CentOS-3 Update 2 Release Notes

    Copyright (c) 2004 Red Hat, Inc.
    Copyright (c) 2004 CentOS Project.

     ----------------------------------------------------------------------

Note:

Update 2 was not released by CentOs but was incoroporated into CentOS 3.3

Introduction

   The following topics are covered in this document:

     o Changes to the CentOS installation program
       (Anaconda)

     o General information

     o Changes to drivers and hardware support

     o Changes to packages

Changes to the CentOS Installation Program (Anaconda)

   The following section includes information specific to the CentOS
   installation program, Anaconda.

  Note

   In order to upgrade an already-installed CentOS 3 system
   to Update 2, you must use yum to update those packages that
   have changed. The use of Anaconda to upgrade to Update 2 is not supported.

   Use Anaconda only to perform a fresh install of CentOS 3
   Update 2.

     o If you are copying the contents of the CentOS 3
       Update 2 CD-ROMs (in preparation for a network-based installation, for
       example) be sure you copy the CD-ROMs for the operating system only.
       Do not copy the Extras CD-ROM, or any of the layered product CD-ROMs,
       as this will overwrite files necessary for Anaconda's proper
       operation.

       These CD-ROMs must be installed after CentOS has
       been installed.

General Information

   This section contains general information not specific to any other
   section of this document.

     o For information regarding various system configuration limits, refer
       to:

       http://www.redhat.com/software/rhel/configuration/

     o CentOS 3 Update 2 adds a graphical boot option
       back-ported from Fedora Core. It is disabled by default; to enable,
       add the rhgb option to the boot command line, and ensure that the
       GRAPHICAL line in /etc/sysconfig/init reads:

          
 GRAPHICAL=yes
        

     o To speed login when NIS is used, it is now possible to request the use
       of the netid.byname map instead of the groups.byname map for providing
       group-related information to NIS clients. This map is traditionally
       not used for this purpose, but in most configurations contains the
       necessary information, and is generated by default on recent Linux and
       Solaris(TM) NIS servers.

       To enable this feature, find the following line in /etc/default/nss:

 # NETID_AUTHORITATIVE=TRUE
        

       Next, use a text editor to remove the leading '#' character, saving
       your changes when done.

  Note

       No cross-checks of the netid.byname map are done by either the NIS
       server or client. Therefore, the responsibility of ensuring that
       netid.byname contains appropriate information rests with the system
       administrator.

       It is also possible to improve NIS performance by using the
       services.byservicename map. If this map exists and has been built
       properly, its use can be enabled by the following setting in
       /etc/default/nss:

 SERVICES_AUTHORITATIVE=TRUE
        

       The services.byservicename map must contain both names of services and
       aliases as keys, both without protocol specified and with protocol.
       Recently-updated CentOS and Solaris NIS servers
       provide properly-built services.byservicename maps.

     o The CentOS 3 Update 2 Extras CD-ROM includes the
       fonts-monotype package. This optional package contains the Albany(TM),
       Cumberland(TM), and Thorndale(TM) fonts by Agfa Monotype. These fonts
       provide a core set of document fonts with metrics close to those of
       core fonts included with other common operating systems.

       OpenOffice.org 1.1.0 had been configured to prefer the optional Agfa
       Monotype fonts by default. When these fonts are installed, Microsoft
       Office documents opened and viewed from OpenOffice.org will preserve
       much more of their original look and layout.

  Note

       Other than a more consistent look and layout, there will be no loss of
       functionality if the fonts-monotype package is not installed.

     o CentOS 3 Update 2 includes version 1.1.0 of the
       OpenOffice.org office suite.

       With the update to OpenOffice.org 1.1.0, changes have been made to the
       program's font handling and text drawing procedures. Documents,
       especially Impress and PowerPoint(R) presentations, should be reviewed
       to ensure that any text fits within the same boundaries as before.
       Most Microsoft Office documents that were opened (but not saved) by
       earlier versions of OpenOffice.org will be unaffected, but documents
       created (or opened and saved) with versions prior to 1.1.0 may exhibit
       this behavior when opened with OpenOffice.org 1.1.0.

       Earlier versions of OpenOffice.org used printer metrics to determine
       appropriate text spacing when laying out text. OpenOffice.org 1.1.0
       uses device-independent metrics; a newer, more cross-platform
       compatible and printer-independent method. Therefore, text spacing for
       OpenOffice.org documents created or saved with earlier versions may
       not be exactly the same. Symptoms of this behavior can include text
       that now runs off the edge of a slide or overlaps other text below it
       where previously this did not occur.

       It is possible to revert to the use of printer metrics; however, this
       is not recommended, as documents saved with a copy of OppenOffice.org
       1.1.0 so configured will exhibit similar problems when accessed using
       other copies of 1.1.0.

