red hat enterprise - notes

8/6/2019 Red Hat Enterprise - Notes

http://slidepdf.com/reader/full/red-hat-enterprise-notes 1/40

Red Hat Enterprise Linux ES 4 Release

Notes

Copyright © 2005 Red Hat, Inc.

Introduction

The following topics related to Red Hat Enterprise Linux 4 are covered in this document:

y Introduction (this section)

y Overview of this releasey Installation-related notes

y Package-specific notesy Packages added/removed/deprecated

Overview of This Release

The following list includes brief summaries of some of the more significant aspects of Red HatEnterprise Linux 4:

y Red Hat Enterprise Linux 4 includes an implementation of SELinux. SELinux represents

a major shift in the way users, programs, and processes interact. By default, SELinux is

installed and enabled in this release.

Note

During the installation you have the option of disabling SELinux, setting it to logwarning messages only, or to use its targeted policy, which confines the following

daemons only:

o dhcpdo httpd

o mysqld

o

namedo nscdo ntpd

o portmapo postgres

o snmpdo squid

o syslogd



The targeted policy is active by default.

Warning

Red Hat Enterprise Linux 4 support for SELinux uses Extended Attributes on

ext2/ext3 file systems. This means that, when a file is written to a default-mounted ext2/ext3 file system, an extended attribute will also be written.

This will cause problems on systems that dual boot between Red Hat EnterpriseLinux 4 and Red Hat Enterprise Linux 2.1. The Red Hat Enterprise Linux 2.1

kernels do not support extended attributes, and can crash when encounteringthem.

For more information about SELinux, refer to the Red Hat SELinux Policy Guide,available online at:

http://www.redhat.com/docs/

y The mount command has been changed to do the following on NFS mounts:

· TCP is now the default transport on NFS mounts. This means that a mount commandthat does not explicitly specify UDP as the desired protocol (for example, mount

foo:/bar /mnt) now uses TCP to communicate with the server, instead of UDP.

· Using the verbose (-v) option now causes R PC error messages to be written to standardoutput.

y Red Hat Enterprise Linux 4 supports UTF-8 encoding by default for Chinese, Japanese,and Korean locales.

y Red Hat Enterprise Linux 4 now uses IIIMF for input of Chinese, Japanese, and Korean

by default.y Red Hat Enterprise Linux 4 supports 5 Indian (Indic) languages: Bengali, Gujarati, Hindi,

Punjabi, and Tamil. In addition, the high-quality Lohit font family for the supportedlanguages has been included.

y Subversion 1.1 is now included in Red Hat Enterprise Linux; the Subversion versioncontrol system is designed to be a replacement for CVS and features truly atomic

commits, versioning of files, directories and metadata, along with most current featuresof CVS.

y Red Hat Enterprise Linux 3 introduced the Native

POSIX Thread Library (N

PTL) ² animplementation of POSIX threading support that greatly improved performance,

scalability, semantic correctness, and standards compliance over the LinuxThreadsimplementation used previously.

While most threaded applications were not impacted by the introduction of NPTL,applications that relied on those semantics of LinuxThreads that were contrary to the

POSIX specification would not operate correctly. As noted at the time of NPTL's



introduction, Red Hat recommended that such applications be updated so that theycomplied with POSIX (and could therefore use NPTL.)

While support for LinuxThreads still exists for Red Hat Enterprise Linux 4, this statement

serves as advance notice that Red Hat Enterprise Linux 5 will no longer include support

for LinuxThreads. Therefore, applications that require LinuxThreads support must beupdated before they will be able to work properly on a Red Hat Enterprise Linux 5system.

Note

Several workarounds exist that permit applications requiring the use of

LinuxThreads to continue operation under Red Hat Enterprise Linux 3 and 4.These workarounds include:

o Using the LD_ASSUME_KERNEL environment variable to select

LinuxThreads instead of NPTL at runtimeo Using an explicit rpath to /lib/i686/ or /lib/ to select LinuxThreads

instead of NPTL at runtimeo Statically linking the application to use LinuxThreads instead of NPTL

( strongly discouraged )

In order to determine whether an application is using NPTL or LinuxThreads, addfollowing two environment variables to the application's environment:

LD_DEBUG=libs

LD_DEBUG_OUTPUT=<filename>

(Where <filename> is the name to be given to each debug output log file. Morethan one file can be generated if the program forks other processes; all debug

output log filenames include the PID of process generating the file.)

Then start the application and use it as you normally would.

If no debug output log file was produced, the application is statically linked. The

application will not be affected by the missing LinuxThreads DSO but, as with allstatically linked applications, no guarantees for compatibility are given if the

application dynamically loads any code (directly via dlopen() or indirectly via NSS.)

If one or more debug output log files were produced, review each one for any

references to libpthread ² in particular, a line also containing the string

"calling init". The grep utility can do this easily:

grep "calling init.*libpthread" <filename> .*



(Where <filename> refers to the name used in the LD_DEBUG_OUTPUT

environment variable.)

If the path preceding libpthread is /lib/tls/, the application is using NPTL,and no further action needs to be taken. Any other path means that LinuxThreads

is being used, and the application must be updated and rebuilt to support NPTL.

y Red Hat Enterprise Linux 4 now includes support for Advanced Configuration and Power Interface (ACPI), a power management specification commonly supported by most

newer hardware.

Due to differences in the order in which hardware is probed in system environments with

and without ACPI support, the potential for device name changes exists. This means, for example, that a network interface card identified as eth1 under a prior version of Red Hat

Enterprise Linux may now appear as eth0.

Installation-Related Notes

This section outlines those issues that are related to Anaconda (the Red Hat Enterprise Linux

installation program) and installing Red Hat Enterprise Linux 4 in general.

y If you are copying the contents of the Red Hat Enterprise Linux 4 CD-R OMs (in preparation for a network-based installation, for example) be sure you copy the CD-

R OMs for the operating system only. Do not copy the Extras CD-R OM, or any of thelayered product CD-R OMs, as this will overwrite files necessary for Anaconda's proper

operation.

