Screen Use the function keys indicated in the bar at the bottom of the screen to change the language, screen resolution, installation source or to add additional driver from your hardware vendor: F1 Help Get context-sensitive help for the active element of the boot screen. Use the arrow keys to navigate, Enter to follow a link, and Esc to leave the help screen.
Page 33 with this option. Find information about SLP in Chapter 21, SLP Services in the Network (↑Administration Guide). F5 Kernel In case you encounter problems with the regular installation, this menu offers to disable a few potentially problematic functions. If your hardware does not support ACPI (advanced configuration and power interface) select No ACPI to install without ACPI support.
Page 34 3.4.1 Providing Data to Access an SMT Server By default updates for SUSE Linux Enterprise Desktop are delivered by the Novell Customer Center. If your network provides a so called SMT server to provide a local update source, you need to equip the client with the server's URL. Client and server communicate solely via HTTPS protocol, therefore you also need to enter a path to the server's certificate if the certificate was not issued by a certificate authority.
Page 35: Welcome
The data supportconfig (see Chapter 2, Gathering System Information for Support (↑Administration Guide) for more information) gathers is sent to the Novell Customer Center by default. It is also possible to set up a local server collecting this data. If such a server is available on your network, you need to equip the client with the server's URL.
Page 36: Installation Mode
Override this proposal by selecting a different keyboard layout from the drop-down menu. The language selected here is also used to assume a time zone for the system clock. This setting—along with the selection of secondary languages to install on your system—can be modified later in the Installation Summary, described in Section 3.9, “Installation Settings”...
Page 37 Update Select this option to update to a newer version. For more information about system update, see Chapter 4, Updating SUSE Linux Enterprise (page 47). Repair Installed System Choose this option to repair a damaged system that is already installed. More infor- mation is available in Section “Recovering a Corrupted System”...
Page 38: Network Setup
Click Next to proceed. If you selected to include an add-on product, proceed with Sec- tion 3.6.1, “Add-On Products” (page 28), otherwise skip the next section and advance Section 3.7, “Clock and Time Zone” (page 29). 3.6.1 Add-On Products Add-on products can be installed either from a local source (CD, DVD, or directory) or from a network source (HTTP, FTP, NFS, CIFS,...).
Page 39: Clock And Time Zone
with a DHCP server, choose Automatic Address Setup (via DHCP). To manually set up the network choose Static Address Setup and specify IP Address, Netmask, Default Gateway IP, and the DNS Server IP. Some networks require the use of a proxy server to access the Internet. Tick the check box Use Proxy for Accessing the Internet and enter the appropriate specifications.
Page 40: Create New User
system uses local time instead. If you only run Linux on your machine, set the hardware clock to UTC and have the switch from standard time to daylight saving time performed automatically. If a network is already configured, you can configure time synchronization with an NTP server.
Page 41 Figure 3.5 Create New User Three additional options are available: Use this Password for the System Administrator If checked, the same password you have entered for the user will be used for the system administrator root. This option is suitable for stand-alone workstations or machines in a home network that are administrated by a single user.
Page 42 Automatic Login This option automatically logs the current user in to the system when it starts. This is mainly useful if the computer is operated by only one user. WARNING: Automatic Login With the automatic login enabled, the system boots straight into your desktop with no authentication at all.
Page 43 Section “Configuring a Linux Client for Active Directory” (Chapter 5, Active Di- rectory Support, ↑Security Guide). eDirectory LDAP eDirectory authentication is used in Novell networks. Along with user administration via LDAP and NIS, you can use Kerberos authentication. To use it, select Set Up Kerberos Authentication. For more information on Kerberos, refer to Chapter 6, Network Authentication with Kerberos (↑Security Guide).
Page 44: Installation Settings
WARNING: The root User The user root has all the permissions needed to make changes to the system. To carry out such tasks, the root password is required. You cannot carry out any administrative tasks without this password. 3.9 Installation Settings On the last step before the real installation takes place, you can alter installation settings suggested by YaST and also review the settings you made so far.
Page 45 TIP: Restoring the Default Settings You can reset all changes to the defaults by clicking Change > Reset to Defaults. YaST then shows the original proposal again. 3.9.1 Partitioning (Overview) Review and—if necessary—change the partition setup proposed by the system. Changing the partition setup either let's you partition a specific disk or, when choosing Custom Partitioning, apply your own partitioning scheme.
Page 46 Figure 3.7 Software Selection and System Tasks 3.9.4 Language (Overview) Here you can change the system Language you defined in the first step of the installation. It is also possible to add additional languages. To adjust the system language settings, select Language.
Page 47 3.9.5 Add-On Products (Expert) If you added a source for an add-on media earlier, it appears here. Add, remove, or modify add-on products here if needed.This is the same configuration dialog as discussed earlier in Section 3.6.1, “Add-On Products” (page 28). 3.9.6 Keyboard Layout (Expert) To change the keyboard layout, select Keyboard Layout.
Page 48: Performing The Installation
this may take some time. Select any item in the list and click Details to see detailed information about the selected item. Use Save to File to save a detailed list to either the local file system or a floppy. Advanced users can also change the PCI ID setup and Kernel Settings by choosing System Settings.
Page 49 Internet access and sets up your hardware. The whole process does not need any interaction. You can change the settings made by the Auto- matic Configuration at any time in the installed system with YaST. Continue with Section “Novell Customer Center Configuration” (page 42). 3.11.2 Manual System Configuration Having rebooted, the system starts the manual configuration.
Page 50: Network Configuration
Network Configuration If you are installing SUSE Linux Enterprise Desktop on a laptop computer, Interfaces Controlled by NetworkManager is enabled. NetworkManager is a tool that enables au- tomatic connection with minimal user intervention. It is ideal for WLAN and mobile computing.
Page 51 for checklists of configuration requirements for the various connection types and Section “Configuring the Network Card with YaST” (Chapter 19, Basic Networking, ↑Administration Guide) for configuration details. DSL Connections, ISDN Adapters, and Modems If your computer is equipped with an internal DSL modem, an internal ADSL Fritz Card, an ISDN card or a modem, clicking on the respective headline opens the configuration dialog.
Page 52 Novell server will be connected. Upon this initial connect no data other than the ID of your product will be send to the Novell servers. In order to become entitled for support, make sure to check Registration Code. You will be prompted to enter the code when proceeding with Next.
Page 53 This option checks your repositories and adds newly available catalogs or removes obsolete ones. It does not touch manually added repositories. Proceed with Next. A connection with the Novell server is established. Follow the on- screen instructions to finish the registration.
Page 54: Online Update
Remote location (http, https or ftp) from which the certificate can be download- ed. Example: http://smt.example.com/smt-ca.crt Floppy Specifies a location on a floppy. The floppy has to be inserted before proceed- ing. The value has to start with the string floppy followed by the path to the certificate.
Page 55: Release Notes
New Local User In addition to the user created in part one of the installation, you can create an additional user in this dialog. To create more users, manage groups, modify defaults for new users and set up network authentication, launch the User Management. Refer to Chapter 9, Managing Users with YaST (page 91) for more information about user management.
Page 56: Graphical Login
Installation Completed After a successful installation, YaST shows the Installation Completed dialog. In this dialog, select whether to clone your newly installed system for AutoYaST. To clone your system, select Clone This System for AutoYaST. The profile of the current system is stored in /root/autoyast.xml.
Page 57: Updating Suse Linux Enterprise
Updating SUSE Linux Enterprise SUSE® Linux Enterprise provides the option of updating an existing system to the new version without completely reinstalling it. No new installation is needed. Old data, such as home directories and system configuration, is kept intact. During the life cycle of the product, you can apply Service Packs to increase system security and correct software defects.
Page 58 /opt. You may also want to write the user data in /home (the HOME directories) to a backup medium. Back up this data as root. Only root has read permission for all local files. Before starting your update, make note of the root partition. The command df / lists Example 4.1, “List with df -h”...
Page 59 4.1.3 Updating with YaST Following the preparation procedure outlined in Section 4.1.1, “Preparations” (page 47), you can now update your system: 1 Optionally, prepare an installation server. For background information, see Sec- tion 11.2.1, “Setting Up an Installation Server Using YaST” (page 126).
Page 60: Installing Service Packs
4.2 Installing Service Packs Use Service Packs to update a SUSE Linux Enterprise installation. There are several different ways in which you can apply a Service Pack. You can either update the existing installation or start a whole new installation using the Service Pack media. Possible scenarios for updating the system and setting up a central network installation source are described here.
Page 61: Setting Up Hardware Components With Yast
Setting Up Hardware Components with YaST YaST allows you to configure hardware items at installation time as well as in the in- stalled system. Configure additional graphics cards and monitors, adjust mouse and keyboard settings and configure sound hardware. If you need printer or scanner support, use the appropriate YaST modules to configure these hardware items.