       Should you require the earlier text layout method, open the
       preferences dialog by selecting Tools, then Options. The "Use printer
       metrics for document formatting" setting is not global, but appears on
       the General panel for each document type (Text Document, Spreadsheet,
       Presentation, and Drawing) -- therefore, you must individually set
       this option for each document type you use.

LauS (Linux Auditing System) Notes

   CentOS 3 Update 2 features LAuS, the Linux Auditing
   System. This system is composed of kernel-resident and user-space
   components that facilitate highly-configurable and robust logging of
   system call use. This document provides an overview of how the auditing
   system is put together and basic information on how to get it running.
   Pointers to relevant documentation are also provided that should help in
   making the best use of this new capability.

  LauS Overview

   LauS consist of two types of components:

     o The kernel component

     o The User-space components

    Kernel Component

   The default kernel provided with CentOS 3 Update 2
   contains modifications that enable system-call auditing. When auditing is
   not in use, these modifications are performance-neutral. The kernel
   component provides access to the auditing facilities through a
   character-special device -- /dev/audit. Through this device, a user-space
   daemon (auditd) can enable or disable auditing and can provide the kernel
   with the rulesets it is to use to determine when an invocation of a system
   call must be logged. This device is also used by auditd to retrieve audit
   records from the kernel for transfer to the audit log. Refer to the
   audit(4) man page for information about supported ioctl() calls and /proc/
   interfaces for managing and tuning auditing behavior.

    User-Space Components

   There are a number of programs provided that transfer audit records from
   the kernel to the audit log and manipulate the resulting data. These
   programs and their documentation are found in the laus package.

   Auditing is performed for a process if that process registers itself with
   the kernel as auditable. This registration is propagated to any process
   started from a registered process. Modifications were made to PAM to
   assure the auditing of all user sessions when kernel auditing is enabled.

      auditd

   The audit daemon can be run as a service and configured with chkconfig.
   The audit daemon reads a number of files from /etc/audit/ at startup.

   The contents of /etc/audit/audit.conf specify how and where to write audit
   records and what to do if the logs overrun available disk space. The
   contents of /etc/audit/filesets.conf and /etc/audit/filters.conf specify
   the rulesets the kernel uses to determine if a system call is auditable.
   The audit daemon can also be run with the -r option to instruct auditd to
   reload the rulesets and communicate any changes to the kernel. Refer to
   the auditd(8), audit-filters(5), audit-conf(5), and audit-filesets(5) man
   pages for more information.

      aurun

   This program enables an auditing context for itself and execs the program
   specified on its command line. This can be used to enable auditing on
   processes that are not generally part of a user session. Refer to the
   aurun(8) man page for more information.

      aucat

   This program writes the contents of the audit log to standard output.
   There are also options for specifying the level of detail required. Refer
   to the aucat(1) man page for more information.

      augrep

   This program writes audit log records matching specified patterns to
   standard output. Refer to the augrep(1) man page for more information.

      PAM

   The Pluggable Authentication Modules package has been modified to log
   authentication activity. Failed and successful authentications are logged
   to the audit log. PAM marks for auditing all sessions which are started
   from successful authentication and generates an audit record when the
   session is terminated.

  For Further Information

   Detailed information regarding data formats can be found in the
   laus-fields(7) and laus-record(7) man pages.

Changes to Drivers and Hardware Support

   This update includes bug fixes for a number of drivers. The more
   significant driver updates are listed below. In some cases, the original
   driver has been preserved under a different name, and is available as a
   non-default alternative for organizations that wish to migrate their
   driver configuration to the latest versions at a later time.

  Note

   The migration to the latest drivers should be completed before the next
   CentOS update is applied, because in most cases only one
   older-revision driver will be preserved for each update.

   These release notes also indicate which older-revision drivers have been
   removed from this kernel update. These drivers have the base driver name
   with the revision digits appended; for example, megaraid_2002.o. You must
   remove these drivers from /etc/modules.conf before installing this kernel
   update.

   Keep in mind that the only definitive way to determine what drivers are
   being used is to review the contents of /etc/modules.conf. Use of the
   lsmod command is not a substitute for examining this file.