These CD-R OMs must be installed after Red Hat Enterprise Linux has been installed.

y During the Red Hat Enterprise Linux 4 installation, it can be challenging to identify

individual storage devices in system configurations that include multiple storageadapters. This is particulary true for systems containing Fibre Channel adapters, because

in many instances it is desirable to install Red Hat Enterprise Linux on local storage.

The Red Hat Enterprise Linux 4 installation program addresses this issue by delaying theloading of the following modules until after all other SCSI devices have been loaded:

o lpfc

o qla2100 o qla2200 o qla2300 o qla2322 o qla6312 o qla6322

This results in any locally-attached SCSI device names starting with /dev/sda,

/dev/sdb, and so on, with the FC-attached storage following.



Package-Specific Notes

The following sections contain information regarding packages that have undergone significantchanges for Red Hat Enterprise Linux 4. For easier access, they are organized using the same

groups used in Anaconda.

Base

This section contains information related to basic system components.

openssh

Red Hat Enterprise Linux 4 contains O penSSH 3.9, which includes strict permission and

ownership checks for the ~/.ssh/config file. These checks mean that ssh will exit if this filedoes not have appropriate ownership and permissions.

Therefore, make sure that ~/.ssh/config is owned by the owner of ~/, and that its permissionsare set to mode 600.

Core

This section contains the most elemental components of Red Hat Enterprise Linux, including the

kernel.

e2fsprogs

The ext2online utility has been added for online growing of existing ext3 file systems.

Note

It is important to keep in mind that ext2online does not grow the underlying block device itself ² there must be sufficient unused space already present on the device. The easiest way to ensure

this is to use LVM volumes and to run lvresize or lvextend to extend the device.

In addition, file systems must be specially prepared in order to be resized past a certain point.The preparation involves reserving a small amount of space into which on-disk tables can grow.

For newly-created file systems, mke2fs reserves such space automatically; the space reserved issufficient to grow the file system by a factor of 1000. The creation of this reserved space can be

disabled by the following command:

mke2fs -O ^resize_inode

Future releases of Red Hat Enterprise Linux will allow the creation of this reserved space on

existing file systems.

glibc



y The version of glibc provided with Red Hat Enterprise Linux 4 performs additionalinternal sanity checks to prevent and detect data corruption as early as possible. By

default, should corruption be detected, a message similar to the following will bedisplayed on standard error (or logged via syslog if stderr is not open):

*** glibc detected *** double free or corruption: 0x0937d008 ***

By default, the program that generated this error will also be killed; however, this (and

whether or not an error message is generated) can be controlled via the MALLOC_CHECK_ environment variable. The following settings are supported:

o 0 ² Do not generate an error message, and do not kill the program

o 1 ² Generate an error message, but do not kill the programo 2 ² Do not generate an error message, but kill the program

o 3 ² Generate an error message and kill the program

Note

If MALLOC_CHECK_ is explicitly set a value other than 0, this causes glibc to

perform more tests that are more extensive than the default, and may impact performance.

Should you have a program from a third party ISV that triggers these corruption checksand displays a message, you should file a defect report with the application's vendor,

since this indicates a serious bug.

kernel

This section contains notes relating to the Red Hat Enterprise Linux 4 kernel.

y Red Hat Enterprise Linux 4 includes a kernel known as the hugemem kernel. This kernel

supports a 4GB per-process user space (versus 3GB for the other kernels), and a 4GBdirect kernel space. Using this kernel allows Red Hat Enterprise Linux to run on systems

with up to 64GB of main memory. The hugemem kernel is required in order to use all thememory in system configurations containing more than 16GB of memory. The hugemem

kernel can also benefit configurations running with less memory (if running anapplication that could benefit from the larger per-process user space, for example.)

Note

To provide a 4GB address space for both kernel and user space, the kernel mustmaintain two separate virtual memory address mappings. This introduces

overhead when transferring from user to kernel space; for example, in the case of system calls and interrupts. The impact of this overhead on overall performance is

highly application dependent.



To install the hugemem kernel, enter the following command while logged in as root:

rpm -ivh <kernel-rpm>

(Where <kernel-rpm> is the name of the hugemem kernel R PM file ² kernel-

hugemem-2.6.9-1.648_EL.i686.rpm, for example.)

After the installation is complete, reboot your system, making sure to select the newly-installed hugemem kernel. After testing your system for proper operation while running

the hugemem kernel, you should modify the /boot/grub/grub.conf file so that thehugemem kernel is booted by default.

y Although Red Hat Enterprise Linux 4 includes support for rawio, it is now a deprecatedinterface. If your application performs device access using this interface, Red Hat

encourages you to modify your application to open the block device with theO _DIRECT flag. The rawio interface will exist for the life of Red Hat Enterprise Linux

4, but is a candidate for removal from future releases.

Asynchronous I/O (AIO) on file systems is currently only supported in O _DIRECT, or non-buffered mode. Also note that the asynchronous poll interface is no longer present,and that AIO on pipes is no longer supported.

y The sound subsystem is now based on ALSA; the OSS modules are no longer available.

y System environments using the kernel's "hugepage" functionality should be aware that

the name of the /proc/ entry controlling this feature changed between Red Hat

Enterprise Linux 3 and Red Hat Enterprise Linux 4:o Red Hat Enterprise Linux 3 used /proc/sys/vm/hugetlb_pool and specified the

desired size in megabytes

o Red Hat Enterprise Linux 4 uses /proc/sys/vm/nr_hugepages and specifies the

size by the desired number of pages (refer to /proc/meminfo for the size of hugepages on your system)

y The kernel shipped with Red Hat Enterprise Linux 4 now includes support for EnhancedDisk Device (EDD) polling, which queries for bootable disk device information directly

from the disk controller BIOS and stores it as an entry in the /sys filesystem.