Page 62: Setting Up Graphics Card And Monitor
5.2 Setting Up Graphics Card and Monitor After the installation you can change the configuration of your graphics system (graphics card and monitor) according to your needs. Such a change can be necessary because of accessibility issues or hardware upgrades. WARNING: Changing Monitor Frequencies Although there are safety mechanisms, you should still be very careful when manually changing the allowed monitor frequencies.
Page 63: Setting Up Keyboard And Mouse
4 Test the new configuration before it is applied to the system. Click Ok to decide what to do with your configuration (Test, Save, or Cancel.) To activate a second monitor, proceed as follows: 1 In YaST, click Hardware > Graphics Card and Monitor. SaX2 checks the system resources and displays the Card and Monitor Properties dialog.
Page 64 1 In YaST, click Hardware > Keyboard Layout. The SaX2 configuration tool reads the system resources and displays the Keyboard Properties dialog. 2 Select your keyboard model from the Type list. 3 Select the country in the Layout list. 4 Depending on the country layout, you can choose a certain Variant. The selections are applied immediately for testing.
Page 65 NOTE: Configuring Console Keyboard Layout By clicking the Save button as described in Step 7 (page 54) the setup of the console keyboard layout takes place at the same time. If you want to change the console keyboard layout, either call yast keyboard (the text mode in- terface) or check the KEYTABLE and YAST_KEYBOARD settings in /etc/ sysconfig/keyboard.
Page 66: Setting Up Sound Cards
Emulate Wheel with Mouse Button If your mouse does not have a scroll wheel but you want to use a similar function- ality, you can assign an additional button for this. Select the button to use. While pressing this button, any movement of the mouse is translated into scroll wheel commands.
Page 67 Advanced setup with possibility to change options Customize all settings manually. Click Next to continue. 3 In Sound Card Volume, test your sound configuration and make adjustments to the volume. You should start at about ten percent to avoid damage to your hearing or the speakers.
Page 68: Setting Up A Printer
5.5 Setting Up a Printer YaST can be used to configure a local printer that is directly connected to your machine (normally with USB or parallel port) and to set up printing with network printers. It is also possible to share printers over the network and to add 3rd party “drivers” (PostScript Printer Description (PPD) files).
Page 69 to specify how the printer is connected to the machine. Then choose a suitable driver and specify a unique name for the printer queue in the Set Name field. A printer is never used directly, but always through a printer queue. This ensures that simultaneous jobs can be queued and processed one after the other.
Page 70 find PPD files at http://www.linuxfoundation.org/en/OpenPrinting/, the “OpenPrinting.org printer database”. When downloading PPD files from OpenPrint- ing.org, keep in mind that it always shows the latest Linux support status, which is not necessarily met by SUSE Linux Enterprise Desktop. Fine-tuning a Local Printer Configuration In order to adjust the default settings for paper size, resolution, media source and others, choose a printer from the list in the Printer Configurations view and click Configure.
Page 71 Using CUPS In a Linux environment CUPS is usually used to print via the network. The simplest setup is to only print via a single CUPS server which can directly be accessed by all clients. Check Do All Your Printing Directly via One Remote CUPS Server and specify the name or IP address of the server.
Page 72: Setting Up A Scanner
5.6 Setting Up a Scanner You can configure a USB or SCSI scanner at any time using YaST. The sane-backends package contains hardware drivers and other essentials needed to use a scanner. Scanners connected to a parallel port must be configured manually. If you own a HP All-In-One device, see Section 5.6.1, “Configuring an HP All-In-One Device”...
Page 73 Once the scanner is successfully configured, choose Other > Scanning via Network in the YaST scanner module. Enter the hostnames of the clients (separated by a comma) that should be allowed to use the scanner under Server Settings > Permitted Clients for saned and leave the configuration dialog with OK.
Page 75: Installing Or Removing Software
Installing or Removing Software Change the software collection of your system using YaST. This YaST module is available in three toolkit flavors: Qt, GTK+, and ncurses; Qt and GTK+ flavors are described here. In YaST's software management tool search for software components you want to add or remove.
Page 76: Using The Qt Interface
Pattern A pattern is an installable list of packages needed for a special purpose. Examples are Base System, providing the openSUSE basic system, or GNOME Base System, containing all packages needed to run the GNOME Desktop environment. Package A package is a compressed file in rpm format that contains the files for a particular program.
Page 77 1 Click Software > Software Management to start the YaST package manager. 2 In the search field enter the name of the software you want to install (for example, xpdf, a lightweight PDF viewer) and press Enter . 3 The package is listed in the right frame. Select it for installation. Once done, you can search for more packages and select them for installation in one go.
Page 78 2 From the patterns select one or more patterns you are interested in. If you click on the name of a pattern, for example on Base Development, you see the packages it contains, in the right frame. If you activate it, the status markers at the beginning of the line will change: all packages get marked either with the status Keep or Install.
Page 79 Using the installation summary filter you see an overview of the packages you have scheduled for installation. It is convenient for double-checking if many packages are pending for installation. 6.2.2 Checking Software Dependencies The software of one package might only work properly if the required package is also installed.
Page 80 WARNING: Handling Package Conflicts Unless you are very experienced, follow the suggestions of YaST when handling package conflicts, because otherwise the stability and functionality of your system could be endangered by the existing conflict. Figure 6.1 Conflict Management of the Package Manager 6.2.3 Packages and Software Repositories If you want to search for packages originating from one particular software repository, use the Repositories filter.
Page 81: Using The Gtk+ Interface
6.2.4 Removing Software If you want to remove software from the system, proceed as follows: 1 Make use of a search strategy explained in Section 6.2.1, “Installing Software” (page 66). 2 Depending on the search strategy, you can either select a complete set or single packages one by one.
Page 82 4 When finished, click Apply to perform the installation of the listed packages. If you do not know the name of the software you are interested in, you can browse through the software catalog in various ways. For example, you can group by patterns, package groups, languages, or repositories.
Page 83 contains in the right frame. If you activate this pattern by clicking Install All, the packages will get listed in the changes overview on the right side. 3 Click Apply to install all selected packages. Alternatively, group by package groups. The package groups feature offers a more de- tailed view of the software grouped by categories.
Page 84 WARNING: Handling Package Conflicts Unless you are very experienced, follow the suggestions of YaST when handling package conflicts, because otherwise the stability and functionality of your system could be endangered by the existing conflict. Figure 6.2 Conflict Management of the Package Manager 6.3.3 Packages and Software Repositories If you want to search for packages originating from one particular software repository, use grouping by Repositories.
Page 85: Managing Software Repositories And Services
6.3.4 Removing Software If you want to remove software from the system, proceed as follows: 1 Make use of a search strategy explained in Section 6.3.1, “Installing Software” (page 71). 2 In the Packages Listing mark the packages you want to remove. To mark all of them with one click, right-click in the Packages Listing pane and and choose Select All.
Page 86 WARNING: Trusting External Software Sources Before adding external software repositories to your list of repositories, make sure this repository can be trusted. SUSE Linux Enterprise Desktop is not respon- sible for any potential problems arising from software installed from third- party software repositories.
Page 87: Keeping The System Up-To-Date
Refresh lets you update the repository meta data in various ways. 6.5 Keeping the System Up-to-date Novell offers a continuous stream of software security patches for your product. The updater applet informs you about the availability of patches and lets you easily install them with just a few clicks.
Page 88 Blue square with Arrow Trivial patches are available. Yellow Triangle with Exclamation Mark An error occurred. Blue Circle with Question Mark No update repository is defined. When you click the updater applet in this state, you are asked whether to check for updates. If you agree, the YaST Online Update Configuration module is started.
Page 89 Figure 6.4 KDE Updater Applet: Detailed Update View You will be prompted for the root password after having proceeded with Install. The updater performs the installation of the patches. See the system tray (KDE) or the noti- fication area (GNOME) for status messages and a progress meter. The YaST Online Update offers advanced features to customize the patch installation.
Page 90 sible for any potential problems arising from software installed from third party software repositories. The updater applet does not monitor repositories for new software versions by default. To enable this feature, open the configuration window as described in Section “Config- uring the Updater Applet”...
Page 91 The configuration dialog also offers to change the following settings: Back-End Choose between different back-ends. The Package Kit Plugin is used by default. If you prefer the ZYpp Plugin, make sure the package kde4-kupdateapplet-zypp is installed. Always Show Detailed View Activate this option when you prefer the detailed patch view that lists all patches available with short summaries rather than the simple view.
