≡ Menu

enterprise linux

Red Hat Enterprise Linux 5.2 Released

Red Hat enterprise Linux version 5.2 has been released and available via a Red Hat Network subscription. This update brings broad refresh of hardware support and improved quality, combined with new features and enhancements in areas such as virtualization, desktop, networking, storage & clustering and security.

Virtualization of very large systems, with up to 64 CPUs and 512 GB of memory, is now possible. Virtualization support for NUMA-based architectures is provided, as well as security, performance, manageability and robustness improvements. CPU frequency scaling support for virtualized environments also allows for reduced power consumption.

Red Hat Enterprise Linux 5.2 provides enhanced capabilities for several hardware architectures, covering x86/x86-64, Itanium, IBM POWER and IBM System z, which provide improved performance, power usage, scalability and manageability. For example, support for Intel's Dynamic Acceleration Technology permits power saving by quiescing idle CPU cores, and offers performance gains by potentially overclocking busy cores within safe thermal levels. Other hardware enhancements include extensive device driver updates, covering storage, network and graphics devices, and certification of IBM's new Cell Blade systems.

Red Hat Enterprise Linux becomes a certified operating system for IBM's new high-performance blade server based on Cell Broadband Engine (Cell/B.E) Architecture.

Desktop version includes latest cutting edge softwares:

  • Evolution 2.12.3
  • Firefox 3
  • OpenOffice 2.3.0
  • Thunderbird 2.0

Red Hat Cluster Suite, which is included in Red Hat Enterprise Linux 5 Advanced Platform, now has a Resource Event Scripting Language that enables sophisticated application failover capabilities. It also newly supports SCSI-3 reservation fencing support for active/active and active/passive DM/MPIO (multipathing), which widens the range of storage devices that can be used in clusters.

Improved iSCSI support allows users to set-up diskless systems with a root volume on the iSCSI server, a common requirement in high-density Blade environments.


How do I upgrade my system?

First, make sure you backup existing configuration and data. Next, simply type the following two commands:
# yum update
# reboot

Verify that everything is working fine including all services:
# netstat -tulpn
# netstat -nat
# tail -f /var/log/messages
# egrep -i 'error|warn' /var/log/messages
# egrep -i 'error|warn' /path/to/apps/log/file

Alternatively, you can click on the "Red Hat Network Alert Notification GUI Tool" - which is a notifier that appears on the panel and alerts users when software package updates are available for the systems. This is point and click method.

If you are CentOS Linux user wait for some time to get all updates. More information available at Red Hat web site.

An updated caching-nameserver package that fixes a bug is now available under Red Hat Enterprise Linux.

The caching-nameserver package includes the configuration files that will make BIND, the DNS name server, act as a simple caching nameserver. Many users on dial-up connections use this package along
with BIND for this purpose. The address of L root server have been updated. All users of caching-nameserver should upgrade to this updated package, which resolves this issue.

To update just enter the following command as root user:
# up2date -u

Red Hat released updated openoffice.org packages to correct a security issue are now available for Red Hat Enterprise Linux 4 and Red Hat Enterprise Linux 5.

OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program.

Sean Larsson found a heap overflow flaw in the OpenOffice memory allocator. If a carefully crafted file was opened by a victim, an attacker could use the flaw to crash OpenOffice.org or, possibly, execute arbitrary code.

It was discovered that certain libraries in the Red Hat Enterprise Linux 3 and 4 openoffice.org packages had an insecure relative RPATH (runtime library search path) set in the ELF (Executable and Linking Format) header. A local user able to convince another user to run OpenOffice in an attacker-controlled directory, could run arbitrary code with the privileges of the victim.

All users of openoffice.org are advised to upgrade to these updated packages, which contain backported fixes which correct these issues.

How do I patch openoffice.org productivity suite ?

Simply type the following command at a shell prompt:
# yum update

I've received a couple of email about setting up iSCSI under CentOS 4 or RHEL ES 4 server. Previously, I wrote about iSCSI under CentOS 5 / RHEL 5 server.