Two significant kernel command-line options related to EDD have also been added:

o edd=skipmbr ² disables BIOS calls that read disk data while still enabling callsthat request information from the disk controller. This option can be used when

the system BIOS reports more disks than are actually present in the system,causing a 15-30 second delay in loading the kernel.

o edd=off ² disables all EDD-releated calls to disk controller BIOS.



y The initial release of Red Hat Enterprise Linux 4 does not support USB hard disk drives.However, other USB storage devices, such as flash media, CD-R OM and DVD-R OM

devices are currently supported.y The kernel shipped with Red Hat Enterprise Linux 4 includes the new megaraid_mbox

driver from LSI Logic, which replaces the megaraid driver. The megaraid_mbox driver

has an improved design, is compatible with the 2.6 kernel, and includes support for thelatest hardware. However, megaraid_mbox does not support some of the older hardwarethat was supported by the megaraid driver.

Adapters with the following PCI vendor ID and device ID pairs are not supported by the

megaraid_mbox driver:

vendor, device

0x101E, 0x9010

0x101E, 0x9060

0x8086, 0x1960

The lspci -n command can be used to display the IDs for adapters installed in a particular

machine. Products with these IDs are known by (but not limited to) the following modelnames:

o Dell PERC (dual-channel fast/wide SCSI) RAID controller

o Dell PERC2/SC (single-channel Ultra SCSI) RAID controller o Dell PERC2/DC (dual-channel Ultra SCSI) RAID controller

o Dell CERC (four-channel ATA/100) RAID controller o MegaRAID 428

o MegaRAID 466o MegaRAID Express 500

o HP NetRAID 3Si and 1M

Both Dell and LSI Logic have indicated that they no longer support these models in the

2.6 kernel. As a result, these adapters are not supported in Red Hat Enterprise Linux 4.

y The initial release of Red Hat Enterprise Linux 4 does not include iSCSI softwareinitiator or target support. Support for iSCSI is being evaluated for addition in a future

update to Red Hat Enterprise Linux 4.

y The Emulex LightPulse Fibre Channel driver (lpfc) is currently undergoing public

review for possible inclusion in the Linux 2.6 kernel. It is included in Red Hat EnterpriseLinux 4 for testing purposes. Changes to the driver are expected. If there are problemswith the driver or, if for some reason it is no longer on-track for inclusion in the Linux

2.6 kernel, the driver may be removed from the final Red Hat Enterprise Linux release.

The lpfc driver currently has the following known issues:



o The driver does not insulate the system from short-duration cable pulls, switchreboots, or device disappearances. Therefore, the system may prematurely

determine that a device is non-existent and take it offline. In such cases, manualintervention will be required to reinstate the device with the system.

o There is a known panic if Ctrl-C is pressed while the driver is being inserted with

insm

od.o There is a known panic if rmmod is executed while insmod is still executing.o New device insertion requires manual scanning in order for the SCSI subsystem

to detect the new device.y In the past, the process of updating the kernel did not change the default kernel in the

system's boot loader configuration.

Red Hat Enterprise Linux 4 changes this behavior to set newly-installed kernels as thedefault. This behavior applies to all installation methods (including rpm -i).

This behavior is controlled by two lines in the /etc/sysconfig/kernel file:

o UPGRADEDEFAULT ² Controls whether new kernels will be booted bydefault (default value: yes)

o DEFAULTKERNEL ² kernel R PMs whose names match this value will be booted by default (default value: depends on hardware configuration)

y In order to eliminate the redundancy inherent in providing a separate package for the

kernel source code when that source code already exists in the kernel's .src.rpm file,

Red Hat Enterprise Linux 4 no longer includes the kernel-source package. Users that

require access to the kernel sources can find them in the kernel .src.rpm file. To create

an exploded source tree from this file, perform the following steps (note that <version> refers to the version specification for your currently-running kernel):

1. O btain the kernel-<version> .src.rpm file from one of the following sources:

o The SRPMS directory on the appropriate "SR PMS" CD iso imageo The FTP site where you got the kernel packageo By running the following command:

up2date --get-source kernel

2. Install kernel-<version> .src.rpm (given the default R PM configuration, the

files this package contains will be written to /usr/src/redhat/)

3. Change directory to /usr/src/redhat/SPECS/, and issue the followingcommand:

rpmbuild -bp --target=<arch> kernel-2.6.spec

(Where <arch> is the desired target architecture.)

On a default R PM configuration, the kernel tree will be located in

/usr/src/redhat/BUILD/.



4. In resulting tree, the configurations for the specific kernels shipped in Red Hat

Enterprise Linux 4 are in the /configs/ directory. For example, the i686 SMP

configuration file is named /configs/kernel-<version> -i686-smp.config.Issue the following command to place the desired configuration file in the proper place for building:

cp <desired-file> ./.config

5. Issue the following command:

make oldconfig

y You can then proceed as usual.

y Notey An exploded source tree is not required to build kernel modules against the

currently in-use kernel.

y For example, to build the foo.ko module, create the following file (namedMakefile) in the directory containing the foo.c file:

y y obj-m := foo.o

y y KDIR := /lib/modules/$(shell uname -r)/build

y PWD := $(shell pwd)

y y default:

y $(MAKE) -C $(KDIR) SUBDIRS=$(PWD) modules

y y y Issue the make command to build the foo.ko module.

sysklogd

Under the default SELinux security configuration, this daemon is covered by the targeted policy.

This increases security by specifically granting or denying access to system objects that that thedaemon normally uses. However, because this has the potential to cause previously-working

configurations to no longer function, you must understand how SELinux works in order toensure that your configuration is both secure and functional.

For more information about SELinux policy, refer to the Red Hat SELinux Policy Guide at

http://www.redhat.com/docs.

DNS Name Server

This section contains information related to the DNS name server.

bind



Under the default SELinux security configuration, this daemon is covered by the targeted policy.This increases security by specifically granting or denying access to system objects that that the

daemon normally uses. However, because this has the potential to cause previously-workingconfigurations to no longer function, you must understand how SELinux works in order to

ensure that your configuration is both secure and functional.

For more information about SELinux policy, refer to the Red Hat SELinux Policy Guide athttp://www.redhat.com/docs.