Page 92 Security patches are displayed first, trivial patches last. Click on a patch to see details, such as a description, version number, repository, and—if available—a link to bugzilla, the Novell bug tracking system. By default all patches are marked for installation. Uncheck the checkbox in front of a patch to prevent a patch from being installed.
Page 93 Figure 6.6 GNOME Software Update Viewer: Detailed Update View You will be prompted for the root password after having proceeded with Apply Updates or Update System. The updater performs the installation of the patches. After having finished the installation, choose whether to Install More Updates or whether to Close the Software Update Viewer.
Page 94 Figure 6.7 GNOME Updater Applet: Configuration The configuration dialog offers to change the following settings: Check for Updates Choose how often a check for updates is performed: Hourly, Daily, Weekly, or Never. Automatic Install Configure whether patches are installed automatically or not (default). Automatic installation can be chosen for either security patches only or for all patches.
Page 95: Installing Add-On Products
Installing Add-On Products Add-on products are system extensions. You can install a third-party add-on product or a special system extension of SUSE Linux Enterprise, for example, the SDK add-on or a CD with binary drivers. To install a new add-on, use Software > Add-On Products. You can select various types of product media, like CD, FTP, USB mass storage devices (such as USB flash drives or disks) or a local directory.
Page 96: Binary Drivers
C, C++, Java, and most scripting languages. For your con- venience, SUSE Software Development Kit includes multiple Perl packages that are not included in SUSE Linux Enterprise. http://developer.novell.com/ndk/ For detailed information, refer to susesdk.htm. Use the YaST add-on installer and package manager to install SUSE Software Development Kit 10.
Page 97: Accessing The Internet
Accessing the Internet If you have chosen not to configure Internet access during the installation, you can perform this task at any time using YaST. How to configure your computer to access the Internet depends on your environment. If the computer you are installing is part of a network which already is connected to the Internet, the only thing to do is to link your machine into the network.
Page 98 8.1.1 Checklist DSL There are different types of DSL devices available that use different point-to-point protocol (PPP) methods: • a regular ethernet card connected to the external DSL modem uses PPP over Ethernet (PPPoE). In Austria the Point-to-Point Tunneling Protocol (PPTP) is used. With PPTP the external modem also has a static IP address.
Page 99 • Interface type (SyncPPP or RawIP). If unsure, select SyncPPP, because RawIP is only used in connection with certain telephone systems. • In case you got a static IP-address from your provider: local and remote IP-addresses for the dial-in server and the gateway. •...
Page 100: Internet Connection Via Network
8.2 Internet Connection Via Network If your machine is part of a network which is already connected to the Internet, it is very easy to gain Internet access—just configure your network card and connect your machine to the existing network and you are done. This not only applies to large com- pany networks, but to small home networks as well.
Page 101: Managing Users With Yast
Managing Users with YaST During installation, you have chosen a method for user authentication . This method is either local (via /etc/passwd) or, if a network connection is established, via NIS, LDAP, Kerberos or Samba (see Section 3.8, “Create New User” (page 30).
Page 102 Figure 9.1 YaST User and Group Administration Depending on the set of users you choose to view and modify with the dialog (local users, network users, system users), the main window shows several tabs. These allow you to execute the following tasks: Managing User Accounts From the Users tab, create, modify, delete or temporarily disable user accounts as described in...
Page 103: Managing User Accounts
path and access permissions for home directories in Section 9.4, “Changing Default Settings for Local Users” (page 103). Assigning Users to Groups Learn how to change the group assignment for individual users in Section 9.5, “Assigning Users to Groups” (page 104). Managing Groups From the Groups tab, you can add, modify or delete existing groups.
Page 104 NOTE: Changing User IDs of Existing Users File ownership is bound to the user ID, not to the user name. After a user ID change, the files in the user's home directory are automatically adjusted to reflect this change. However, after an ID change, the user does no longer own the files he created elsewhere in the file system unless you manually change the file ownership for those files.
Page 105: Additional Options For User Accounts
8 Click Expert Options > Write Changes Now to save all changes without exiting the User and Group Administration dialog. Or click Finish to close the adminis- tration dialog and to save the changes. A newly added user can now log in to the system using the login name and password you created.
Page 106 9.3.1 Automatic Login and Passwordless Login If you use KDE or GNOME desktop environment you can configure Auto Login for a certain user as well as Passwordless Login for all users. Auto login causes a user to become automatically logged in to the desktop environment on boot. This functionality can only be activated for one user at a time.
Page 107 5 To enforce password rotation, set a Maximum Number of Days for the Same Password and a Minimum Number of Days for the Same Password. 6 To remind the user to change his password before it expires, set a number of Days before Password Expiration to Issue Warning.
Page 108 WARNING: Security Restrictions Encrypting a user's home directory does not provide strong security from other users. If strong security is required, the system should not be physically shared. Find background information about encrypted home directories and which actions to take for stronger security in Section “Using Encrypted Home Directories” (Chapter 11, Encrypting Partitions and Files, ↑Security Guide).
Page 109 4 Apply your settings with OK. 5 Enter the user's current login password to proceed if YaST prompts for it. 6 Click Expert Options > Write Changes Now to save all changes without exiting the administration dialog. Or click Finish to close the administration dialog and to save the changes.
Page 110: Using Fingerprint Authentication
Procedure 9.5 Modifying or Disabling Encrypted Home Directories Of course, you can also disable the encryption of a home directory or change the size of the image file at any time. 1 Open the YaST User and Group Administration dialog in the Users view. 2 Select a user from the list and click Edit.
Page 111 file systems and restrict the amount of disk space that can be used and the number of inodes (index notes) that can be created there. Inodes are data structures on a file system that store basic information about a regular file, directory, or other file system object. They store all attributes of a file system object (like user and group ownership, read, write, or execute permissions), except file name and contents.
Page 112 4 Below Size Limits, restrict the amount of disk space. Enter the number of 1 KB blocks the user or group may have on this partition. Specify a Soft Limit and a Hard Limit value. 5 Additionally, you can restrict the number of inodes the user or group may have on the partition.
Page 113: Changing Default Settings For Local Users
mail notifications to users exceeding their quota. With quota_nld, administrators can also forward kernel messages about exceeded quotas to D-BUS. For more informa- tion, refer to the repquota, the warnquota and the quota_nld man page (root password needed). 9.4 Changing Default Settings for Local Users When creating new local users, several defaults settings are used by YaST.
Page 114: Assigning Users To Groups
9.5 Assigning Users to Groups Local users are assigned to several groups according to the default settings which you can access from the User and Group Administration dialog on the Defaults for New Users tab. In the following, learn how to modify an individual user's group assignment. If you need to change the default group assignments for new users, refer to Section 9.4, “Changing Default Settings for Local Users”...
Page 115 3 To create a new group, click Add. 4 To modify an existing group, select the group and click Edit. 5 In the following dialog, enter or change the data. The list on the right shows an overview of all available users and system users which can be members of the group.
Page 116: Changing The User Authentication Method
Chapter 24, Samba (↑Administration Guide) and Chapter 5, Active Direc- tory Support (↑Security Guide). eDirectory LDAP eDirectory authentication is used in Novell networks. To change the authentication method, proceed as follows: 1 Open the User and Group Administration dialog in YaST.
Page 117 2 Click the Authentication Settings tab to show an overview of the available authen- tication methods and the current settings. 3 To change the authentication method, click Configure and select the authentication method you want to modify. This takes you directly to the client configuration modules in YaST.
Page 119: 0 Changing Language And Country Settings With Yast
Changing Language and Country Settings with YaST Working in different countries or having to work in a multilingual environment requires your computer to be set up to support this. Use the YaST language and timezone modules to install additional system languages and adjust the country and timezone settings ac- cordingly.
Page 120 of your desktop using the desktop's control center. After X has been restarted, your entire desktop reflects your new choice of language. Applications not belonging to your desktop framework are not affected by this change and may still appear in the language that was set in YaST.
Page 121 Figure 10.1 Setting the Language To install an additional language, proceed as follows: 1 As root, start YaST. 2 Select System > Language. 3 Select the desired languages from the list of languages offered in Secondary Languages. When you leave this dialog with Ok, YaST installs the additional localized software packages.
Page 122 4a Adapt the keyboard to the new primary language and adjust the time zone, if appropriate. For advanced keyboard or time zone settings, open the Hardware > Keyboard Layout (Section 5.3.1, “Keyboard Layout” (page 53)) or System > Date and Time dialog (Section 10.2, “Changing the Country and Time Settings”...
Page 123: Changing The Country And Time Settings
10.2 Changing the Country and Time Settings Using the YaST date and time module, adjust your system date, clock and time zone information to the area you are working in. First, select a general region, such as Europe, for example. Choose an appropriate time zone that matches the one you are working in, for example, Germany.
