SUSE Linux Enterprise Server 15 SP5 (prerelease)

Release Notes

Abstract

SUSE Linux Enterprise Server is a modern, modular operating system for both
multimodal and traditional IT. This document provides a high-level overview of
features, capabilities, and limitations of SUSE Linux Enterprise Server 15 SP5 
(prerelease) and highlights important product updates.

This product will be released in June 2024. The latest version of these release
notes is always available at https://www.suse.com/releasenotes. Drafts of the
general documentation can be found at https://susedoc.github.io/doc-sle/main.

Publication Date: 2023-03-01, Version: 15.5.20230301

1 About the release notes
2 SUSE Linux Enterprise Server
3 Modules, extensions, and related products
4 Installation and upgrade
5 Changes affecting all architectures
6 Removed and deprecated features and packages
7 Obtaining source code
8 Legal notices
A Changelog for 15 SP5 (prerelease)

    A.1 2023-03-01
    A.2 2023-02-01
    A.3 2022-11-30
    A.4 2022-11-02
    A.5 2022-10-18

B Kernel parameter changes

    B.1 Changes from SP4 to SP5

1 About the release notes

These Release Notes are identical across all architectures, and the most recent
version is always available online at https://www.suse.com/releasenotes.

Entries are only listed once but they can be referenced in several places if
they are important and belong to more than one section.

Release notes usually only list changes that happened between two subsequent
releases. Certain important entries from the release notes of previous product
versions are repeated. To make these entries easier to identify, they contain a
note to that effect.

However, repeated entries are provided as a courtesy only. Therefore, if you
are skipping one or more service packs, check the release notes of the skipped
service packs as well. If you are only reading the release notes of the current
release, you could miss important changes.

2 SUSE Linux Enterprise Server

SUSE Linux Enterprise Server 15 SP5 (prerelease) is a multimodal operating
system that paves the way for IT transformation in the software-defined era. It
is a modern and modular OS that helps simplify multimodal IT, makes traditional
IT infrastructure efficient and provides an engaging platform for developers.
As a result, you can easily deploy and transition business-critical workloads
across on-premises and public cloud environments.

SUSE Linux Enterprise Server 15 SP5 (prerelease), with its multimodal design,
helps organizations transform their IT landscape by bridging traditional and
software-defined infrastructure.

2.1 Interoperability and hardware support

Designed for interoperability, SUSE Linux Enterprise Server integrates into
classical Unix and Windows environments, supports open standard interfaces for
systems management, and has been certified for IPv6 compatibility.

This modular, general-purpose operating system runs on four processor
architectures and is available with optional extensions that provide advanced
capabilities for tasks such as real-time computing and high-availability
clustering.

SUSE Linux Enterprise Server is optimized to run as a high-performance guest on
leading hypervisors. This makes SUSE Linux Enterprise Server the perfect guest
operating system for virtual computing.

2.2 What is new?

2.2.1 General changes in SLE 15

SUSE Linux Enterprise Server 15 introduces many innovative changes compared to
SUSE Linux Enterprise Server 12. The most important changes are listed below.

Migration from openSUSE Leap to SUSE Linux Enterprise Server

    SLE 15 SP2 and later support migrating from openSUSE Leap 15 to SUSE Linux
    Enterprise Server 15. Even if you decide to start out with the free
    community distribution, you can later easily upgrade to a distribution with
    enterprise-class support. For more information, see the Upgrade Guide at
    https://documentation.suse.com/sles/15-SP5/html/SLES-all/
    cha-upgrade-online.html#sec-upgrade-online-opensuse-to-sle.

Extended package search

    Use the new Zypper command zypper search-packages to search across all SUSE
    repositories available for your product, even if they are not yet enabled.
    For more information see Section 5.6.3, "Searching packages across all SLE
    modules".

Software Development Kit

    In SLE 15, packages formerly shipped as part of the Software Development
    Kit are now integrated into the products. Development packages are packaged
    alongside other packages. In addition, the Development Tools module
    contains tools for development.

RMT replaces SMT

    SMT (Subscription Management Tool) has been removed. Instead, RMT
    (Repository Mirroring Tool) now allows mirroring SUSE repositories and
    custom repositories. You can then register systems directly with RMT. In
    environments with tightened security, RMT can also proxy other RMT servers.
    If you are planning to migrate SLE 12 clients to version 15, RMT is the
    supported product to handle such migrations. If you still need to use SMT
    for these migrations, beware that the migrated clients will have all
    installation modules enabled. For more information see Section 4.2.4, "SMT
    has been replaced by RMT".

Media changes

    The Unified Installer and Packages media known from SUSE Linux Enterprise
    Server 15 SP1 have been replaced by the following media:

      ? Online Installation Medium: Allows installing all SUSE Linux Enterprise
        15 products. Packages are fetched from online repositories. This type
        of installation requires a registration key. Available SLE modules are
        listed in Section 3.1, "Modules in the SLE 15 SP5 (prerelease) product
        line".

      ? Full Installation Medium: Allows installing all SUSE Linux Enterprise
        Server 15 products without a network connection. This medium contains
        all packages from all SLE modules. SLE modules need to be enabled
        manually during installation. RMT (Repository Mirroring Tool) and SUSE
        Manager provide additional options for disconnected or managed
        installations.

Major updates to the software selection:

Salt

    SLE 15 SP5 (prerelease) can be managed via Salt, making it integrate better
    with modern management solutions such as SUSE Manager.

Python 3

    As the first enterprise distribution, SLE 15 offers full support for Python
    3 development in addition to Python 2.

Directory Server

    389 Directory Server replaces OpenLDAP as the LDAP directory service.

2.2.2 Changes in 15 SP5 (prerelease)

SUSE Linux Enterprise Server 15 SP5 (prerelease) introduces changes compared to
SUSE Linux Enterprise Server 15 SP4. The most important changes are listed
below:

2.2.3 Package and module changes in 15 SP5 (prerelease)

The full list of changed packages compared to 15 SP4 can be seen at this URL:

  o https://documentation.suse.com/package-lists/sle/15-SP5/
    package-changes_SLE-15-SP4-GA_SLE-15-SP5-GA.txt

The full list of changed modules compared to 15 SP4 can be seen at this URL:

  o https://documentation.suse.com/package-lists/sle/15-SP5/
    module-changes_SLE-15-SP4-GA_SLE-15-SP5-GA.txt

2.3 Important sections of this document

If you are upgrading from a previous SUSE Linux Enterprise Server release, you
should review at least the following sections:

  o Section 2.7, "Support statement for SUSE Linux Enterprise Server"

  o Section 4.2, "Upgrade-related notes"

  o Section 5, "Changes affecting all architectures"

2.4 Security, standards, and certification

SUSE Linux Enterprise Server 15 SP5 (prerelease) has been submitted to the
certification bodies for:

  o Common Criteria Certification, see https://www.commoncriteriaportal.org/

  o FIPS 140-2 validation, see https://doi.org/10.6028/NIST.FIPS.140-2

For more information about certification, see https://www.suse.com/support/
security/certifications/.