Development Tools

This section contains information related to core development tools.

m e m prof

Due to issues interoperating with recent versions of the C library and toolchain, the memprof

memory profiling and leak detection tool is no longer included in Red Hat Enterprise Linux 4.Thememcheck and massif plugins to valgrind (which is newly included in Red Hat EnterpriseLinux 4) provide similar functionality to memprof .

Graphical Internet

This section includes packages that help you access the Internet, including graphical email, Web browser, and chat clients.

evolution

y Red Hat Enterprise Linux 4 includes an updated version of the Evolution graphical emailclient. This version adds a number of new features, including:

o Evolution now includes spam filters that can be trained to more accuratelydistinguish between spam and non-spam email. When you get spam, click on the

Junk button. Check your Junk Mail folder periodically to see if anything is beingfiltered improperly. If you find an improperly-filtered email, mark it as Not Junk;

in this way, the filter becomes more effective over time.o The Evolution Connector makes it possible to connect to Microsoft Exchange

2000 and 2003 servers.o The user interface has been modified so that each operation (email, calendaring,

tasks, and contacts) is treated separately, replacing the previous server-centricmodel.

o Evolution now includes enhanced support for encryption and cryptographicsignatures, including the use of S/MIME.

o The directory used by Evolution to store its settings has been hidden from end-

users by renaming it from ~/evolution/ to ~/.evolution/.

Graphics



This section includes packages that help you manipulate and scan images.

gi m p

y The gimp-perl package has been removed from Red Hat Enterprise Linux 4 because

GIMP was updated to 2.0 and the Perl bindings were neither ready nor part of the main package anymore.

Users of Perl scripts in GIMP should install the Gimp Perl module fromhttp://www.gimp.org/downloads/.

Language Support

This section includes information related to the support of various languages under Red Hat

Enterprise Linux.

UTF-8 Support for

Chinese, Japanese, and Korean

When upgrading a system from Red Hat Enterprise Linux 3 to Red Hat Enterprise Linux 4,

system locale settings are preserved. Because Red Hat Enterprise Linux 4 supports Chinese,Japanese, and Korean in UTF-8 encoding by default, Red Hat recommends that you change to

UTF-8 locale by editing the following file:

/etc/sysconfig/i18n

Modify the locale settings by making the following changes:

y ja_JP.eucJP becomes ja_JP.UTF-8

y ko_KR.eucKR becomes ko_KR.UTF-8y zh_CN.GB18030 becomes zh_CN.UTF-8

y zh_TW.Big5 becomes zh_TW.UTF-8

Users with locale settings in ~/.i18n should also update to use UTF-8 encoding by default.

To convert a text file in native encoding (for example eucJP, eucKR, Big5, or GB18030) toUTF-8, you can use the iconv utility:

iconv -f <native encoding> -t UTF-8 <filename> -o <newfilename>

Refer to the iconv man page for more information.

IIIMF



The default Input Method (IM) for Chinese (Simplified and Traditional), Japanese, and Koreanhas been changed to IIIMF ² the Internet/Intranet Input Method Framework. IIIMF is used by

default for input of Indian languages also. IIIMF is supported natively through a GTK2 IMmodule, and also through XIM using the httx client. IIIMF supports the use of multiple

Language Engines (LEs) at the same time; using the GNOME Input Method Language Engine

Tool (GIMLET ² an applet) it is possible to switch between LEs of different languages insideGTK2 applications.

IIIMF currently defaults to usingCtrl-Space or Shift-Space for toggling the input method onand off (Emacs users can use Ctrl-@ instead of Ctrl-Space to set the mark).

Depending on your choice of language support during installation, one or more IIIMF Language

Engines may have been installed:

y Indian languages ² iiimf-le-unit

y Japanese ² iiimf-le-canna

y Korean ² iiimf-le-h

angul

y Simplified Chinese ² iiimf-le-chinput

y Traditional Chinese ² iiimf-le-xcin

For these languages IIIMF is installed and enabled by default.

New users get the GIMLET applet (part of the iiimf-gnome-im-switcher package)automatically added to their GNOME panel, if the GNOME Desktop is installed and the defaultsystem language is one of the above.

GIMLET is an applet for switching between the different LEs that are installed on your system.

Using different Language Engines allows you to enter text in different languages. You can addGIMLET manually to your GNOME panel by right-clicking on the panel, selecting Add to

panel... and choosing the InputMethod Switcher applet.

If you are upgrading and have any legacy XIM input methods installed, Anaconda will

automatically install appropriate Language Engines onto your system:

y ami causes iiimf-le-hangul to be installed

y kinput2 causes iiimf-le-canna to be installed

y miniChinput causes iiimf-le-chinput to be installed

y xcin causes iiimf-le-xcin to be installed

For users that do not need IIIMF input all the time there is a LE called "Latin default" whichdoes nothing for normal input. This can be used to temporarily disable another LE.

The following are some keybindings particular to each of the Language Engines:

iiimf-le-canna ² Home (show the menu, including the utilities for Canna)



iiimf-le-unit ² F5 (switch between languages), F6 (switch to different input styles, if available)

iiimf-le-xcin ² Ctrl-Shift (switch to different input styles), Shift-punctuation (input wide punctuation marks), Cursor keys (change pages in candidate window)

iiimf-le-chinput ² Ctrl-Shift (switch to different input styles), < or > (change pages incandidate window)

iiimf-le-hangul ² F9 (convert Hangul to Chinese characters)

Input Method Configuration

Should you wish to switch between IIIMF and the legacy input method framework XIM, you can

use the system-switch-im application. There is also the command-line tool im-switch for changing the user and system configuration.

Red Hat Enterprise Linux 4 uses an alternatives-based system of files in

/etc/X11/xinit/xinput.d/ and ~/.xinput.d/ to configure the input methods used for different locales. Users of locales for which input methods are not used by default (for example,en_US.UTF-8) that wish to input Asian text must execute the following commands from a shell

prompt:

mkdir -p ~/.xinput.d/

ln -s /etc/X11/xinit/xinput.d/iiimf ~/.xinput.d/en_US

This overrides the system default and enables the use of IIIMF for American English. To

configure the input method for an different locale, replace en_US with your locale name (withoutthe charset suffix). To set the input method to be used for all locale use the word default instead

of en_US.