Page 124 Figure 10.2 Setting Country and Time 1 Click Change to set date and time. 2 Select Manually and enter date and time values. 3 Confirm with Accept. If you want to make use of an NTP server: Deployment Guide...
Page 125 Figure 10.3 Setting Date and Time With NTP Server 1 Click Change to set date and time. 2 Select Synchronize with NTP Server. 3 Enter the address of an NTP server, if not prefilled. 4 Press Synchronize Now, to get your system time set correctly. If you want to make use of NTP permanently, enable Save NTP Configuration.
Page 127: 1 Remote Installation
Remote Installation SUSE® Linux Enterprise Desktop can be installed in several different ways. As well as the usual media installation covered in Chapter 3, Installation with YaST (page 17), you can choose from various network-based approaches or even take a completely hands-off approach to the installation of SUSE Linux Enterprise Desktop.
Page 128 IMPORTANT The configuration of the X Window System is not part of any remote installation process. After the installation has finished, log in to the target system as root, enter telinit 3, and start SaX2 to configure the graphics hardware. 11.1.1 Simple Remote Installation via VNC—Static Network Configuration This type of installation still requires some degree of physical access to the target system...
Page 129 2 Boot the target system using the first CD or DVD of the SUSE Linux Enterprise Desktop media kit. 3 When the boot screen of the target system appears, use the boot options prompt to set the appropriate VNC options and the address of the installation source. This is described in detail in Section 11.4, “Booting the Target System for Instal- lation”...
Page 130 • Target system with working network connection. • Controlling system with working network connection and VNC viewer software or Java-enabled browser (Firefox, Konqueror, Internet Explorer, or Opera). • Physical boot medium (CD, DVD, or custom boot disk) for booting the target sys- tem.
Page 131 11.1.3 Remote Installation via VNC—PXE Boot and Wake on LAN This type of installation is completely hands-off. The target machine is started and booted remotely. User interaction is only needed for the actual installation. This approach is suitable for cross-site deployments. To perform this type of installation, make sure that the following requirements are met: •...
Page 132 5 Initiate the boot process of the target system using Wake on LAN. This is de- scribed in Section 11.3.7, “Wake on LAN” (page 146). 6 On the controlling workstation, open a VNC viewing application or Web browser and connect to the target system as described in Section 11.5.1, “VNC Installation”...
Page 133 To perform this kind of installation, proceed as follows: 1 Set up the installation source as described in Section 11.2, “Setting Up the Server Holding the Installation Sources” (page 126). Choose an NFS, HTTP, or FTP network server. For an SMB installation source, refer to Section 11.2.5, “Managing an SMB Installation Source”...
Page 134 For this type of installation, make sure that the following requirements are met: • Remote installation source: NFS, HTTP, FTP, or SMB with working network connection. • Target system with working network connection. • Controlling system with working network connection and working SSH client software.
Page 135 11.1.6 Remote Installation via SSH—PXE Boot and Wake on LAN This type of installation is completely hands-off. The target machine is started and booted remotely. To perform this type of installation, make sure that the following requirements are met: • Remote installation source: NFS, HTTP, FTP, or SMB with working network connection.
Page 136: Setting Up The Server Holding The Installation Sources
6 On the controlling workstation, start an SSH client and connect to the target system as described in Section 11.5.2, “SSH Installation” (page 152). 7 Perform the installation as described in Chapter 3, Installation with YaST (page 17). Reconnect to the target system after it reboots for the final part of the installation.
Page 137 type is already running on your system and you want to configure it manually for the server, deactivate the automatic configuration of the server service with Do Not Configure Any Network Services. In both cases, define the directory in which the installation data should be made available on the server. 4 Configure the required server type.
Page 138 Consider announcing your installation source via OpenSLP if your network setup supports this option. This saves you from entering the network in- stallation path on every target machine. The target systems are just booted using the SLP boot option and find the network installation source without any further configuration.
Page 139 Setting up an NFS source for installation is basically done in two steps. In the first step, create the directory structure holding the installation data and copy the installation media over to this structure. Second, export the directory holding the installation data to the network.
Page 140 3 Select Start and Open Port in Firewall and click Next. 4 Select Add Directory and browse for the directory containing the installation sources, in this case, productversion. 5 Select Add Host and enter the hostnames of the machines to which to export the installation data.
Page 141 1 Log in as root. 2 Enter the directory /etc/slp.reg.d/. 3 Create a configuration file called install.suse.nfs.reg containing the following lines: # Register the NFS Installation Server service:install.suse:nfs://$HOSTNAME/path_to_instsource/CD1,en,65535 description=NFS Installation Source Replace path_to_instsource with the actual path to the installation source on your server.
Page 142 2c Create a subdirectory holding the installation sources in the FTP root direc- tory: mkdir instsource Replace instsource with the product name. 2d Mount the contents of the installation repository into the change root envi- ronment of the FTP server: mount --bind path_to_instsource /srv/ftp/instsource Replace path_to_instsource and instsource with values matching your setup.
Page 143 11.2.4 Setting Up an HTTP Installation Source Manually Creating an HTTP installation source is very similar to creating an NFS installation source. HTTP installation sources can be announced over the network using OpenSLP as well. 1 Create a directory holding the installation sources as described in Section 11.2.2, “Setting Up an NFS Installation Source Manually”...
Page 144 3a Create a configuration file called install.suse.http.reg under /etc/slp.reg.d/ that contains the following lines: # Register the HTTP Installation Server service:install.suse:http://$HOSTNAME/srv/www/htdocs/instsource/CD1/,en,65535 description=HTTP Installation Source Replace instsource with the actual path to the installation source on your server. The service: line should be entered as one continuous line. 3b Save this configuration file and start the OpenSLP daemon using rcslpd restart.
Page 145 To use a SMB mounted share as installation source, proceed as follows: 1 Boot the installation target. 2 Select Installation. 3 Press F4 for a selection of installation sources. 4 Choose SMB and enter the Windows machine's name or IP address, the share name (INSTALL/product/CD1, in this example), username, and password.
Page 146: Preparing The Boot Of The Target System
Replace path_to_iso with the path to your local copy of the ISO image, path_to_instsource with the source directory of your server, product with the product name, and mediumx with the type (CD or DVD) and number of media you are using. 6 Repeat the previous step to mount all ISO images needed for your product.
Page 147 1 Log in as root to the machine hosting the DHCP server. 2 Start YaST > Network Services > DHCP Server. 3 Complete the setup wizard for basic DHCP server setup. 4 Select Expert Settings and select Yes when warned about leaving the start-up di- alog.
Page 148 # "next-server" defines the tftp server that will be used next-server ip_tftp_server: # "filename" specifies the pxelinux image on the tftp server # the server runs in chroot under /srv/tftpboot filename "pxelinux.0"; Replace ip_of_the_tftp_server with the actual IP address of the TFTP server.
Page 149 11.3.2 Setting Up a TFTP Server Set up a TFTP server with YaST on SUSE Linux Enterprise Server and SUSE Linux Enterprise Desktop or set it up manually on any other Linux operating system that supports xinetd and tftp. The TFTP server delivers the boot image to the target system once it boots and sends a request for it.
Page 150 4a If it does not exist, create a file called tftp under this directory with touch tftp. Then run chmod 755 tftp. 4b Open the file tftp and add the following lines: service tftp socket_type = dgram protocol = udp wait = yes user...
Page 151 4 Change to the directory of your installation repository and copy the isolinux .cfg file to /srv/tftpboot/pxelinux.cfg/default by entering the following: cp -a boot/<architecture>/loader/isolinux.cfg /srv/tftpboot/pxelinux.cfg/default 5 Edit the /srv/tftpboot/pxelinux.cfg/default file and remove the lines beginning with gfxboot, readinfo, and framebuffer. 6 Insert the following entries in the append lines of the default failsafe and apic labels: insmod=kernel module...
Page 152 TIP: Changing Kernel and Initrd Filenames It is possible to use different filenames for kernel and initrd images. This is useful if you want to provide different operating systems from the same boot server. However, you should be aware, that only one dot is permitted in the filenames that are provided by tftp for the pxe boot.
Page 153 prompt timeout Replace ip_instserver and path_instsource with the values used in your setup. The following section serves as a short reference to the PXELINUX options used in this setup. Find more information about the options available in the documen- tation of the syslinux package located under /usr/share/doc/ packages/syslinux/.
Page 154 title mytitle kernel my_kernel my_kernel_options initrd myinitrd PXELINUX uses the following syntax: label mylabel kernel mykernel append myoptions Labels are mangled as if they were filenames and they must be unique after man- gling. For example, the two labels “v2.1.30” and “v2.1.31” would not be distin- guishable under PXELINUX because both mangle to the same DOS filename.
Page 155: Wake On Lan
keyboard, assuming the user will complete the command begun. A time-out of zero disables the time-out completely (this is also the default). The maximum possible time-out value is 35996 (just less than one hour). PROMPT flag_val If flag_val is 0, displays the boot prompt only if Shift or Alt is pressed or Caps Lock or Scroll Lock is set (this is the default).
