Copyright © 2010 Novell, Inc.
이 문서를 자유 소프트웨어 재단 발행의 GNU 자유 문서 이용 허가 계약서(버전 1.2나 그 이후 버전 중 하나)가 정하는 조건 아래 복사, 배포 혹은 수정 하는것을 허락합니다. 변경 할 수 없는 부준, 겉표지 글, 뒷표지 글은 없습니다. 이 이용 허가 계약서는 fdl.txt 파일에 있습니다.
The release notes are under constant development. Download the newest version as part of the Internet test or refer to http://www.suse.com/relnotes/i386/openSUSE/11.3/RELEASE-NOTES.en.html.
이 출시 정보에는 다음의 분야에 관한 정보가 있습니다.
설치: 스크래치로부터 시스템에 설치하려면 이것을 확인하세요.
일반: 모든 사용자를 대상으로 한 정보 입니다.
System Upgrade: Issues related to the process if you run a system upgrade from the previous release to this openSUSE version.
기술: 이 장에는 상급 사용자를 위한 기술적인 변경 사항이나 개선 사항이 기록되어 있습니다.
N/A
Installation Quick Start guides you step-by-step through the installation process.
In Start-Up, find information about installation and basic system configuration.
Reference covers deployment, administration, and system configuration in detail and explains how to set up various network services.
KDE and GNOME Quick Start give a short introduction to the desktops and some key applications running on it.
The KDE and GNOME User Guide guide you through using and configuring the desktops and help you perform key tasks.
응용프로그램 길잡이에는 브라우저, 전자 우편 클라이언트, 오피스, 협업 도구, 그래픽, 멀티미디어 응용프로그램 소개가 들어있습니다.
보안 길잡이에는 시스템 보안에 관한 기본 개념이나, 로컬 환경과 네트워크 환경에서의 보안 개요가 포함되어 있습니다.
LXDE provides a lightweight desktop environment for old and obsolete computers with limited hardware resources.
pcmanfm and libfm (LXDE File Manager and its main library) are released as RC1 versions and will get updated with the official updates (stable versions) as soon as possible.
Since quite some time, smbfs is no longer part of the kernel. The cifs component has replaced it. To avoid confusion with the name of the service, we finally renamed it accordingly.
During the upgrade of a system with an installed samba-client package, the state of the service will be saved, /etc/samba/smbfstab migrated to /etc/samba/cifstab, and the state of the service restored, if required.
The "sha256"/"sha2_256" keywords now configure the kernel with 128-bit truncation, not the non-standard 96-bit truncation used by previous releases. If you depend on the 96-bit truncation scheme, use the new "sha256_96" keyword—this might be necessary, if you want to establish a connection with an old kernel (openSUSE 11.2 or earlier).
In those case modify the connection settings to the old and non-standard 96-bit truncation in the ipsec.conf of the new system:
esp=aes128-sha256_96
There is also an incompatible strongSwan change. IPComp in tunnel mode was fixed to strip out the duplicated outer header. This change makes IPComp tunnel mode connections incompatible with previous releases. Disable compression on such tunnels.
With openSUSE 11.3 we are switching to KMS (Kernel Mode Setting) for Intel, ATI and NVIDIA graphics, which now is our default. If you encounter problems with the KMS driver support (intel, radeon, nouveau), disable KMS by adding nomodeset to the kernel boot command line. To set this permanently, add it to the kernel command line in /boot/grub/menu.lst. This option makes sure the appropriate kernel module (intel, radeon, nouveau) is loaded with modeset=0 in initrd, i.e. KMS is disabled.
In the rare cases when loading the DRM module from initrd is a general problem and unrelated to KMS, it is even possible to disable loading of the DRM module in initrd completely. For this set the NO_KMS_IN_INITRD sysconfig variable to yes via YAST, which then recreates initrd afterwards. Reboot your machine.
On Intel without KMS the Xserver falls back to the fbdev driver (the intel driver only supports KMS); alternatively, there is the "intellegacy" driver (xorg-x11-driver-video-intel-legacy package) which still supports UMS (User Mode Setting). To use it, edit /etc/X11/xorg.conf.d/50-device.conf and change the driver entry to intellegacy.
On ATI for current GPUs it falls back to radeonhd. On NVIDIA without KMS the nv driver is used (the nouveau driver only supports KMS).
The mount.cifs program that is being used to mount Samba/CIFS shares will not be allowed to be run as a setuid root program. mount.cifs has been the subject of several security bugs that have arisen due to some of the users using it as a setuid root program. For e.g., tools like smb4k on the distribution require mount.cifs setuid root. So there is a chance that users of such tools set the setuid bit. This program has not been properly audited for security and the Samba team strongly recommends that it not be installed as a setuid root program at this time.
To make that very clear, this release forcibly disables the ability for mount.cifs to run as a setuid root program. People are welcome to trivially patch this out, by setting CIFS_DISABLE_SETUID_CHECK to 1, but they do so at their own peril.
A security audit and redesign of this program is in progress by the Samba Team.
In /etc/ssh/sshd_config relative paths are no longer allowed. When pointing to the authorized_keys file, use %h/ in front of the path. Otherwise logging in using SSH Public Key Authentication will fail with openSSH 5.4 and later.
Example:
PubkeyAuthentication yes AuthorizedKeysFile %h/.ssh/authorized_keys