2.5 Documentation and other information

2.5.1 Available on the product media

  o Read the READMEs on the media.

  o Get the detailed change log information about a particular package from the
    RPM (where FILENAME.rpm is the name of the RPM):

    rpm --changelog -qp FILENAME.rpm

  o Check the ChangeLog file in the top level of the installation medium for a
    chronological log of all changes made to the updated packages.

  o Find more information in the docu directory of the installation medium of
    SUSE Linux Enterprise Server 15 SP5 (prerelease). This directory includes
    PDF versions of the SUSE Linux Enterprise Server 15 SP5 (prerelease)
    Installation Quick Start Guide.

2.5.2 Online documentation

  o For the most up-to-date version of the documentation for SUSE Linux
    Enterprise Server 15 SP5 (prerelease), see https://susedoc.github.io/
    doc-sle/main (draft version).

2.6 Support and life cycle

SUSE Linux Enterprise Server is backed by award-winning support from SUSE, an
established technology leader with a proven history of delivering
enterprise-quality support services.

SUSE Linux Enterprise Server 15 has a 13-year life cycle, with 10 years of
General Support and three years of Extended Support. The current version (SP5)
will be fully maintained and supported until six months after the release of
SUSE Linux Enterprise Server 15 SP6.

If you need additional time to design, validate and test your upgrade plans,
Long Term Service Pack Support can extend the support duration. You can buy an
additional 12 to 36 months in twelve month increments. This means that you
receive a total of three to five years of support per Service Pack.

For more information, see the pages Support Policy and Long Term Service Pack
Support.

2.7 Support statement for SUSE Linux Enterprise Server

To receive support, you need an appropriate subscription with SUSE. For more
information, see https://www.suse.com/support/?id=SUSE_Linux_Enterprise_Server.

The following definitions apply:

L1

    Problem determination, which means technical support designed to provide
    compatibility information, usage support, ongoing maintenance, information
    gathering, and basic troubleshooting using the documentation.

L2

    Problem isolation, which means technical support designed to analyze data,
    reproduce customer problems, isolate the problem area, and provide a
    resolution for problems not resolved by Level 1 or prepare for Level 3.

L3

    Problem resolution, which means technical support designed to resolve
    problems by engaging engineering to resolve product defects which have been
    identified by Level 2 Support.

For contracted customers and partners, SUSE Linux Enterprise Server is
delivered with L3 support for all packages, except for the following:

  o Technology Previews, see Section 2.8, "Technology previews"

  o Sound, graphics, fonts and artwork

  o Packages that require an additional customer contract, see Section 2.7.2,
    "Software requiring specific contracts"

  o Some packages shipped as part of the module Workstation Extension are
    L2-supported only

  o Packages with names ending in -devel (containing header files and similar
    developer resources) will only be supported together with their main
    packages.

SUSE will only support the usage of original packages. That is, packages that
are unchanged and not recompiled.

2.7.1 General support

To learn about supported features and limitations, refer to the following
sections in this document:

  o Section 5.2, "Kernel"

  o Section 5.4, "Storage and file systems"

  o Section 5.7, "Virtualization"

  o Section 6, "Removed and deprecated features and packages"

2.7.2 Software requiring specific contracts

Certain software delivered as part of SUSE Linux Enterprise Server may require
an external contract. Check the support status of individual packages using the
RPM metadata that can be viewed with rpm, zypper, or YaST.

Major packages and groups of packages affected by this are:

  o PostgreSQL (all versions, including all subpackages)

2.7.3 Software under GNU AGPL

SUSE Linux Enterprise Server 15 SP5 (prerelease) (and the SUSE Linux Enterprise
modules) includes the following software that is shipped only under a GNU AGPL
software license:

  o Ghostscript (including subpackages)

SUSE Linux Enterprise Server 15 SP5 (prerelease) (and the SUSE Linux Enterprise
modules) includes the following software that is shipped under multiple
licenses that include a GNU AGPL software license:

  o MySpell dictionaries and LightProof

  o ArgyllCMS

2.8 Technology previews

Technology previews are packages, stacks, or features delivered by SUSE to
provide glimpses into upcoming innovations. Technology previews are included
for your convenience to give you a chance to test new technologies within your
environment. We would appreciate your feedback! If you test a technology
preview, contact your SUSE representative and let them know about your
experience and use cases. Your input is helpful for future development.

Technology previews come with the following limitations:

  o Technology previews are still in development. Therefore, they may be
    functionally incomplete, unstable, or in other ways not suitable for
    production use.

  o Technology previews are not supported.

  o Technology previews may only be available for specific hardware
    architectures. Details and functionality of technology previews are subject
    to change. As a result, upgrading to subsequent releases of a technology
    preview may be impossible and require a fresh installation.

  o Technology previews can be removed from a product at any time. This may be
    the case, for example, if SUSE discovers that a preview does not meet the
    customer or market needs, or does not comply with enterprise standards.

3 Modules, extensions, and related products

This section comprises information about modules and extensions for SUSE Linux
Enterprise Server 15 SP5 (prerelease). Modules and extensions add functionality
to the system.

Note

Note: Package and module changes in 15 SP5 (prerelease)

For more information about all package and module changes since the last
version, see Section 2.2.3, "Package and module changes in 15 SP5 (prerelease)"
.

3.1 Modules in the SLE 15 SP5 (prerelease) product line

The SLE 15 SP5 (prerelease) product line is made up of modules that contain
software packages. Each module has a clearly defined scope. Modules differ in
their life cycles and update timelines.

The modules available within the product line based on SUSE Linux Enterprise
15 SP5 (prerelease) at the release of SUSE Linux Enterprise Server 15 SP5 
(prerelease) are listed in the Modules and Extensions Quick Start at https://
susedoc.github.io/doc-sle/main/html/SLES-modules/ (draft version).

Not all SLE modules are available with a subscription for SUSE Linux Enterprise
Server 15 SP5 (prerelease) itself (see the column Available for).

For information about the availability of individual packages within modules,
see https://scc.suse.com/packages.

3.2 SLE extensions

SLE Extensions add extra functionality to the system and require their own
registration key, usually at additional cost. Most extensions have their own
release notes documents that are available from https://www.suse.com/
releasenotes.