Page 156: Booting The Target System For Installation
11.3.7 Wake on LAN Wake on LAN allows a machine to be turned on by a special network packet containing the machine's MAC address. Because every machine in the world has a unique MAC identifier, you do not need to worry about accidentally turning on the wrong machine. IMPORTANT: Wake on LAN across Different Network Segments If the controlling machine is not located in the same network segment as the installation target that should be awakened, either configure the WOL requests...
Page 157 11.4.1 Using the Default Boot Options The boot options are described in detail in Chapter 3, Installation with YaST (page 17). Generally, just selecting Installation starts the installation boot process. If problems occur, use Installation—ACPI Disabled or Installation—Safe Settings. For more information about troubleshooting the installation process, refer to Section “In- stallation Problems”...
Page 158 Table 11.1 Installation (Boot) Scenarios Used in This Chapter Installation Scenario Parameters Needed for Boot Options Booting Chapter 3, Installation None: system boots auto- None needed with YaST (page 17) matically Section 11.1.1, “Simple • Location of the in- • install=(nfs,http, Remote Installation via stallation server ftp,smb):///path...
Page 159 Installation Scenario Parameters Needed for Boot Options Booting Section 11.1.4, “Simple • Location of the in- • install=(nfs,http, Remote Installation via stallation server ftp,smb):///path SSH—Static Network • Network device _to_instmedia Configuration” • IP address • netdevice=some (page 122) • Netmask _netdevice (only need- •...
Page 160: Monitoring The Installation Process
TIP: More Information about linuxrc Boot Options Find more information about the linuxrc boot options used for booting a Linux system at http://en.opensuse.org/Linuxrc. 11.5 Monitoring the Installation Process There are several options for remotely monitoring the installation process. If the proper boot options have been specified while booting for installation, either VNC or SSH can be used to control the installation and system configuration from a remote workstation.
Page 161 1 Start the KDE file and Web browser Konqueror. 2 Enter service://yast.installation.suse in the location bar. The target system then appears as an icon in the Konqueror screen. Clicking this icon launches the KDE VNC viewer in which to perform the installation. Alternatively, run your VNC viewer software with the IP address provided and add :1 at the end of the IP address for the display the installation is running on.
Page 162 1 Launch your preferred Web browser. 2 Enter the following at the address prompt: http://ip_address_of_target:5801 3 Enter your VNC password when prompted to do so. The browser window now displays the YaST screens as in a normal local installation. 11.5.2 SSH Installation Using SSH, you can remotely control the installation of your Linux machine using any SSH client software.
Page 163 4 When prompted for the password, enter the password that has been set with the SSH boot option. After you have successfully authenticated, a command line prompt for the installation target appears. 5 Enter yast to launch the installation program. A window opens showing the normal YaST screens as described in Chapter 3, Installation with YaST (page 17).
Page 165: 2 Advanced Disk Setup
Advanced Disk Setup Sophisticated system configurations require particular disk setups. All common parti- tioning tasks can be done with YaST. To get persistent device naming with block devices, use the block devices below /dev/disk/by-id or /dev/disk/by-uuid. Logical Volume Management (LVM) is a disk partitioning scheme that is designed to be much more flexible than the physical partitioning used in standard setups.
Page 166 Figure 12.1 The YaST Partitioner All existing or suggested partitions on all connected hard disks are displayed in the list of Available Storage in the YaST Expert Partitioner dialog. Entire hard disks are listed as devices without numbers, such as /dev/sda. Partitions are listed as parts of these devices, such as /dev/sda1.
Page 167 12.1.1 Partition Types Every hard disk has a partition table with space for four entries. Every entry in the partition table corresponds to a primary partition or an extended partition. Only one extended partition entry is allowed, however. A primary partition simply consists of a continuous range of cylinders (physical disk areas) assigned to a particular operating system.
Page 168 4 Specify additional file system options if your setup requires them. This is neces- sary, for example, if you need persistent device names. For details on the available options, refer to Section 12.1.3, “Editing a Partition” (page 158). 5 Click OK > Apply to apply your partitioning setup and leave the partitioning module.
Page 169 system speed, because the encryption takes some time. More information about the encryption of file systems is provided in Chapter 11, Encrypting Partitions and Files (↑Security Guide). Fstab Options Specify various parameters contained in the global file system administration file (/etc/fstab). The default settings should suffice for most setups. You can, for example, change the file system identification from the device name to a volume label.
Page 170 12.1.4 More Partitioning Tips The following section comprises a few hints and tips on partitioning that should help you in taking the right decisions while setting up your system. TIP: Cylinder Numbers Note, that different partitioning tools may start counting the cylinders of a partition with 0 or with 1.
Page 171 resolves the issue. Note, that you will need a certain amount of swap if the computer should perform a “suspend to disk”. In that case, the swap size should be reasonably big to contain the necessary data from memory (512 MB–1GB). System with lots of swap (several GB) It is better to not have an application that is running wild and swapping frantically, in this case.
Page 172 4 Check the current available swap spaces with the command cat /proc/swaps Note, that at this point this is only temporary swap space. After the next reboot, it is not used anymore. 5 To enable this swap file permanently, add the following line to /etc/fstab: /var/lib/swap/swapfile swap swap defaults 0 0 12.1.5 Partitioning and LVM From the expert partitioner, access the LVM configuration with Volume Management.
Page 173: Lvm Configuration
12.2 LVM Configuration This section briefly describes the principles behind the Logical Volume Manager (LVM) and its basic features that make it useful under many circumstances. In Section 12.2.2, “LVM Configuration with YaST” (page 165), learn how to set up LVM with YaST. WARNING Using LVM might be associated with increased risk, such as data loss.
Page 174 Figure 12.2 Physical Partitioning versus LVM DISK DISK 1 DISK 2 PART PART PART PART PART PART PART PART VG 1 VG 2 LV 1 LV 2 LV 3 LV 4 Figure 12.2, “Physical Partitioning versus LVM” (page 164) compares physical parti- tioning (left) with LVM segmentation (right).
Page 175 • The snapshot feature enables consistent backups (especially for servers) in the running system. With these features, using LVM already makes sense for heavily used home PCs or small servers. If you have a growing data stock, as in the case of databases, music archives, or user directories, LVM is just the right thing for you.
Page 176 Creating Volume Groups If no volume group exists on your system yet, you have to add one (see Figure 12.3, “Creating a Volume Group” (page 166)). It is possible to create additional groups with Add Volume Group, but usually one single volume group is sufficient. 1 Enter a name for the VG, e.g.
Page 177 If you have multiple volume groups defined, and want to add or remove PVs, select the volume group in Volume Management. Then change to the Overview tab and select Resize. In the following menu, you can add or remove PVs to the selected volume group.
Page 178: Soft Raid Configuration
By using stripes it is possible to distribute the data stream in the LV among several PVs (striping). If these PVs reside on different hard disks, this generally results in a better reading and writing performance (like RAID 0). However, a striping LV with n stripes can only be created correctly if the hard disk space required by the LV can be distributed evenly to n PVs.
Page 179 RAID 0 This level improves the performance of your data access by spreading out blocks of each file across multiple disk drives. Actually, this is not really a RAID, because it does not provide data backup, but the name RAID 0 for this type of system has become the norm.
Page 180 can fail at the same time. If one hard disk fails, it must be replaced as soon as pos- sible to avoid the risk of losing data. Other RAID Levels Several other RAID levels have been developed (RAIDn, RAID 10, RAID 0+1, RAID 30, RAID 50, etc.), some of them being proprietary implementations created by hardware vendors.
Page 181: Troubleshooting
Figure 12.5 RAID Partitions To add a previously unassigned partition to the selected RAID volume, first click the partition then Add. Assign all partitions reserved for RAID. Otherwise, the space on the partition remains unused. After assigning all partitions, click Next to select the available RAID Options.
Page 182: For More Information
12.3.3 For More Information Configuration instructions and more details for soft RAID can be found in the HOWTOs • /usr/share/doc/packages/mdadm/Software-RAID.HOWTO.html • http://en.tldp.org/HOWTO/Software-RAID-HOWTO.html http://marc.theaimsgroup Linux RAID mailing lists are also available, such as .com/?l=linux-raid. Deployment Guide...
Page 183: 3 Subscription Management
Novell Customer Center and the NU servers. To use an SMT server for client registration and as a local update source, you must configure the SMT server in your network first.
Page 184: Using Kernel Parameters To Access An Smt Server
There are several ways to provide this information and to configure the client machine to use SMT. The first way is to provide the needed information via kernel parameters at boot time. The second way is to configure clients using an AutoYaST profile. There is also a script distributed with Subscription Management Tool, clientSetup4SMT.sh, which can be run on a client to make it register against a specified SMT server.
Page 185: Configuring Clients Using Autoyast Profile
regcert=/data/inst/smt/smt-ca.cert Interactive Use ask to open a pop-up menu during installation where you can specify the path to the certificate. Do not use this option with AutoYaST. Example: regcert=ask Deactivate Certificate Installation Use done if either the certificate will be installed by an add-on product, or if you are using a certificate issued by an official certificate authority.
