This SUSE product includes materials licensed to SUSE under the GNU General Public License (GPL). The GPL requires that SUSE makes available certain source code that corresponds to the GPL-licensed material. The source code is available for download.
Version Revision History
-
September 2019: 4.0.2 release
-
July 9th 2019: 4.0.1 release
-
June 26th, 2019: 4.0.0 release
About SUSE Manager Proxy 4
SUSE Manager Proxy provides mirroring proxy support for large and distributed environments.
Operation of the proxy is completely transparent. The SUSE Manager Proxy looks like a managed client to SUSE Manager Server, and like a Server to the managed clients. Managed clients talk to the Proxy only, and the Proxy in turn communicates to the SUSE Manager Server.
All software packages that pass the Proxy are cached and subsequent client requests for these packages are resolved from the cache.
System Requirements
SUSE Manager Proxy is available for the x86_64 architecture only. We recommend you have at least 2 GB main memory, and approximately 50 GB of disk space per distribution or channel.
Consider additional disk space required for storing images for retail terminals.
For more details on system requirements, see the Installation Guide on https://www.suse.com/documentation/suse-manager-4/.
SUSE Manager Proxy Distribution
SUSE Manager Proxy 4 is provided through SUSE Customer Center and can be installed with the unified installer for SUSE Linux Enterprise 15 SP1. No separate SUSE Linux Enterprise subscription is required.
Installation and Setup
Installation of SUSE Manager Proxy 4.0 is done with the SUSE Manager Server 4 Web interface.
For more details on installing and configuring SUSE Manager Proxy 4.0, see the Installation Guide on https://www.suse.com/documentation/suse-manager-4/.
Upgrade from Version 3.2
To upgrade an existing SUSE Manager Proxy 3.2 system to SUSE Manager Proxy 4.0, you can do an in-place upgrade, or you can set up a new system to replace the old one.
For more information about upgrading, see the Upgrade Guide on https://www.suse.com/documentation/suse-manager-4/.
Upgrade from Version 3.1 or Older
In-place updates from SUSE Manager Proxy 3.1 or older are not supported. You will need to install a new system with SUSE Manager Proxy 4.0.
SUSE Manager Server Versions
SUSE Manager Proxy 4.0 works only with SUSE Manager 4.0 Server.
SUSE Manager Server 4.0 works with SUSE Manager Proxy 3.2 and later.
Major changes since SUSE Manager Proxy 4.0 GA
Features and changes
Version 4.0.2
Updated documentation
The SUSE Manager documentation has received improvements in all of the books, with small clarifications and enhancements all around: content lifecycle management filters, public cloud, JeOS, retail images and formulas, etc
Of particular interest for customers with large installations will be the new Large Scale Deployment and Salt Tuning sections in the Salt Guide. Given that modifying advanced parameters can cause catastrophic failure, we strongly recommend that you contact SUSE Consulting for assistance with tuning for your specific case.
Additionally, the search functionality in the documentation now works offline.
UEFI boot (Retail)
SUSE Manager for Retail can now create the required partitions and image machines with an EFI boot, using the Saltboot formula.
Version 4.0.1
Bugfix release
Patches
The SUSE Patch Finder is a simple online service to view released patches.
Version 4.0.2
mgr-cfg:
-
Ensure bytes type when using hashlib to avoid traceback (bsc#1138822)
mgr-daemon:
-
Fix systemd timer configuration on SLE12 (bsc#1142038)
-
Rhnsd service was replaced by rhnsd timer (bsc#1138130)
mgr-osad:
-
Fix obsolete for old osad packages, to allow installing mgr-osad even by using osad at yum/zyppper install (bsc#1139453)
-
Ensure bytes type when using hashlib to avoid traceback (bsc#1138822)
rhnlib:
-
Add SNI support for clients
-
fix initialize ssl connection (bsc#1144155)
-
Fix bootstrapping SLE11SP4 trad client with SSL enabled (bsc#1148177)
spacewalk-backend:
-
Do not overwrite comps and module data with older versions
-
Fix issue with "dists" keyword in url hostname
-
Import packages from all collections of a patch not just first one
-
Ensure bytes type when using hashlib to avoid traceback on XMLRPC call to "registration.register_osad" (bsc#1138822)
-
For backend-libs subpackages, exclude files for the server (already part of spacewalk-backend) to avoid conflicts (bsc#1148125)
-
prevent duplicate key violates on repo-sync with long changelog entries (bsc#1144889)
-
Don’t skip Deb package tags on package import (bsc#1130040)
spacewalk-certs-tools:
-
Run bootstrap.sh completely unattended on Ubuntu (bsc#1137881)
spacewalk-client-tools:
-
The rhnsd service was replaced by rhnsd timer, so registration script and systemd presets are now adapted to this (bsc#1138130)
spacewalk-remote-utils:
-
Add RHEL8
spacewalk-web:
-
Redirect to first step of channel assignment after change channel submit (bsc#1137244)
-
Hide channels managed by Content Lifecycle projects from available sources (bsc#1137965)
-
Add unsupported browser warning when using Internet Explorer
-
Allow virtualization tab for foreign systems (bsc#1116869)
-
Allow forcing off or resetting VMs
-
Fix VM creation dialog with non-default pools and networks (bsc#1138268)
-
Add checks for empty required entries on formula forms (bsc#1109639)
Version 4.0.1
spacewalk-backend:
-
Do not duplicate "http://" protocol when using proxies with "deb" repositories (bsc#1138313)
-
Fix reposync when dealing with RedHat CDN (bsc#1138358)
-
Fix for CVE-2019-10136. An attacker with a valid, but expired, authenticated set of headers could move some digits around, artificially extending the session validity without modifying the checksum. (bsc#1136480)
spacewalk-proxy:
-
Fix for CVE-2019-10137. A path traversal flaw was found in the way the proxy processes cached client tokens. A remote, unauthenticated, attacker could use this flaw to test the existence of arbitrary files, or if they have access to the proxy’s filesystem, execute arbitrary code in the context of the proxy. (bsc#1136476)
spacewalk-web:
-
Change WebUI version 4.0.1
Major Changes Since SUSE Manager Proxy 3.2
Prometheus Monitoring
We now include packages for the latest version of Prometheus. The SUSE Manager Monitoring entitlement is required for all systems that have monitoring with Prometheus enabled.
