Copyright 2003 Guru Labs, L.C.
Note: Please don't mirror this document, link directly here.
Intro
Over the past eight years or so, I've been excited each time a new version of Red Hat Linux gets released. During the past few years, people have even been writing reviews of each release. As a general rule, I've been dissatisfied by the superficialities, inaccuracies, and irrelevancies in the reviews often times performed by someone who does not have intimate knowledge of Red Hat Linux. A systems administrator needs an in-depth review that covers — relative to the previous release:- Architectural & behavioral changes
- Installer changes
- Changes to included software packages
Abbreviation notes:
RHL = Red Hat Linux
RH = Red Hat Inc.
Architectural & behavioral changes
There were many changes between RHL7.3 and 8.0, for example, the use of root=LABEL=/ in the /boot/grub/grub.conf file, the replacement of Xconfigurator with the redhat-config-xfree86 program, and the new dhclient DHCP client daemon that skips trying to bring up interfaces that have nolink. There are not nearly as many behavioral changes from RHL8.0 to RHL9, yet the ones that exist are significant.Kernel 2.4.20-8
The kernel in RHL8.0 was based on the 2.4.18 kernel. Despite the name,the RHL 2.4.20-8 kernel is based on 2.4.20 plus bug fixes identified up through 2.4.21-pre4-ac4. During the past couple years, the RHL kernels have included back ported functionality from development kernels thathas proven stable. The new RHL9 kernel is no exception. Major changes since RHL8.0 include:- Addition of Native POSIX Thread Library (NPTL) for standards based threading support with impressive performance. This is definitely a nice addition, however, I anticipate that sys admins who add patches on-top-of the RHL kernel from 3rd party (UML, FreeSWAN, etc) sources will have a more difficult time getting the patches to apply and work cleanly. Presumably when the 2.6 kernel comes out, the divergence of the RHL kernel will drop substantially.
- Certain applications using the old LinuxThreads API in acertain manner may no longer work (was that vague enough?)
- In particular if using Java, update to the latestversion from Sun at:
- http://java.sun.com/j2se/1.4.1/download.html
- The WIN32 API translation software, WINE, suffers fromthis problem. Proper fixes are in the works, however, workarounds exist.
- Installing and running Oracle 9i R2 has major issues since it includes two different older embedded Java JVMs that don't work with NPTL. The solution is to stick with RHL8.0 or the officially supported Red Hat Enterprise Linux edition.
- ACPI support appeared in a beta (as well as in a 8.0 beta),but was removed for the final shipping kernel.
- Filesystem ACL and EA support appeared in the betas, but was pulled for the final shipping kernel. I was really looking forward to ACLs and EAs support in RHL (Solaris had support since 2.5.1), maybe an errata kernel will re-add the feature.
- To see what software specifically supports ACLs and EAs (beyond setfacl/getfacl/setfattr/getfattr), run:
- rpm-e --test libacl
- Just a quickobservation. The way text editors save files normally, is to create anew file with a temporary random name, and then move/rename the new fileto name of the original. Using this technique, if the file being edited has ACLs, the ACLs will be lost. The Vim editor uses libacl to obtainthe original ACLs, and then add them back after the save. It isimportant that other applications that save files in the same fashionare updated to use libacl.
- rpm-e --test libattr
- The RHL 8.0 kernel included User Mode Linux (UML) for Linux running on top of Linux (think VMware without the virtual hardware). Due to patching difficulties (see the first bullet point) the Red Hat Linux kernel doesn't include the UML patch. Since UML is now part of the official 2.5 development kernel, expect it back in Red Hat Linux when Red Hat ships the 2.6 kernel.
- Nvidia has released new drivers that will work with this RHL9 kernel.
- In this release of RHL9, for those using the very popular Wavelan IEEE wireless ethernet 802.11b hardware, the default driver has switch from the deprecated wvlan_cs to the orinoco_cs driver. My laptop has this card built-in, and it works great with 4 different access points I've attached to both with WEP and without.