Requirements

[a] Following instructions tested on RHEL ES 4 and CentOS 4 only. (See RHEL 5/ CentOS 5 / Debian/ Ubuntu Linux specific instructions here).
[b] You need following information
[c] ISCSI Username
[d] ISCSI Password
[e] ISCSI Server IP / hostname

CentOS Linux v4.x - Install iscsi-initiator-utils

Type the following command:
# yum install iscsi-initiator-utils

Redhat ES Linux v4.x - Install iscsi-initiator-utils

Type the following command:
# up2date iscsi-initiator-utils

Configure iSCSI

Open /etc/iscsi.conf file, enter:
# vi /etc/iscsi.conf
Setup it as follows:

DiscoveryAddress=ISCSI_TARGET_HOST_OR_IP
 OutgoingUserName=ISCSI_USER_NAME
 OutgoingPassword=ISCSI_PASSWORD
 LoginTimeout=15

Save and close the file.

Start the iscsi service

Type the following command to start iscsi service so that you can see block device:
# chkconfig iscsi on
# /etc/init.d/iscsi start

Run any one of the following to find out new block device name:
# fdisk -l
# tail -f /var/log/messages
# find /sys/devices/platform/host* -name "block*"

Format iSCSI device

Use fdisk and mkfs.ext3 commands. First, create a partition (assuming that /dev/sdc is a new block device assigned to iscsi) :
# fdisk /dev/sdc
# mkfs.ext3 /dev/sdc1

Create /mnt/iscsi directory:
# mkdir -p /mnt/iscsi
Open /etc/fstab file and append config directive:
/dev/sdc1 /mnt/iscsi ext3 _netdev 0 0
Save and close the file. Mount the parition /dev/sdc1:
# mount -a
# df -H

You may be aware that after kernel upgrade and kernel security patching you need to reboot Linux box. Now, there is a new patch called - Ksplice. It provides rebootless Linux kernel security update. It is available under GPL 2 and has been tested on Linux kernel versions from 2.6.8 to the recently released 2.6.25 and on several Linux distributions including Debian, Ubuntu, Red Hat Enterprise Linux and Gentoo Linux.

Ksplice allows system administrators to apply security patches to the Linux kernel without having to reboot. Ksplice takes as input a source code change in unified diff format and the kernel source code to be patched, and it applies the patch to the corresponding running kernel. The running kernel does not need to have been prepared in advance in any way.

To be fully automatic, Ksplice's design is limited to patches that do not introduce semantic changes to data structures, but most Linux kernel security patches don't make these kinds of changes. An evaluation against Linux kernel security patches from May 2005 to December 2007 finds that Ksplice can automatically apply 84% of the 50 significant kernel vulnerabilities from this interval.

Ksplice has been implemented for Linux on the x86-32 and x86-64 architectures.

=> Ksplice: Rebootless Linux kernel security updates (via zdnet)

Red Hat Enterprise Linux 5.2 Beta Released

RHEL 5.2 beta has been released. Red Hat engineers backport many of the new features from later kernels to the Red Hat Enterprise Linux 5 kernel, such as support for new hardware and virtualization enhancements. This provides Red Hat Enterprise Linux subscribers with important new capabilities while maintaining stable application interfaces -- so that applications continue to run after new updates are installed. And, of course, it’s always worth repeating that updates, which are released about twice a year, are included with every Red Hat Enterprise Linux subscription.

This will give our you a chance to see what your systems will be running later this year. You can grab beta version from RHN.

=> Press Release : Red Hat Enterprise Linux 5.2 Beta

Yellow Dog Linux v6.0 for Sony PS3, Apple G4/G5, and IBM System p. has been released. It is built upon the CentOS foundation, a popular derivative of Red Hat Enterprise Linux (RHEL), YDL v6.0. It means you can have enterprise grade Linux quality on the home computer. You can install YDL 6.0 on:

=> Sony Playstation 3 (PS3)

=> Apple PowerPC G4 and G5

=> IBM System p such as 510, 520, 540 etc

See Yellow Dog Linux 6.0 release note for more information. You can grab YDL 6.0 here. I may try it out on my PS3 for fun ;)