Copyright © 2006 Novell, Inc.
這份文件只是 SUSE Linux 10.1 的初始版本說明。版本說明將於日後完成。
這些版本說明包含下列範圍:
一般:每位使用者都應讀取的資訊。
更新:《啟動手冊》第二章沒有提及的變更項目。
安裝: 其他關於安裝的資訊。
技術:這一節包含了許多技術變更內容,以及經驗豐富使用者適用的增強功能。
如需取得安裝和基本系統組態的詳細資訊,請參閱《啟動手冊》。如需取得系統組態的詳細說明資訊,請參閱《參考指南》。此外,如需有關最重要應用程式的詳細資訊,請參閱《應用程式手冊》。
The new registration procedure helps customers to manage their systems with Novell's infrastructure. Once registered, packages and patch sources suitable for the current system are automatically detected and made available to the package management system (zmd). Register as part of the installation procedure, using the YaST module, or with the suse_register command.
The registration procedure transfers zmd's unique device identifier to Novell's registration Web service. To determine the appropriate packages and package sources, information about the hardware architecture, operating system, and version is also sent. The current time zone is transmitted then used to select a source mirror site in your area.
To provide maximum flexibility, Novell's Web service asks for required parameters depending on the needs of the registration procedure. The following local commands may be run to determine the needed information:
hwinfo
uname
PRIVACY: To allow for maximum customer privacy, the procedure can be configured to deny optionally requested parameters. It is still possible to register, but the experience may be less user-friendly because many human readable system parameters will not be displayed. If you do not register, the underlying system will continue to work. However, the registration service cannot provide the online update configuration unless registration is performed to pass mandatory information, including product, operating system type and version, and CPU type.
If you send only the mandatory information, your system is configured for getting online updates from an appropriate source. If you have a purchased version of SUSE Linux, you can send optional information to register for your installation support. Sending the optional information for SUSE Linux Enterprise products gives access to a wide range of additional features. See the Novell Web site for details.
Read more about applying patches to SUSE Linux in the PDF online-documentation on the first installation medium (docu/en/applying_patches.pdf).
This release of SUSE Linux Server ships with Novell AppArmor, which can protect your applications from software exploits. AppArmor protection can be enabled via the AppArmor control panel, which is located in YaST under Novell AppArmor.
The AppArmor profiles included with SUSE Linux have been developed in conjunction with our best efforts to reproduce how most users will use their software. The profiles we have provided will work unmodified for many users—however, some users will find our profiles too restrictive for their environments.
If you discover that some of your applications do not function as you expected, you may need to use the AppArmor Update Profile Wizard in YaST (or use the aa-logprof command line utility) to update your AppArmor profiles. You may place all your profiles into learning mode with the following:
aa-complain /etc/apparmor.d/*
When a program generates many complaints, the system's performance will be degraded; to mitigate this, we recommend periodically running the Update Profile Wizard (or aa-logprof) to update your profiles even if you choose to leave them in learning mode. This will reduce the number of learning events logged to disk which will improve the performance of the system.
SUSE Linux 隨附在僅包含二進位軟體之加入的 CD-ROM (CD6)。請在這張 CD-ROM 中,找出像是 Intel Centrino 的 WLAN 介面卡或是其他 Java 引擎。
在安裝或是升級過程一開始的「YaST 安裝類型」對話方塊中,啟動「從個別的媒體選項中包含加入的產品」,以便包含加入的媒體。
部分電腦啟動提供 Pango 支援的 Firefox 速度非常慢。這項效能似乎會依據 X 伺服器的不同而有所差異。如果您希望為環境開啟字型描繪功能,請設定 MOZ_DISABLE_PANGO=0:
export MOZ_DISABLE_PANGO=0
firefox
The English, German, and Czech manuals are the mandatory reference if the contents of a language version differs from the English text due to late software changes. Here is the list of noteworthy differences in the Start-Up manual:
Chapter 1, "Installation with YaST": The installation workflow is more detailed now: New section about "Selecting the Source of the Installation Data". The "Time Zone" gets set up between "System Analysis" and "Desktop Selection". There are now steps for "Cleanup" and "Completing Installation" with the possibility to "Clone this System for AutoYaST."
Chapter 2, "System Configuration with YaST": Enhancements and adjustments to "Installing and Removing Software", "Installing Add-On Products", "Automatic Online Update", "Registering", "Infrared Device" (IrDa), "Network Services" (Kerberos), and "Update from the Command Line" (rug User Management).