XFree86 4.3.0-2
Red Hat Linux 9 now ships with the long awaited XFree86 4.3. It has updated video drivers and many new changes. System administrators should be aware that now there is the ability to turn off switching to text mode virtual terminals via CTL-ALT-FunctionKey. This can come in handy when locking down a system (such when a Linux box is used as a kiosk) when used in conjunction with disabling CTL-ALT-BKSP (forceful kill of the X server). To do this, edit your /etc/X11/XF86Config and add the following:SectionServerFlags
# prevent the use of CTL-ALT-F1, etc
OptionDontVTSwitch On
# prevent the use of CTL-ALT-BKSP
Option DontZap On
EndSection
For end users there are more visible changes apparent as well. For starters, XFree86 now has the Xcursor extension for mouse cursor themes. It even supports animation and translucency. Red Hat created a very nicelooking mouse theme that is used by default. I imagine it won't belong before the current authors of Linux desktop themes start including mouse cursors as part of their themes as well. Meanwhile, you can use the large collection of Stardock CursorXP mouse themes by using the sd2xc.pl conversion script. Go read Nicholas Petreley's Adding eyecandy to your desktop article for more details.
A long overdue feature for XFree86 is the ability to change the root window screen resolution on the fly. This is now possible with XFree86 version4.3 thanks to work by Keith Packard and others via the Xrandr (X Resize,Rotate and Reflection) extension. A new command utility, xrandr, is available to perform actions from the command line. For the point-n-click crowds, GUI utilities for KDE and GNOME utility are under way as well. The xrandr utility has pretty straightforward use, to display possible resolutions, use the -q option, and change resolution with the -s option. For example:
[dkelson@mentordkelson]$ xrandr -q
SZ: Pixels Physical Refresh
*0 1400 x 1050 ( 474mm x 356mm ) *60
1 1280 x 1024 ( 474mm x 356mm ) 60
2 1280 x 960 ( 474mm x 356mm ) 60
3 1152 x 864 ( 474mm x 356mm ) 60
4 1024 x 768 ( 474mm x 356mm ) 60
5 800 x 600 ( 474mm x 356mm ) 60
6 640 x 480 ( 474mm x 356mm ) 60
Currentrotation - normal
Currentreflection - none
Rotationspossible - normal
Reflectionspossible - none
[dkelson@mentordkelson]$ xrandr -s 4
Finally, the included open source ATI radeon 3D DRI driver has seen quite a few updates. The driver now supports hardware TCL for faster 3D performanceand increased compatibility with cutting edge 3D apps. For example, now the REALLY SLICKSCREENSAVERS work with no problems! You can download an RPM package for Red Hat Linux 9 from the Guru Labs' downloads page.
Networking Changes
Red Hat Linux has long stored network configuration settings under the /etc/sysconfig/ directory structure. Network interfaces are normally configured in the /etc/sysconfig/network-scripts/ifcfg-interfacename file. This can be done manually, or via front ends such as the GUI redhat-config-network (the legacy name for this command is 'neat') program and the full screen text (curses interface) command netconfig. The differences between these two fronts ends is substantial. For example, netconfig cannot configure PPP and Wireless connections while redhat-config-network can. Configuring PPP on Red Hat Linux by hand involves editing and creating many difference text files. Life is short, and though I'm capable of setting up PPP by hand, I prefer to use redhat-config-network. This has always meant using the X window system — until now. With RedHat Linux 9, a curses interface is available, redhat-config-network-tui.Other networking changes below:
802.1q VLAN support in configuration files
There are two main standards for creating VLANs with ethernet switches, the standards based 802.1q, and the Cisco proprietary ISL. Starting with the Linux kernel 2.4.14, 802.1q VLAN support has been built in. To the system, a VLAN simply shows up as a regular network interface. A fully updated Red Hat Linux 7.1 through 8.0 box has the necessary kernel support. However, to configure VLANs requires the use of the vconfig command which didn't come with 7.1 through 8.0 nor did those versions have an official defined way to persistently define VLAN configurationin the standard RHL network configuration files. RHL 9 includesthe vconfig RPM, and an official configuration method for definingVLANs.It is important to note that RHL9 uses the DEV_PLUS_VID_NO_PAD naming mode, which means that the VLAN network interface name will start with the physical interface name followed by a period followed by the VLANnumber. For example the network interface eth2.101 wouldbe VLAN 101 on eth2.
The interface configuration file for the above example would be /etc/sysconfig/network-scripts/ifcfg-eth2.101
and would have the standard entries inside of it.