Some exporters will be pre-installed on SUSE Manager Proxy as part of its self-monitoring features. They will provide hardware, operating system, and HTTP Proxy metrics.
Formulas Update for Retail Branch Server
Formulas used to operate a SUSE Manager for Retail Branch Server were updated to support a SUSE Linux Enterprise 15 SP1 environment.
Configuration of SUSE Manager Retail Branch Server with Multiple Network Interfaces
During installation of SUSE Manager Retail Branch Server the secondary network interface, intended to be used for the terminal network, may be configured and bound to a firewall zone. This zone binding can interfere with the configuration of Retail services, and could result in you being unable to apply the highstate.
To avoid this problem, ensure that:
-
the primary network interface is either bound to 'public' zone or not bound to any zone
-
the secondary network interface either bound to 'internal' zone or is not bound to any firewall zone.
Do this by running these commands before you apply the retail formulas:
firewall-cmd --permanent --zone=public --change-interface=eth0
firewall-cmd --permanent --zone=internal --change-interface=eth1
firewall-cmd --reload
This example assumes eth0 is the primary interface and eth1 the secondary terminal interface.
Salt 2019.2.0
Salt has been upgraded to the 2019.2.0 release.
We intend to regularly upgrade Salt to more recent versions.
For more information about changes in your manually-created Salt states, see the Salt upstream release notes 2019.2.0.
Base System Upgrade
The base system was upgraded to SUSE Linux Enterprise 15 SP1. As a result, all code was ported to run with Python 3.
Providing Feedback
If you encounter a bug in any SUSE product, we’d appreciate if you’d report it through your support contact.
Documentation and Other Information
Latest product documentation: https://www.suse.com/documentation/suse-manager-4/
Technical product information for SUSE Manager: http://www.suse.com/products/suse-manager/technical-information
These release notes are available online: http://www.suse.com/releasenotes
Further information about SUSE Manager is available on the Wiki: http://wiki.microfocus.com/index.php/SUSE_Manager
Visit http://www.suse.com for the latest Linux product news from SUSE.
Visit http://www.suse.com/download-linux/source-code.html for additional information on the source code of SUSE Linux Enterprise products.
Legal Notices
SUSE Linux GmbH Maxfeldstr. 5 D-90409 Nürnberg Tel: +49 (0)911 740 53 - 0 Email: feedback@suse.com Registrierung/Registration Number: HRB 21284 AG Nürnberg Geschäftsführer/Managing Director: Felix Imendörffer, Mary Higgins, Sri Rasiah Steuernummer/Sales Tax ID: DE 192 167 791 Erfüllungsort/Legal Venue: Nürnberg
SUSE makes no representations or warranties with regard to the contents or use of this documentation, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, SUSE reserves the right to revise this publication and to make changes to its content, at any time, without the obligation to notify any person or entity of such revisions or changes.
Further, SUSE makes no representations or warranties with regard to any software, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, SUSE reserves the right to make changes to any and all parts of SUSE software, at any time, without any obligation to notify any person or entity of such changes.
Any products or technical information provided under this Agreement may be subject to U.S. export controls and the trade laws of other countries. You agree to comply with all export control regulations and to obtain any required licenses or classifications to export, re-export, or import deliverables. You agree not to export or re-export to entities on the current U.S. export exclusion lists or to any embargoed or terrorist countries as specified in U.S. export laws. You agree to not use deliverables for prohibited nuclear, missile, or chemical/biological weaponry end uses. Please refer to the SUSE Legal information page for more information on exporting SUSE software. SUSE assumes no responsibility for your failure to obtain any necessary export approvals.
Copyright © 2012-2019 SUSE LLC.
This release notes document is licensed under a Creative Commons Attribution-NoDerivatives 4.0 International License (CC-BY-ND-4.0). You should have received a copy of the license along with this document. If not, see https://creativecommons.org/licenses/by-nd/4.0/.
SUSE has intellectual property rights relating to technology embodied in the product that is described in this document. In particular, and without limitation, these intellectual property rights may include one or more of the U.S. patents listed at https://www.suse.com/company/legal/ and one or more additional patents or pending patent applications in the U.S. and other countries.
For SUSE trademarks, see SUSE Trademark and Service Mark list (https://www.suse.com/company/legal/). All third-party trademarks are the property of their respective owners.
Colophon
Thank you for using SUSE Manager Proxy Server in your business.
Your SUSE Manager Team.