The following extensions are available for SUSE Linux Enterprise Server 15 SP5 
(prerelease):

  o SUSE Linux Enterprise Live Patching: https://www.suse.com/products/
    live-patching

  o SUSE Linux Enterprise High Availability Extension: https://www.suse.com/
    products/highavailability

  o SUSE Linux Enterprise Workstation Extension: https://www.suse.com/products/
    workstation-extension

The following extension is not covered by SUSE support agreements, available at
no additional cost and without an extra registration key:

  o SUSE Package Hub: https://packagehub.suse.com/ (see Section 5.5, "SUSE
    Package Hub")

3.3 Derived and related products

This sections lists derived and related products. Usually, these products have
their own release notes documents that are available from https://www.suse.com/
releasenotes.

  o SUSE Linux Enterprise JeOS: https://www.suse.com/products/server/jeos (see
    Section 4.3, "Minimal-VM and Minimal-Image")

  o SUSE Linux Enterprise Desktop: https://www.suse.com/products/desktop

  o SUSE Linux Enterprise Server for SAP Applications: https://www.suse.com/
    products/sles-for-sap

  o SUSE Linux Enterprise for High-Performance Computing: https://www.suse.com/
    products/server/hpc

  o SUSE Linux Enterprise Real Time: https://www.suse.com/products/realtime

  o SUSE Manager: https://www.suse.com/products/suse-manager

4 Installation and upgrade

SUSE Linux Enterprise Server can be deployed in several ways:

  o Physical machine

  o Virtual host

  o Virtual machine

  o System containers

  o Application containers

4.1 Installation

This section includes information related to the initial installation of SUSE
Linux Enterprise Server 15 SP5 (prerelease).

Important

Important: Installation documentation

The following release notes contain additional notes regarding the installation
of SUSE Linux Enterprise Server. However, they do not document the installation
procedure itself.

For installation documentation, see the Deployment Guide at https://
susedoc.github.io/doc-sle/main/html/SLES-deployment/ (draft version).

4.1.1 New media layout

The set of media has changed with 15 SP2. There still are two different
installation media, but the way they can be used has changed:

  o You can install with registration using either the online-installation
    medium (as with SUSE Linux Enterprise Server 15 SP1) or the full medium.

  o You can install without registration using the full medium. The installer
    has been added to the full medium and the full medium can now be used
    universally for all types of installations.

  o You can install without registration using the online-installation medium.
    Point the installer at the required SLE repositories, combining the install
    = and instsys= boot parameters:

      ? With the install= parameter, select a path that contains either just
        the product repository or the full content of the media.

      ? With the inst-sys= parameter, point at the installer itself, that is, /
        boot/ARCHITECTURE/root on the medium.

    For more information about the parameters, see https://en.opensuse.org/
    SDB:Linuxrc#p_install.

4.1.2 Installation via SSH on s390x

Before starting the installation using yast.ssh, it is neccessary to set the
environmental variable QT_XCB_GL_INTEGRATION to xcb_egl:

export QT_XCB_GL_INTEGRATION=xcb_egl

4.2 Upgrade-related notes

This section includes upgrade-related information for SUSE Linux Enterprise
Server 15 SP5 (prerelease).

Important

Important: Upgrade documentation

The following release notes contain additional notes regarding the upgrade of
SUSE Linux Enterprise Server. However, they do not document the upgrade
procedure itself.

For upgrade documentation, see the Upgrade Guide at https://susedoc.github.io/
doc-sle/main/html/SLES-upgrade/ (draft version).

4.2.1 Hibernation requires manual intervention

Previously, it was possible for data loss to occur due to the system not
hibernating correctly.

In 15 SP5 (prerelease), a sanity check was introduced to prevent this. It works
by removing the kernel resume parameter if it points to a non-existent device.
However, that means a system would not use the hibernation data. To fix it, do
the following:

 1. Edit /etc/default/grub and correct the resume parameter to point to an
    existing device.

 2. Regenerate initrd.

 3. Reboot.

4.2.2 Make sure the current system is up-to-date before upgrading

Upgrading the system is only supported from the most recent patch level. Make
sure the latest system updates are installed by either running zypper patch or
by starting the YaST module Online Update. An upgrade on a system that is not
fully patched may fail.

4.2.3 Skipping service packs requires LTSS

Skipping service packs during an upgrade is only supported if you have a Long
Term Service Pack Support contract. Otherwise, you need to first upgrade to SLE
15 SP4 before upgrading to SLE 15 SP5 (prerelease).

4.2.4 SMT has been replaced by RMT

SLE 12 is the last codestream that SMT (Subscription Management Tool) is
available for.

When upgrading your OS installation to SLE 15, we recommend also upgrading from
SMT to its replacement RMT (Repository Mirroring Tool). RMT provides the
following functionality:

  o Mirroring of SUSE-originated repositories for the SLE 12-based and SLE
    15-based products your organization has valid subscriptions for.

  o Synchronization of subscriptions from SUSE Customer Center using your
    organization's mirroring credentials. (These credentials can be found in
    SCC under Select Organization, Organization, Organization Credentials)

  o Selecting repositories to be mirrored locally via rmt-cli tool.

  o Registering systems directly to RMT to get required updates.

  o Adding custom repositories from external sources and distributing them via
    RMT to target systems.

  o Improved security with proxying: If you have strict security requirements,
    an RMT instance with direct Internet access can proxy to another RMT
    instance without direct Internet access.

  o Nginx as Web server: The default Web server of RMT is Nginx which has a
    smaller memory footprint and comparable performance than that used for SMT.

Note that unlike SMT, RMT does not support installations of SLE 11 and earlier.

For more feature comparison between RMT and SMT, see https://github.com/SUSE/
rmt/blob/master/docs/smt_and_rmt.md.

For more information about RMT, also see the new RMT Guide at https://
documentation.suse.com/sles/15-SP3/html/SLES-all/book-rmt.html.

4.3 Minimal-VM and Minimal-Image

SUSE Linux Enterprise Server Minimal-VM and Minimal-Image is a slimmed-down
form factor of SUSE Linux Enterprise Server that is ready to run in
virtualization environments and the cloud. With SUSE Linux Enterprise Server
Minimal-VM and Minimal-Image, you can choose the right-sized SUSE Linux
Enterprise Server option to fit your needs.

SUSE provides virtual disk images for Minimal-VM and Minimal-Image in the file
formats .qcow2, .vhdx, and .vmdk, compatible with KVM, Xen, OpenStack, Hyper-V,
and VMware environments. All Minimal-VM and Minimal-Image images set up the
same disk size (24 GB) for the system. Due to the properties of different file
formats, the size of Minimal-VM and Minimal-Image image downloads differs
between formats.

4.4 JeOS renamed Minimal-VM and Minimal-Image

We have received feedback from users confused by the name JeOS, as a matter of
fact the acronym JeOS, which meant Just enough Operating System, was not well
understood and could be confused with other images provided by SUSE or
openSUSE.