Users upgrading from Red Hat Enterprise Linux 3 should note that /etc/sysconfig/i18n and

~/.i18n can no longer be used for input method configuration; any custom configuration still

needed should be moved as appropriate to /etc/X11/xinit/xinput.d/ or ~/.xinput.d/.

After changing the input method configuration your changes will be reflected next time you start

a X Window System session.

Mail Server

This section contains information related to the mail transport agents included with Red HatEnterprise Linux.

mail man



Earlier mailman R PMs installed all files under the /var/mailman/ directory. Unfortunately, thisdid not conform to the Filesystem Hierarchy Standard (FHS) and also created security violations

when SELinux was enabled.

If you previously had mailman installed and had edited files in /var/mailman/ (such as

mm_cfg.py) you must move those changes to their new location, as documented in the followingfile:

/usr/share/doc/mailman-*/INSTALL.REDHAT

send mail

y By default, the Sendmail mail transport agent (MTA) does not accept network connections from any host other than the local computer. If you want to configure

Sendmail as a server for other clients, you must edit /etc/mail/sendmail.mc and

change the DAEMON_OPTIONS line to also listen on network devices (or comment out thisoption entirely using the dnl comment delimiter). You must then regenerate

/etc/mail/sendmail.cf by running the following command (as root):

make -C /etc/mail

Note that you must have the sendmail-cf package installed for this to work.

Note

Be aware that it is possible to inadvertently configure Sendmail to act as an open-relay SMTP server. For more information, refer to the Red Hat Enterprise Linux

Reference Guide.

MySQL Database

MySQL, the multi-user and multi-threaded client/server database, has been updated from version

3.23.x (which shipped with Red Hat Enterprise Linux 3) to version 4.1.x. This new version of MySQL features improvements in speed, functionality, and usability, including:

y subquery support

y BTREE indexing for non-structured queriesy Secure database replication over SSL connections

y Unicode support via utf-8 and ucs-2 character sets

Users should note that there may be compatibility issues when migrating applications or databases from version 3.23.x to 4.1.x of MySQL. A known issue is that the default timestamp

format has changed. To address these various issues, the mysqlclient10 package is included to

provide the 3.23.x client library (libmysqlclient.so.10) for binary compatibility withapplications linked against this legacy library.



Note

While the mysqlclient10 package provides compatibility support with the MySQL 4.1.x server,it does not support the new password encryption method introduced in version 4.1. To enable

compatibility with legacy MySQL 3.x-based clients, the old _ passwords parameter is enabled by

default in the /etc/my.cnf configuration file. If compatibility with old clients is not required, this parameter can be disabled to allow use of the improved password encryption method.

m ysql-server





Network Servers

This section contains information related to various network-based servers.

dhcp

Under the default SELinux security configuration, this daemon is covered by the targeted policy.

This increases security by specifically granting or denying access to system objects that that the

daemon normally uses. However, because this has the potential to cause previously-workingconfigurations to no longer function, you must understand how SELinux works in order toensure that your configuration is both secure and functional.



Server Configuration Tools

This section contains information related to various server configuration tools.

system

-config-lvm

Red Hat Enterprise Linux 4 includes system-config-lvm, a graphical tool for configuring

Logical Volume Manager (LVM). system-config-lvm allows users to create volume groups from physical disk drives and disk partitions on a local machine, creating flexible and extensible

logical volumes that are treated as normal physical disk space by the system.



system-config-lvm uses graphical representations of system disks and volumes, which assistsusers in visualizing storage use and providing an interface for addressing volume management

tasks.

For discussions about system-config-lvm and LVM in general, you can subscribe to the linux-

lvm mailing list at the following URL:

https://www.redhat.com/mailman/listinfo/linux-lvm

syste m-config-securitylevel

The firewall constructed by the system-config-securitylevel configuration tool now allowsCUPS and Multicast DNS (mDNS) browsing. Note that, at the present time, these servicescannot be disabled by system-config-securitylevel.

Web Server

This section contains information related to software used as part of a Web server environment.

httpd

y Under the default SELinux security configuration, httpd is covered by the targeted policy. This increases security and Web server stability by specifically granting or

denying httpd access to system objects. However, because this has the potential to cause previously-working configurations (such as those that use PHP) to no longer function,

you must understand how SELinux works in order to ensure that your configuration is both secure and functional.

For example, a Boolean can be set to give specific permission to httpd to read objects in

~/public_html/ as long as they are labeled with the security context

httpd_sys_content_t. The Apache daemon cannot access objects (files, applications,devices, and other processes) that have a security context not specifically granted access

by SELinux to httpd.

By allowing Apache access to only what it needs to do its function, the system is protected from compromised or misconfigured httpd daemons.

Because of the need for both standard Linux directory and file permissions as well as

SELinux file context labels, adminstrators and users will need to know about relabelingfiles. Examples of relabeling include the following commands (one for recursivelyrelabeling the contents of a directory, and one for relabeling a single file):

chcon -R -h -t httpd_sys_content_t public_ht m l chcon -t httpd_sys_content_t public_ht m l/index.ht m l



configurations to no longer function, you must understand how SELinux works in order toensure that your configuration is both secure and functional.



X Window System

This section contains information related to the X Window System implementation providedwith Red Hat Enterprise Linux.

xorg-x11

y Red Hat Enterprise Linux 4 includes the new xorg-x11-deprecated-libs package.This package contains X11-related libraries that are deprecated, and may be removedfrom future versions of Red Hat Enterprise Linux. By packaging deprecated libraries in

this manner, binary compatibility with existing applications is maintained while allowing3rd-party software providers time to transition their applications away from these

libraries.