Page 186 2 Open an existing profile using File > Open, create a profile based on the current system's configuration using Tools > Create Reference Profile, or just work with an empty profile. 3 Select Support > Novell Customer Center Configuration. An overview of the current configuration is shown. 4 Click Edit.
Page 187: Configuring Clients Using The Clientsetup4Smt.sh Script
13.3 Configuring Clients Using the clientSetup4SMT.sh Script The /usr/share/doc/packages/smt/clientSetup4SMT.sh script is provided with SMT. This script allows to configure a client machine to use a SMT server or to reconfigure it to use a different SMT server. To configure a client machine to use SMT with the clientSetup4SMT.sh script, follow these steps: 1 Copy the /usr/share/doc/packages/smt/clientSetup4SMT.sh script from your SMT server to the client machine.
Page 188 register = command=register&testenv=1 For more information about using SMT with a test environment, refer to the Subscription Management Tool Guide. Deployment Guide...
Page 189: Part Ii Imaging And Creating Products
Part II. Imaging and Creating Products...
Page 191: 4 Kiwi
KIWI KIWI is a system for creating operating system images. An image is a directory with a file containing the operating system, its applications and configurations, the filesystem structure of the OS, possible additional metadata, and depending on the image type, also disk geometry and partition table data.
Page 192: Knowing Kiwi's Build Process
Image Type Package Name USB Sticks kiwi-desc-usbboot Network Client kiwi-desc-netboot 3. Install the kiwi-doc package. You can find some example configurations to get an idea about the structure and its content. 4. Know the KIWI configuration file and its structure. It is based on a RELAX NG schema and documented in the kiwi package under /usr/share/doc/ packages/kiwi/kiwi.html.
Page 193 14.3.1 Contents of Image Description The following table contains additional optional information. However, most of infor- mation is mandatory for the functionality of the later operating system: Table 14.1 Additional Files and Directories For Image Description File/Directory Description config/ optional subdirectory. Contains Bash scripts which are executed after the installation of all the image packages.
Page 194 14.3.2 The config.xml File All information about an image description is stored in the central configuration XML file config.xml. Each time KIWI is executed, config.xml is validated against http://www.relaxng.org an RELAX NG schema (see for more information about this schema language). Therefor it is recommended, to use a decent XML editor with RELAX NG support or to use the documentation about the schema in the HTML file /usr/share/doc/packages/kiwi/schema/kiwi.xsd.html.
Page 195 Example 14.1 KIWI Configuration File <image schemeversion="2.0" name="..."> <description type="system"> <author>...</author> <contact>...</contact> <specification>...</specification> </description> <preferences> <type primary="true" boot="..." flags="...">iso</type> <type boot="..." filesystem="ext3" format="vmdk">vmx</type> <type boot="..." filesystem="ext3">xen</type> <type boot="..." filesystem="squashfs" flags="unified">oem</type> <version>2.7.0</version> <size unit="M">780</size> <packagemanager>zypper</packagemanager> <rpm-check-signatures>False</rpm-check-signatures> <rpm-force>False</rpm-force> <locale>en_US.UTF-8</locale> <oem-swap>no</oem-swap> <oem-boot-title>USB</oem-boot-title> </preferences> <users group="users">...
Page 196: Creating Appliances With Kiwi
Contains a mandatory list of packages which are included into the image. More details about the configuration file is shown in the HTML page above. 14.4 Creating Appliances with KIWI This section describes how to create appliances with KIWI. An appliance is a special designed operating system for a specific task.
Page 197: Creating An Image
<repository type="...">   <source path="opensuse://openSUSE:11.0/standard"/> </repository> 14.4.2 Creating an Image An image is a virtual disk image containing all partitions, boot loader information, and packages as it resides on a real disk. To create an ISO image, proceed as follows: 1 Install the packages kiwi and kiwi-doc and resolve any dependencies.
Page 198: For More Information
3 Open the file suse-oem-preload/config.xml and locate the packages element with the attribute type="image". 4 Insert the following line between <packages type="image"> and </packages> and save the file: <package name="nfs-client"/> 5 Rebuild the image as described in Step 5 (page 187). 14.5 For More Information Find more information about KIWI in the following documents: •...
Page 199: 5 Creating Add-On Products With Add-On Creator
Creating Add-On Products With Add-on Creator An Add-On is a special designed media, usually a CD or DVD, to extend your product. The Add-on Creator was developed to support our customers and partners and simplify third-party software distribution for all SUSE products. 15.1 Creating Images To create a Add-On CD, proceed as follows: 1 Start YaST and open the Add-On Creator module.
Page 200: Add-On Structure
4 Correct the product definition and enter a vendor name. Disable Show Only Required Keywords to display more keywords. 5 Optionally change the package descriptions. Use Add Language to insert a new language and add translated descriptions. 6 Optionally add new patterns. With patterns you can group your RPM packages. Use New to add a new pattern name and change the respective attributes in the list below.
Page 201: For More Information
ARCHIVES.gz Contains the gzipped contents of all RPM files. It is actually a listing of the rpm command with the options -qil for each RPM file. Changelog Contains all the changes of the RPM files. content Contains information about your Add-On product. content.asc Contains the signature file from GnuPG.
Page 202 • http://en.opensuse.org/Creating_YaST_Installation _Sources—YaST installation source creation • http://en.opensuse.org/Libzypp/Metadata/YaST—YaST metadata description • http://developer.novell.com/wiki/index.php/Creating _Add-ons— Deployment Guide...
Page 203: 6 Creating Images With Yast Product Creator
Creating Images with YaST Product Creator The YaST Product Creator is a unified graphical front-end for KIWI and Add-on Creator. It was developed to provide image creation functionality in one place. All tools integrated in the YaST Product Creator are still available as separate YaST modules or applications. 16.1 Prerequisites for Product Creator Before you can create images with the YaST Product Creator, make sure you meet the following prerequisites:...
Page 204 If you have been used the Product Creator already before, select Add to create a new product definition and enter the configuration name and choose the method. 2 Select or deselect package sources. To select a source, select it from the table and click Select.
Page 205: For More Information
• Create Image with KIWI... Use the pull-down menu to choose from different target formats, such as Live media or Xen images. 16.3 For More Information Find more information about creating system images and related topics in the following documents: •...
Page 207: 7 Deploying Customized Preinstallations
Deploying Customized Preinstallations Rolling out customized preinstallations of SUSE Linux Enterprise Desktop to a large number of identical machines spares you from installing each one of them separately and provides a standardized installation experience for the end users. With YaST first- boot, create customized preinstallation images and determine the workflow for the final personalization steps that involve end user interaction.
Page 208: Preparing The Master Machine
17.1 Preparing the Master Machine To prepare a master machine for a firstboot workflow, proceed as follows: 1 Insert the installation media into the master machine. 2 Boot the machine. 3 Perform a normal installation including all necessary configuration steps and wait for the installed machine to boot.
Page 209 • Customizing licenses and license actions as described in Section 17.2.2, “Customiz- ing the License Action” (page 200). • Customizing the release notes to display as described in Section 17.2.3, “Customiz- ing the Release Notes” (page 201). • Customizing the order and number of components involved in the installation as described in Section 17.2.4, “Customizing the Workflow”...
Page 210 FIRSTBOOT_WELCOME_DIR="/usr/share/firstboot/" 2b If your welcome message has filenames other than welcome.txt and welcome_locale.txt (where locale matches the ISO 639 language codes such as “cs” or “de”), specify the filename pattern in FIRSTBOOT_WELCOME_PATTERNS. For example: FIRSTBOOT_WELCOME_PATTERNS="mywelcome.txt" If unset, the default value of welcome.txt is assumed. 3 Create the welcome file and the localized versions and place them in the directory specified in the /etc/sysconfig/firstboot configuration file.
Page 211 17.2.3 Customizing the Release Notes Depending on whether you have changed the instance of SUSE Linux Enterprise Desktop you are deploying with firstboot, you probably need to educate the end users about important aspects of their new operating system. A standard installation uses re- lease notes, displayed during one of the final stages of the installation, to provide im- portant information to the users.
Page 212 • root Password • User Authentication Method • User Management • Hardware Configuration • Finish Setup This standard layout of a firstboot installation workflow is not mandatory. You can enable or disable certain components or hook your own modules into the workflow. To modify the firstboot workflow, manually edit the firstboot configuration file /etc/ YaST2/firstboot.xml.
Page 213 The mode of this proposal. Do not make any changes here. For a firstboot instal- lation, this must be set to installation. The stage of the installation process at which this proposal is invoked. Do not make any changes here. For a firstboot installation, this must be set to firstboot.
Page 214 enable_next Include the Next button in all dialogs. archs Specify the hardware architectures on which this workflow should be used. Example 17.3 Configuring the List of Workflow Components <modules config:type="list"> <module> <label>Language</label> <enabled config:type="boolean">false</enabled> <name>firstboot_language</name> </module> <modules> The container for all components of the workflow. The module definition.
Page 215 • To change the order of proposals, move the respective module elements containing the proposal screens around in the workflow. Note that there may be dependencies to other installation steps that require a certain order of proposals and workflow components. 3 Apply your changes and close the configuration file.