   IBM ServeRAID (ips driver)

     o The ips driver has been updated from 6.10.52 to 6.11.07

     o The new driver is scsi/ips.o

     o The older driver has been preserved as addon/ips_61052/ips_61052.o

     o The 6.00.26 driver (ips_60026.o) has been removed

   LSI Logic RAID (megaraid driver)

     o The megaraid2 driver has been updated from v2.00.9 to v2.10.1.1

     o The new driver is scsi/megaraid2.o

     o The older driver has been preserved as
       addon/megaraid_2009/megaraid_2009.o

     o The default driver remains the v1.18k driver (megaraid.o)

   LSI Logic MPT Fusion (mpt* drivers)

     o These drivers have been updated from 2.05.05+ to 2.05.11.03

     o The new drivers are located in message/fusion/

     o The older drivers have been preserved in addon/fusion_20505/

   Compaq SA53xx Controllers (cciss driver)

     o The cciss driver has been updated from 2.4.47.RH1 to 2.4.50.RH1

   QLogic Fibre Channel (qla2xxx driver)

     o These drivers have been updated from 6.06.00b11 to 6.07.02-RH2

     o The new drivers are located in addon/qla2200/

     o The older driver have been preserved in addon/qla2200_60600b11/

  Note

   Note that the QLA2100 adapter has been retired by QLogic. This adapter is
   no longer supported by QLogic. Therefore, the driver is located
   in the kernel-unsupported package.

   Intel PRO/1000 (e1000 driver)

     o This driver has been updated from 5.2.20-k1 to 5.2.30.1-k1

   Broadcom Tigon3 (tg3 driver)

     o This driver has been updated from v2.3 to v2.7

   Network Bonding (bonding driver)

     o This driver has been updated from 2.2.14 to 2.4.1

   Serial ATA (libata driver)

     o This driver has been updated to version 1.01

Changes to Packages

   This section contains listings of packages that have been updated or added
   from CentOS 3 as part of Update 2.

  Note

   These package lists include packages from all variants of CentOS 3. 
   Your system may not include every one of the packages
   listed here.

   The following packages have been updated from the original release of Red
   Hat Enterprise Linux 3:

     o anaconda

     o anaconda-images

     o anaconda-runtime

     o ant

     o ant-devel

     o ant-libs

     o arptables_jf

     o arpwatch

     o at

     o binutils

     o clumanager

     o compat-gcc

     o compat-gcc-c++

     o compat-gcc-g77

     o compat-gcc-java

     o compat-gcc-objc

     o compat-glibc

     o compat-libgcj

     o compat-libgcj-devel

     o compat-libstdc++

     o compat-libstdc++-devel

     o comps

     o cpp

     o cvs

     o cyrus-sasl

     o cyrus-sasl-devel

     o cyrus-sasl-gssapi

     o cyrus-sasl-md5

     o cyrus-sasl-plain

     o dev

     o devlabel

     o distcache

     o distcache-devel

     o eclipse

     o elfutils

     o elfutils-devel

     o elfutils-libelf

     o ethereal

     o ethereal-gnome

     o firstboot

     o fontconfig

     o fontconfig-devel

     o freeradius

     o freeradius-mysql

     o freeradius-postgresql

     o freeradius-unixODBC

     o gaim

     o gcc

     o gcc-c++

     o gcc-c++-ssa

     o gcc-g77

     o gcc-g77-ssa

     o gcc-gnat

     o gcc-java

     o gcc-java-ssa

     o gcc-objc

     o gcc-objc-ssa

     o gcc-ssa

     o GConf2

     o GConf2-devel

     o gdb

     o gdk-pixbuf

     o gdk-pixbuf-devel

     o gdk-pixbuf-gnome

     o gdm

     o glibc

     o glibc-common

     o glibc-debug

     o glibc-devel

     o glibc-headers

     o glibc-profile

     o glibc-utils

     o gnome-mime-data

     o gnome-panel

     o gnupg

     o hotplug

     o httpd

     o httpd-devel

     o hwdata

     o initscripts

     o iproute

     o ipsec-tools

     o iptables

     o iptables-ipv6

     o kbd

     o kdegames

     o kdegames-devel

     o kdepim

     o kdepim-devel

     o kernel

     o kernel-BOOT

     o kernel-doc

     o kernel-hugemem

     o kernel-hugemem-unsupported

     o kernel-smp

     o kernel-smp-unsupported

     o kernel-source

     o kernel-unsupported

     o kernel-utils

     o kinput2-canna-wnn6

     o krb5-devel

     o krb5-libs

     o krb5-server

     o krb5-workstation

     o kudzu

     o kudzu-devel

     o lftp

     o libf2c

     o libgcc

     o libgcc-ssa

     o libgcj

     o libgcj-devel

     o libgcj-ssa

     o libgcj-ssa-devel

     o libgnat

     o libmudflap

     o libmudflap-devel

     o libobjc

     o libpcap

     o libstdc++

     o libstdc++-devel

     o libstdc++-ssa

     o libstdc++-ssa-devel

     o libxml2

     o libxml2-devel

     o libxml2-python

     o MAKEDEV

     o mdadm

     o modutils

     o modutils-devel

     o mod_python

     o mod_ssl

     o mozilla

     o mozilla-chat

     o mozilla-devel

     o mozilla-dom-inspector

     o mozilla-js-debugger

     o mozilla-mail

     o mozilla-nspr

     o mozilla-nspr-devel

     o mozilla-nss

     o mozilla-nss-devel

     o mutt

     o net-snmp

     o net-snmp-devel

     o net-snmp-perl

     o net-snmp-utils

     o netdump

     o netdump-server

     o netpbm

     o netpbm-devel

     o netpbm-progs

     o nfs-utils

     o nptl-devel

     o nscd

     o nss_ldap

     o openoffice.org

     o openoffice.org-i18n

     o openoffice.org-libs

     o openssh

     o openssh-askpass

     o openssh-askpass-gnome

     o openssh-clients

     o openssh-server

     o openssl

     o openssl-devel

     o openssl-perl

     o openssl096b

     o oprofile

     o oprofile-devel

     o pam

     o pam-devel

     o pam_krb5

     o popt

     o postfix

     o pstack

     o pwlib

     o pwlib-devel

     o quagga

     o quagga-contrib

     o quagga-devel

     o rdist

     o redhat-config-cluster

     o redhat-config-kickstart

     o redhat-config-network

     o redhat-config-network-tui

     o redhat-config-packages

     o redhat-config-printer

     o redhat-config-printer-gui

     o redhat-config-xfree86

     o redhat-rpm-config

     o rh-postgresql

     o rh-postgresql-contrib

     o rh-postgresql-devel

     o rh-postgresql-docs

     o rh-postgresql-jdbc

     o rh-postgresql-libs

     o rh-postgresql-pl

     o rh-postgresql-python

     o rh-postgresql-server

     o rh-postgresql-tcl

     o rh-postgresql-test

     o rhdb-admin

     o rhdb-docs

     o rhdb-explain

     o rhpl

     o rpm

     o rpm-build

     o rpm-devel

     o rpm-python

     o rpmdb-redhat

     o rsync

     o samba

     o samba-client

     o samba-common

     o samba-swat

     o sendmail

     o sendmail-cf

     o sendmail-devel

     o sendmail-doc

     o shadow-utils

     o slocate

     o strace

     o struts

     o sysklogd

     o sysstat

     o SysVinit

     o tcpdump

     o unixODBC

     o unixODBC-devel

     o unixODBC-kde

     o up2date

     o up2date-gnome

     o vsftpd

     o xemacs

     o xemacs-el

     o xemacs-info

     o XFree86

     o XFree86-100dpi-fonts

     o XFree86-75dpi-fonts

     o XFree86-base-fonts

     o XFree86-cyrillic-fonts

     o XFree86-devel

     o XFree86-doc

     o XFree86-font-utils

     o XFree86-ISO8859-14-100dpi-fonts

     o XFree86-ISO8859-14-75dpi-fonts

     o XFree86-ISO8859-15-100dpi-fonts

     o XFree86-ISO8859-15-75dpi-fonts

     o XFree86-ISO8859-2-100dpi-fonts

     o XFree86-ISO8859-2-75dpi-fonts

     o XFree86-ISO8859-9-100dpi-fonts

     o XFree86-ISO8859-9-75dpi-fonts

     o XFree86-libs

     o XFree86-libs-data

     o XFree86-Mesa-libGL

     o XFree86-Mesa-libGLU

     o XFree86-sdk

     o XFree86-syriac-fonts

     o XFree86-tools

     o XFree86-truetype-fonts

     o XFree86-twm

     o XFree86-xauth

     o XFree86-xdm

     o XFree86-xfs

     o XFree86-Xnest

     o XFree86-Xvfb

     o ypbind

     o ypserv

   The following packages have been added to CentOS 3
   Update 2:

     o commons-dbcp

     o commons-dbcp-devel

     o commons-pool

     o commons-pool-devel

     o eclipse-lomboz

     o elfutils-libelf-devel

     o jaf

     o jaf-devel

     o java-javadoc

     o javamail

     o javamail-devel

     o jpackage-utils

     o junit

     o junit-devel

     o laus

     o laus-devel

     o mtx

     o mysql-jdbc

     o mysql-jdbc-tomcat

     o rh-cs-de

     o rh-cs-es

     o rh-cs-fr

     o rh-cs-it

     o rh-cs-ja

     o rh-cs-ko

     o rh-cs-pt_br

     o rh-cs-zh_cn

     o rh-cs-zh_tw

     o rhdb-cc

     o rhgb

     o sg3_utils

     o struts-webapps

   The following packages have been removed from CentOS 3
   Update 2:

     o mod_jk2

     o mod_webapp

     o mozilla-psm

   ( x86 )