Currently, this package contains the Xprint library (libXp). This library should not beused in new application development. Applications that currently use this library should begin migrating to the supported libgnomeprint/libgnomeprintui printing APIs.

y There has been some confusion regarding font-related issues under the X Window

System in recent versions of Red Hat Enterprise Linux (and versions of Red Hat Linux before it.) At the present time, there are two font subsystems, each with different

characteristics:

- The original (15+ year old) subsystem is referred to as the "core X font subsystem".

Fonts rendered by this subsystem are not anti-aliased, are handled by the X server, andhave names like:

-misc-fixed-medium-r-normal--10-100-75-75-c-60-iso8859-1

The newer font subsystem is known as "fontconfig", and allows applications direct accessto the font files. Fontconfig is often used along with the "Xft" library, which allows

applications to render fontconfig fonts to the screen with antialiasing. Fontconfig uses

more human-friendly names like:

Luxi Sans-10

Over time, fontconfig/Xft will replace the core X font subsystem. At the present time,

applications using the Qt 3 or GTK 2 toolkits (which would include KDE and GNOMEapplications) use the fontconfig and Xft font subsystem; most everything else uses the

core X fonts.



NOTE: If the font filename ends with ".gz", it has been compressed with gzip, and must be decompressed (with the gunzip command) before the fontconfig font subsystem can

use the font.

y Due to the transition to the new font system based on fontconfig/Xft, GTK+ 1.2

applications are not affected by any changes made via the FontP

references dialog. For these applications, a font can be configured by adding the following lines to the file

~/.gtkrc.mine:

style "user-font" {

fontset = "<font-specification> "

}

widget_class "*" style "user-font"

(Where <font-specification> represents a font specification in the style used by

traditional X applications, such as "-adobe-helvetica-medium-r-normal--*-120-*-

*-*-*-*-*".)

Miscellaneous Notes

This section contains information related to packages that do not fit in any of the proceeding

categories.

co m pat-db

C++ and TCL bindings are no longer contained in the compat-db package. Applicationsrequiring these bindings must be ported to the currently-shipping DB library.

lv m 2

This section contains information related to the lvm2 package.

y The full set of LVM2 commands is now installed in /usr/sbin/. In boot environments

where /usr/ is not available, it is necessary to prefix each command with

/sbin/lvm.static (/sbin/lvm.static vgchange -ay, for example).

In environments where /usr/ is available, it is no longer necessary to prefix eachcommand with lvm (/usr/sbin/lvm vgchange -ay becomes /usr/sbin/vgchange -ay, for

example).

y The new LVM2 commands (such as /usr/sbin/vgchange -ay and /sbin/lvm.static

vgchange -ay) detect if you are running a 2.4 kernel, and transparently invoke the old




port ma p





udev

Red Hat Enterprise Linux 4 has switched from a static /dev/ directory to one that is dynamically

managed via udev. This allows device nodes to be created on demand as drivers are loaded.

For more information on udev, refer to the udev(8) man page.

Additional rules for udev should be placed in a separate file in the /etc/udev/rules.d/ directory.

Additional permission rules for udev should be placed in a separate file in the

/etc/udev/permissions.d/ directory.

Systems upgraded to Red Hat Enterprise Linux 4 using Anaconda will automatically be

reconfigured to use udev. However (although NOT recommended) it is possible to perform a

"live" upgrade to udev using the following steps:

1. Ensure that you are running a 2.6 kernel

2. Ensure that /sys/ is mounted

3. Install the initscripts R PM supplied with Red Hat Enterprise Linux 4

4. Install the new udev R PM supplied with Red Hat Enterprise Linux 45. Execute /sbin/start_udev

6. Install the new mkinitrd R PM supplied with Red Hat Enterprise Linux 47. Perform one of the following steps:

· Install the new kernel R PM supplied with Red Hat Enterprise Linux 4

OR:

· Re-runmkinitrd for your existing kernel(s)

Warning



Improperly performing these steps can result in a system configuration that will not boot properly.

Packages Added/Removed/Deprecated

This section contains lists of packages that fit into the following categories:

y Packages that have been added to Red Hat Enterprise Linux 4y Packages that have been removed from Red Hat Enterprise Linux 4

y Packages that have been deprecated, and may be removed from a future release of RedHat Enterprise Linux

Packages Added

The following packages have been added to Red Hat Enterprise Linux 4:

y Canna-devely FreeWnn-devel

y HelixPlayer y ImageMagick-c++

y ImageMagick-c++-devely ImageMagick-devel

y ImageMagick-perly NetworkManager

y NetworkManager-gnomey PyQt

y PyQt-devely PyQt-examplesy Pyrexy VFlib2-VFjfm

y VFlib2-conf-jay VFlib2-devel

y Xaw3d-devely alchemist-devel

y alsa-liby alsa-lib-devel

y alsa-utilsy amanda-devel

y anaconda-product (noarch)y anacron

y apely apr

y apr-devely apr-util

y apr-util-devely arpwatch



y cyrus-imapd-utilsy cyrus-sasl-ntlm

y cyrus-sasl-sqly dasher

y db4-javay

db4-tcly dbusy dbus-devel

y dbus-gliby dbus-python

y dbus-x11y devhelp

y devhelp-devely device-mapper

y dhcp-devely dhcpv6

y dhcpv6_client

y dia

y dmallocy dmraid

y docbook-simpley docbook-slides

y dovecoty doxygen-doxywizard

y elfutils-libelf-devely emacs-common

y emacs-noxy evolution-connector

y evolution-data-server y evolution-data-server-devel

y evolution-devely evolution-webcal

y eximy exim-doc

y exim-mony exim-sa

y expect-devely expectk

y finger-server y firefox

y flacy flac-devel

y fonts-arabicy fonts-bengali

y fonts-xorg-100dpiy fonts-xorg-75dpi



y fonts-xorg-ISO8859-14-100dpiy fonts-xorg-ISO8859-14-75dpi

y fonts-xorg-ISO8859-15-100dpiy fonts-xorg-ISO8859-15-75dpi

y fonts-xorg-ISO8859-2-100dpiy

fonts-xorg-ISO

8859-2-75dpiy fonts-xorg-ISO8859-9-100dpiy fonts-xorg-ISO8859-9-75dpi

y fonts-xorg-basey fonts-xorg-cyrillic

y fonts-xorg-syriacy fonts-xorg-truetype

y freegluty freeglut-devel

y freeradius-mysqly freeradius-postgresql

y freeradius-unix

ODBC

y freetype-demos

y freetype-utilsy fribidi

y fribidi-devely fsh

y gaminy gamin-devel

y gd-progsy gda-mysql

y gda-odbcy gda-postgres

y gedit-devely gettext-devel

y ghostscript-devely ghostscript-gtk

y gimp-devely gimp-gap

y gimp-helpy gimp-print-devel

y gnome-audio-extray gnome-kerberos

y gnome-keyringy gnome-keyring-devel

y gnome-keyring-manager y gnome-mag

y gnome-mag-devely gnome-netstatus

y gnome-nettooly gnome-panel-devel



y libcrocoy libcroco-devel

y libdbi-dbd-pgsqly libdbi-devel

y libdvy

libdv-devely libdv-toolsy libexif

y libexif-devely libgal2-devel

y libgcrypty libgcrypt-devel

y libgday libgda-devel

y libghttp-devely libgnomecups

y libgnomecups-devel

y libgnomedb

y libgnomedb-devely libgpg-error

y libgpg-error-devely libgsf-devel

y libgtop2-devely libidn

y libidn-devely libieee1284

y libieee1284-devely libmng-static

y libmusicbrainzy libmusicbrainz-devel

y libpng10-devely libraw1394-devel

y libsane-hpojy libselinux

y libselinux-devely libsepol

y libsepol-devely libsilc

y libsilc-devely libsilc-doc

y libsoup-devely libtabe-devel

y libtheoray libtheora-devel

y libungif-progsy libwmf



y openoffice.orgy openoffice.org-i18n

y openoffice.org-kdey openoffice.org-libs

y openssl-perly

pam_ccredsy pam_passwdqcy parted-devel

y pcmcia-csy perl-Bit-Vector

y perl-Convert-ASN1y perl-Crypt-SSLeay

y perl-Cyrusy perl-Date-Calc

y perl-LDAP y perl-Net-DNS

y perl-XML-LibXML

y perl-XML-LibXML-Common

y perl-XML-NamespaceSupporty perl-XML-SAX

y perl-suidperly php-devel

y php-domxmly php-gd

y php-mbstringy php-ncurses

y php-pear y php-snmp

y php-xmlrpcy planner

y pmakey policycoreutils

y postfix-pflogsummy postgresql

y postgresql-contriby postgresql-devel

y postgresql-docsy postgresql-jdbc

y postgresql-libsy postgresql-pl

y postgresql-pythony postgresql-server

y postgresql-tcly postgresql-test

y pump-devely pvm-gui



y pwlib-devely pyorbit-devel

y pypartedy python-docs

y python-ldapy

python-toolsy qt-ODBCy qt-PostgreSQL

y qt-configy quagga-contrib

y quagga-devely rhgb

y rhythmboxy rpm-libs

y ruby-docsy ruby-tcltk

y samba-swat

y selinux-doc

y selinux-policy-targetedy selinux-policy-targeted-sources

y sendmail-devely sendmail-doc

y setoolsy setools-gui

y sg3_utilsy shared-mime-info

y skkdicy sound-juicer

y sox-devely speex

y speex-devely statserial

y subversiony subversion-devel

y subversion-perly switchdesk

y switchdesk-guiy synaptics

y sysfsutilsy sysfsutils-devel

y system-config-booty system-config-date

y system-config-displayy system-config-httpd

y system-config-keyboardy system-config-kickstart



y system-config-languagey system-config-lvm

y system-config-mousey system-config-netboot

y system-config-network y

system-config-network-tuiy system-config-nfsy system-config-packages

y system-config-printer y system-config-printer-gui

y system-config-rootpasswordy system-config-samba

y system-config-securitylevely system-config-securitylevel-tui

y system-config-servicesy system-config-soundcard

y system-config-users

y system-logviewer

y system-switch-imy system-switch-mail

y system-switch-mail-gnomey talk-server

y tcl-devely tcl-html

y tclx-devely tclx-doc

y tetex-docy theora-tools

y thunderbirdy tix-devel

y tix-docy tk-devel

y tn5250-devely ttfonts-bn

y ttfonts-guy ttfonts-hi

y ttfonts-pay ttfonts-ta

y udevy unixODBC-devel

y valgrindy valgrind-callgrind

y vim-X11y vino

y w3c-libwww-appsy w3c-libwww-devel



y xcdroasty xdelta-devel

y xemacs-commony xemacs-nox

y xemacs-sumoy

xemacs-sumo-ely xemacs-sumo-infoy xisdnload

y xmlsec1y xmlsec1-devel

y xmlsec1-openssly xmlsec1-openssl-devel

y xmms-devely xmms-flac

y xmms-skinsy xojpanel

y xorg-x11

y xorg-x11-Mesa-libGL

y xorg-x11-Mesa-libGLUy xorg-x11-Xdmx

y xorg-x11-Xnesty xorg-x11-Xvfb

y xorg-x11-deprecated-libsy xorg-x11-deprecated-libs-devel

y xorg-x11-devely xorg-x11-doc

y xorg-x11-font-utilsy xorg-x11-libs

y xorg-x11-sdk y xorg-x11-tools

y xorg-x11-twmy xorg-x11-xauth

y xorg-x11-xdmy xorg-x11-xfs

y xrestopy zisofs-tools

y zsh-html

Packages Re

moved

The following packages have been removed from Red Hat Enterprise Linux 4:

y FreeWnn-common

y Wnn6-SDK y Wnn6-SDK-devel

y XFree86



y XFree86-100dpi-fontsy XFree86-75dpi-fonts

y XFree86-ISO8859-14-100dpi-fontsy XFree86-ISO8859-14-75dpi-fonts

y XFree86-ISO8859-15-100dpi-fontsy

XFree86-ISO

8859-15-75dpi-fontsy XFree86-ISO8859-2-100dpi-fontsy XFree86-ISO8859-2-75dpi-fonts