Page 216 .ycp suffix. 5 Apply your settings and close the configuration file. TIP: For More Information http://developer For more information about YaST development, refer to .novell.com/wiki/index.php/YaST. Detailed information about YaST http://forgeftp.novell.com/yast/doc/ firstboot can be found at SL11.1/tdg/inst_in_general_chap.html. 17.2.5 Configuring Additional Scripts firstboot can be configured to execute additional scripts after the firstboot workflow has been completed.
Page 217: Cloning The Master Installation
17.3 Cloning the Master Installation Clone the master machine's disk using any of the imaging mechanisms available to you and roll these images out to the target machines. For more information about imaging Chapter 14, KIWI (page 181). 17.4 Personalizing the Installation As soon as the cloned disk image is booted, firstboot starts and the installation proceeds exactly as laid out in Section 17.2.4, “Customizing the Workflow”...
Page 219: Part Iii Automated Installations
Part III. Automated Installations...
Page 221: 8 Automated Installation
Automated Installation AutoYaST allows you to install SUSE® Linux Enterprise on a large number of machines in parallel. The AutoYaST technology offers great flexibility to adjust deployments to heterogeneous hardware. This chapter tells you how to prepare a simple automated in- stallation and lay out an advanced scenario involving different hardware types and in- stallation purposes.
Page 222 4 Determine and set up the boot scenario for autoinstallation as described in Sec- tion 18.1.4, “Setting Up the Boot Scenario” (page 217). 5 Pass the command line to the installation routines by adding the parameters manually or by creating an info file as described in Section 18.1.5, “Creating the info File”...
Page 223 3 Select Tools > Create Reference Control File to prepare AutoYaST to mirror the current system configuration into an AutoYaST profile. 4 As well as the default resources, like boot loader, partitioning, and software se- lection, you can add various other aspects of your system to the profile by checking the items in the list in Create a Reference Control File.
Page 224 Figure 18.1 Editing an AutoYaST Profile with the AutoYaST Front-End 18.1.2 Distributing the Profile and Determining the autoyast Parameter The AutoYaST profile can be distributed in several different ways. Depending on the protocol used to distribute the profile data, different AutoYaST parameters are used to make the profile location known to the installation routines on the client.
Page 225 Profile Lo- Parameter Description cation Device autoyast=device:// Makes the installation routines look for the control file on a storage device. Only /path the device name is needed—/dev/sda1 is wrong, use sda1 instead. Floppy autoyast=floppy:// Makes the installation routines look for the control file on a floppy in the floppy /path drive.
Page 226 2 Omit the exact path including the filename when creating the autoyast= pa- rameter, for example: autoyast=tftp://192.168.1.115/ 3 Start the autoinstallation. YaST tries to determine the location of the profile in the following way: 1. YaST searches for the profile using its own IP address in uppercase hexadecimal, for example, 192.0.2.91 is C000025B.
Page 227 To provide the installation sources over the network, set up a network installation server (HTTP, NFS, FTP) as described in Section 11.2.1, “Setting Up an Installation (page 126). Use an info file to pass the server's location to the Server Using YaST” installation routines.
Page 228 The same example for autoinstallation looks like this: default linux # default label linux kernel linux append initrd=initrd install=http://192.168.1.115/install/suse-enterprise/ autoyast=nfs://192.168.1.110/profiles/autoyast.xml Replace the example IP addresses and paths with the data used in your setup. Preparing to Boot from CD-ROM There are several ways in which booting from CD-ROM can come into play in Auto- YaST installations.
Page 229 In both cases, you may also need to change media depending on the scope of instal- lation. You need: • The SUSE Linux Enterprise media • A floppy holding both the profile and the info file Access to the boot prompt of the target to enter the autoyast= parameter Boot and Install from Custom Media, Get the Profile from the Media If you just need to install a limited number of software packages and the number of targets is relatively low, creating your own custom CD holding both the installa-...
Page 230 IMPORTANT: Separating Parameters and Values When passing parameters to linuxrc at the boot prompt, use = to separate parameter and value. When using an info file, separate parameter and value with :. Keyword Value netdevice The network device to use for network setup (for BOOTP/DHCP requests).
Page 231 autoyast:profile_source install:install_source vnc:1 vncpassword:some_password If you prefer a static network setup at installation time, your info file would look like the following: autoyast:profile_source \ install:install_source \ hostip:some_ip \ netmask:some_netmask \ gateway:some_gateway The \ indicate that the line breaks have only been added for the sake of readability. All options must be entered as one continuous string.
Page 232 vnc: 1 vncpassword: test autoyast: file:///info # end_linuxrc_conf # Do not remove the above comment ]]> </info_file> </init> ..</install> ..linuxrc loads the profile containing the boot parameters instead of the traditional info file. The install: parameter points to the location of the installation sources. vnc and vncpassword indicate the use of VNC for installation monitoring.
Page 233: Rule-Based Autoinstallation
18.2 Rule-Based Autoinstallation The following sections introduce the basic concept of rule-based installation using AutoYaST and provide an example scenario that enables you to create your own custom autoinstallation setup. 18.2.1 Understanding Rule-Based Autoinstallation Rule-based AutoYaST installation allows you to cope with heterogeneous hardware environments: •...
Page 234 • Create custom rules by running shell scripts and passing their output to the Auto- YaST framework. The number of custom rules is limited to five. NOTE For more information about rule creation and usage with AutoYaST, refer to the package's documentation under /usr/share/doc/packages/ autoyast2/html/index.html, Chapter Rules and Classes.
Page 235 18.2.2 Example Scenario for Rule-Based Autoinstallation To get a basic understanding of how rules are created, think of the following example, depicted in Figure 18.2, “AutoYaST Rules” (page 226). One run of AutoYaST installs the following setup: A Print Server This machine just needs a minimal installation without a desktop environment and a limited set of software packages.
Page 236 Figure 18.2 AutoYaST Rules AutoYaST Directory Enigineering Department Computers rules.xml File Rule 1 Eng. Profile Rule 2 Rule 3 Sales Profile Sales Department Laptops Merge Process Print Server Profile Print Server In a first step, use one of the methods outlined in Section 18.1.1, “Creating an AutoYaST Profile”...
Page 237 In the second step, create rules to distinguish the three hardware types from one another and to tell AutoYaST which profile to use. Use an algorithm similar to the following to set up the rules: 1. Does the machine have an IP of 192.168.2.253? Then make it the print server. 2.
Page 238: For More Information
<operator>and</operator> </rule> <rule> <haspcmcia> <match>0</match> <match_type>exact</match_type> </haspcmcia> <result> <profile>engineering.xml</profile> <continue config:type="boolean">false</continue> </result> </rule> </rules> </autoinstall> When distributing the rules file, make sure that the rules directory resides under the profiles directory specified in the autoyast=protocol:serverip/ profiles/ URL. AutoYaST looks for a rules subdirectory containing a file named rules.xml first then loads and merges the profiles specified in the rules file.
Page 239: 9 Automated Deployment Of Preload Images
Automated Deployment of Preload Images With KIWI you are able to create operating system images. This chapter handles the process of deploying an system image to an empty machine. For this, you have to create a preload image which contains a bootable RAW image. This file contains two important parts: a partition table and the actual operating system.
Page 240: Deploying System Manually From Rescue Image
19.1 Deploying system manually from rescue image Deploying with generated ISO file from KIWI: 1. Burn the ISO image you get from the KIWI building process, see Section 14.4.2, “Creating an Image” (page 187) on CD/DVD 2. Boot from this medium on the machine you want to install the system. 3.
Page 241: Automated Deployment With Pxe Boot
19.2 Automated Deployment with PXE Boot When doing many installations of a operating system on similar hardware, it is useful to put some effort into preparing a mass deployment of the operating system and to minimize the time needed for the actual deployment. This is what this chapter is about. The goal is to just attach a computer to power and network, start a network boot, and wait until it switches off again.
Page 242 19.2.1 Setup a Boot and Install Server There are four steps to accomplish to perform this task after you installed a SUSE Linux Enterprise Server: To perform this type of installation, proceed as follows: 1 Set up the installation source as described in Section 11.2, “Setting Up the Server Holding the Installation Sources”...
Page 243 • Depending on the desired usage of the preload, some effort should be invested in configuring firstboot. Find more details about firstboot in Chapter 17, Deploying Customized Preinstallations (page 197). With this method you can also require the user to do initial configurations at the first bootup of the system. •...
Page 244 mkinitrd -f busybox -D eth0 Note that eth0 represents the ethernet device where your network cable is at- tached to. The parameter -f busybox adds the multi call binary busybox to the ram filesystem. After doing this, many standard unix commands are available inside this system.
Page 245 rawimage=$(get_param rawimage) [ "$(get_param rawdevice)" ]; then rawdevice=$(get_param rawdevice) echo "wget -O ${rawdevice} ${rawimage}" wget -O ${rawdevice} ${rawimage} sync sleep 5 echo "DONE" # /bin/bash /bin/poweroff -f 12 If you want to have a debug shell before the computer switches off, remove the comment sign before /bin/bash.
Page 246 • Setup a dhcp server. The subnet where the machines are installed needs the addi- tional lines: filename "pxelinux.0"; next-server 192.168.1.115; In this example, 192.168.1.115 is the ip address of the PXE server pxe.example.com. • Configure a PXE server as described in Section 11.3.3, “Using PXE Boot”...