We have decided to go with simplicity and rename JeOS by "Minimal-VM" for all
our Virtual Machine Images and "Minimal-Image" for the Raspberry Pi Image. We
have also removed a few other characters, in the full images name to make it
more simple and clear:

  o SLES15-SP4-Minimal-VM.x86_64-kvm-and-xen-GM.qcow2

  o SLES15-SP4-Minimal-VM.x86_64-OpenStack-Cloud-GM.qcow2

  o SLES15-SP4-Minimal-VM.x86_64-MS-HyperV-GM.vhdx.xz

  o SLES15-SP4-Minimal-VM.x86_64-VMware-GM.vmdk.xz

  o SLES15-SP4-Minimal-VM.aarch64-kvm-GM.qcow2

  o SLES15-SP4-Minimal-Image.aarch64-RaspberryPi-GM.raw.xz

4.4.1 Alternative Python 3 development interpreter moved to a separate module

SLE 15 SP4 introduces a new Python 3 Module, which includes the alternatively
available development Python interpreter, formerly included in the Basesystem
Module. This new module will allow for more flexibility for the lifecycle of
the packages provided within it and a clean separation between the system and
development interpreter.

As the python39 package was part of the Basesystem Module on SLE 15 SP3, the
introduction of this new module will require some changes when migrating to SLE
15 SP5 (prerelease). If you are using python39 and migrate from SLE 15 SP3, you
will have to add the Python 3 module after migration via SUSEConnect to receive
updates for this alternative interpreter. Otherwise the package will remain
orphaned and without security updates.

Packages inside this module can have differing support level and support
lifecycle. For more information, see documentation.

4.5 For more information

For more information, see Section 5, "Changes affecting all architectures" and
the sections relating to your respective hardware architecture.

5 Changes affecting all architectures

Information in this section applies to all architectures supported by SUSE
Linux Enterprise Server 15 SP5 (prerelease).

5.1 Development

5.1.1 Alternative Python 3 development interpreter moved to a separate module

SLE 15 SP4 introduces a new Python 3 Module, which includes the alternatively
available development Python interpreter, formerly included in the Basesystem
Module. This new module will allow for more flexibility for the lifecycle of
the packages provided within it and a clean separation between the system and
development interpreter.

As the python39 package was part of the Basesystem Module on SLE 15 SP3, the
introduction of this new module will require some changes when migrating to SLE
15 SP5 (prerelease). If you are using python39 and migrate from SLE 15 SP3, you
will have to add the Python 3 module after migration via SUSEConnect to receive
updates for this alternative interpreter. Otherwise the package will remain
orphaned and without security updates.

Packages inside this module can have differing support level and support
lifecycle. For more information, see documentation.

5.1.2 Supported Java versions

The following Java implementations are available in SUSE Linux Enterprise
Server 15 SP5 (prerelease):

+--------------------+-------+-----------+--------------------------+
|Name (Package Name) |Version|Module     |Support                   |
+--------------------+-------+-----------+--------------------------+
|OpenJDK             |11     |Base System|SUSE, L3, until 2026-12-31|
|(java-11-openjdk)   |       |           |                          |
+--------------------+-------+-----------+--------------------------+
|OpenJDK             |17     |Base System|SUSE, L3, until 2028-06-30|
|(java-17-openjdk)   |       |           |                          |
+--------------------+-------+-----------+--------------------------+
|OpenJDK             |1.8.0  |Legacy     |SUSE, L3, until 2026-12-31|
|(java-1_8_0-openjdk)|       |           |                          |
+--------------------+-------+-----------+--------------------------+
|IBM Java            |1.8.0  |Legacy     |External, until 2025-04-30|
|(java-1_8_0-ibm)    |       |           |                          |
+--------------------+-------+-----------+--------------------------+

5.2 Kernel

5.2.1 Kernel limits

This table summarizes the various limits which exist in our recent kernels and
utilities (if related) for SUSE Linux Enterprise Server 15 SP5 (prerelease).

+--------------------------+---------------+----------+-----------+-----------+
|SLES 15 SP5 (prerelease)  |AMD64/Intel 64 |IBM Z     |POWER      |ARMv8      |
|(Linux 5.14.21)           |(x86_64)       |(s390x)   |(ppc64le)  |(AArch64)  |
+--------------------------+---------------+----------+-----------+-----------+
|CPU bits                  |64             |64        |64         |64         |
+--------------------------+---------------+----------+-----------+-----------+
|Maximum number of logical |8192           |256       |2048       |768        |
|CPUs                      |               |          |           |           |
+--------------------------+---------------+----------+-----------+-----------+
|Maximum amount of RAM     |>1 PiB/64 TiB |10 TiB/   |1 PiB/     |256 TiB/   |
|(theoretical/certified)   |               |256 GiB  |64 TiB    |n.a.      |
+--------------------------+---------------+----------+-----------+-----------+
|Maximum amount of user    |128 TiB/       |n.a.      |512 TiB^1/ |256 TiB/   |
|space/kernel space        |128 TiB       |          |2 EiB     |256 TiB   |
+--------------------------+---------------+----------+-----------+-----------+
|Maximum amount of swap    |Up to 29 *     |Up to 30 * 64 GB                  |
|space                     |64 GB          |                                  |
+--------------------------+---------------+----------------------------------+
|Maximum number of         |1,048,576                                         |
|processes                 |                                                  |
+--------------------------+--------------------------------------------------+
|Maximum number of threads |Upper limit depends on memory and other parameters|
|per process               |(tested with more than 120,000)^2.                |
+--------------------------+--------------------------------------------------+
|Maximum size per block    |Up to 8 EiB on all 64-bit architectures           |
|device                    |                                                  |
+--------------------------+--------------------------------------------------+
|FD_SETSIZE                |1024                                              |
+--------------------------+--------------------------------------------------+

^1 By default, the user space memory limit on the POWER architecture is
128 TiB. However, you can explicitly request mmaps up to 512 TiB.

^2 The total number of all processes and all threads on a system may not be
higher than the "maximum number of processes".

5.2.2 Restoring default Btrfs file compression

Previously in kernel 5.14, it was possible to disable compression by passing an
empty string instead of explicitly mentioning none or no.

In SLES 15 SP5 (prerelease), this behavior is changed to the more expected one.
From kernel 5.14 onwards, empty string will reset the default setting instead
of disabling compression.

5.3 Security

5.3.1 TLS 1.1 and 1.0 are no longer recommended for use

The TLS 1.0 and 1.1 standards have been superseded by TLS 1.2 and TLS 1.3. TLS
1.2 has been available for considerable time now.

