SUSE Linux Micro is a modern operating system primarily targeted for edge computing. This document provides a high-level overview of its features, capabilities, and limitations.
1 About the release notes #
These Release Notes are identical across all architectures, and the most recent version is always available online at https://www.suse.com/releasenotes.
Entries are only listed once but they can be referenced in several places if they are important and belong to more than one section.
Release notes usually only list changes that happened between two subsequent releases. Certain important entries from the release notes of previous product versions are repeated. To make these entries easier to identify, they contain a note to that effect.
However, repeated entries are provided as a courtesy only. Therefore, if you are skipping one or more service packs, check the release notes of the skipped service packs as well. If you are only reading the release notes of the current release, you could miss important changes.
1.1 Documentation and other information #
For the most up-to-date version of the documentation for SUSE Linux Micro, see:
2 SUSE Linux Micro Version 6.2 #
These release notes apply to SUSE Linux Micro 6.2.
2.1 Changes affecting all architectures #
Image re-encryption during the OS initialisation is now faster
ULP (user space live patching) is now supported with transactional updates
2.2 Switch to mountfd API in util-linux #
The util-linux mount command has switched from the old string-based method to the new kernel mountfd API.
This change introduces new features but also comes with some minor incompatibilities.
There is a special case that cannot be handled by mountfd and needs to be handled by applications:
mountfddiscriminates between the physical mount layer and the virtual mount layeronce the physical mount layer is read-only, read-write mount on the virtual layer is not possible
If the first mount is read-only, then the physical filesystem is mounted read-only, and later mounting of the same file system as read-write is not possible. To solve this problem, the first mount needs to be read-only on the virtual layer only, keeping the physical layer read-write. The userspace fix is simple. Instead of:
mount -oro
use
mount -oro=vfs
This will keep the physical layer read-write, but the virtual file system layer (and the userspace access) read-only.
2.3 Switch to predictable network names #
The persistent network naming scheme used in SL Micro 15 became legacy with the switch to the systemd predictable network names.
For complicated setups, we recommend using systemd.link.
For more information, see:
In the future, when upgrading from SL Micro to SL Micro 6.3 (so-called "SLE merge"), some systems will have net.ifnames=0 set on their kernel command line (this is the case for new installations of SL Micro 6.0 and 6.1).
This boot option will prevent the system from switching to the predictable naming scheme and it will need to be removed.
2.3.1 Minimum hardware requirements #
SUSE Linux Micro 6.2 requires hardware to meet requirements on these architectures:
For AMD64 and Intel* 64 systems: Microarchitecture level x86-64-v2 or higher.
For IBM* Power LE systems: POWER10 or higher (see note below).
For Arm64* systems: Armv8.0-A or higher.
For IBM* Z systems: z14 or higher.
POWER9 systems may work with SL Micro 6.2 but are not supported by IBM, the hardware vendor.
2.3.2 SHA1 to be disabled or mark unapproved #
Due to FIPS 140-3 certification requirements, the SHA1 cryptographic algorithm will be disabled or marked unapproved when running in FIPS mode.
2.3.3 Changes to product identification #
The identification variables in /etc/os-release have been changed.
The before and after state is as follows:
| Variable | Before | Now |
|---|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2.3.4 Default user group assignment changed #
Previously, all user accounts belonged to a single users group.
Now instead of being added to the common users group, each new user now gets their own primary group matching their username.
This is due to USERGROUPS_ENAB being enabled in /usr/etc/login.defs.
This change affects all new installations and upgraded systems that did not change the default /etc/login.defs.
This has several consequences:
files created by new users are not group-readable by default
configurations that used the primary
usersgroup as a condition do not work anymoreconfigurations that used the primary or secondary
usersgroup as a condition need to have theusersgroup manually added to these user accounts in order to continue to work, for example, to for@usersin the sudoers filehome directories inherited from a previous system need to standardize the GID of the files by running:
find "$HOME" -group users -exec chgrp myuser {} \;, orchgrp -R myuser "$HOME"if you did not use any GID other thanusers
2.3.5 Helm has been added #
Helm has been added to SUSE Linux Micro 6.2.
2.3.6 podmansh added #
The podmansh package has been added.
It provides a confined login and user shell with access to volumes and capabilities specified in user quadlets.
2.3.7 Extras channel #
A new channel called "SUSE Linux Micro Extras" has been added. It includes testing, development and certifications packages and components that are not normally included with the OS itself. These packages are not supported.