y XFree86-ISO8859-9-100dpi-fontsy XFree86-ISO8859-9-75dpi-fonts

y XFree86-Mesa-libGLy XFree86-Mesa-libGLU

y XFree86-Xnesty XFree86-Xvfb

y XFree86-base-fontsy XFree86-cyrillic-fonts

y XFree86-devel

y XFree86-doc

y XFree86-font-utilsy XFree86-libs

y XFree86-libs-datay XFree86-syriac-fonts

y XFree86-toolsy XFree86-truetype-fonts

y XFree86-twmy XFree86-xauth

y XFree86-xdmy XFree86-xfs

y amiy anaconda-images

y anty ant-libs

y aspell-en-cay aspell-en-gb

y aspell-pt_BR y bcel

y bonobo-activationy bonobo-activation-devel

y cipey commons-beanutils

y commons-collectionsy commons-digester

y commons-loggingy commons-modeler

y compat-gccy compat-gcc-c++



y lvmy magicdev

y modutilsy modutils-devel

y mounty

mozilla-psmy mrprojecty mx4j

y openofficey openoffice-i18n

y openoffice-libsy perl-CGI

y perl-CPANy perl-DB_File

y perl-Net-DNSy printman

y pspell

y pspell-devel

y python-optik y raidtools

y rarpdy redhat-config-bind

y redhat-config-datey redhat-config-httpd

y redhat-config-keyboardy redhat-config-kickstart

y redhat-config-languagey redhat-config-mouse

y redhat-config-netbooty redhat-config-network

y redhat-config-network-tuiy redhat-config-nfs

y redhat-config-packagesy redhat-config-printer

y redhat-config-printer-guiy redhat-config-proc

y redhat-config-rootpasswordy redhat-config-samba

y redhat-config-securitylevely redhat-config-securitylevel-tui

y redhat-config-servicesy redhat-config-soundcard

y redhat-config-usersy redhat-config-xfree86

y redhat-java-rpm-scriptsy redhat-logviewer



y redhat-switch-maily redhat-switch-mail-gnome

y rh-postgresqly rh-postgresql-contrib

y rh-postgresql-devely

rh-postgresql-docsy rh-postgresql-jdbcy rh-postgresql-libs

y rh-postgresql-pythony rh-postgresql-tcl

y shapecfgy switchdesk

y switchdesk-gnomey switchdesk-kde

y xalan-jy xerces-j

Packages Deprecated

Red Hat seeks to preserve functionality across major releases, but reserves the right to change the

specific implementation and packaging of components between major releases.

The following packages are included in Red Hat Enterprise Linux 4, but may be removed fromfuture releases. Developers and users are advised to migrate away from these packages.

y 4Suite ² Only used by system-config-* toolsy FreeWnn ² IIIMF is the recommended input method

y FreeWnn-devel ² IIIMF is the recommended input method

y FreeWnn-libs ² IIIMF is the recommended input method

y alchemist ² Only used by system-config-* toolsy alchemist-devel ² Only used by system-config-* tools

y aumix ² Redundant with other volume control toolsy autoconf213 ² Backwards compatibility dev tool

y automake14 ² Backwards compatibility dev tooly automake15 ² Backwards compatibility dev tool

y automake16 ² Backwards compatibility dev tooly automake17 ² Backwards compatibility dev tool

y compat-db ² Backwards compatibility libraryy

compat-gcc-32 ² Backwards compatibility library/tooly compat-gcc-32-c++ ² Backwards compatibility library/tooly compat-glibc ² Backwards compatibility library/tool

y compat-libgcc-296 ² Backwards compatibility library/tooly compat-libstdc++-296 ² Backwards compatibility library/tool

y compat-libstdc++-33 ² Backwards compatibility library/tooly compat-openldap ² Backwards compatibility library/tool

y dbskkd-cdb ² IIIMF is the recommended input method



y dev86 ² Required only for liloy dietlibc ² Only supported for installer use

y eog ² Integrated support in Nautilusy gftp ² Integrated FTP in Firefox and Nautilus

y gnome-libs ² Replaced by libgnomey

imlib ² Replaced by gdk-pixbuf y imlib-devel ² Replaced by gdk-pixbuf y kinput2 ² IIIMF is the recommended input method

y libghttp ² Deprecated libraryy libghttp-devel ² Deprecated library

y lilo ² Replaced by gruby mikmod ² Deprecated sound format

y mikmod-devel ² Deprecated sound formaty miniChinput ² IIIMF is the recommended input method

y mozilla ² Replaced by Firefox/Thunderbird/Evolutiony mozilla-chat ² Replaced by Firefox/Thunderbird/Evolution

y mozilla-devel ² Replaced by Firefox/Thunderbird/Evolution

y mozilla-dom-inspector ² Replaced by Firefox/Thunderbird/Evolution

y mozilla-js-debugger ² Replaced by Firefox/Thunderbird/Evolutiony mozilla-mail ² Replaced by Firefox/Thunderbird/Evolution

y mozilla-nspr ² Replaced by Firefox/Thunderbird/Evolutiony mozilla-nspr-devel ² Replaced by Firefox/Thunderbird/Evolution

y mozilla-nss ² Replaced by Firefox/Thunderbird/Evolutiony mozilla-nss-devel ² Replaced by Firefox/Thunderbird/Evolution

y nabi ² IIIMF is the recommended input methody newt-perl ² Only required by crypto-utils

y openmotif21 ² Backwards compatibility libraryy openssl096b ² Backwards compatibility library

y skkdic ² IIIMF is the recommended input methody skkinput ² IIIMF is the recommended input method

y xcin ² IIIMF is the recommended input methody xmms ² Replaced by rhythmbox, Helix Player

y xmms-devel ² Replaced by rhythmbox, Helix Player y xmms-flac ² Replaced by rhythmbox, Helix Player

y xmms-skins ² Replaced by rhythmbox, Helix Player

( x86 )

red hat enterprise - notes

Documents