Instead of the Web Updater, use the Online Update YaST module. In "Network Services", NIS and NFS are split to client and server parts. "Start-Up Log" and "System Log" are separate sections now.
The "Saving the Package Selection" feature is not supported at the moment. The "Adding CD and DVD into System" (fstab) module was withdrawn.
若要套用安全性更新和安裝其他的軟體套件,請使用取代 SUSEwatcher 的 KDE、GNOME 適用的 ZENworks 更新程式Applet。ZENworks 更新程式會協助監控可用的修補程式。「YaST 控制中心」的線上更新程式屬於另外一種更新軟體。
如果要執行自動更新,請在 Cron Table 中使用 rug,以便取代「YaST 線上更新 (YOU)」。
如需關於這些功能的詳細資訊,請參閱《SUSE Linux 啟動手冊》。
Before starting a remote update (for example, with VNC), make sure that the firewall of your system is configured accordingly. Use YaST to open the ports that are required to access your system remotely. Start the YaST Control Center. Then click "Network Services" -> "Remote Administration" and select "Allow Remote Administration". If necessary, activate "Open Port in Firewall".
Read the YaST help text for more information.
Starting with SUSE Linux 10.1, the vsftpd FTP server can be configured to run independently or using the xinetd superdaemon. The default is now for independent use—in previous versions, the default was to use xinetd. To run it with xinetd, enable the service in the xinetd configuration file (/etc/xinetd.d/vsftpd) and set the following option line in /etc/vsftpd.conf:
listen=NO
隨附 MySQL 5.0 的 SUSE Linux。我們會在每次提供重大發行更新時,慎重建議您事先備份 MySQL 資料表檔案、以及建立 SQL 傾印。完成更新之後,/etc/init.d/mysql 會自動執行 mysql_fix_privilege_tables。如需更多相關資訊和詳細步驟指示,請參閱 http://dev.mysql.com/doc/refman/5.0/en/upgrade.html 內容。
安裝程序已詳述於《啟動指南》。
SUSE Linux 可以從 DVD 或是一組 CD-ROM 媒體進行安裝。然而,並非所有套件都會放入這些 CD-ROM 中。其中只會放入使用者最常安裝的套件。如需取得這些差異的概要清單,請參閱 http://www.novell.com/products/linuxpackages/professional/diff_cd_dvd.html 的內容。
如果系統缺少 DVD 光碟機,而且您需要特定套件時,請將 DVD 放到已連接網路的另一台機器,然後從遠端裝載它來進行安裝;或是使用 YaST 來選取公用 FTP 伺服器作為安裝來源。
If you encounter nonfunctional hardware, check the Hardware Compatibility List at http://en.opensuse.org/HCL. The list also offers tips on how to get certain hardware working, including information about third-party drivers for hardware, such as video cards.
Because some laptops cannot be detected properly, the "Laptop Selection" will not be enabled automaticaly. To add the "Laptop Selection", start the YaST software package management and select the "Laptop Selection" manually. If NetworkManager is not setup by default on your laptop, configure it manually during the network configuration.
基於安全性考量,sudo 不再提供 X 轉遞功能。如果您要像必須具備 root 權限的 YaST 方式一樣來啟動 X 程式,您可以先使用 su 成為 root,或是依照下列方式,透過 ssh 來呼叫它:
ssh -X -l root localhost yast2
現在 X.Org 6.9 提供了最新版本的 radeon 驅動程式,其可支援非矩形的 MergedFB、RN50/ES1000 晶片,以及在其他功能中的 VIVO 和 BIOS 熱鍵。我們的客戶期待這個版本的推出已有相當一段時間。由於改良的其中一些功能是有關驅動程式非常低階的部份,而且客戶已在部份晶片組修訂方面遭遇到問題;所以我們也提供 SUSE Linux 10.0 目前可以使用、但是功能較少的 radeon 驅動程式版本作為備用 -- 例如,這個備用版本不支援 DRI (「3D」)。舊的驅動程式稱為「radeonold」。我們不再支援舊版驅動程式,因為它目前已不再繼續研發。
如果您在 radeon 驅動程式使用上遇到問題,請透過 SaX2 設定切換成「radeonold」驅動程式。透過控制台提示方式,輸入 sax2 -m 0=radeonold 進行設定。
With some older i830 chipsets, dual head support for the X Window System is not available. Deactivate the dual head setting in the YaST hardware configuration dialog when installing SUSE Linux or manually run SaX2 (sax2) after installing SUSE Linux to deactivate dual head.