The last thing I'm going to mention is that various network cards and network card drivers can have issues with the larger ethernet framesseen on a trunk link (the VLAN header increases the frame size). I've had excellent success with the Intel PRO1000 MT Desktop Adapter using the default e1000 driver. This card can be found for less than $50 USD online.
Virtual network interfaces changes
Virtual interfaces such as ifcfg-eth0:1 didn't honor ONBOOT=no, they were always brought up with parent interface. Performing a "fix" now, would likely surprise many system administrators who unknowingly have ONBOOT=no in their files. Generally speaking, system administrators don't like being surprised therefore, a backwards compatible change has been made. By adding ONPARENT=no to a ifcfg-ethX:Yfile, it will not be brought up together with it's parent.Static Route configuration file change
Historically defining persistent static routes in RHL involved adding entries to the /etc/sysconfig/static-routes file. In RHL8.0 this is mostly broken. Now in RHL9 the /etc/sysconfig/static-routes is gone. Now thereis a separate file for each network interface that has defined staticroutes. The file names are:/etc/sysconfig/network-scripts/route-interfacename
Each line should be the arguments that are passed to the "/sbin/ip route add" command. For example:
198.168.2.0/24 via 10.2.3.200
For IPv6 static routes, the file names are:
/etc/sysconfig/network-scripts/route6-interfacename
IPv6 changes
Secondary IPv6 addresses are configurable on tunnel interfaces too.Very Secure FTP Daemon (vsftpd) now standalone
In RHL8.0 vsftpd was run from Xinetd, now in RHL9 it runs standalone and has it's own SysV init script. The Washington University FTP Daemon (wu-ftpd) is no longer included with RHL9. If you were depending on wu-ftpd, migrate your configuration to vsftpd.The ifupcommand and profiles
A little known fact is that newer versions of RHL support multiplenetwork profiles. This is useful for machines that commonly plug intodifferent networks (think laptops). The easy way to create network profiles is to use the redhat-config-network command. The question then becomes, what happens when you type "ifup eth0"? The behavior wasn't defined in previous versions, however, now in RHL 9 the following behavior is defined;search path for:A cool trick is to boot your RHL box directly into a profile from the GRUB boot screen. To do this, create a separate /etc/boot/grub.conf entry for each network profile, and in each entry add the kernel argument netprofile=profilename.
# ifup $DEV
is:
/etc/sysconfig/networking/profiles/$CURRENT_PROFILE/ifcfg-$DEV
/etc/sysconfig/networking/profiles/default/ifcfg-$DEV
/etc/sysconfig/network-scripts/ifcfg-$DEV
Configurable address 'scope' on network interfaces
In the ifcfg-interfacename files, the SCOPE configuration item now can be set to arbitrary values. This can be useful (among other things) in fine grained selection of source addresses for network connections originating from the machine itself.IPTables 1.2.7a
Included now in RHL9 is IPTables 1.2.7a versus 1.2.6a in RHL8.0. Thereare no major changes here, though those using Differentiated Services,ECN or IPv6 will be happy. View the full list of changes here.PHP module configuration now in separate files
The popular PHP server side scripting language has not changed versions (4.2.2) from RHL8.0 to RHL9, however, changes in configuration file layout has occured. The main PHP configuration file is the /etc/php.ini as it has always been, now starting in RHL9, there is now a /etc/php.d/ directory. The PHP language is extensible via modules, and in RHL major modules (snmp,pgsql,ldap,mysql,odbc,imap) have been split out into separate RPMS. Now in RHL9, the main configuration files slurps in all configuration files found in the /etc/php.d/ directory, and these separate modules place their own configuration files in that directory. This is is the same sort of change that was made to Apache and the separate Apache modules configuration files stored in /etc/httpd/conf.d/ directory in RHL8.0.Debuginfo RPMs
When creating RPMs using rpmbuild -baspecfile or rpmbuild --rebuildfoo.src.rpm, now a debuginfo RPM is automatically built alongwith the primary RPM(s). These can come in handy when experiencing application crashes. By installing the corresponding debuginfo RPM for apackage, detailed information useful for pinpointing the problem for adeveloper can be obtained when the application crashes. For more info,see the RELEASE-NOTES and the initial idea proposal.If you create your own RPMs, and you wish turn off the automatic generation of the debuginfo RPMs, the instructions in the shipped RELEASE-NOTES are not correct. The proper entry in your ~/.rpmmacros file is:
%debug_package %
Graphical Boot Support Coming?