2.4 Arm 64-bit-specific features and fixes (AArch64) #
full-disk encryption is now supported
2.4.1 System-on-Chip driver enablement #
SL Micro 6.2 includes driver enablement for the following System-on-Chip (SoC) chipsets:
Ampere* X-Gene*, eMAG*, Altra*, Altra Max, AmpereOne*
AWS* Graviton, Graviton2, Graviton3
Broadcom* BCM2837/BCM2710, BCM2711
Fujitsu* A64FX
Huawei* Kunpeng* 916, Kunpeng 920
Marvell* ThunderX*, ThunderX2*; OCTEON TX*; Armada* 7040, Armada 8040
NVIDIA* Grace; Tegra* X1, Tegra X2, Xavier*, Orin; BlueField*, BlueField-2, BlueField-3
NXP* i.MX 8M, 8M Mini; Layerscape* LS1012A, LS1027A/LS1017A, LS1028A/LS1018A, LS1043A, LS1046A, LS1088A, LS2080A/LS2040A, LS2088A, LX2160A
Rockchip RK3399
Socionext* SynQuacer* SC2A11
Xilinx* Zynq* UltraScale*+ MPSoC
Driver enablement is done as far as available and requested. Refer to the following sections for any known limitations.
Some systems might need additional drivers for external chips, such as a Power Management Integrated Chip (PMIC), which may differ between systems with the same SoC chipset.
For booting, systems need to fulfill either the Server Base Boot Requirements (SBBR)
or the Embedded Base Boot Requirements (EBBR),
that is, the Unified Extensible Firmware Interface (UEFI) either
implementing the Advanced Configuration and Power Interface (ACPI) or
providing a Flat Device Tree (FDT) table. If both are implemented, the kernel
will default to the Device Tree; the kernel command line argument acpi=force can
override this default behavior.
Check for SUSE YES! certified systems, which have undergone compatibility testing.
2.5 Removed and deprecated features and packages #
2.5.1 Removed features and packages #
criuyomiis not supported anymorenerdctlcrunhas been removed. Useruncinstead.
2.5.1.1 realtime sysfs entry is removed #
realtime sysfs entry (/sys/kernel/realtime) is supposed to accelerate boot times if many udev rules require checking for PREEMPT_RT. However, it is not merged upstream, and we do not know if any customer relies on it, so we removed it in SUSE Linux Micro (RT) 6.2.
Undoubtedly, the customer can still use the command 'uname -a' or 'uname -v' to verify if it is running RT kernel or not.
2.5.2 Deprecated features and packages #
The following features and packages are deprecated and will be removed in a future version of SUSE Linux Micro.
2.5.2.1 nmap deprecation notice #
The nmap project has moved to a new source license that makes future releases of nmap incompatible with our product.
In SL Micro 6.2, we are shipping the latest version of nmap released under the old license. In an upcoming release we will switch to an alternative tool.
3 Obtaining source code #
This SUSE product includes materials licensed to SUSE under the GNU General Public License (GPL). The GPL requires SUSE to provide the source code that corresponds to the GPL-licensed material. The source code is available for download at https://www.suse.com/download/sle-micro/ on Medium 2. For up to three years after distribution of the SUSE product, upon request, SUSE will mail a copy of the source code. Send requests by e-mail to sle_source_request@suse.com. SUSE may charge a reasonable fee to recover distribution costs.
4 Legal notices #
SUSE makes no representations or warranties with regard to the contents or use of this documentation, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, SUSE reserves the right to revise this publication and to make changes to its content, at any time, without the obligation to notify any person or entity of such revisions or changes.
Further, SUSE makes no representations or warranties with regard to any software, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, SUSE reserves the right to make changes to any and all parts of SUSE software, at any time, without any obligation to notify any person or entity of such changes.
Any products or technical information provided under this Agreement may be subject to U.S. export controls and the trade laws of other countries. You agree to comply with all export control regulations and to obtain any required licenses or classifications to export, re-export, or import deliverables. You agree not to export or re-export to entities on the current U.S. export exclusion lists or to any embargoed or terrorist countries as specified in U.S. export laws. You agree to not use deliverables for prohibited nuclear, missile, or chemical/biological weaponry end uses. Refer to https://www.suse.com/company/legal/ for more information on exporting SUSE software. SUSE assumes no responsibility for your failure to obtain any necessary export approvals.
Copyright © 2024-2025 SUSE LLC.
This release notes document is licensed under a Creative Commons Attribution-NoDerivatives 4.0 International License (CC-BY-ND-4.0). You should have received a copy of the license along with this document. If not, see https://creativecommons.org/licenses/by-nd/4.0/.
SUSE has intellectual property rights relating to technology embodied in the product that is described in this document. In particular, and without limitation, these intellectual property rights may include one or more of the U.S. patents listed at https://www.suse.com/company/legal/ and one or more additional patents or pending patent applications in the U.S. and other countries.
For SUSE trademarks, see the SUSE Trademark and Service Mark list (https://www.suse.com/company/legal/). All third-party trademarks are the property of their respective owners.