Because the sonypi kernel module does not work on recent Sony laptops, automatic loading of this module has been disabled. If you know that this kernel module does not cause trouble on your laptop, add sonypi to MODULES_LOADED_ON_BOOT in /etc/sysconfig/kernel.
下列核心模組不再提供:
AVM Fritz!Card DSL
AVM FRITZ! ISDN 介面卡
下面核心模組套件內部已變更:
各種無線 LAN 介面卡的驅動程式。Atheros WLAN 介面卡的 madwifi 驅動程式已移除。
基於技術性考量,我們已出於必要捨棄支援 Ralink WLAN 介面卡。舊版驅動程式無法配合核心版本 2.6.16 使用,而新版本的介面卡目前仍不夠穩定。我們會在新版本介面卡足夠穩定之後,盡快推出更新版本的驅動程式。
Find additional drivers in the kmp packages. For background information, see http://en.opensuse.org/Kernel_Module_Packages.
部分機器會在機器閒置或是省電功能啟動時,因執行 CPU 頻率比例調整而導致安裝中斷。出現這種情況時,請在安裝過程中使用 POWERSAVE=off 作為開機參數,以便停用 Powersave 精靈。
如果沒有在安裝一開始的 CD 開機指定這個參數,您就必須在之後使用 chkconfig powersaved off 來停用省電功能。
32 位元 x86 結構的本機和 IO APIC 已經完成更改。本機和 IO APIC (I/O 進階可程式插斷控制器,I/O Advanced Programmable Interrupt Controller) 是取代 PC 型式插斷控制器的 SMP 型式插斷控制器。SMP 系統和所有的最新單一處理器系統,都會裝置這類的控制器。
直到目前為止,單一處理器系統中的本機和 IO APIC 都是預設為停用狀態,因此必須手動使用 "apic" kernel 參數來加以啟動。現在,此控制器會依預設執行,而且可以手動關閉。如果是 64 位元系統,APIC 一律預設為啟用狀態。
只要系統是採用比 2001 版本還新的 BIOS 版本,其本機和 IO APIC 就會預設為啟用狀態,除非該 BIOS 中已經停用本機和 IO APIC、或是由使用者執行關閉。
所有由 Intel 出產且比 1998 版本新的 BIOS,都會預設啟用本機和 IO APIC。
所有採用超過一個以上 CPU 的系統,都會預設啟用本機和 IO APIC。
如果您遇到裝置無法正常執行的問題,請手動套用下列組態選項:
若要停用本機 APIC,請使用 nolapic (這表示將停用 IO APIC)。
若要停用 IO APIC,請使用 noapic。
若要恢復成較早版本的相同預設設定,請使用 nolapic。
ulimit 設定可以在 /etc/sysconfig/ulimit 中加以設定。依據預設,核心預設值中只有兩項限制可以變更:
SOFTVIRTUALLIMIT=80 會限制單一處理程序,使其不會配置超過 80% 的可用虛擬記憶體 (RAM 和交換)。
SOFTRESIDENTLIMIT=85 會限制單一處理程序,使其不會佔用超過 85% 的實體記憶體 (RAM)。
這些軟式限制可由使用者透過 ulimit 指令加以覆寫。硬式限制只能由 root 身分使用者進行覆寫。
這些是為了避免破壞之前正常運作的大型處理程序,而審慎選擇的值。如果沒有需要耗用大量記憶體的合理處理程序,請將限制設低一點,以便提供更有效率的防護來防止失序處理程序發生。這些限制是針對個別處理程序,因此無法提供防止惡意使用者的有效保護。這些限制的目的是為了防止意外的過量記憶體使用。
若要依據使用者需求來設定不同的限制,請使用 pam_limits 功能,然後設定 /etc/security/limits.conf。設定時並不一定要使用這項 ulimit 套件,但是這兩種機制可以同時使用。這些設定於 limits.conf 的限制會覆寫 ulimit 套件中的全域預設值。
On SUSE Linux 10.1 a new mounting mechanism replaces the submount system used earlier. This new mechanism does not unmount media automatically, but on hardware request. Some devices, most notably older CD drives but also some new drives with broken firmware, do not send this signal. To eject the media on such devices, select Eject in the context menu (opened by right-clicking) of the device in "My Computer" or select Eject in the context menu of the device icon on the desktop.