It appears that support for a graphical boot is in the works. Somepieces have been put in place in Red Hat Linux 9. If you modify the/etc/sysconfig/init file and change BOOTUP=color to BOOTUP=graphical then early in the boot process via the /etc/rc.sysinit file, the Red Hat Graphical Boot binary, /usr/bin/rhgb, is run. I note that Red Hat should move it to /bin or /sbin as it will be a binary required before /usr gets mounted. Before you get too excited, note that the rhgb binary isn't included with RHL9.The GNOME Display Manager (GDM) 2.4.1.3-5
The GDM version 2.4 in RHL8.0 and RHL9 is a significant improvement over the GDM version shipped in RHL7.x. The gdmsetup program provides a slick GUI interface for configuring it. One behavioral change in RHL9, is that previously in RHL8.0 GDM was configured not to restart even if the X server was killed with CTL-ALT-BKSP. This caused issues with PAM and the X server. One fix was to cycle to run level 3 and back to run level 5. I ran into this a few times while I was teaching some Linux SystemsAdministration classes. Now however, thanks to the AlwaysRestartServer=true entry in the/etc/X11/gdm/gdm.conf file, this is no longer needed.On the first boot after installing RHL8.0, because of the firstbootapp, the X server could end up on VT 8. Now the GDM conf has been modified to force VT 7.
When using the GDM face browser (to provide icons and list each user account ala Mac OS X and WinXP), the system accounts are no longer shown by default.
Bootup Scripts and Unicode
All the text processing utilities, grep, awk, sort, etc all work significantly slower when using the Unicode UTF locale. To speed the bootup, inthe /etc/rc.sysinit and other SysV scripts, because the configuration is using 7bit ASCIIthese utilities are now invoked with LC_ALL=C utility to force the C locale.Launch SysV daemons with an altered nice level
For a given Sys V init script, you can now easily control the nice value. To do so, create the file /etc/sysconfig/scriptname (or edit the fileif it already exists), and add the line:NICELEVEL="X"
Legal values of X range from -20 (highest priority) to 19 (lowest).
The introduction of Device Labels
There has been a longstanding issue in Linux in that in the face of OS changes or hardware failures, storage devices can "move" to different locations. For example, although IDE devices have their physical path hardcoded into their device name, eg /dev/hdc3, SCSI devices are not. Consider the scenario where a system with three SCSI drives (sda,sdb,sdc) has a failure in sdb, on the next boot, theformer sdc will slide down and become sdb. Many different scenarios can produce similar results (even with IDE).One approach in solving this problem is to use filesystem labels. You'll notice that starting a couple years ago, RHL started using filesystem labels in the /etc/fstab file. Using filesystem labels doesn't solve the problem in all cases given that some partitions don't have filesystems such as swap or rawdevices used in SAN environments and Oracle installations and lastly some filesystems don't support labels at all.
The devlabel system produced by engineers at Dell and now integrated into RHL9 solves this problem at a lowerlevel that can be argued is more convenient and elegant. It operates by the system administrator defining a name by which a partition is to be known by. This "name" is actually a symbolic link that devlabel maintains and updates at boot time (devlabel is launched early on in the /etc/rc.sysinitfile) or by a system administrator after boot.
Moreover it is integrated into the hot-plug system so that hot-plugstorage such as USB, Firewire, or PCMCIA storage devices get persistent references. Imagine trying to access files stored on a USB keychainstorage device when you already have your portable MP3/OGG playeralready attached. With devlabel, you can define your MP3/OGG player to always be /dev/mp3oggplayer no matter how many or in what order you attached other USB storagedevices.
There are also very nice benefits to devlabel in a SAN environment where a given disk drive is /dev/sdb on one host, but /dev/sdd on another. By using devlabel in such a setting, all the hosts can have a persistent and common view of the device files.
Hopefully other Linux distributions will be adopting devlabel aswell.
Obtain more information by reading the Dell whitepaper, and by reading the devlabel manpage.