This manual is also suitable for:

Suse linux enterprise desktop 11

Novell LINUX ENTERPRISE DESKTOP 11 - DEPLOYMENT GUIDE 17-03-2009 Deployment Manual

About this Guide

1 Planning for SUSE Linux Enterprise Desktop

Part I Manual Deployment

2 Deployment Strategies

3 Installation with Yast

4 Updating SUSE Linux Enterprise

5 Setting up Hardware Components with Yast

6 Installing or Removing Software

7 Installing Add-On Products

8 Accessing the Internet

9 Managing Users with Yast

10 Changing Language and Country Settings with Yast

1 Remote Installation

2 Advanced Disk Setup

3 Subscription Management

Part II Imaging and Creating Products

4 Kiwi

5 Creating Add-On Products with Add-On Creator

6 Creating Images with Yast Product Creator

7 Deploying Customized Preinstallations

Part III Automated Installations

8 Automated Installation

9 Automated Deployment of Preload Images

Quick Links

Related Manuals for Novell LINUX ENTERPRISE DESKTOP 11 - DEPLOYMENT GUIDE 17-03-2009

Summary of Contents for Novell LINUX ENTERPRISE DESKTOP 11 - DEPLOYMENT GUIDE 17-03-2009

This manual is also suitable for:

Table of Contents