SUSE Linux Enterprise Server packages using OpenSSL, GnuTLS, or Mozilla NSS
already support TLS 1.3. We recommend no longer using TLS 1.0 and TLS 1.1, as
SUSE plans to disable these protocols in a future service pack. However, not
all packages, for example, Python, are TLS 1.3-enabled yet as this is an
ongoing process.

5.3.2 Replacement of gpg as recommended tool for file encryption

A new rage-encryption package has been added. The package provides the rage
executable. rage is an implementation of the age file encryption format using
Rust.

This replaces gpg as the preferred tool over gpg for file encryption. The main
reasons are that gpg has a history of security issues, and is well known for
its complexity. In comparison, rage focuses on usability and security. It
especially tries to make key handling as simple as handling SSH keys
(essentially short lines of text), which it also supports.

For more information, see:

  o https://github.com/str4d/rage

  o https://age-encryption.org/v1

5.4 Storage and file systems

5.4.1 Comparison of supported file systems

SUSE Linux Enterprise was the first enterprise Linux distribution to support
journaling file systems and logical volume managers in 2000. Later, we
introduced XFS to Linux, which allows for reliable large-scale file systems,
systems with heavy load, and multiple parallel reading and writing operations.
With SUSE Linux Enterprise 12, we started using the copy-on-write file system
Btrfs as the default for the operating system, to support system snapshots and
rollback.

The following table lists the file systems supported by SUSE Linux Enterprise.

Support status: + supported / - unsupported

+----------------------------+--------------+-------+------------+------------+
|Feature                     |    Btrfs     |  XFS  |    Ext4    |  OCFS 2^1  |
+----------------------------+--------------+-------+------------+------------+
|Supported in product        |     SLE      |  SLE  |    SLE     |   SLE HA   |
+----------------------------+--------------+-------+------------+------------+
|Data/metadata journaling    |    N/A^2     | - / + |   + / +    |   - / +    |
+----------------------------+--------------+-------+------------+------------+
|Journal internal/external   |    N/A^2     | + / + |   + / +    |   + / -    |
+----------------------------+--------------+-------+------------+------------+
|Journal checksumming        |    N/A^2     |   +   |     +      |     +      |
+----------------------------+--------------+-------+------------+------------+
|Subvolumes                  |      +       |   -   |     -      |     -      |
+----------------------------+--------------+-------+------------+------------+
|Offline extend/shrink       |    + / +     | - / - |   + / +    |  + / -^3   |
+----------------------------+--------------+-------+------------+------------+
|Inode allocation map        |    B-tree    |B+-tree|   Table    |   B-tree   |
+----------------------------+--------------+-------+------------+------------+
|Sparse files                |      +       |   +   |     +      |     +      |
+----------------------------+--------------+-------+------------+------------+
|Tail packing                |      -       |   -   |     -      |     -      |
+----------------------------+--------------+-------+------------+------------+
|Small files stored inline   |    + (in     |   -   |+ (in inode)|+ (in inode)|
|                            |  metadata)   |       |            |            |
+----------------------------+--------------+-------+------------+------------+
|Defragmentation             |      +       |   +   |     +      |     -      |
+----------------------------+--------------+-------+------------+------------+
|Extended file attributes/   |    + / +     | + / + |   + / +    |   + / +    |
|ACLs                        |              |       |            |            |
+----------------------------+--------------+-------+------------+------------+
|User/group quotas           |    - / -     | + / + |   + / +    |   + / +    |
+----------------------------+--------------+-------+------------+------------+
|Project quotas              |      -       |   +   |     +      |     -      |
+----------------------------+--------------+-------+------------+------------+
|Subvolume quotas            |      +       |  N/A  |    N/A     |    N/A     |
+----------------------------+--------------+-------+------------+------------+
|Data dump/restore           |      -       |   +   |     -      |     -      |
+----------------------------+--------------+-------+------------+------------+
|Block size default          |                    4 KiB^4                     |
+----------------------------+--------------+-------+------------+------------+
|Maximum file system size    |    16 EiB    | 8 EiB |   1 EiB    |   4 PiB    |
+----------------------------+--------------+-------+------------+------------+
|Maximum file size           |    16 EiB    | 8 EiB |   1 EiB    |   4 PiB    |
+----------------------------+--------------+-------+------------+------------+

^1 OCFS 2 is fully supported as part of the SUSE Linux Enterprise High
Availability Extension.

^2 Btrfs is a copy-on-write file system. Instead of journaling changes before
writing them in-place, it writes them to a new location and then links the new
location in. Until the last write, the changes are not "committed". Because of
the nature of the file system, quotas are implemented based on subvolumes
(qgroups).

^3 To extend an OCFS 2 file system, the cluster must be online but the file
system itself must be unmounted.

^4 The block size default varies with different host architectures. 64 KiB is
used on POWER, 4 KiB on other systems. The actual size used can be checked with
the command getconf PAGE_SIZE.

Additional notes

Maximum file size above can be larger than the file system's actual size
because of the use of sparse blocks. All standard file systems on SUSE Linux
Enterprise Server have LFS, which gives a maximum file size of 2^63 bytes in
theory.

The numbers in the table above assume that the file systems are using a 4 KiB
block size which is the most common standard. When using different block sizes,
the results are different.

In this document:

  o 1024 Bytes = 1 KiB

  o 1024 KiB = 1 MiB;

  o 1024 MiB = 1 GiB

  o 1024 GiB = 1 TiB

  o 1024 TiB = 1 PiB

  o 1024 PiB = 1 EiB.

See also http://physics.nist.gov/cuu/Units/binary.html.

Some file system features are available in SUSE Linux Enterprise Server 15 SP5 
(prerelease) but are not supported by SUSE. By default, the file system drivers
in SUSE Linux Enterprise Server 15 SP5 (prerelease) will refuse mounting file
systems that use unsupported features (in particular, in read-write mode). To
enable unsupported features, set the module parameter allow_unsupported=1 in /
etc/modprobe.d or write the value 1 to /sys/module/MODULE_NAME/parameters/
allow_unsupported. However, note that setting this option will render your
kernel and thus your system unsupported.

5.4.2 Supported Btrfs features

The following table lists supported and unsupported Btrfs features across
multiple SLES versions.