Red Hat Configuration Utility Changes
In times past, RHL included the Linuxconf the central system administration console. Another package that has never been included that is similar in spirit is the Webmin package. In both cases, it is alot of work to keep these externally developed and changing packages synchronized with the changing RHL specific configuration files. In the past there were many problems with Linuxconf being out of sync and assuch, RH dropped Linuxconf from the distribution. To replace Linuxconf, RH has developed their own tools. There is a common naming convention for these command that makes it very easy to see what command are available using the command completion features of your shell. For example to see the current list, run:[root@mentorroot]# redhat-config-<PRESS TABTWICE>
redhat-config-bind redhat-config-packages
redhat-config-bind-gui redhat-config-printer
redhat-config-date redhat-config-printer-gui
redhat-config-httpd redhat-config-printer-tui
redhat-config-keyboard redhat-config-proc
redhat-config-kickstart redhat-config-rootpassword
redhat-config-language redhat-config-samba
redhat-config-mouse redhat-config-securitylevel
redhat-config-network redhat-config-services
redhat-config-network-cmd redhat-config-soundcard
redhat-config-network-druid redhat-config-time
redhat-config-network-gui redhat-config-users
redhat-config-network-tui redhat-config-xfree86
redhat-config-nfs
[root@mentorroot]#
A new addition in RHL 9 is the redhat-config-samba command that provides a GUI interface for managing Samba.
CUPS now the default print spooler
I've been an avid CUPS fan since it first came out and have been installing it myself on my own RHL boxes. Red Hat has been shipping CUPS as an alternative to LPRng since RHL7.3, now in RHL9 it is the default. The CUPS printing subsystem has many advantages over its' competitors LPD and LPRng, chief in my mind, is the support the Internet PrintingProtocol (IPP) and PostScript Printer Definition (PPD) files.The IPP protocol is the new standard for communicating with a network printer. Windows 2000 and XP have built-in IPP support and Win9x and NT have IPP support available as a download from Microsoft. From a Windows client perspective, what this means is that a Windows box can print to a printer shared by a Linux box via CUPS without any additional software (no need to install the "Print Services for UNIX" addon). IPP also has security clearly defined and user x509 certificates can be created and print job submissions can be done over SSL.
All PostScript printers conform to some level (1, 2, 3 etc) of the specification. The spec defines how a print job can use common printer features such duplexing, however, the spec cannot define how to use some new fangled fancy hardware feature of a given printer such as a stapler or choosing what sort of color matching (Automatic, SWOP Press, SRGBDisplay, Fuji Proof, etc) to perform. For these printer specific features, the printer manufacturer creates a PPD file that describes how to enable and use these advanced features. Think of a PPD file as a print driver. The icing on the cake is that these PPD files are written in PostScript, an ASCII format, and as such are platform neutral. If you have a PostScript printer (or a non-Postscript printer but use thefoomatic print system to generate a 'fake' PPD file) then when you create the print queue in CUPS, you can define the PPD to use. The end result that on a per-print-job basis all the printer settings can betweaked and taken advantage of. To use this ability, first install the printer using CUP's lpadmin command (redhat-config-printer doesn't support PPD files yet). For example, here at Guru Labs we have Tektronix Phaser 860 PostScript 3 printer, to add the printer, as root I run the command:
# lpadmin -p phaser860 -E -P /etc/tk860dp1.ppd -v http://phaser860.gurulabs.com:80/ipp/
To see what printer specific options are settable, run "lpoptions -l". Then, when submitting a job with lpr, usethe -o option. Also, you can use KDE's printer system (even when running GNOME), kprinter for a GUI print job submission tool that allows you to easily set your printer options. View a screenshot of kprinter using the CUPS interface to a PPD printer here.
Tip: Here at Guru Labs, we run the following command (all on one line) as root on all of our systems to get Mozilla to use kprinter:
# perl -e 's/lpr/kprinter --stdin/g' -pi /usr/lib/mozilla*/defaults/pref/unix.js
Tip: With Mozilla 1.7+, use the following command instead:
# perl -e 's/lpr/kprinter --stdin/g' -pi /usr/lib/mozilla*/greprefs/all.js
Installer Changes
As documented in RELEASE-NOTES file use of boot floppies has changed. The most substantial change is that to perform a network install requires two floppies. Instead of using floppies to perform a network install, consider creating a boot cdrom from the boot.iso file to launch a network install; read the RELEASE-NOTES for the details.A nice feature for authors of documentation (such as myself) is the ability to take screenshots during the installation via SHIFT+PrntScrn. The images are placed in /root/anaconda-screenshots/. Previously, large hoops had to be jumped through to get screenshots ofthe installation process.