Support status: + supported / - unsupported

+--------------------------+--------+--------+-------+--------+--------+--------+
|Feature                   |SLES 11 |SLES 12 |SLES 15|SLES 15 |SLES 15 |SLES 15 |
|                          |  SP4   |  SP5   |  GA   |  SP1   |  SP2   |  SP3   |
+--------------------------+--------+--------+-------+--------+--------+--------+
|Copy on write             |   +    |   +    |   +   |   +    |   +    |   +    |
+--------------------------+--------+--------+-------+--------+--------+--------+
|Free space tree (Free     |   -    |   -    |   -   |   +    |   +    |   +    |
|Space Cache v2)           |        |        |       |        |        |        |
+--------------------------+--------+--------+-------+--------+--------+--------+
|Snapshots/subvolumes      |   +    |   +    |   +   |   +    |   +    |   +    |
+--------------------------+--------+--------+-------+--------+--------+--------+
|Swap files                |   -    |   -    |   -   |   +    |   +    |   +    |
+--------------------------+--------+--------+-------+--------+--------+--------+
|Metadata integrity        |   +    |   +    |   +   |   +    |   +    |   +    |
+--------------------------+--------+--------+-------+--------+--------+--------+
|Data integrity            |   +    |   +    |   +   |   +    |   +    |   +    |
+--------------------------+--------+--------+-------+--------+--------+--------+
|Online metadata scrubbing |   +    |   +    |   +   |   +    |   +    |   +    |
+--------------------------+--------+--------+-------+--------+--------+--------+
|Automatic defragmentation |   -    |   -    |   -   |   -    |   -    |   -    |
+--------------------------+--------+--------+-------+--------+--------+--------+
|Manual defragmentation    |   +    |   +    |   +   |   +    |   +    |   +    |
+--------------------------+--------+--------+-------+--------+--------+--------+
|In-band deduplication     |   -    |   -    |   -   |   -    |   -    |   -    |
+--------------------------+--------+--------+-------+--------+--------+--------+
|Out-of-band deduplication |   +    |   +    |   +   |   +    |   +    |   +    |
+--------------------------+--------+--------+-------+--------+--------+--------+
|Quota groups              |   +    |   +    |   +   |   +    |   +    |   +    |
+--------------------------+--------+--------+-------+--------+--------+--------+
|Metadata duplication      |   +    |   +    |   +   |   +    |   +    |   +    |
+--------------------------+--------+--------+-------+--------+--------+--------+
|Changing metadata UUID    |   -    |   -    |   -   |   +    |   +    |   +    |
+--------------------------+--------+--------+-------+--------+--------+--------+
|Multiple devices          |   -    |   +    |   +   |   +    |   +    |   +    |
+--------------------------+--------+--------+-------+--------+--------+--------+
|RAID 0                    |   -    |   +    |   +   |   +    |   +    |   +    |
+--------------------------+--------+--------+-------+--------+--------+--------+
|RAID 1                    |   -    |   +    |   +   |   +    |   +    |   +    |
+--------------------------+--------+--------+-------+--------+--------+--------+
|RAID 5                    |   -    |   -    |   -   |   -    |   -    |   -    |
+--------------------------+--------+--------+-------+--------+--------+--------+
|RAID 6                    |   -    |   -    |   -   |   -    |   -    |   -    |
+--------------------------+--------+--------+-------+--------+--------+--------+
|RAID 10                   |   -    |   +    |   +   |   +    |   +    |   +    |
+--------------------------+--------+--------+-------+--------+--------+--------+
|Hot add/remove            |   -    |   +    |   +   |   +    |   +    |   +    |
+--------------------------+--------+--------+-------+--------+--------+--------+
|Device replace            |   -    |   -    |   -   |   -    |   -    |   -    |
+--------------------------+--------+--------+-------+--------+--------+--------+
|Seeding devices           |   -    |   -    |   -   |   -    |   -    |   -    |
+--------------------------+--------+--------+-------+--------+--------+--------+
|Compression               |   -    |   +    |   +   |   +    |   +    |   +    |
+--------------------------+--------+--------+-------+--------+--------+--------+
|Big metadata blocks       |   -    |   +    |   +   |   +    |   +    |   +    |
+--------------------------+--------+--------+-------+--------+--------+--------+
|Skinny metadata           |   -    |   +    |   +   |   +    |   +    |   +    |
+--------------------------+--------+--------+-------+--------+--------+--------+
|Send without file data    |   -    |   +    |   +   |   +    |   +    |   +    |
+--------------------------+--------+--------+-------+--------+--------+--------+
|Send/receive              |   -    |   +    |   +   |   +    |   +    |   +    |
+--------------------------+--------+--------+-------+--------+--------+--------+
|Inode cache               |   -    |   -    |   -   |   -    |   -    |   -    |
+--------------------------+--------+--------+-------+--------+--------+--------+
|Fallocate with hole punch |   -    |   +    |   +   |   +    |   +    |   +    |
+--------------------------+--------+--------+-------+--------+--------+--------+

5.5 SUSE Package Hub

SUSE Package Hub brings open-source software packages from openSUSE to SUSE
Linux Enterprise Server and SUSE Linux Enterprise Desktop.

Usage of software from SUSE Package Hub is not covered by SUSE support
agreements. At the same time, usage of software from SUSE Package Hub does not
affect the support status of your SUSE Linux Enterprise systems. SUSE Package
Hub is available at no additional cost and without an extra registration key.

5.5.1 Important package additions to SUSE Package Hub

Among others, the following packages have been added to SUSE Package Hub:

5.6 System management

5.6.1 Silence KillMode=None messages

The log level of the deprecation warnings regarding killmode=None have been
reduced. Instead of warning, they are now logged at the debug log level.

5.6.2 yast2-iscsi-client drops open-iscsi and iscsiuio as dependencies

The yast2-iscsi-client package no longer automatically installs open-iscsi and
iscsiuio. The two packages need to be installed manually before using
yast2-iscsi-client.

5.6.3 Searching packages across all SLE modules

In SLE 15 SP5 (prerelease) you can search for packages both within and outside
of currently enabled SLE modules using the following command:

zypper search-packages -d SEARCH_TERM

This command contacts the SCC and searches all modules for matching packages.
This functionality makes it easier for administrators and system architects to
find the software packages needed.

5.7 Virtualization

For more information about acronyms used below, see https://
documentation.suse.com/sles/15-SP5/html/SLES-all/book-virtualization.html.

Important

Important: Virtualization limits and supported hosts/guests

These release notes only document changes in virtualization support compared to
the immediate previous service pack of SUSE Linux Enterprise Server. Full
information regarding virtualization limits for KVM and Xen as well as
supported guest and host systems is now available as part of the SUSE Linux
Enterprise Server documentation.

See the Virtualization Guide at https://susedoc.github.io/doc-sle/main/html/
SLES-virtualization/cha-virt-support.html (draft version).

5.7.1 KVM

We increase the support from 288 up 768 VCPU per virtual Machine.

5.7.2 Xen

Xen has been updated to version 4.17:

  o The x86 MCE command line option info is now updated.

  o __ro_after_init support, for marking data as immutable after boot.

  o The project has officially adopted 4 directives and 24 rules of MISRA-C,
    added MISRA-C checker build integration, and defined how to document
    deviations.

  o IOMMU superpage support on x86, affecting PV guests as well as HVM/PVH ones
    when they don't share page tables with the CPU (HAP/EPT/NPT).

  o Support for VIRT_SSBD and MSR_SPEC_CTRL for HVM guests on AMD.

  o Improved TSC, CPU, and APIC clock frequency calibration on x86.

  o Support for Xen using x86 Control Flow Enforcement technology for its own
    protection. Both Shadow Stacks (ROP protection) and Indirect Branch
    Tracking (COP/JOP protection).

  o Add mwait-idle support for SPR and ADL on x86.

  o Extend security support for hosts to 12 TiB of memory on x86.

  o Add command line option to set cpuid parameters for dom0 at boot time on
    x86.

  o It is possible to use PV drivers with dom0less guests, allowing statically
    booted dom0less guests with PV devices.

  o Add Xue - console over USB 3 Debug Capability.

  o dropped support for the (x86-only) vesa-mtrr and vesa-remap command line
    options

  o launch_security: Use SEV-ES policy=0x07 if host supports it

5.7.3 QEMU

QEMU has been updated to version 7.1:

  o Raise the maximum number of vCPUs a VM can have to 1024 (only 768 is
    supported)

  o Improve dependency handling (for example, what is recommended compared to
    what is required)

  o Add the qemu-headless subpackage that brings in all the packages that are
    needed for creating VMs with tools like virt-install or VirtManager; it can
    be run either locally or from a remote host

  o The old qemu-binfmt wrappers around the various qemu-$ARCH Linux user
    emulation binaries are not necessary any longer

  o Enable` aio=io_uring` on all KVM architectures

For more information see the following:

  o https://wiki.qemu.org/ChangeLog/7.1

  o https://wiki.qemu.org/ChangeLog/7.0

  o https://qemu-project.gitlab.io/qemu/about/removed-features.html

  o https://qemu-project.gitlab.io/qemu/about/deprecated.html

Note

Note: Deprecation notice

In previous versions, if no explicit image format was provided, some QEMU tools
tried to guess the format of the image, and then process it accordingly.
Because this feature is a potential source of security issues, it has been
deprecated and removed. It is now necessary to explicitly specify the image
format. For more information, see https://qemu-project.gitlab.io/qemu/about/
removed-features.html#qemu-img-backing-file-without-format-removed-in-6-1.

5.7.4 libvirt

libvirt has been updated to version 9.0.0:

  o New virt-qemu-sev-validate utility for validating the measurement reported
    for a domain launched with AMD SEV

  o New subpackage libvirt-client-qemu providing client utilities to interact
    with QEMU-specific features of libvirt

  o Migration to /usr/etc: saving user changed configuration files in /etc and
    restoring them while an RPM update

For more information see the following:

  o https://libvirt.org/news.html#v9-0-0-2023-01-16

  o https://libvirt.org/news.html#v8-10-0-2022-12-01

  o https://libvirt.org/news.html#v8-9-0-2022-11-01

  o https://libvirt.org/news.html#v8-8-0-2022-10-03

  o https://libvirt.org/news.html#v8-7-0-2022-09-01

5.7.5 VMware

5.7.5.1 open-vm-tools

open-vm-tools has been updated to version 12.1.5:

  o Migration of PAM settings to /usr/lib/pam.d

  o Remove libgrpc++, libgrpc, and libprotobuf from containerinfo Requires
    section. The dependencies will be added automatically.

  o Add containerInfo plugin

  o Add dependencies on grpc, protobuf, and containerd for container
    introspection

  o A number of Coverity reported issues have been addressed.

  o The deployPkg plugin may prematurely reboot the guest VM before cloud-init
    has completed user data setup. If both the Perl based Linux customization
    script and cloud-init run when the guest VM boots, the deployPkg plugin may
    reboot the guest before cloud-init has finished. The deployPkg plugin has
    been updated to wait for a running cloud-init process to finish before the
    guest VM reboot is initiated.

  o A SIGSEGV may be encountered when a non-quiesing snapshot times out

  o Unwanted vmtoolsd service error message if not on a VMware hypervisor When
    open-vm-tools comes preinstalled in a base Linux release, the vmtoolsd
    services are started automatically at system start and desktop login. If
    running on physical hardware or in a non-VMware hypervisor, the services
    will emit an error message to the systemd's logging service before
    stopping.

5.7.6 Others

5.7.6.1 virt-manager

virt-manager has been updated to version 4.1.0:

  o Specifying --boot no longer implies no_install=yes

  o add UI and cli support for qemu-vdagent channel

  o cli: More --iothreads suboptions

  o cli: Add support for URL query with disks

5.7.6.2 sanlock

sanlock has been updated to version 3.8.5:

  o Add support for Python 3

  o Add support for 4k sector size

  o Support SANLOCK_RUN_DIR and SANLOCK_PRIVILEGED environment variables

5.7.6.3 Perl-Sys-Virt

Update to 0.9.0: * Add all new APIs and constants in libvirt 9.0.0

5.7.6.4 numactl

numactl has been updated to version 2.0.15.0.g01a39cb:

  o Update to support multiple nodes

  o numademo: Add a new test for multiple-preferred-nodes policy

  o numactl: Simplify preferred selection

5.7.6.5 libguestfs

libguestfs has been updated to version 1.48.4:

  o Drop reiserfs

  o Multiple fixes to the OCaml bindings

  o Inspection of guests which use LUKS encryption on top of LVM logical
    volumes should now work guestfs_remove_drive has been deprecated and now
    returns an error.

  o guestfs_add_drive no longer supports hotplugging

  o In guestfs_xfs_admin the lazycounter parameter is deprecated because it is
    no longer supported in recent versions of XFS.

  o The User-mode Linux ("uml") backend has been removed.

  o This release has moved many virt tools like virt-builder, virt-cat,
    virt-customize, virt-df, etc. to the guestfs-tools project. This makes
    libguestfs a bit easier to build and manage.

  o We now use the qemu/libvirt feature -cpu max to select the best CPU to run
    the appliance.

  o The qemu -enable-fips option is no longer used. It was not needed and has
    been deprecated by qemu.

  o Using the equivalent SeaBIOS feature instead of `qemu's Serial Graphics
    Adapter option ROM

  o Renamed packages:

      ? guestfs-winsupport -> libguestfs-winsupport

      ? guestfsd -> libguestfsd

  o New packages:

      ? libguestfs, libguestfs-typelib-Guestfs,

      ? libguestfs-gobject, libguestfs-gobject-devel

      ? libguestfs-rescue, libguestfs-rsync, libguestfs-xfs

  o Dropped packages:

      ? libguestfs-test

5.7.6.6 virt-v2v

Update to version 2.0.7: * Virt-v2v has been modularised allowing external
programs to examine the state of the conversion and inject their own copying
step. Further enhancements will be made to this new architecture in forthcoming
releases. * The command line is almost identical apart from some debugging
features that were removed (see below). The only significant difference is that
the output format (-of) now has to be specified if it is different from the
input format, whereas previous versions of virt-v2v would use the same output
formatas input format automatically. * A lot of time was spent improving the
performance of virt-v2v in common cases. * Many bug fixes and performance
enhancements were made to oVirt imageio output (Nir Soffer). * There is a new
virt-v2v-in-place(1) tool which replaces the existing virt-v2v --in-place
option. * Virt-v2v can now convert guests which use LUKS encrypted logical
volumes. * Option -oo rhv-direct has been replaced by -oo rhv-proxy, and direct
mode (which is much faster) is now the default when writing to oVirt, with
proxy mode available for restricted network configurations. * The following
command line options were removed: -print-estimate, --debug-overlays,
--no-copy. * Virt-v2v no longer installs the RHEV-APT tool in Windows guests.
This tool was deprecated and then removed in oVirt 4.3. * Deprecated tool
virt-v2v-copy-to-local has been removed.

6 Removed and deprecated features and packages

This section lists features and packages that were removed from SUSE Linux
Enterprise Server or will be removed in upcoming versions.

Note

Note: Package and module changes in 15 SP5 (prerelease)

For more information about all package and module changes since the last
version, see Section 2.2.3, "Package and module changes in 15 SP5 (prerelease)"
.

6.1 Removed features and packages

The following features and packages have been removed in this release.

  o The samba-ad-dc-libs package has been removed. It was previously available
    as technical preview.

  o Setting up Kerberos with LDAP backend via YaST has been removed.

  o The thunderbolt-user-space package has been removed.

6.2 Deprecated features and packages

The following features and packages are deprecated and will be removed in a
future version of SUSE Linux Enterprise Server.

  o gnote has been deprecated. Use bijiben instead.

  o We have switched from openmpi2 to openmpi4 as the default openmpi
    implementation. This is because openmpi2 and openmpi3 have been EOL for
    some time now. They will be removed in SLES 15 SP6.

7 Obtaining source code

This SUSE product includes materials licensed to SUSE under the GNU General
Public License (GPL). The GPL requires SUSE to provide the source code that
corresponds to the GPL-licensed material. The source code is available for
download at https://www.suse.com/products/server/download/ on Medium 2. For up
to three years after distribution of the SUSE product, upon request, SUSE will
mail a copy of the source code. Send requests by e-mail to
sle_source_request@suse.com. SUSE may charge a reasonable fee to recover
distribution costs.

8 Legal notices

SUSE makes no representations or warranties with regard to the contents or use
of this documentation, and specifically disclaims any express or implied
warranties of merchantability or fitness for any particular purpose. Further,
SUSE reserves the right to revise this publication and to make changes to its
content, at any time, without the obligation to notify any person or entity of
such revisions or changes.

Further, SUSE makes no representations or warranties with regard to any
software, and specifically disclaims any express or implied warranties of
merchantability or fitness for any particular purpose. Further, SUSE reserves
the right to make changes to any and all parts of SUSE software, at any time,
without any obligation to notify any person or entity of such changes.

Any products or technical information provided under this Agreement may be
subject to U.S. export controls and the trade laws of other countries. You
agree to comply with all export control regulations and to obtain any required
licenses or classifications to export, re-export, or import deliverables. You
agree not to export or re-export to entities on the current U.S. export
exclusion lists or to any embargoed or terrorist countries as specified in U.S.
export laws. You agree to not use deliverables for prohibited nuclear, missile,
or chemical/biological weaponry end uses. Refer to https://www.suse.com/company
/legal/ for more information on exporting SUSE software. SUSE assumes no
responsibility for your failure to obtain any necessary export approvals.

Copyright (C) 2010-2023 SUSE LLC.

This release notes document is licensed under a Creative Commons
Attribution-NoDerivatives 4.0 International License (CC-BY-ND-4.0). You should
have received a copy of the license along with this document. If not, see
https://creativecommons.org/licenses/by-nd/4.0/.

SUSE has intellectual property rights relating to technology embodied in the
product that is described in this document. In particular, and without
limitation, these intellectual property rights may include one or more of the
U.S. patents listed at https://www.suse.com/company/legal/ and one or more
additional patents or pending patent applications in the U.S. and other
countries.

For SUSE trademarks, see the SUSE Trademark and Service Mark list (https://
www.suse.com/company/legal/). All third-party trademarks are the property of
their respective owners.

A Changelog for 15 SP5 (prerelease)

A.1 2023-03-01

A.1.1 New

  o Section 5.3.2, "Replacement of gpg as recommended tool for file encryption"
    (Jira)

  o Section 5.7.5.1, "open-vm-tools" (Jira)

A.1.2 Updated

  o Section 5.7.2, "Xen" (Jira)

  o Section 5.7.3, "QEMU" (Jira)

  o Section 5.7.1, "KVM" (Jira)

  o Section 5.7.4, "libvirt" (Jira, Jira)

A.2 2023-02-01

A.2.1 New

  o Section 4.1.2, "Installation via SSH on s390x" (Bugzilla)

  o Section 5.6.1, "Silence KillMode=None messages" (Jira)

A.3 2022-11-30

A.3.1 New

  o Deprecation of gnote in Section 6.2, "Deprecated features and packages" (
    Jira)

  o Removal of samba-ad-dc-libs in Section 6.1, "Removed features and packages"
    (Jira)

  o Section 5.6.2, "yast2-iscsi-client drops open-iscsi and iscsiuio as
    dependencies" (Bugzilla)

A.4 2022-11-02

A.4.1 New

  o Section 5.2.2, "Restoring default Btrfs file compression" (Jira)

  o Added note about openmpi2 and openmpi3 in Section 6.2, "Deprecated features
    and packages" (Jira)

A.5 2022-10-18

A.5.1 New

  o Added note about removing Kerberos/LDAP from YaST in Section 6, "Removed
    and deprecated features and packages" (Bugzilla)

  o Added note about removing thunderbolt-user-space in Section 6, "Removed and
    deprecated features and packages" (Jira)

A.5.2 Updated

  o Updated Java lifecycle in Section 5.1.2, "Supported Java versions" (Jira):

      ? OpenJDK 11 end of life is now end of 2026

      ? OpenJDK 17 added

      ? OpenJDK 18 end of life is now end of 2026

B Kernel parameter changes

Warning

Warning

This list of changes may not be exhaustive.

B.1 Changes from SP4 to SP5

These Linux kernel parameters have been changed since SLES 15 SP4.

(C) 2023 SUSE