Finally, the installer no longer offers the fdisk utility as an option for partition table manipulation. Now, the recommendation is only the Disk Druid utility. This makes sense since even if you used fdisk, you still had to use Disk Druid to define the mount points and filesystem format. Note that fdisk is still accessible via the bash shell running on CTL-ALT-F2.
Notable changes to included software packages
OpenSSH 3.5p1 vs 3.4p1
When using sftp the ls command now supports the "-l" switch and globbing (eg, *txt) is supported by ls, get, and put. Other details at: http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=103470915430194&w=2Mailman 2.1 vs 2.0.13
The very capable mailing list manager, Mailman has been updated to the highly anticipated version 2.1. The version has lots of nice goodies, check the list here. My personal favorite is the addition of VERP support for managing bounces. For many years I ran lots of qmail+ezmlm+idx mailing lists, and this was the major feature I was missing since I switched to mailman 2.0. If you are using Mailman with Postfix be sure to take a look at the Guru Labs postfix-to-mailman glue script.OpenSSL 0.9.7a vs 0.9.6b
This cryptographic library is used by many many programs. In RHL9 it has been upgraded to version 0.9.7. Some of the new features include Elliptic Curve Crypto, AES, and support for the MIT Kerberos cryptoalgorithms. See the complete list of changes here.Subversion 0.17.1
New with RHL9 is the addition of network revision control system, Subversion. It is anadvanced replacement for the aging CVS package. It plans to support most all the features of CVS plus atomic commits, the storage of file meta-info (permissions, ownership, etc) and many others features. I haven't used it yet, so I'm not sure if the features I've listed are implemented yet or not. Speaking of CVS replacements, the other opensource contender I've heard about is ARCH, though it isn'tincluded with RHL (yet).GNOME 2.2 vs 2.0
The visual difference between the GNOME included in RHL9 vs RHL8 isn't really large. One nice RH change is the menu has been reworked again with the awkward "Extras" menu tree gone and instead at the top of eachroot menu item there is a "More" subtree. This change applies to KDE as well since the menu is shared. I like the new Wireless Ethernet link monitor applet. See the complete list of changes here.KDE 3.1 vs 3.0
Many new niceties have been introduced in KDE 3.1. Some of the biggest new features include desktop sharing via a VNC compatible network protocol andtabbed web browsing in the Konqueror web browser. See the complete list of changes here.Evolution 1.2.2 vs 1.0.8
After spending more than a decade using the Pine email client, I find myself finally preferring a GUI email client. Ximian's Evolution delivers the goods in a big way. The new stable v1.2 tree is now included in RHL9 has many nice improvements across the board to make it more intuitive and powerful. Some new v1.2 features that I'm using include LDAP over SSL/STARTTLS, audible notification of new email, and I've saved lots of disk space with the new v1.2 indexing engine. See the complete list of changes here.If you are adventurous, you can try out the GTK2 based preview of Evolution1.4.
Mozilla 1.2.1 vs 1.0.1
The Mozilla Project has just turned five years old and has turned out a steady stream of incremental updates. In last the last year Mozilla hasmoved from a 1.0 release to 1.3, though only 1.2.1 was ready in time to ship with RHL9. There are quite a few features to note in the 1.2.1 browser vs 1.01. The most user visible change is use of GTK2 widgets and font rending for better integration, blending with the GNOME desktopand anti-aliased fonts. Another new popular new feature is the ability to bookmark a group of tabs as a single bookmark and even set a group of tabs your "home page". With this version of Mozilla it is importantthat you use the very latest Flash plugin, since older Flash plugins will cause browsercrashes.If you decided to upgrade to Mozilla 1.3 be aware that there have been reports of Java plugin compatibility issues when using the Sun JRE/SDK though the Blackdown JRE/SDK is reported to work fine.
